viry

[ravage40]

ComboFix 14-07-29.01 - Dominik 30.07.2014 10:35:57.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3948.2497 [GMT 2:00]
Spuštěný z: c:\users\Dominik\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_ahmilhmcinpmpohfoiccaplbhgelbnim_0
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_ahmilhmcinpmpohfoiccaplbhgelbnim_0\61
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\background.html
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\crossriderManifest.json
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\manifest.xml
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins.json
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\1_base.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\1000020_analytics.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\1000025_analyticsFront.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\1000030_mz.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\102_dealply_m.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\103_intext_5_m.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\104_jollywallet_m.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\123_intext_adv_m.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\14_CrossriderUtils.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\155_ibario_pops_m.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\17_jQuery.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\175_coolmirage_m.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\177_crossriderDashboard.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\182_openUrl.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\183_tabsWrapper.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\19_CHAppAPIWrapper.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\207_dbWrapper.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\21_debug.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\22_resources.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\28_initializer.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\47_resources_background.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\64_appApiMessage.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\72_appApiValidation.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\78_CrossriderInfo.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\80_CHPopupAppAPI.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\91_monetizationLoader.js.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\plugins\97_resourceApiWrapper.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\userCode\background.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\extensionData\userCode\extension.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\chromeCoreFilesIndex.txt
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\icons\actions\1.png
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\icons\icon128.png
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\icons\icon16.png
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\icons\icon48.png
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\api\cookie.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\api\chrome.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\api\message.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\api\monitor.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\api\pageAction.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\api\pageActionBG.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\background.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\lib\app_api.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\lib\bg_app_api.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\lib\consts.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\lib\cookie_store.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\lib\crossriderAPI.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\lib\delegate.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\lib\events.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\lib\extensionDataStore.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\lib\installer.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\lib\logFile.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\lib\logging.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\lib\onBGDocumentLoad.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\lib\popupResource\newPopup.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\lib\popupResource\popup.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\lib\reports.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\lib\storageWrapper.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\lib\updateManager.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\lib\util.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\lib\xhr.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\main.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\js\platformVersion.js
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\manifest.json
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmilhmcinpmpohfoiccaplbhgelbnim\1.26.71_0\popup.html
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ahmilhmcinpmpohfoiccaplbhgelbnim
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ahmilhmcinpmpohfoiccaplbhgelbnim\000043.ldb
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ahmilhmcinpmpohfoiccaplbhgelbnim\000060.ldb
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ahmilhmcinpmpohfoiccaplbhgelbnim\000072.ldb
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ahmilhmcinpmpohfoiccaplbhgelbnim\000094.log
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ahmilhmcinpmpohfoiccaplbhgelbnim\CURRENT
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ahmilhmcinpmpohfoiccaplbhgelbnim\LOCK
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ahmilhmcinpmpohfoiccaplbhgelbnim\LOG
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ahmilhmcinpmpohfoiccaplbhgelbnim\LOG.old
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ahmilhmcinpmpohfoiccaplbhgelbnim\MANIFEST-000092
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ahmilhmcinpmpohfoiccaplbhgelbnim_0.localstorage-journal
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ahmilhmcinpmpohfoiccaplbhgelbnim_0.localstorage
c:\users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\defaults\preferences\prefs.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\manifest.xml
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins.json
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\1_base.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\1000020_analytics.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\1000025_analyticsFront.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\1000030_mz.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\102_dealply_m.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\103_intext_5_m.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\104_jollywallet_m.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\123_intext_adv_m.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\14_CrossriderUtils.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\155_ibario_pops_m.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\16_FFAppAPIWrapper.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\17_jQuery.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\175_coolmirage_m.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\177_crossriderDashboard.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\182_openUrl.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\183_tabsWrapper.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\207_dbWrapper.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\21_debug.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\22_resources.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\28_initializer.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\47_resources_background.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\64_appApiMessage.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\72_appApiValidation.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\78_CrossriderInfo.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\91_monetizationLoader.js.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\plugins\98_omniCommands.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\userCode\background.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\extensionData\userCode\extension.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome.manifest
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\api.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\api\asyncDB.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\api\background.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\api\browserAction.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\api\contextMenu.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\api\dbManager.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\api\dom_bg.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\api\fileManager.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\api\firefox.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\api\firefoxNotifications.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\api\firefoxOmnibox.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\api\message.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\api\pageAction.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\api\request.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\api\tabs.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\api\webRequest.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\api\windowsMessagingHandler.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\background.html
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\baseObject.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\browser.xul
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\core\addressBarChangeObserver.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\core\console.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\core\consts.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\core\delegate.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\core\extensionDataStore.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\core\folderIOWrapper.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\core\httpObserver.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\core\IDBWrapper.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\core\installer.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\core\logFile.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\core\prefs.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\core\progressListenerObserver.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\core\registry.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\core\reloadObserver.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\core\reports.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\core\requestObject.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\core\searchSettings.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\core\uninstallObserver.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\core\updateManager.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\core\utils.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\core\xhr.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\dialog.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\ffCoreFilesIndex.txt
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\main.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\options.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\options.xul
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\platformVersion.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\chrome\content\search_dialog.xul
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\install.rdf
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\locale\en-US\translations.dtd
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\skin\button1.png
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\skin\button2.png
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\skin\button3.png
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\skin\button4.png
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\skin\button5.png
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\skin\crossrider_statusbar.png
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\skin\icon128.png
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\skin\icon16.png
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\skin\icon24.png
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\skin\icon48.png
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\skin\panelarrow-up.png
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\skin\popup.html
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\skin\skin.css
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com\skin\update.css
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-28 do 2014-07-30 )))))))))))))))))))))))))))))))
.
.
2014-07-30 08:43 . 2014-07-30 08:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-30 08:25 . 2014-07-30 08:25 -------- d-----w- c:\windows\SysWow64\NV
