Kontrola logu

[Karel Hrábě]

Zdravím,

mohl bych, prosím, někoho z vás poprosit o kontrolu logu? V poslední době pociťuju výrazný zpomalení ntb. Dnes jsem mezi programy našel Yontoo, když jsem se zajímal, co to je zač, odkazy mě zavedly sem. Chci toho parchanta dostat ven spolu s jeho případnýma kamarádama. Dík moc za pomoc.

Hrábě



Logfile of random's system information tool 1.10 (written by random/random)
Run by vodka lemon at 2014-09-06 14:10:27
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 6 GB (1%) free of 460 GB
Total RAM: 3035 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:11:24, on 6.9.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16563)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
c:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskeng.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Western Digital\WD Security\WDDriveAutoUnlock.exe
C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
C:\SOUBORY\RSIT.exe
C:\Program Files\trend micro\vodka lemon.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.superhry.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.superhry.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [accrdsub] "c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
O4 - HKLM\..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Nástroj WD Drive Unlocker] C:\Program Files\Western Digital\WD Security\WDDriveAutoUnlock.exe
O4 - HKLM\..\Run: [Nástroj WD Quick View] C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\RunOnce: [NCPluginUpdater] "C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-758965938-1497452166-1016383648-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'postgres')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files\PokerStars.FR\PokerStarsUpdate.exe
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: APSHook.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: ActivClient Middleware Service (accoca) - ActivIdentity - c:\Program Files\ActivIdentity\ActivClient\accoca.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - c:\Program Files\Fingerprint Sensor\AtService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Autodesk Network Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - c:\Windows\system32\flcdlock.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard - C:\windows\system32\Hpservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: WD Backup (WDBackup) - Western Digital - C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital - C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: WD Rules (WDRulesService) - Western Digital - C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe

--
End of file - 17001 bytes

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\vodka lemon\AppData\Roaming\Mozilla\Firefox\Profiles\a76qlfls.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "google.cz"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10, 2020Player@2020Technologies.com:5.0.4.0, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, 2020Player_IKEA@2020Technologies.com:5.0.7.0, {ea2b95c2-9be8-48ed-bdd1-5fcd2ad0ff99}:0.3.8.1, {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.4.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6"
prefs.js - "keyword.URL" - "http://slirsredirect.search.aol.com/sli ... pab&query="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.179 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nullsoft.com/winampDetector;version=1]
"Description"=Winamp Detector
"Path"=C:\Program Files\Winamp Detect\npwachk.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files\Sony\Media Go\npmediago.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
nsILegitCheckPlugin.xpt
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npDivxPlayerPlugin.dll
npLegitCheckPlugin.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nsIDivxPlayerPlugin.xpt
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\vodka lemon\AppData\Roaming\Mozilla\Firefox\Profiles\a76qlfls.default\extensions\
2020Player@2020Technologies.com
2020Player_IKEA@2020Technologies.com
{20a82645-c095-46ed-80e3-08825760534b}
{ea2b95c2-9be8-48ed-bdd1-5fcd2ad0ff99}

C:\Users\vodka lemon\AppData\Roaming\Mozilla\Firefox\Profiles\a76qlfls.default\searchplugins\
hledejcenycz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2010-07-28 1267024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
BHO_Startup Class - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2009-01-14 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2009-03-25 98064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo - C:\Program Files\Yontoo\YontooIEClient.dll [2011-12-09 194848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-04-23 937416]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2010-07-28 1267024]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-17 186904]
"accrdsub"=c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2007-11-28 298536]
"PTHOSTTR"=c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2009-03-26 346680]
"CognizanceTS"=c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2009-03-25 24848]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-05-29 1721640]
"WirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-03-10 506936]
"File Sanitizer"=C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2009-01-14 11223040]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-07-28 288312]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-03 61440]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [2009-01-16 3866624]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
""= []
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2013-05-08 642664]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 951576]
"Nástroj WD Drive Unlocker"=C:\Program Files\Western Digital\WD Security\WDDriveAutoUnlock.exe [2012-06-13 1688008]