2014-07-30 08:25 . 2014-07-30 08:25 -------- d-----w- c:\windows\system32\NV
2014-07-30 08:25 . 2014-07-30 08:25 -------- d-----w- c:\programdata\NVIDIA
2014-07-30 08:22 . 2014-07-02 18:55 6783776 ----a-w- c:\windows\system32\nvcpl.dll
2014-07-30 08:22 . 2014-07-02 18:55 3522392 ----a-w- c:\windows\system32\nvsvc64.dll
2014-07-30 08:22 . 2014-07-02 18:55 935368 ----a-w- c:\windows\system32\nvvsvc.exe
2014-07-30 08:22 . 2014-07-02 18:55 67072 ----a-w- c:\windows\system32\nv3dappshextr.dll
2014-07-30 08:22 . 2014-07-02 18:55 62808 ----a-w- c:\windows\system32\nvshext.dll
2014-07-30 08:22 . 2014-07-02 18:55 386520 ----a-w- c:\windows\system32\nvmctray.dll
2014-07-30 08:22 . 2014-07-02 18:55 2559960 ----a-w- c:\windows\system32\nvsvcr.dll
2014-07-30 08:22 . 2014-07-02 18:55 1084704 ----a-w- c:\windows\system32\nv3dappshext.dll
2014-07-30 08:22 . 2014-07-02 10:14 3826628 ----a-w- c:\windows\system32\nvcoproc.bin
2014-07-30 08:22 . 2014-07-02 20:48 75040 ----a-w- c:\windows\system32\OpenCL.dll
2014-07-30 08:22 . 2014-07-02 20:48 61912 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-07-29 07:05 . 2014-07-02 03:09 10924376 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5675595F-9BDD-4445-9146-A618FC00CD18}\mpengine.dll
2014-07-28 06:16 . 2014-07-28 06:16 687 ----a-w- C:\awhFD61.tmp
2014-07-26 07:34 . 2014-07-26 07:34 687 ----a-w- C:\awh555A.tmp
2014-07-24 07:36 . 2014-07-24 07:36 687 ----a-w- C:\awhC531.tmp
2014-07-09 10:05 . 2014-07-09 10:05 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-07-09 09:40 . 2014-07-09 09:40 687 ----a-w- C:\awhE0BD.tmp
2014-07-09 08:29 . 2014-07-25 13:50 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-07-09 08:29 . 2014-07-25 13:50 1291280 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-07-09 08:28 . 2014-03-31 16:42 40392 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-07-09 08:28 . 2014-03-31 16:42 34760 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-07-09 08:21 . 2014-06-18 02:19 1247232 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2014-07-09 08:21 . 2014-06-18 02:19 503296 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tiptsf.dll
2014-07-09 08:21 . 2014-06-18 01:10 3157504 ----a-w- c:\windows\system32\win32k.sys
2014-07-09 08:21 . 2014-06-18 02:19 449024 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tabskb.dll
2014-07-09 08:21 . 2014-06-18 02:18 224768 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TabTip.exe
2014-07-09 08:21 . 2014-06-18 02:18 692736 ----a-w- c:\windows\system32\osk.exe
2014-07-09 08:21 . 2014-06-18 01:52 348672 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\tiptsf.dll
2014-07-09 08:21 . 2014-06-18 01:51 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-07-09 08:21 . 2014-06-18 02:19 110592 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TipBand.dll
2014-07-09 08:21 . 2014-06-18 02:17 544768 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TipRes.dll
2014-07-09 08:21 . 2014-06-18 01:51 10240 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\TabTip32.exe
2014-07-09 08:15 . 2014-06-03 10:02 1719296 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2014-07-09 08:15 . 2014-06-03 10:02 1389568 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2014-07-09 08:15 . 2014-06-03 10:02 1380864 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2014-07-09 08:15 . 2014-06-03 10:02 1354240 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 08:15 . 2014-06-03 09:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 08:13 . 2014-06-06 10:10 624128 ----a-w- c:\windows\system32\qedit.dll
2014-07-09 08:13 . 2014-06-06 09:44 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-07-09 08:13 . 2014-05-30 06:45 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2014-07-08 11:31 . 2014-07-08 11:31 687 ----a-w- C:\awh423.tmp
2014-07-04 08:13 . 2014-07-04 08:13 -------- d-----w- c:\users\Dominik\AppData\Roaming\Browser Tab Search by Ask
2014-07-04 08:13 . 2014-07-30 08:34 -------- d-----w- c:\programdata\SafetyNut
2014-07-03 08:13 . 2014-07-03 08:13 -------- d-----w- c:\users\Dominik\AppData\Local\Pay-By-Ads
2014-07-02 10:09 . 2014-07-02 10:09 687 ----a-w- C:\awhD327.tmp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-25 13:50 . 2014-01-04 13:15 1126480 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-07-25 13:50 . 2014-01-04 13:15 1283136 ----a-w- c:\windows\system32\nvspcap64.dll
2014-07-09 09:21 . 2014-01-09 15:38 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-06-29 05:37 . 2014-06-29 05:37 687 ----a-w- C:\awh312D.tmp
2014-06-16 12:57 . 2014-06-16 12:57 46160 ----a-w- c:\windows\system32\drivers\nethfdrv.sys
2014-06-16 12:56 . 2014-06-16 12:56 159744 ----a-w- c:\windows\SysWow64\netupdsrv.exe
2014-06-16 12:56 . 2014-06-16 12:56 108544 ----a-w- c:\windows\SysWow64\installd.exe
2014-06-16 12:56 . 2014-06-16 12:56 179200 ----a-w- c:\windows\SysWow64\nethtsrv.exe
2014-06-16 12:56 . 2014-06-16 12:56 108544 ----a-w- c:\windows\SysWow64\hfnapi.dll
2014-06-16 12:56 . 2014-06-16 12:56 246784 ----a-w- c:\windows\SysWow64\hfpapi.dll
2014-05-30 07:52 . 2014-07-09 08:20 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-05-09 06:14 . 2014-05-14 14:43 477184 ----a-w- c:\windows\system32\aepdu.dll
2014-05-09 06:11 . 2014-05-14 14:43 424448 ----a-w- c:\windows\system32\aeinv.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110411591160}]
2014-01-30 20:58 640512 ----a-w- c:\program files (x86)\Torntv V6.0\Torntv V6.0-bho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{112e7b4e-4cc1-4f97-b186-5180b402d98c}]
c:\program files (x86)\MediaBuzzV1\MediaBuzzV1mode6597\ie\MediaBuzzV1mode6597.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{b5519fb4-8c6e-480f-ae0d-d8c7b8270315}]
c:\program files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4100\ie\TrustMediaViewerV1alpha4100.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{df96b9df-f7d5-4910-976e-edf4c81fafd4}]
c:\program files (x86)\MediaWatchV1\MediaWatchV1home728\ie\MediaWatchV1home728.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{ecb60a75-b32f-46dc-906e-6c33f26feb25}]
c:\program files (x86)\RichMediaViewV1\RichMediaViewV1release322\ie\RichMediaViewV1release322.dll [BU]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NextLive"="c:\users\Dominik\AppData\Roaming\newnext.me\nengine.dll" [2013-11-14 1283584]
"cz.seznam.software.autoupdate"="c:\users\Dominik\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Dominik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-05-08 21446272]
"GoogleChromeAutoLaunch_66F8C29980E8EAA9103CEBF5E167BC0C"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-07-15 860488]
"BitTorrent"="c:\users\Dominik\AppData\Roaming\BitTorrent\BitTorrent.exe" [2014-07-02 1267032]
"Yahoo! Search"="c:\users\Dominik\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe" [2014-07-03 535472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-04-24 297280]
"Dolby Advanced Audio v2"="c:\dolby pcee4\pcee4.exe" [2011-02-03 506712]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-07-01 1103440]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-5-10 1131296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesDriver64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesService64.exe;c:\program files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesService64.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 {0602868e-3e6e-4d93-81e8-5b2290f620ba}w64;{0602868e-3e6e-4d93-81e8-5b2290f620ba}w64;c:\windows\system32\drivers\{0602868e-3e6e-4d93-81e8-5b2290f620ba}w64.sys;c:\windows\SYSNATIVE\drivers\{0602868e-3e6e-4d93-81e8-5b2290f620ba}w64.sys [x]
S1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622;c:\program files (x86)\Browser Tab Search by Ask\SafetyNut\x64\configmgrc2.cfg;c:\program files (x86)\Browser Tab Search by Ask\SafetyNut\x64\configmgrc2.cfg [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 SafetyNutManager;SafetyNut Manager;c:\program files (x86)\Browser Tab Search by Ask\SafetyNut\SafetyNutManager.exe;c:\program files (x86)\Browser Tab Search by Ask\SafetyNut\SafetyNutManager.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Update GrabRez;Update GrabRez;c:\program files (x86)\GrabRez\updateGrabRez.exe;c:\program files (x86)\GrabRez\updateGrabRez.exe [x]
S2 Util GrabRez;Util GrabRez;c:\program files (x86)\GrabRez\bin\utilGrabRez.exe;c:\program files (x86)\GrabRez\bin\utilGrabRez.exe [x]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdmp.sys [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [x]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiSDa.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-18 12:43 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-07-30 c:\windows\Tasks\AmiUpdXp.job
- c:\users\Dominik\AppData\Local\SwvUpdater\Updater.exe [2014-03-02 15:02]
.
2014-07-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-16 11:50]
.
2014-07-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-16 11:50]
.
2014-07-30 c:\windows\Tasks\Torntv V6.0-chromeinstaller.job
- c:\program files (x86)\Torntv V6.0\Torntv V6.0-chromeinstaller.exe [2014-01-30 20:58]
.
2014-07-30 c:\windows\Tasks\Torntv V6.0-codedownloader.job
- c:\program files (x86)\Torntv V6.0\Torntv V6.0-codedownloader.exe [2014-01-30 20:58]
.
2014-07-30 c:\windows\Tasks\Torntv V6.0-enabler.job
- c:\program files (x86)\Torntv V6.0\Torntv V6.0-enabler.exe [2014-01-30 20:58]
.
2014-07-30 c:\windows\Tasks\Torntv V6.0-firefoxinstaller.job
- c:\program files (x86)\Torntv V6.0\Torntv V6.0-firefoxinstaller.exe [2014-01-30 20:58]
.
2014-07-30 c:\windows\Tasks\Torntv V6.0-updater.job
- c:\program files (x86)\Torntv V6.0\Torntv V6.0-updater.exe [2014-01-30 20:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-21 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-21 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-21 416024]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-28 11786344]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-21 2207848]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-08-02 1831016]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [BU]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-07-25 1283136]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-07-25 2403104]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.search.ask.com/?o=APN11459&gct=hp&d ... 77-387&t=4
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.2.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
AddRemove-MediaBuzzV1mode6597 - c:\program files (x86)\MediaBuzzV1\MediaBuzzV1mode6597\uninstall.exe
AddRemove-MediaViewV1alpha474 - c:\program files (x86)\MediaViewV1\MediaViewV1alpha474\uninstall.exe
AddRemove-MediaWatchV1home728 - c:\program files (x86)\MediaWatchV1\MediaWatchV1home728\uninstall.exe
AddRemove-Mozilla Firefox 27.0.1 (x86 cs) - c:\program files (x86)\Mozilla Firefox\uninstall\helper.exe
AddRemove-Opera 20.0.1387.82 - c:\program files (x86)\Opera\Launcher.exe
AddRemove-RichMediaViewV1release322 - c:\program files (x86)\RichMediaViewV1\RichMediaViewV1release322\uninstall.exe
AddRemove-TrustMediaViewerV1alpha4100 - c:\program files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4100\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\F06DEFF2-5B9C-490D-910F-35D3A9119622]
"ImagePath"="\??\c:\program files (x86)\Browser Tab Search by Ask\SafetyNut\x64\configmgrc2.cfg"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3245613144-707867244-2925894362-1001\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,3b,1b,10,6c,db,
90,b4,8a,ea,0d,95,4d,c9,e8,43,6a,39,2b
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,3b,1b,0c,15,cf,
05,9f,bd,ed,0c,b8,99,bc,17,8b,6d,ff,d7
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,3b,1b,74,c9,20,
8d,30,19,d1,04,93,c3,17,24,71,4b,21,d2
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,3b,1b,10,23,de,
cf,78,ac,2e,09,85,81,45,9c,28,7b,81,5b
"{11111111-1111-1111-1111-110411591160}"=hex:51,66,7a,6c,4c,1d,3b,1b,01,0c,01,
0c,23,44,7f,5f,0c,1e,57,44,16,1a,53,74
"{12223b3a-ca31-4d86-bce8-7384cf769742}"=hex:51,66,7a,6c,4c,1d,3b,1b,2a,26,32,
0f,03,9f,e8,03,a1,e7,35,c4,c8,35,d5,56
"{df96b9df-f7d5-4910-976e-edf4c81fafd4}"=hex:51,66,7a,6c,4c,1d,3b,1b,cf,a4,86,
c2,e7,a2,7e,07,8a,61,ab,b4,cf,5c,ed,c0
"{112e7b4e-4cc1-4f97-b186-5180b402d98c}"=hex:51,66,7a,6c,4c,1d,3b,1b,5e,66,3e,
0c,f3,19,f9,01,ac,89,17,c0,b3,41,9b,98
"{ecb60a75-b32f-46dc-906e-6c33f26feb25}"=hex:51,66,7a,6c,4c,1d,3b,1b,65,17,a6,
f1,1d,e6,b2,08,8d,61,2a,73,f5,2c,a9,31
"{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}"=hex:51,66,7a,6c,4c,1d,38,12,ab,c5,1e,
a0,e2,37,c6,09,de,93,cc,b9,8c,f1,55,01
"{b5519fb4-8c6e-480f-ae0d-d8c7b8270315}"=hex:51,66,7a,6c,4c,1d,3b,1b,a4,82,41,
a8,5c,d9,61,06,b3,02,9e,87,bf,64,41,01
.
[HKEY_USERS\S-1-5-21-3245613144-707867244-2925894362-1001\Software\SecuROM\License information*]
"datasecu"=hex:1d,d1,91,d7,a1,42,9e,02,13,3d,13,f8,f3,cf,5f,ef,5f,05,98,6d,50,
89,4e,14,9b,84,d2,98,df,f6,ad,e2,82,2d,65,cd,9f,4b,61,03,65,e6,3c,32,12,3d,\
"rkeysecu"=hex:57,db,c5,15,b2,21,2f,63,60,90,bb,76,42,d1,7c,e0
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-07-30 10:47:09
ComboFix-quarantined-files.txt 2014-07-30 08:47
ComboFix2.txt 2014-07-28 07:20
.
Před spuštěním: Volných bajtů: 463 070 158 848
Po spuštění: Volných bajtů: 463 711 952 896
.
- - End Of File - - AC70D104871B8803C369828781471871
jak to mám dočistit..?