"Nástroj WD Quick View"=C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe [2012-06-14 5235128]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"DivXMediaServer"=C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [2014-04-03 450560]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2014-01-10 1861968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-08-19 21720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-01-10 2393376]
""= []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="APSHook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\DeviceNP]
C:\windows\system32\DeviceNP.dll [2008-08-07 69632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"msacm.l3codecp"=l3codecp.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"vidc.mjpg"=pvmjpg30.dll

======File associations======

.js - edit - C:\windows\System32\Notepad.exe %1
.js - open - C:\windows\System32\WScript.exe "%1" %*
.scr - open - C:\windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-09-06 14:10:28 ----D---- C:\Program Files\trend micro
2014-09-06 14:10:27 ----D---- C:\rsit
2014-09-03 10:04:40 ----A---- C:\windows\system32\win32k.sys
2014-09-03 10:04:39 ----A---- C:\windows\system32\gdi32.dll
2014-08-15 03:14:18 ----A---- C:\windows\system32\infocardapi.dll
2014-08-15 03:14:17 ----A---- C:\windows\system32\icardres.dll
2014-08-15 03:14:17 ----A---- C:\windows\system32\icardagt.exe
2014-08-15 03:14:06 ----A---- C:\windows\system32\TsWpfWrp.exe
2014-08-14 06:34:27 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2014-08-14 06:34:27 ----A---- C:\windows\system32\cdd.dll
2014-08-14 06:34:22 ----A---- C:\windows\system32\msi.dll
2014-08-14 06:34:21 ----A---- C:\windows\system32\msihnd.dll
2014-08-14 06:34:21 ----A---- C:\windows\system32\consent.exe
2014-08-14 06:34:21 ----A---- C:\windows\system32\authui.dll
2014-08-14 06:34:21 ----A---- C:\windows\system32\appinfo.dll
2014-08-14 06:34:13 ----A---- C:\windows\system32\tzres.dll
2014-08-14 06:34:07 ----A---- C:\windows\system32\vbscript.dll
2014-08-14 06:34:06 ----A---- C:\windows\system32\wininet.dll
2014-08-14 06:34:06 ----A---- C:\windows\system32\mshtmled.dll
2014-08-14 06:34:06 ----A---- C:\windows\system32\jscript9.dll
2014-08-14 06:34:06 ----A---- C:\windows\system32\jscript.dll
2014-08-14 06:34:06 ----A---- C:\windows\system32\ieui.dll
2014-08-14 06:34:06 ----A---- C:\windows\system32\dxtrans.dll
2014-08-14 06:34:06 ----A---- C:\windows\system32\dxtmsft.dll
2014-08-14 06:34:02 ----A---- C:\windows\system32\mshtml.dll
2014-08-14 06:34:01 ----A---- C:\windows\system32\urlmon.dll
2014-08-14 06:34:01 ----A---- C:\windows\system32\mshta.exe
2014-08-14 06:34:01 ----A---- C:\windows\system32\msfeedssync.exe
2014-08-14 06:34:01 ----A---- C:\windows\system32\msfeedsbs.dll
2014-08-14 06:34:00 ----A---- C:\windows\system32\jsproxy.dll
2014-08-14 06:33:59 ----A---- C:\windows\system32\msfeeds.dll
2014-08-14 06:33:57 ----A---- C:\windows\system32\url.dll
2014-08-14 06:33:57 ----A---- C:\windows\system32\ieUnatt.exe
2014-08-14 06:33:57 ----A---- C:\windows\system32\iertutil.dll
2014-08-14 06:33:57 ----A---- C:\windows\system32\ieframe.dll
2014-08-10 21:31:54 ----D---- C:\Program Files\Common Files\Skype
2014-08-10 17:11:27 ----D---- C:\ProgramData\AWEM
2014-08-10 17:11:27 ----D---- C:\ProgramData\AlawarWrapper
2014-08-10 17:10:57 ----D---- C:\Program Files\Superhry.cz
2014-08-10 17:10:55 ----D---- C:\Program Files\Alawarhry.cz

======List of files/folders modified in the last 1 month======

2014-09-06 14:10:28 ----RD---- C:\Program Files
2014-09-06 14:10:19 ----D---- C:\windows\Temp
2014-09-06 14:05:36 ----D---- C:\SOUBORY
2014-09-06 13:43:11 ----HD---- C:\ProgramData
2014-09-06 13:40:53 ----D---- C:\Users\vodka lemon\AppData\Roaming\Skype
2014-09-06 10:53:01 ----D---- C:\windows\system32\Tasks
2014-09-03 10:33:58 ----D---- C:\windows\System32
2014-09-03 10:11:20 ----SHD---- C:\System Volume Information
2014-09-03 10:05:44 ----D---- C:\windows\winsxs
2014-09-03 10:05:35 ----D---- C:\windows\system32\catroot
2014-09-03 09:54:09 ----D---- C:\ProgramData\PDFC
2014-08-31 13:36:13 ----D---- C:\windows\inf
2014-08-31 13:36:13 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-08-31 13:12:07 ----D---- C:\windows\system32\config
2014-08-31 13:11:58 ----D---- C:\windows\Tasks
2014-08-31 13:11:58 ----D---- C:\windows\system32\spool
2014-08-31 13:11:58 ----D---- C:\windows\system32\Msdtc
2014-08-31 13:11:58 ----D---- C:\Windows
2014-08-31 13:11:57 ----D---- C:\windows\system32\wbem
2014-08-31 13:11:57 ----D---- C:\windows\registration
2014-08-31 12:25:19 ----D---- C:\windows\system32\catroot2
2014-08-30 15:28:09 ----SHD---- C:\windows\Installer
2014-08-24 13:43:02 ----D---- C:\Users\vodka lemon\AppData\Roaming\vlc
2014-08-23 21:26:31 ----D---- C:\downloads
2014-08-23 14:08:53 ----D---- C:\Program Files\JDownloader
2014-08-23 08:55:51 ----A---- C:\windows\system32\FlashPlayerApp.exe
2014-08-20 21:15:35 ----D---- C:\windows\Prefetch
2014-08-18 21:40:37 ----D---- C:\Program Files\Full Tilt Poker
2014-08-17 00:38:26 ----A---- C:\blitzerr.txt
2014-08-15 04:06:12 ----D---- C:\windows\rescache
2014-08-15 04:02:06 ----D---- C:\windows\Microsoft.NET
2014-08-15 04:00:55 ----RSD---- C:\windows\assembly
2014-08-15 03:43:58 ----D---- C:\windows\system32\cs-CZ
2014-08-15 03:43:53 ----D---- C:\windows\system32\migration
2014-08-15 03:43:53 ----D---- C:\windows\system32\drivers
2014-08-15 03:43:53 ----D---- C:\Program Files\Internet Explorer
2014-08-15 03:28:07 ----D---- C:\ProgramData\Microsoft Help
2014-08-15 03:27:13 ----D---- C:\windows\system32\MRT
2014-08-15 03:16:54 ----A---- C:\windows\system32\mrt.exe
2014-08-14 11:02:12 ----D---- C:\Program Files\PokerStars
2014-08-10 21:31:54 ----RD---- C:\Program Files\Skype
2014-08-10 21:31:54 ----D---- C:\Program Files\Common Files
2014-08-10 21:31:49 ----D---- C:\ProgramData\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 25656]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\drivers\iastor.sys [2009-06-04 330264]
R0 MegaSR;MegaSR; C:\windows\system32\drivers\megasr.sys [2008-01-21 386616]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2014-01-25 231960]
R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 SafeBoot;SafeBoot; C:\windows\system32\drivers\SafeBoot.sys [2009-02-20 109216]
R0 SbAlg;SbAlg; C:\windows\system32\drivers\SbAlg.sys [2009-02-20 51408]
R0 SbFsLock;SbFsLock; C:\windows\system32\drivers\SbFsLock.sys [2009-02-20 12960]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2012-08-25 477240]
R1 MpKslad017f50;MpKslad017f50; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8BC6291B-7E9E-4981-BA1F-CBD310AB5C44}\MpKslad017f50.sys [2014-09-06 39464]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2009-02-20 12528]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
R2 regi;regi; C:\windows\system32\drivers\regi.sys [2007-04-17 11032]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 33848]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2009-05-18 381440]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2006-11-02 983552]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\windows\system32\drivers\AtiHdmi.sys [2009-02-19 95760]
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-02-03 4303360]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl6.sys [2013-05-29 2709056]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2009-07-02 1765168]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2013-05-29 245424]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 BthEnum;Služba Bluetooth Enumerator; C:\windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-03-11 84008]
S3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2009-03-11 109608]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-03-11 29736]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-03-11 18344]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv.sys [2008-08-06 32256]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;Filtr Dot4USB Dot4USB Filter; C:\windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2008-03-29 21248]
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2008-03-29 20096]
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmb.sys [2013-01-23 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbo.sys [2013-01-23 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsu.sys [2013-01-23 137600]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2008-01-21 45624]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192]
S3 USBAAPL;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\windows\system32\drivers\usbaudio.sys [2013-07-12 73344]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 usbser;USB Modem Driver; C:\windows\system32\DRIVERS\usbser.sys [2013-08-29 27648]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2013-01-23 8192]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\windows\system32\DRIVERS\wdcsam.sys [2012-06-13 11520]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 accoca;ActivClient Middleware Service; c:\Program Files\ActivIdentity\ActivClient\accoca.exe [2007-11-28 185896]
R2 AEADIFilters;Andrea ADI Filters Service; C:\windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2008-08-26 14336]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 ASBroker;Logon Session Broker; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 ASChannel;Local Communication Channel; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 Ati External Event Utility;Ati External Event Utility; C:\windows\system32\Ati2evxx.exe [2009-02-03 729088]
R2 ATService;AuthenTec Fingerprint Service; c:\Program Files\Fingerprint Sensor\AtService.exe [2008-10-03 1185016]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\windows\system32\svchost.exe [2008-01-21 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-03-02 567848]
R2 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-02-09 1045256]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2011-02-23 125496]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-01-25 92216]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2009-02-20 256544]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-01-14 77824]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2009-07-08 26168]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-17 354840]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-01-10 79136]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 22216]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2008-08-08 777240]
R2 pgsql-8.3;PostgreSQL Database Server 8.3; C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe [2009-03-13 65536]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-09-30 1051968]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 WDBackup;WD Backup; C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe [2012-06-14 1151424]
R2 WDDriveService;WD Drive Manager; C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe [2012-09-06 248248]
R2 WDRulesService;WD Rules; C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe [2012-06-14 1177536]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2011-01-25 791608]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-14 135664]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-23 262320]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-10-31 85096]
S3 Autodesk Network Licensing Service;Autodesk Network Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe [2008-06-06 1322648]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\system32\flcdlock.exe [2008-08-07 349432]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-14 135664]
S3 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2009-03-26 45056]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-08-02 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 RoxMediaDB10;RoxMediaDB10; c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-13 1120752]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2009-04-30 74392]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-12-07 435008]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[vyosek]