[vyosek]

Zdravim

Co se tyce ComboFixu, ktery jste pouzil, tak na zaklade licence a pravidel fora ptam, umite s nim pracovat (spusteni, rozlusteni logu, napsani skriptu)?

Licencni podminky ComboFixu hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"


Nebezpeci CFka

• Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
• Maze stopy po haveti, takze v logu z RSIT neni nic videt
• Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
• CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
• CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal

[ravage40]

Rudy poradil jak to dočistit,proč ne ty?

[vyosek]

Vy jste tu uz s Rudym nekdy neco resil?? Ja jen ze tu mate ted prvni prispevek...Rudy poradi, ja tezu poradim, jen se ptam, kdo Vam ten CF poradil ze jste jej pouzil - pravidla a licence hovori jasne...

[ravage40]

hledal jsem proč mám využiti procesoru tak vysoke a našel jsem tuhle poradnu,a viděl jsem že to lidem pomohlo tak sem to zkusill. (ja sním nic nerešil,ale někomu tam pomohl)

[vyosek]

Pokud priste sam od sebe pouzijete ComboFix a budete zadat u nas o pomoc, bude odmitnuta v souladu s pravidly fora a licenci CF

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[ravage40]

dobře,udělám to a diky za pomoc.

[vyosek]

Neni prozatim zac

[ravage40]

tady zatím jeden ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Dominik on st 30.07.2014 at 11:22:01,46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\nextlive
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3245613144-707867244-2925894362-1001\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tbhelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\searchquiehelper.dnsguard
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\searchquiehelper.dnsguard.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbdownloadmanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbdownloadmanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbpropertymanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbpropertymanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbrequest
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbrequest.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbtask
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbtask.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{99c91fc5-db5b-4aa0-bb70-5d89c5a4df96}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0045960.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0045960.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0045960.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110411591160}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220422592260}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550455595560}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660466596660}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110411591160}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220422592260}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550455595560}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660466596660}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0045960.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0045960.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0045960.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550455595560}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660466596660}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550455595560}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660466596660}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411591160}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}



~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\amiupdxp.job



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Dominik\AppData\Roaming\newnext.me"
Failed to delete: [Folder] "C:\Users\Dominik\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Dominik\appdata\locallow\toolbar4"
Successfully deleted: [Folder] "C:\Program Files (x86)\mobogenie"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{04261873-336F-4156-A826-09864462EC77}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{0C78AC14-D010-4053-AB0F-DE4518F4355F}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{1EDBA615-4399-4959-B80D-C70CBDA33351}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{46087EA7-E948-4A60-BF80-8FDC652F8CA6}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{47042C1A-1C03-4337-8903-EFE78255F70D}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{51B09794-C65D-4911-B5A1-13D294C5AD28}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{53512411-84A7-44CF-8EE5-4B17F7BFAEFE}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{557ADE4B-BBF9-41F4-8DB3-16A2970044EB}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{5C302D83-9AFE-4DFC-8298-00A218CBC957}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{6FFB6D12-B60E-4A1D-BF5F-0161A9A871A0}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{88399AE8-9A5C-4DF3-A013-68895677CD3D}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{B59E33E4-0891-4A1B-9F6D-D0D664DA2548}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{BC84CE47-4456-498A-BCCC-20A058D20058}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{BFD00DED-1714-4D2E-A0C4-7732B228E41B}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{D1011F8A-7963-4E98-AB5F-504E9AEF76AE}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{E97D9E1D-A0D0-4A6A-B684-41766944F444}
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{FCE0B16A-B6AD-4C4A-BB6F-8DB14A4C3987}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 30.07.2014 at 11:30:43,91
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[ravage40]

druhej



# AdwCleaner v3.301 - Report created 30/07/2014 at 11:36:48
# Updated 28/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Dominik - DOMINIK-PC
# Running from : C:\Users\Dominik\Desktop\adwcleaner_3.301.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A9119622
[#] Service Deleted : SafetyNutManager
[#] Service Deleted : Update GrabRez
[#] Service Deleted : Util GrabRez
Service Deleted : {0602868e-3e6e-4d93-81e8-5b2290f620ba}w64