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[Karel Hrábě]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows Vista (TM) Home Basic x86
Ran by vodka lemon on so 06.09.2014 at 15:12:09,23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values




~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\winamptbserver.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\yontooieclient.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\winamp toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\tarma installer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\winamp toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dttoolbar.toolbandobj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dttoolbar.toolbandobj.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\winamptb.aoltbsearch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\winamptb.aoltbsearch.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\winamptb.aoltoolband
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\winamptb.aoltoolband.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\winamptb.downloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\winamptb.downloader.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\winamptb.toolbarinfo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\winamptb.toolbarinfo.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\winamptb.toolbarparams
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\winamptb.toolbarparams.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\winamptbserver.aoltoolbarhelper
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\winamptbserver.aoltoolbarhelper.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\winamp toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\ProgramData\winamp toolbar"
Successfully deleted: [Folder] "C:\Users\vodka lemon\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Program Files\daemon tools toolbar"
Successfully deleted: [Folder] "C:\Program Files\winamp toolbar"
Successfully deleted: [Folder] "C:\Program Files\yontoo"



~~~ FireFox

Successfully deleted: [File] C:\Users\vodka lemon\AppData\Roaming\mozilla\firefox\profiles\a76qlfls.default\user.js
Successfully deleted the following from C:\Users\vodka lemon\AppData\Roaming\mozilla\firefox\profiles\a76qlfls.default\prefs.js

user_pref("browser.search.defaulturl", "hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=");
user_pref("extentions.y2layers.defaultEnableAppsList", "Buzzdock,Buzzdock,");
user_pref("extentions.y2layers.installId", "1ec28d49-106c-4268-b7c2-9b79cf2d2f2c");
user_pref("keyword.URL", "hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=2685&invocationType=tb50ffwinampab&query=");
Emptied folder: C:\Users\vodka lemon\AppData\Roaming\mozilla\firefox\profiles\a76qlfls.default\minidumps [356 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 06.09.2014 at 15:17:49,98
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




# AdwCleaner v3.309 - Report created 06/09/2014 at 15:43:44
# Updated 02/09/2014 by Xplode
# Operating System : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Username : vodka lemon - VODKALEMON-PC
# Running from : C:\Users\vodka lemon\Desktop\adwcleaner_3.309.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AlawarWrapper
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com
Folder Deleted : C:\Users\Public\Documents\AlawarWrapper
Folder Deleted : C:\Users\vodka lemon\AppData\Local\Winamp Toolbar
File Deleted : C:\Users\vodka lemon\AppData\Roaming\Mozilla\Firefox\Profiles\a76qlfls.default\Extensions\plugin@yontoo.com.xpi

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EF4E91D-DDD5-4478-BCA7-DA04435934C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B38D6EDE-390B-4620-8365-29E16459EBDA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE178B09-C8AA-4734-804D-1849BCCA0C29}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0B79C149-3B19-40DE-92BF-1A3AD9C1DA9D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{229C56BB-A36A-4323-8C82-B136DF45697D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33E2B3CB-322E-4CBE-89F2-C06F5A35DB46}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{51080E66-F357-4F2A-9BFC-2456695883B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537AD3CF-DE2B-4A1C-8279-C946B7E490D4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5BF7365D-25FF-40F3-8DEE-06ABEDF177CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A10A1344-B533-4C9E-BE4E-4C5BC4953047}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA94BCE1-7E60-422D-9E7D-B853BC03FE78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BDCE611F-FDAA-4B10-A8E8-220A7897A69F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D0F1E414-1FAE-466C-B122-DE735B7BFF9D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E458510C-1DD5-4A05-8C4C-53BEF69C05E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}]
Key Deleted : HKCU\Software\eSupport.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\daemon tools toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Winamp Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16563


-\\ Mozilla Firefox v31.0 (x86 cs)

[ File : C:\Users\vodka lemon\AppData\Roaming\Mozilla\Firefox\Profiles\a76qlfls.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "Winamp Search");
Line Deleted : user_pref("browser.search.selectedEngine", "Winamp Search");
Line Deleted : user_pref("extentions.y2layers.installId", "1D4E338D-6612-EDF5-9282-B1BB12493581");
Line Deleted : user_pref("extentions.y2layers.installId_backup", "1D4E338D-6612-EDF5-9282-B1BB12493581");
Line Deleted : user_pref("winamp_toolbar.strbundle.msg", "Winamp Toolbar");

*************************

AdwCleaner[R0].txt - [6798 octets] - [06/09/2014 15:31:16]
AdwCleaner[S0].txt - [6853 octets] - [06/09/2014 15:43:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6913 octets] ##########

[vyosek]

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[Karel Hrábě]

Zoek.exe v5.0.0.0 Updated 05-September-2014
Tool run by vodka lemon on so 06.09.2014 at 16:07:48,41.