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\ProgramData\SafetyNut
[!] Folder Deleted : C:\Program Files (x86)\GrabRez
Folder Deleted : C:\Program Files (x86)\Torntv V6.0
[!] Folder Deleted : C:\Program Files (x86)\GrabRez
Folder Deleted : C:\Users\Dominik\AppData\Local\genienext
Folder Deleted : C:\Users\Dominik\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Dominik\AppData\Local\Pay-By-Ads
Folder Deleted : C:\Users\Dominik\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Dominik\AppData\Roaming\OpenCandy
File Deleted : C:\Windows\SysWOW64\hfpapi.dll
File Deleted : C:\Windows\SysWOW64\installd.exe
File Deleted : C:\Windows\SysWOW64\nethtsrv.exe
File Deleted : C:\Windows\SysWOW64\netupdsrv.exe
File Deleted : C:\Windows\System32\drivers\nethfdrv.sys
File Deleted : C:\Windows\System32\drivers\wStLibG64.sys
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Windows\System32\drivers\{0602868e-3e6e-4d93-81e8-5b2290f620ba}w64.sys
File Deleted : C:\Users\Dominik\daemonprocess.txt
File Deleted : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\searchplugins\Ask.xml
File Deleted : C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
File Deleted : C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKCU\Software\SafetyNut
Key Deleted : HKCU\Software\GrabRez
Key Deleted : HKCU\Software\AppDataLow\Software\Torntv V6.0
Key Deleted : HKLM\Software\MediaBuzzV1
Key Deleted : HKLM\Software\MediaViewV1
Key Deleted : HKLM\Software\MediaWatchV1
Key Deleted : HKLM\Software\SafetyNut
Key Deleted : HKLM\Software\Torntv V6.0
Key Deleted : HKLM\Software\GrabRez
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Torntv V6.0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GrabRez

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Mozilla Firefox v27.0.1 (cs)

[ File : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\prefs.js ]

Line Deleted : user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Line Deleted : user_pref("extensions.crossrider.bic", "143e4f764047c8e7a3fc8733445c9912");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.search.ask.com/?o=APN11459&gct=hp&d ... 77-387&t=4");
Line Deleted : user_pref("browser.search.selectedEngine", "Ask.com");
Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("keyword.URL", "hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=101&systemid=488&v=a13277-387&apn_dtid=TCH001&apn_ptnrs=AG1&apn_uid=9172541145104440&o=APN11459&q=");

-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://eu.wowarmory.com/search.xml?searchQuery={searchTerms}&searchType=all
Deleted [Search Provider] : hxxp://eu.wowarmory.com/search.xml?searchQuery={searchTerms}&searchType=all
Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=101&systemid=488&v=a13277-387&apn_uid=9172541145104440&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms}

*************************

AdwCleaner[R0].txt - [8214 octets] - [30/07/2014 11:35:33]
AdwCleaner[S0].txt - [7975 octets] - [30/07/2014 11:36:48]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8035 octets] ##########

tak pls porad co dál,diky

[vyosek]

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[ravage40]

Zoek.exe v5.0.0.0 Updated 29-07-2014
Tool run by Dominik on st 30.07.2014 at 11:45:51,06.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Dominik\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

30.7.2014 11:47:07 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{df96b9df-f7d5-4910-976e-edf4c81fafd4} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{df96b9df-f7d5-4910-976e-edf4c81fafd4} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{112e7b4e-4cc1-4f97-b186-5180b402d98c} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{112e7b4e-4cc1-4f97-b186-5180b402d98c} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ecb60a75-b32f-46dc-906e-6c33f26feb25} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecb60a75-b32f-46dc-906e-6c33f26feb25} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{b5519fb4-8c6e-480f-ae0d-d8c7b8270315} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b5519fb4-8c6e-480f-ae0d-d8c7b8270315} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3245613144-707867244-2925894362-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{df96b9df-f7d5-4910-976e-edf4c81fafd4} deleted successfully
HKEY_USERS\S-1-5-21-3245613144-707867244-2925894362-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{112e7b4e-4cc1-4f97-b186-5180b402d98c} deleted successfully
HKEY_USERS\S-1-5-21-3245613144-707867244-2925894362-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{ecb60a75-b32f-46dc-906e-6c33f26feb25} deleted successfully
HKEY_USERS\S-1-5-21-3245613144-707867244-2925894362-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{b5519fb4-8c6e-480f-ae0d-d8c7b8270315} deleted successfully
HKEY_USERS\S-1-5-21-3245613144-707867244-2925894362-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110411591160} deleted successfully
HKEY_USERS\S-1-5-21-3245613144-707867244-2925894362-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{12223b3a-ca31-4d86-bce8-7384cf769742} deleted successfully
HKEY_USERS\S-1-5-21-3245613144-707867244-2925894362-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaViewV1alpha474.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaWatchV1home728.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaBuzzV1mode6597.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@RichMediaViewV1release322.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@TrustMediaViewerV1alpha4100.net deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\prefs.js:
user_pref("browser.newtab.url", "http://rts.dsrlte.com/?m=tab");

Added to C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default

user.js not found
---- Lines Torntv removed from prefs.js ----
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.testingGaq.value", "%22http%3A//extclickm
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.name", "Torntv V6.0");
---- Lines ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960 removed from prefs.js ----
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.active", true);
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.addressbar", "NA");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.addressbarenhanced", "");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.asyncdb.was_copied", "true");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.asyncdb_dbWasSet", true);
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.asyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.asyncinternaldb.was_copied", "true");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.asyncinternaldb_dbWasSet", true);
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.asyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.backgroundver", 9);
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.certdomaininstaller", "");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.au.expiration", "Fri Feb 01 2030 00:00:00
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.au.value", "%222014-6-5%22");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.cm_page_views.expiration", "Fri Jun 06 20
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.cm_page_views.value", "75");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.cnt.expiration", "Fri Feb 01 2030 00:00:0
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.cnt.value", "%22CZ%22");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.first_run.expiration", "Fri Feb 01 2030 0
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.first_run.value", "%221%22");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.install.expiration", "Fri Feb 01 2030 00:
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.install.value", "%222014-1-30%22");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.InstallationTime.expiration", "Fri Feb 01
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.InstallationTime.value", "%221391115498%2
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.InstallerParams.expiration", "Fri Feb 01
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.InstallerParams.value", "%7B%22source_id%
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.partner_last_seen.expiration", "Fri Feb 0
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.partner_last_seen.value", "1401974470017"
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.testingGaq.expiration", "Fri Feb 01 2030
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.description", "The must-have App extensions for
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.domain", "");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.enablesearch", false);
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.homepage", "");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.changeprevious", false);
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.iframe", false);
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.InstallationThankYouPage", true);
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.InstallationTime", 1391115498);
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.__defualt_browser__.expiration", "Fri
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.__defualt_browser__.value", "%22ff%22
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.installer.expiration", "Fri Feb 01 20
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.installer.value", "%7B%22InstallerIde
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.InstallerIdentifiers.expiration", "Fr
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.InstallerIdentifiers.value", "%7B%22i
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.InstallerParams.expiration", "Fri Feb
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.InstallerParams.value", "%7B%22source
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.InstallerParamsCache.expiration", "Fr
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.InstallerParamsCache.value", "%7B%22s
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.InstallerUserIdentifiersCache.expirat
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.InstallerUserIdentifiersCache.value",
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.monetization_plugin_bundledUrls.expir
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.monetization_plugin_bundledWithHash.e
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.monetization_plugin_bundledWithHash.v
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.monetization_plugin_notBundledArr_.ex
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.monetization_plugin_notBundledArr_.va
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_appVer.expiration", "Fri Fe
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_appVer.value", "116");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_lastVersion.expiration", "F
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_lastVersion.value", "4");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_meta.expiration", "Fri Feb
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_nextCheck.expiration", "Thu
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_queue.expiration", "Fri Feb
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_remote_resources.expiration
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_remote_resources.value", "%
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.lastDailyReport", "1401973186071");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.lastUpdate", "1401973184062");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.manifesturl", "");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.newtab", "");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.opensearch", "");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.pluginsurl", "http://js.datademoserv.com/plugin/
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.pluginsversion", 108);
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.publisher", "installdaddy");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.searchstatus", 0);
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.setnewtab", false);
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.thankyou", "");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.updateinterval", 360);
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.ver", 116);
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.apps", "45960");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.bic", "143e4f764047c8e7a3fc8733445c9912");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.cid", 45960);
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.FilesValidatorDueTime", "1401973241991");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.firstrun", false);
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.hadappinstalled", true);
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.installationdate", 1391115855);
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.modetype", "production");
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.reportInstall", true);
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.statsDailyCounter", 17);
---- Lines ext@MediaViewV1alpha474.net modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"ext@MediaViewV1alpha474.net\":{\"descriptor\":\"C:\\\\Program Fil
---- Lines ext@MediaWatchV1home728.net modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"disabled\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\MediaVi
---- Lines ext@MediaBuzzV1mode6597.net modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"disabled\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\MediaVi
---- Lines ext@RichMediaViewV1release322.net modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"disabled\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\MediaVi
---- FireFox user.js and prefs.js backups ----

prefs_30.07.2014_1158_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted
C:\Users\Dominik\.android deleted
C:\PROGRA~2\GrabRez deleted
C:\PROGRA~2\COMMON~1\Config\uninstinethnfd.exe deleted
C:\PROGRA~2\COMMON~1\Config deleted
C:\awh312D.tmp deleted
C:\awh423.tmp deleted
C:\awh555A.tmp deleted
C:\awhC531.tmp deleted
C:\awhD327.tmp deleted
C:\awhE0BD.tmp deleted
C:\awhFD61.tmp deleted
C:\Users\Dominik\AppData\Roaming\Browser Tab Search by Ask deleted
C:\Users\Dominik\AppData\Local\Pokki deleted
C:\Users\Dominik\AppData\Local\cache deleted
C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki deleted
C:\Users\Dominik\Searches deleted
C:\Windows\tasks\Torntv V6.0-chromeinstaller.job deleted
C:\Windows\tasks\Torntv V6.0-codedownloader.job deleted
C:\Windows\tasks\Torntv V6.0-enabler.job deleted
C:\Windows\tasks\Torntv V6.0-firefoxinstaller.job deleted
C:\Windows\tasks\Torntv V6.0-updater.job deleted
C:\windows\SysNative\tasks\Torntv V6.0-chromeinstaller deleted
C:\windows\SysNative\tasks\Torntv V6.0-codedownloader deleted
C:\windows\SysNative\tasks\Torntv V6.0-enabler deleted
C:\windows\SysNative\tasks\Torntv V6.0-firefoxinstaller deleted
C:\windows\SysNative\tasks\Torntv V6.0-updater deleted
C:\windows\SysNative\Tasks\Yahoo! Search deleted
C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\searchplugins\keepmysearch.xml deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default
- Undetermined - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha474\ff
- Undetermined - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home728\ff
- Undetermined - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6597\ff
- Undetermined - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release322\ff
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}

==== Firefox Plugins ======================

Profilepath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default
D775FA6F1E88B3B99E69E8A0D6C3A819 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll - Shockwave Flash
C899B98999270821EDFFA56044DE2377 - C:\Users\Dominik\AppData\Roaming\raidcall\plugins\nprcplugin.dll - Raidcall plugin
8F0B95B3AC17DAE9E138E7BBE2429B6C - C:\Users\Dominik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aidgobpnnplbkclpmmfbhbkngnpgfgpi - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6597\ch\MediaBuzzV1mode6597.crx[]
cemingcpkbgdhaifcaaflijcpohjghoe - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release322\ch\RichMediaViewV1release322.crx[]
ghgijhcipblbdkhloeanfhmjacmnjlpd - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha474\ch\MediaViewV1alpha474.crx[]
khnneccokgfflcgbobifbckpjpomeohb - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha4100\ch\TrustMediaViewerV1alpha4100.crx[]
lheepipadamgcjbegcjbneijabajjjgi - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home728\ch\MediaWatchV1home728.crx[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[11.04.2014 19:46]

Skype Click to Call - Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

==== Chrome Fix ======================

C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage deleted successfully
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage-journal deleted successfully
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_click.dealshark.com_0.localstorage deleted successfully
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_click.dealshark.com_0.localstorage-journal deleted successfully
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_eset-online-scanner.en.softonic.com_0.localstorage deleted successfully
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_eset-online-scanner.en.softonic.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{EBE1EB49-150D-4708-978A-4D843BA512D8} Yahoo! Search Url="http://rts.dsrlte.com/?q={searchTerms}&r=978"

==== Reset Google Chrome ======================

C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aidgobpnnplbkclpmmfbhbkngnpgfgpi deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cemingcpkbgdhaifcaaflijcpohjghoe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ghgijhcipblbdkhloeanfhmjacmnjlpd deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\khnneccokgfflcgbobifbckpjpomeohb deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lheepipadamgcjbegcjbneijabajjjgi deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RichMediaViewV1release322 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MediaBuzzV1mode6597 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Dominik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Dominik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9D5GUJWV will be deleted at reboot
C:\Users\Dominik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GMHD19BR will be deleted at reboot
C:\Users\Dominik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JFG8N7UL will be deleted at reboot
C:\Users\Dominik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OKDS7W0Q will be deleted at reboot
C:\Users\Dominik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TQYNFDHG will be deleted at reboot
C:\Users\Dominik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TZG8XN3S will be deleted at reboot
C:\Users\Dominik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YPH8MSX9 will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Dominik\AppData\Local\Mozilla\Firefox\Profiles\ao4366o8.default\Cache will be emptied at reboot

==== Empty Chrome Cache ======================

C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=3745 folders=124 196853008 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Dominik\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Dominik\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Dominik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9D5GUJWV" not found
"C:\Users\Dominik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GMHD19BR" not found
"C:\Users\Dominik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JFG8N7UL" not found
"C:\Users\Dominik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OKDS7W0Q" not found
"C:\Users\Dominik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TQYNFDHG" not found
"C:\Users\Dominik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TZG8XN3S" not found
"C:\Users\Dominik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YPH8MSX9" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on st 30.07.2014 at 12:07:12,51 ======================

[ravage40]

už je to vyčístený uplně, nebo eště něco?

[vyosek]

Dejte log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

[ravage40]

vyskočily mě 2x takže 1)Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by Dominik (administrator) on DOMINIK-PC on 30-07-2014 13:21:37
Running from C:\Users\Dominik\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Users\Dominik\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Dominik\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(BitTorrent Inc.) C:\Users\Dominik\AppData\Roaming\BitTorrent\BitTorrent.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Ghisler Software GmbH) C:\Programy\totalcmd\TOTALCMD.EXE
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11786344 2011-03-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2207848 2011-03-21] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-3245613144-707867244-2925894362-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Dominik\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3245613144-707867244-2925894362-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Dominik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-3245613144-707867244-2925894362-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3245613144-707867244-2925894362-1001\...\Run: [GoogleChromeAutoLaunch_66F8C29980E8EAA9103CEBF5E167BC0C] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.)
HKU\S-1-5-21-3245613144-707867244-2925894362-1001\...\Run: [BitTorrent] => C:\Users\Dominik\AppData\Roaming\BitTorrent\BitTorrent.exe [1267032 2014-07-02] (BitTorrent Inc.)
HKU\S-1-5-21-3245613144-707867244-2925894362-1001\...\Run: [Yahoo! Search] => C:\Users\Dominik\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {EBE1EB49-150D-4708-978A-4D843BA512D8} URL = http://rts.dsrlte.com/?q={searchTerms}&r=978
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @raidcall.en/RCplugin - C:\Users\Dominik\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Dominik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: Seznam lištička - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\ao4366o8.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-06-05]