Microsoft® Windows Vista™ Home Basic 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\vodka lemon\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

6.9.2014 16:12:01 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0BF43445-2F28-4351-9252-17FE6E806AA0} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\VODKAL~1\AppData\Roaming\Mozilla\Firefox\Profiles\a76qlfls.default\prefs.js:
user_pref("browser.startup.homepage", "google.cz");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\VODKAL~1\AppData\Roaming\Mozilla\Firefox\Profiles\a76qlfls.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\Program Files\Alawarhry.cz deleted
C:\found.000 deleted
C:\Users\vodka lemon\AppData\Local\cache deleted
C:\windows\System32\tmp68B1.tmp deleted
C:\windows\System32\tmp6910.tmp deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [26.10.2009 17:56]

==== Firefox Extensions ======================

ProfilePath: C:\Users\VODKAL~1\AppData\Roaming\Mozilla\Firefox\Profiles\a76qlfls.default
- Visualisateur 3D de 20-20 - C:\Users\vodka lemon\AppData\Roaming\Mozilla\Firefox\Profiles\a76qlfls.default\extensions\2020Player@2020Technologies.com
- Visualisateur 3D de 20-20 - C:\Users\vodka lemon\AppData\Roaming\Mozilla\Firefox\Profiles\a76qlfls.default\extensions\2020Player_IKEA@2020Technologies.com
- Edit Cookies - C:\Users\vodka lemon\AppData\Roaming\Mozilla\Firefox\Profiles\a76qlfls.default\extensions\{ea2b95c2-9be8-48ed-bdd1-5fcd2ad0ff99}
- Visualisateur 3D de 20-20 - %ProfilePath%\extensions\2020Player@2020Technologies.com
- Visualisateur 3D de 20-20 - %ProfilePath%\extensions\2020Player_IKEA@2020Technologies.com
- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
- Edit Cookies - %ProfilePath%\extensions\{ea2b95c2-9be8-48ed-bdd1-5fcd2ad0ff99}
- FlashGot - %ProfilePath%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\vodka lemon\AppData\Roaming\Mozilla\Firefox\Profiles\a76qlfls.default
9EE20E6E2E3F94714D44F739B9A228F4 - C:\windows\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll - Shockwave Flash
0CA4180B21C6B728578F3B0433BB740E - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
FB5621842FDABF9F8359775573498FBC - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll - Google Update
A32402A7A2AC60B5422255DF020EC44A - C:\Program Files\DivX\DivX Web Player\npdivx32.dll - DivX Plus Web Player
025BBEF5A248B09BDC6684747F6EB5BC - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U55
290A0130C74ADCD4546BC6900D1665D9 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.550.14
5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
86244E1B6D062BBE2B91AA5DA7376806 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in
C5322029C67AD8D38311FABEEAB4E595 - C:\Program Files\Winamp Detect\npwachk.dll - Winamp Application Detector
AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\browser\nppdf32.dll - Adobe Acrobat
AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll - Adobe Acrobat
37BC12D7E076F77D432C74DAAE08A138 - C:\Users\vodka lemon\AppData\Roaming\Mozilla\Firefox\Profiles\a76qlfls.default\extensions\2020Player_IKEA@2020Technologies.com\plugins\NP_2020Player_IKEA.dll - 20-20 3D Viewer for IKEA
A847F61BACFA2C4E3E0B0F9431BB5245 - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll - Nokia Suite Enabler Plugin
CA36F6DCA9A783FF60CB2DC5D28FA5F0 - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll - PDF-XChange Viewer
CCA048C8948192C5C8AFFD30734F08A6 - C:\Program Files\Sony\Media Go\npmediago.dll - Media Go Detector
566439A13C0769D8117FC003E84DF383 - C:\Users\vodka lemon\AppData\Roaming\Mozilla\Firefox\Profiles\a76qlfls.default\extensions\2020Player@2020Technologies.com\plugins\NP2020Player.dll - 20-20 3D Viewer
BC57D207985780AF88ABB15ECC75C59F - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.6.5
E08E67CD1D53C83C696B7E731F3794C0 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.6.5
CE34BB9EC3ADB3E88BE810D0C5FDDE4B - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.6.5
A60B3186F98F589E4F8001A4C720702A - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.6.5
EE450CC159F2650E70ACFB99D45494DE - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.6.5
840C5A58162FB6F02AAC2ED76E0B6641 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.6.5
DA548872C3126B09D7832B4ABEB54116 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.6.5
A82533DA1C7AFCE542B8E0D2714B8A4A - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector
AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.superhry.cz/"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.superhry.cz/"
"Default_Page_URL"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.superhry.cz/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

Nothing found to reset

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\postgres\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\vodka lemon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\vodka lemon\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\vodka lemon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\vodka lemon\AppData\Local\Mozilla\Firefox\Profiles\a76qlfls.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=312 folders=44 13567134 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\postgres\AppData\Local\Temp emptied successfully
C:\Users\vodka lemon\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\VODKAL~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\vodka lemon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on so 06.09.2014 at 16:33:59,48 ======================

[vyosek]

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=30&t=133101

[Karel Hrábě]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-09-2014