Chrome:
=======
CHR Extension: (Skype Click to Call) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-06-14]
CHR Extension: (Peněženka Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S4 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesService64.exe [2099000 2013-10-30] (AVG)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [42808 2013-10-30] (AVG)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2013-07-04] (Duplex Secure Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesDriver64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-30 13:21 - 2014-07-30 13:22 - 00016668 _____ () C:\Users\Dominik\Desktop\FRST.txt
2014-07-30 13:21 - 2014-07-30 13:21 - 00000000 ____D () C:\FRST
2014-07-30 13:19 - 2014-07-30 13:18 - 02093568 _____ (Farbar) C:\Users\Dominik\Desktop\FRST64.exe
2014-07-30 13:18 - 2014-07-30 13:18 - 02093568 _____ (Farbar) C:\Users\Dominik\Downloads\FRST64.exe
2014-07-30 12:04 - 2014-07-30 11:45 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-30 12:03 - 2014-07-30 12:03 - 00000168 _____ () C:\folders.txt
2014-07-30 11:46 - 2014-07-30 12:07 - 00029513 _____ () C:\zoek-results.log
2014-07-30 11:45 - 2014-07-30 12:06 - 00000000 ____D () C:\zoek_backup
2014-07-30 11:45 - 2014-07-30 11:45 - 01287168 _____ () C:\Users\Dominik\Downloads\zoek.exe
2014-07-30 11:45 - 2014-07-30 11:45 - 01287168 _____ () C:\Users\Dominik\Desktop\zoek.exe
2014-07-30 11:36 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-30 11:35 - 2014-07-30 11:36 - 00000000 ____D () C:\AdwCleaner
2014-07-30 11:34 - 2014-07-30 11:34 - 01365551 _____ () C:\Users\Dominik\Downloads\adwcleaner_3.301.exe
2014-07-30 11:34 - 2014-07-30 11:34 - 01365551 _____ () C:\Users\Dominik\Desktop\adwcleaner_3.301.exe
2014-07-30 11:30 - 2014-07-30 11:30 - 00008753 _____ () C:\Users\Dominik\Desktop\JRT.txt
2014-07-30 11:21 - 2014-07-30 11:21 - 01016261 _____ (Thisisu) C:\Users\Dominik\Downloads\JRT.exe
2014-07-30 11:21 - 2014-07-30 11:21 - 01016261 _____ (Thisisu) C:\Users\Dominik\Desktop\JRT.exe
2014-07-30 11:21 - 2014-07-30 11:21 - 00000000 ____D () C:\Windows\ERUNT
2014-07-30 10:50 - 2014-07-30 10:50 - 00000000 ___SD () C:\ComboFix
2014-07-30 10:25 - 2014-07-30 10:25 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-07-30 10:25 - 2014-07-30 10:25 - 00000000 ____D () C:\Windows\system32\NV
2014-07-30 10:25 - 2014-07-30 10:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-30 10:22 - 2014-07-02 22:48 - 00075040 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-07-30 10:22 - 2014-07-02 22:48 - 00061912 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-07-30 10:22 - 2014-07-02 20:55 - 06783776 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-07-30 10:22 - 2014-07-02 20:55 - 03522392 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-07-30 10:22 - 2014-07-02 20:55 - 02559960 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-07-30 10:22 - 2014-07-02 20:55 - 01084704 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2014-07-30 10:22 - 2014-07-02 20:55 - 00935368 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-07-30 10:22 - 2014-07-02 20:55 - 00386520 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-07-30 10:22 - 2014-07-02 20:55 - 00067072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2014-07-30 10:22 - 2014-07-02 20:55 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-07-30 10:22 - 2014-07-02 12:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin
2014-07-30 10:05 - 2014-07-02 22:48 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 18626304 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 16122344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 14498552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-07-30 10:05 - 2014-07-02 22:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 03196816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 02814656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 00965312 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-07-30 10:05 - 2014-07-02 22:48 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-07-30 10:05 - 2014-07-02 22:48 - 00026353 _____ () C:\Windows\system32\nvinfo.pb
2014-07-29 23:29 - 2014-07-29 23:29 - 00798584 _____ (of a) C:\Users\Dominik\Downloads\the-expendables-3-cze-5770349.exe
2014-07-29 22:43 - 2014-07-29 23:21 - 2104578048 ____R () C:\Users\Dominik\Downloads\The.Expendables.3.2014.DVDSCR.Rus.Eng.avi
2014-07-28 12:41 - 2014-07-30 10:50 - 00060003 _____ () C:\Users\Dominik\Desktop\CFScript.txt..csv
2014-07-28 12:40 - 2014-07-30 10:34 - 05563986 ____R (Swearware) C:\Users\Dominik\Desktop\ComboFix.exe
2014-07-28 08:20 - 2014-07-30 10:50 - 00000000 ____D () C:\Qoobox
2014-07-28 08:20 - 2014-07-28 09:16 - 00000000 ____D () C:\Windows\erdnt
2014-07-28 08:20 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-28 08:20 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-28 08:20 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-28 08:20 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-28 08:20 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-28 08:20 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-28 08:20 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-28 08:20 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-28 08:19 - 2014-07-28 08:19 - 05563277 ____R (Swearware) C:\Users\Dominik\Downloads\ComboFix.exe
2014-07-16 12:43 - 2014-07-16 12:43 - 00004871 _____ () C:\Users\Dominik\Downloads\Doom_CooldownPulse.zip
2014-07-09 12:05 - 2014-07-09 12:05 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-07-09 10:29 - 2014-07-25 15:50 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-07-09 10:29 - 2014-07-25 15:50 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-07-09 10:28 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-07-09 10:28 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-07-09 10:22 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 10:22 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 10:22 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 10:22 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 10:22 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 10:22 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 10:22 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 10:22 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 10:22 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 10:22 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 10:22 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 10:22 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 10:22 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 10:22 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 10:22 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 10:22 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 10:22 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 10:22 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 10:22 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 10:22 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 10:22 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 10:22 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 10:22 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 10:22 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 10:22 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 10:22 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 10:22 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 10:22 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 10:22 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 10:22 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 10:22 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 10:22 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 10:22 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 10:22 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 10:22 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 10:22 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 10:22 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 10:22 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 10:22 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 10:22 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 10:22 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 10:22 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 10:22 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 10:22 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 10:22 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 10:22 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 10:22 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 10:22 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 10:22 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 10:22 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 10:22 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 10:22 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 10:22 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 10:22 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 10:22 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 10:22 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 10:22 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 10:22 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 10:22 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-09 10:21 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 10:21 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 10:21 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 10:20 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 10:20 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 10:20 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 10:20 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 10:20 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 10:20 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 10:20 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 10:20 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 10:20 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 10:20 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 10:20 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 10:20 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 10:20 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 10:20 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 10:13 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 10:13 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 10:13 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-30 13:22 - 2014-07-30 13:21 - 00016668 _____ () C:\Users\Dominik\Desktop\FRST.txt
2014-07-30 13:21 - 2014-07-30 13:21 - 00000000 ____D () C:\FRST
2014-07-30 13:21 - 2014-06-29 09:07 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\BitTorrent
2014-07-30 13:18 - 2014-07-30 13:19 - 02093568 _____ (Farbar) C:\Users\Dominik\Desktop\FRST64.exe
2014-07-30 13:18 - 2014-07-30 13:18 - 02093568 _____ (Farbar) C:\Users\Dominik\Downloads\FRST64.exe
2014-07-30 13:16 - 2013-03-18 20:41 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Skype
2014-07-30 13:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-30 12:54 - 2013-09-26 15:24 - 00007595 _____ () C:\Users\Dominik\AppData\Local\Resmon.ResmonCfg
2014-07-30 12:42 - 2013-03-16 13:50 - 00000954 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-30 12:30 - 2013-03-15 22:30 - 01442209 _____ () C:\Windows\WindowsUpdate.log
2014-07-30 12:14 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-30 12:14 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-30 12:12 - 2014-02-10 18:18 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Seznam.cz
2014-07-30 12:07 - 2014-07-30 11:46 - 00029513 _____ () C:\zoek-results.log
2014-07-30 12:07 - 2013-03-16 13:50 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-30 12:07 - 2013-03-15 23:32 - 00000000 ____D () C:\ProgramData\clear.fi
2014-07-30 12:06 - 2014-07-30 11:45 - 00000000 ____D () C:\zoek_backup
2014-07-30 12:06 - 2010-11-21 05:47 - 00185808 _____ () C:\Windows\PFRO.log
2014-07-30 12:06 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-30 12:06 - 2009-07-14 06:51 - 00091218 _____ () C:\Windows\setupact.log
2014-07-30 12:03 - 2014-07-30 12:03 - 00000168 _____ () C:\folders.txt
2014-07-30 11:59 - 2013-03-15 23:21 - 00000000 ____D () C:\Users\Dominik
2014-07-30 11:45 - 2014-07-30 12:04 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-30 11:45 - 2014-07-30 11:45 - 01287168 _____ () C:\Users\Dominik\Downloads\zoek.exe
2014-07-30 11:45 - 2014-07-30 11:45 - 01287168 _____ () C:\Users\Dominik\Desktop\zoek.exe
2014-07-30 11:37 - 2009-07-14 04:34 - 00000635 _____ () C:\Windows\win.ini
2014-07-30 11:36 - 2014-07-30 11:35 - 00000000 ____D () C:\AdwCleaner
2014-07-30 11:34 - 2014-07-30 11:34 - 01365551 _____ () C:\Users\Dominik\Downloads\adwcleaner_3.301.exe
2014-07-30 11:34 - 2014-07-30 11:34 - 01365551 _____ () C:\Users\Dominik\Desktop\adwcleaner_3.301.exe
2014-07-30 11:30 - 2014-07-30 11:30 - 00008753 _____ () C:\Users\Dominik\Desktop\JRT.txt
2014-07-30 11:21 - 2014-07-30 11:21 - 01016261 _____ (Thisisu) C:\Users\Dominik\Downloads\JRT.exe
2014-07-30 11:21 - 2014-07-30 11:21 - 01016261 _____ (Thisisu) C:\Users\Dominik\Desktop\JRT.exe
2014-07-30 11:21 - 2014-07-30 11:21 - 00000000 ____D () C:\Windows\ERUNT
2014-07-30 10:50 - 2014-07-30 10:50 - 00000000 ___SD () C:\ComboFix
2014-07-30 10:50 - 2014-07-28 12:41 - 00060003 _____ () C:\Users\Dominik\Desktop\CFScript.txt..csv
2014-07-30 10:50 - 2014-07-28 08:20 - 00000000 ____D () C:\Qoobox
2014-07-30 10:43 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-30 10:34 - 2014-07-28 12:40 - 05563986 ____R (Swearware) C:\Users\Dominik\Desktop\ComboFix.exe
2014-07-30 10:25 - 2014-07-30 10:25 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-07-30 10:25 - 2014-07-30 10:25 - 00000000 ____D () C:\Windows\system32\NV
2014-07-30 10:25 - 2014-07-30 10:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-30 10:22 - 2014-01-04 15:13 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-07-30 10:22 - 2013-03-15 22:38 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-30 10:22 - 2013-03-15 22:37 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-07-30 10:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-07-30 09:44 - 2014-04-18 13:01 - 00000000 ____D () C:\Users\Dominik\AppData\Local\NVIDIA Corporation
2014-07-29 23:29 - 2014-07-29 23:29 - 00798584 _____ (of a) C:\Users\Dominik\Downloads\the-expendables-3-cze-5770349.exe
2014-07-29 23:21 - 2014-07-29 22:43 - 2104578048 ____R () C:\Users\Dominik\Downloads\The.Expendables.3.2014.DVDSCR.Rus.Eng.avi
2014-07-28 12:41 - 2013-12-20 17:30 - 00003005 _____ () C:\Users\Dominik\Downloads\data.csv
2014-07-28 09:16 - 2014-07-28 08:20 - 00000000 ____D () C:\Windows\erdnt
2014-07-28 08:39 - 2009-07-14 04:34 - 63438848 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-07-28 08:39 - 2009-07-14 04:34 - 17039360 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-07-28 08:39 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-07-28 08:39 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-07-28 08:39 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-07-28 08:19 - 2014-07-28 08:19 - 05563277 ____R (Swearware) C:\Users\Dominik\Downloads\ComboFix.exe
2014-07-27 20:36 - 2013-03-15 23:21 - 00000000 ____D () C:\Users\Dominik\AppData\Local\PowerCinema
2014-07-27 20:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-07-25 15:50 - 2014-07-09 10:29 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-07-25 15:50 - 2014-07-09 10:29 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-07-25 15:50 - 2014-01-04 15:15 - 01283136 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-07-25 15:50 - 2014-01-04 15:15 - 01126480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-07-17 20:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-16 12:43 - 2014-07-16 12:43 - 00004871 _____ () C:\Users\Dominik\Downloads\Doom_CooldownPulse.zip
2014-07-13 13:33 - 2013-05-03 21:02 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\TS3Client
2014-07-09 12:05 - 2014-07-09 12:05 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-07-09 11:34 - 2009-07-14 06:45 - 00283376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-09 11:32 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 11:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-09 11:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-09 11:24 - 2014-01-09 17:38 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 11:21 - 2014-01-09 17:38 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 10:23 - 2014-06-29 13:41 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-07-09 10:23 - 2014-06-23 19:22 - 00000000 ____D () C:\ProgramData\Origin
2014-07-08 19:28 - 2014-06-23 19:10 - 00000000 ____D () C:\Users\Dominik\Documents\FIFA 14
2014-07-07 13:46 - 2013-11-07 17:55 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Windows Live Writer
2014-07-07 13:43 - 2014-04-28 17:41 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Windows Live
2014-07-06 19:42 - 2013-07-20 20:48 - 00309248 ___SH () C:\Users\Dominik\Documents\Thumbs.db
2014-07-04 14:12 - 2013-09-13 14:26 - 00667136 ___SH () C:\Users\Dominik\Desktop\Thumbs.db
2014-07-02 22:48 - 2014-07-30 10:22 - 00075040 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-07-02 22:48 - 2014-07-30 10:22 - 00061912 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 18626304 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 16122344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 14498552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-07-02 22:48 - 2014-07-30 10:05 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 03196816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 02814656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 00965312 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-07-02 22:48 - 2014-07-30 10:05 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-07-02 22:48 - 2014-07-30 10:05 - 00026353 _____ () C:\Windows\system32\nvinfo.pb
2014-07-02 20:55 - 2014-07-30 10:22 - 06783776 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-07-02 20:55 - 2014-07-30 10:22 - 03522392 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-07-02 20:55 - 2014-07-30 10:22 - 02559960 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-07-02 20:55 - 2014-07-30 10:22 - 01084704 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2014-07-02 20:55 - 2014-07-30 10:22 - 00935368 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-07-02 20:55 - 2014-07-30 10:22 - 00386520 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-07-02 20:55 - 2014-07-30 10:22 - 00067072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2014-07-02 20:55 - 2014-07-30 10:22 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-07-02 12:14 - 2014-07-30 10:22 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin
2014-07-01 14:12 - 2014-06-23 19:30 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Origin