Ran by vodka lemon (administrator) on VODKALEMON-PC on 06-09-2014 17:54:30
Running from C:\Users\vodka lemon\Desktop
Platform: Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
(SafeBoot International) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Bioscrypt Inc.) C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\accoca.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Agere Systems) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acresso Software Inc.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
(Western Digital) C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital ) C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Western Digital ) C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Western Digital) C:\Program Files\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(forum.viry.cz) C:\Users\vodka lemon\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-17] (Intel Corporation)
HKLM\...\Run: [accrdsub] => c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [298536 2007-11-28] (ActivIdentity)
HKLM\...\Run: [PTHOSTTR] => c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [346680 2009-03-26] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [CognizanceTS] => rundll32.exe c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1721640 2013-05-29] (Synaptics Incorporated)
HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [506936 2009-03-10] (Hewlett-Packard)
HKLM\...\Run: [File Sanitizer] => C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [11223040 2009-01-14] (Hewlett-Packard)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [288312 2009-07-28] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-02-03] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SoundMAX] => C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [3866624 2009-01-16] (Analog Devices, Inc.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [Nástroj WD Drive Unlocker] => C:\Program Files\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-06-13] (Western Digital)
HKLM\...\Run: [Nástroj WD Quick View] => C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe [5235128 2012-06-14] (Western Digital Technologies, Inc.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-08-19] (Hewlett-Packard)
Winlogon\Notify\DeviceNP: C:\windows\system32\DeviceNP.dll (Hewlett-Packard Limited)
HKU\.DEFAULT\...\Run: [Nokia.PCSync] => C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [1744896 2007-03-27] (Time Information Services Ltd.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-758965938-1497452166-1016383648-1001\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-758965938-1497452166-1016383648-1001\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2393376 2009-01-10] (Hewlett-Packard Company)
HKU\S-1-5-21-758965938-1497452166-1016383648-1001\...\Run: [] => [X]
HKU\S-1-5-21-758965938-1497452166-1016383648-1001\...\MountPoints2: {03ca1521-c4c7-11de-94b4-00247eef65d9} - H:\Toshiba\more4you.exe
HKU\S-1-5-21-758965938-1497452166-1016383648-1001\...\MountPoints2: {cb546911-02ea-11e0-8790-002655cbf46a} - G:\LaunchU3.exe -a
HKU\S-1-5-21-758965938-1497452166-1016383648-1002\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
AppInit_DLLs: APSHook.dll => C:\windows\system32\APSHook.dll [76560 2009-03-25] (Bioscrypt Inc.)
Lsa: [Notification Packages] scecli ASWLNPkg
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: Správa překryvné ikony digitálních podpisů AutoCADu -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.superhry.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://ie.redirect.hp.com/svs/rdr?type= ... ll&pf=cmnb
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: BHO_Startup Class -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Credential Manager for HP ProtectTools -> {DF21F1DB-80C6-11D3-9483-B03D0EC10000} -> c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\vodka lemon\AppData\Roaming\Mozilla\Firefox\Profiles\a76qlfls.default
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @nullsoft.com/winampDetector;version=1 -> C:\Program Files\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\vodka lemon\AppData\Roaming\Mozilla\Firefox\Profiles\a76qlfls.default\searchplugins\hledejcenycz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: 20-20 3D Viewer - C:\Users\vodka lemon\AppData\Roaming\Mozilla\Firefox\Profiles\a76qlfls.default\Extensions\2020Player@2020Technologies.com [2011-02-20]
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\vodka lemon\AppData\Roaming\Mozilla\Firefox\Profiles\a76qlfls.default\Extensions\2020Player_IKEA@2020Technologies.com [2013-05-05]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\vodka lemon\AppData\Roaming\Mozilla\Firefox\Profiles\a76qlfls.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-05-10]
FF Extension: Edit Cookies - C:\Users\vodka lemon\AppData\Roaming\Mozilla\Firefox\Profiles\a76qlfls.default\Extensions\{ea2b95c2-9be8-48ed-bdd1-5fcd2ad0ff99} [2012-01-17]
FF Extension: FlashGot - C:\Users\vodka lemon\AppData\Roaming\Mozilla\Firefox\Profiles\a76qlfls.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2012-04-25]
FF Extension: Adblock Plus - C:\Users\vodka lemon\AppData\Roaming\Mozilla\Firefox\Profiles\a76qlfls.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-03-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-08-02]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-07]

Chrome:
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 accoca; c:\Program Files\ActivIdentity\ActivClient\accoca.exe [185896 2007-11-28] (ActivIdentity)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2008-08-26] (Agere Systems)
R2 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144672 2009-08-28] (Apple Inc.)
R2 ASBroker; c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [186640 2009-03-25] (Bioscrypt Inc.)
R2 ASChannel; c:\Program Files\Hewlett-Packard\IAM\Bin\AsChnl.dll [149776 2009-03-25] (Bioscrypt Inc.)
R2 ATService; c:\Program Files\Fingerprint Sensor\AtService.exe [1185016 2008-10-03] (AuthenTec, Inc.)
S3 Autodesk Network Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe [1322648 2008-06-06] (Autodesk, Inc.) [File not signed]
S3 FLCDLOCK; c:\Windows\system32\flcdlock.exe [349432 2008-08-07] (Hewlett-Packard Ltd)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [125496 2011-02-23] (Hewlett-Packard Company)
S3 HP ProtectTools Service; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [45056 2009-03-26] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [256544 2009-02-20] (SafeBoot International)
R2 HPFSService; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [77824 2009-01-14] (Hewlett-Packard) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [777240 2008-08-08] (PDF Complete Inc)
R2 pgsql-8.3; C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe [65536 2009-03-13] (PostgreSQL Global Development Group) [File not signed]
S3 Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [155344 2011-06-29] (Avanquest Software) [File not signed]
S3 TuneUp.Defrag; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [435008 2010-12-07] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [1051968 2010-09-30] (TuneUp Software)
R2 WDBackup; C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe [1151424 2012-06-14] (Western Digital )
R2 WDDriveService; C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-06] (Western Digital)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv.sys [32256 2008-08-06] (Hewlett-Packard Development Company L.P.)
R0 FltMgr; C:\windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 hamachi; C:\windows\System32\DRIVERS\hamachi.sys [26176 2009-09-23] (LogMeIn, Inc.)
R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R3 Ntfs; C:\windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R1 RsvLock; C:\windows\system32\Drivers\RsvLock.sys [12528 2009-02-20] (SafeBoot International)
S3 s0016bus; C:\windows\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\windows\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\windows\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\windows\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\windows\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\windows\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\windows\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation)
S3 s1018obex; C:\windows\System32\DRIVERS\s1018obex.sys [104744 2009-03-25] (MCCI Corporation)
R0 SafeBoot; C:\windows\system32\Drivers\SafeBoot.sys [109216 2009-02-20] () [File not signed]
R0 SbAlg; C:\windows\system32\Drivers\SbAlg.sys [51408 2009-02-20] (SafeBoot N.V.)
R0 SbFsLock; C:\windows\system32\Drivers\SbFsLock.sys [12960 2009-02-20] (SafeBoot International)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1765168 2009-07-02] ()
R0 sptd; C:\windows\System32\Drivers\sptd.sys [477240 2012-08-25] (Duplex Secure Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [10064 2010-02-25] (TuneUp Software)
U3 aqspawd2; C:\windows\system32\Drivers\aqspawd2.sys [0 ] (Adaptec, Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-06 17:54 - 2014-09-06 17:56 - 00026284 _____ () C:\Users\vodka lemon\Desktop\FRST.txt
2014-09-06 17:54 - 2014-09-06 17:54 - 00000000 ____D () C:\FRST
2014-09-06 17:51 - 2014-09-06 17:51 - 00112640 _____ (forum.viry.cz) C:\Users\vodka lemon\Desktop\FRSTLauncher.exe
2014-09-06 17:50 - 2014-09-06 17:50 - 01096704 _____ (Farbar) C:\Users\vodka lemon\Desktop\FRST.exe
2014-09-06 16:30 - 2014-09-06 16:07 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-09-06 16:11 - 2014-09-06 16:33 - 00011849 _____ () C:\zoek-results.log
2014-09-06 16:07 - 2014-09-06 16:26 - 00000000 ____D () C:\zoek_backup
2014-09-06 16:05 - 2014-09-06 16:05 - 01288704 _____ () C:\Users\vodka lemon\Desktop\zoek.exe
2014-09-06 15:31 - 2014-09-06 15:43 - 00000000 ____D () C:\AdwCleaner
2014-09-06 15:29 - 2014-09-06 15:29 - 01370467 _____ () C:\Users\vodka lemon\Desktop\adwcleaner_3.309.exe
2014-09-06 15:17 - 2014-09-06 15:17 - 00006486 _____ () C:\Users\vodka lemon\Desktop\JRT.txt
2014-09-06 15:06 - 2014-09-06 15:06 - 00000000 ____D () C:\windows\ERUNT
2014-09-06 15:04 - 2014-09-06 15:05 - 01016261 _____ (Thisisu) C:\Users\vodka lemon\Desktop\JRT.exe
2014-09-06 14:10 - 2014-09-06 14:11 - 00000000 ____D () C:\rsit
2014-09-06 14:10 - 2014-09-06 14:11 - 00000000 ____D () C:\Program Files\trend micro
2014-09-03 10:04 - 2014-08-23 03:03 - 00297984 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-09-03 10:04 - 2014-08-23 01:26 - 02054656 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-23 23:19 - 2014-08-24 11:55 - 00000000 ____D () C:\Users\vodka lemon\AppData\Local\Adobe