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-26 20:15

==================== End Of Log ============================




2)Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-07-2014
Ran by Dominik at 2014-07-30 13:22:58
Running from C:\Users\Dominik\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

«FIFA 14» (HKLM-x32\...\{6049054B-DB11-48E1-A583-9A565D5C8856}_is1) (Version: 1.3.0.0 - )
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.31893 - BitTorrent Inc.)
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0517.2011 - Acer Incorporated)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.16.0 - Mirillis)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Aktualizace NVIDIA 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
AVG PC TuneUp 2014 (cs-CZ) (x32 Version: 14.0.1001.229 - AVG) Hidden
AVG PC TuneUp 2014 (x32 Version: 14.0.1001.229 - AVG) Hidden
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.32128 - BitTorrent Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.8.2.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
Browser Tab Search by Ask for Google Chrome (HKLM-x32\...\Browser Tab Search by Ask_Chrome) (Version: 3.0.0.0.242 - IAC Search and Media) <==== ATTENTION
Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version: - Alactro LLC) <==== ATTENTION
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1720.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.1720.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.7709 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
Counter-Strike 1.6 (HKLM-x32\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - )
Counter-Strike 1.6 Standalone (HKLM-x32\...\Counter-Strike 1.6 Standalone) (Version: 1.00 - www.cservers.cz)
Counter-Strike: Source [DiGiTALZONE] (HKLM-x32\...\Counter-Strike Source) (Version: - )
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FIFA 09 (HKLM-x32\...\{2315B23D-3E21-4920-837D-AE6460934ECB}) (Version: 1.0.1.1 - Electronic Arts)
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garena (HKLM-x32\...\{89C89156-A70F-4C6D-9CAE-2EA71F1396FE}) (Version: 2.3 - Ocean Global Holding)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Media View (HKLM-x32\...\MediaViewV1alpha474) (Version: 1.1 - Media View) <==== ATTENTION
Media Watch (HKLM-x32\...\MediaWatchV1home728) (Version: 1.1 - Media Watch) <==== ATTENTION
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (CSY) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 cs)) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.18 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.18 - Egis Technology Inc.) Hidden
Network System Driver (HKLM-x32\...\inethnfd) (Version: 1.0.0.3001 - ) <==== ATTENTION
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Ovladače grafiky 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Systémový software PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Opera Stable 20.0.1387.82 (HKLM-x32\...\Opera 20.0.1387.82) (Version: 20.0.1387.82 - Opera Software ASA)
Ovládací panel NVIDIA 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
PC Data App (HKLM-x32\...\PCData App) (Version: - ) <==== ATTENTION
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pokki (HKCU\...\Pokki) (Version: 0.267.1.208 - Pokki)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.2.4-1.0.7299.14 - raidcall.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6339 - Realtek Semiconductor Corp.)
Seznam Software (HKCU\...\SeznamInstall) (Version: - Seznam.cz)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)
The Battle for Middle-earth (tm) II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - )
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
Trust Media Viewer (HKLM-x32\...\TrustMediaViewerV1alpha4100) (Version: 1.1 - Trust Media Viewer) <==== ATTENTION
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
VLC media player 1.1.5 (HKLM-x32\...\VLC media player) (Version: 1.1.5 - VideoLAN)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3503 - Acer Incorporated)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.8500 - Broadcom)
WildTangent Games App (Acer Games) (x32 Version: 4.0.5.14 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 5.00 beta 6 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.6 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3245613144-707867244-2925894362-1001_Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}\InprocServer32 -> %LOCALAPPDATA%\Pokki\ocdeskband_0.dll No File

==================== Restore Points =========================

27-07-2014 15:21:51 Naplánovaný kontrolní bod
27-07-2014 18:32:15 Operace obnovení
29-07-2014 07:04:04 Windows Update
30-07-2014 07:43:52 Nainstalováno rozhraní DirectX
30-07-2014 09:46:46 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-07-30 11:47 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0BEBC251-5290-46CB-9CFA-F75C85AFDF62} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-16] (Google Inc.)
Task: {1B8AF2C2-94BC-4E08-8664-7B32C671A192} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-05-20] (Acer Incorporated)
Task: {359BBEC5-C5A0-4C31-8BFB-7A99C47D9C7E} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-05-20] (CyberLink Corp.)
Task: {38AB495B-06AD-4576-8F08-654CE683FB3B} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-16] (Adobe Systems Incorporated)
Task: {41B2EC03-DD3F-40AE-B427-53CEF1552856} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {506E0C36-3A40-4735-8DD9-7330B66DDA22} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2010-11-16] (Adobe Systems Incorporated)
Task: {5F7EF340-9FD7-43CE-B1C5-E38C1AEA73BC} - System32\Tasks\{FDDC1886-1487-41BB-B636-530C65AFA2F3} => Chrome.exe http://ui.skype.com/ui/0/6.3.0.105/en/a ... age=tsMain
Task: {637E6C36-8492-47D4-9A7B-FC8D8CE31388} - \Yahoo! Search No Task File <==== ATTENTION
Task: {6B74DF1D-16CE-4D2C-BF1A-E47CABEAA49D} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2011-06-18] (Acer)
Task: {781F8744-41ED-4CF6-AD91-D9D76EC8A7FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-16] (Google Inc.)
Task: {A68A9FF6-AE9A-4E5C-9561-1C4D76B8C315} - System32\Tasks\{F1BD2613-6062-4037-BF6F-DDBE79208A00} => Chrome.exe http://ui.skype.com/ui/0/6.3.0.107/en/a ... age=tsMain
Task: {D4DD05ED-A69E-4EE5-BE75-48625A7FEB19} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-05-20] (CyberLink)
Task: {F3A3CC50-29C6-4F72-8778-6C8980DF0411} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-07-30 10:22 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-10 18:19 - 2013-04-15 13:32 - 00060416 _____ () C:\Users\Dominik\AppData\Roaming\Seznam.cz\bin\7759libfoxloader-x64.dll
2011-05-10 15:13 - 2011-05-10 15:13 - 00205088 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2009-01-22 01:45 - 2009-01-22 01:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2011-08-12 09:37 - 2011-06-10 19:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-02-10 18:19 - 2013-04-12 10:13 - 00457208 _____ () C:\Users\Dominik\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2014-02-10 18:19 - 2013-04-29 12:53 - 00045560 _____ () C:\Users\Dominik\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2014-07-30 10:05 - 2014-07-02 22:48 - 00013272 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2014-02-10 18:19 - 2013-03-29 13:37 - 00059384 _____ () C:\Users\Dominik\AppData\Roaming\Seznam.cz\bin\7759libfoxloader.dll
2011-05-20 12:13 - 2011-05-20 12:13 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2014-02-10 18:19 - 2013-03-25 16:39 - 00894968 _____ () C:\Users\Dominik\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2014-07-18 14:51 - 2014-07-15 11:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-07-18 14:51 - 2014-07-15 11:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-07-18 14:51 - 2014-07-15 11:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-18 14:51 - 2014-07-15 11:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-18 14:51 - 2014-07-15 11:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
2014-02-22 11:22 - 2014-02-22 11:22 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ae685719bd599604bdf031cdad0ba38a\IsdiInterop.ni.dll
2011-08-12 08:58 - 2011-04-30 09:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
MSCONFIG\startupreg: ArcadeMovieService => "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
MSCONFIG\startupreg: RaidCall => C:\Program Files (x86)\RaidCall\raidcall.exe
MSCONFIG\startupreg: SuiteTray => "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/30/2014 01:20:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program GFExperience.exe verze 15.3.33.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 147c

Čas spuštění: 01cfabe7fe6d6fb5

Čas ukončení: 74

Cesta k aplikaci: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe

ID hlášení: 87c25da8-17db-11e4-bd0a-b870f4f70ddd

Error: (07/30/2014 00:07:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/30/2014 11:39:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/30/2014 00:07:00 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sptd

Error: (07/30/2014 00:06:30 PM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error: (07/30/2014 11:58:18 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (07/30/2014 11:58:17 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (07/30/2014 11:58:17 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (07/30/2014 11:58:17 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (07/30/2014 11:58:16 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (07/30/2014 11:38:33 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sptd

Error: (07/30/2014 11:38:00 AM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .


Microsoft Office Sessions:
=========================
Error: (07/30/2014 01:20:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: GFExperience.exe15.3.33.0147c01cfabe7fe6d6fb574C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe87c25da8-17db-11e4-bd0a-b870f4f70ddd

Error: (07/30/2014 00:07:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/30/2014 11:39:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
Date: 2014-07-30 10:42:52.481
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-30 10:42:52.425
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-30 10:42:52.359
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-30 10:42:52.299
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-28 08:32:08.277
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-28 08:32:08.220
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 52%
Total physical RAM: 3947.86 MB
Available physical RAM: 1881.32 MB
Total Pagefile: 7893.9 MB
Available Pagefile: 5596.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:680.54 GB) (Free:432.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 8A60142A)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=681 GB) - (Type=07 NTFS)

==================== End Of Log ============================