2014-08-15 03:14 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2014-08-15 03:14 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2014-08-15 03:14 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2014-08-15 03:14 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2014-08-14 06:34 - 2014-07-24 20:07 - 12356608 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-08-14 06:34 - 2014-07-24 19:58 - 01810432 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-08-14 06:34 - 2014-07-24 19:52 - 01137664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-08-14 06:34 - 2014-07-24 19:51 - 01129472 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-08-14 06:34 - 2014-07-24 19:50 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-08-14 06:34 - 2014-07-24 19:49 - 00717824 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-08-14 06:34 - 2014-07-24 19:49 - 00421376 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-08-14 06:34 - 2014-07-24 19:48 - 00353792 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-08-14 06:34 - 2014-07-24 19:48 - 00223232 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-08-14 06:34 - 2014-07-24 19:48 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-08-14 06:34 - 2014-07-24 19:48 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2014-08-14 06:34 - 2014-07-24 19:48 - 00011776 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2014-08-14 06:34 - 2014-07-24 19:48 - 00010752 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2014-08-14 06:34 - 2014-07-24 19:47 - 00176640 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-08-14 06:34 - 2014-07-08 02:46 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-08-14 06:34 - 2014-06-14 02:44 - 00638400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2014-08-14 06:34 - 2014-06-14 02:33 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2014-08-14 06:34 - 2014-06-02 12:31 - 02263552 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-08-14 06:34 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2014-08-14 06:34 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-08-14 06:34 - 2014-06-02 12:30 - 00033280 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2014-08-14 06:34 - 2014-06-02 10:56 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2014-08-14 06:33 - 2014-07-24 19:57 - 09739264 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-08-14 06:33 - 2014-07-24 19:51 - 01427968 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-08-14 06:33 - 2014-07-24 19:50 - 00231936 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2014-08-14 06:33 - 2014-07-24 19:49 - 01802240 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-08-14 06:33 - 2014-07-24 19:49 - 00607744 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-08-14 06:33 - 2014-07-24 19:49 - 00142848 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-08-14 06:33 - 2014-07-24 19:48 - 02382848 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-08-10 21:36 - 2014-08-10 22:47 - 00000000 ____D () C:\Users\vodka lemon\Desktop\fotek
2014-08-10 21:31 - 2014-08-10 21:31 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-10 17:11 - 2014-08-10 17:17 - 00000000 ____D () C:\Users\vodka lemon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Superhry.cz
2014-08-10 17:11 - 2014-08-10 17:11 - 00000000 ____D () C:\ProgramData\AWEM
2014-08-10 17:10 - 2014-08-10 17:17 - 00000000 ____D () C:\Program Files\Superhry.cz

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-06 17:56 - 2014-09-06 17:54 - 00026284 _____ () C:\Users\vodka lemon\Desktop\FRST.txt
2014-09-06 17:54 - 2014-09-06 17:54 - 00000000 ____D () C:\FRST
2014-09-06 17:53 - 2012-04-03 19:23 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-09-06 17:51 - 2014-09-06 17:51 - 00112640 _____ (forum.viry.cz) C:\Users\vodka lemon\Desktop\FRSTLauncher.exe
2014-09-06 17:51 - 2009-10-27 00:31 - 00000000 ____D () C:\SOUBORY
2014-09-06 17:50 - 2014-09-06 17:50 - 01096704 _____ (Farbar) C:\Users\vodka lemon\Desktop\FRST.exe
2014-09-06 17:48 - 2010-02-14 19:17 - 00000950 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-06 17:47 - 2009-10-26 15:50 - 01477981 _____ () C:\windows\WindowsUpdate.log
2014-09-06 16:33 - 2014-09-06 16:11 - 00011849 _____ () C:\zoek-results.log
2014-09-06 16:33 - 2012-04-10 10:55 - 00149718 _____ () C:\windows\PFRO.log
2014-09-06 16:33 - 2010-02-14 19:17 - 00000946 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-06 16:33 - 2006-11-02 14:58 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-09-06 16:33 - 2006-11-02 14:45 - 00003344 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-06 16:33 - 2006-11-02 14:45 - 00003344 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-06 16:31 - 2009-10-26 15:49 - 00000012 _____ () C:\windows\bthservsdp.dat
2014-09-06 16:31 - 2006-11-02 14:58 - 00032600 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-09-06 16:26 - 2014-09-06 16:07 - 00000000 ____D () C:\zoek_backup
2014-09-06 16:10 - 2014-06-16 19:10 - 00001086 _____ () C:\Users\vodka lemon\Desktop\rpc_cc.log
2014-09-06 16:07 - 2014-09-06 16:30 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-09-06 16:05 - 2014-09-06 16:05 - 01288704 _____ () C:\Users\vodka lemon\Desktop\zoek.exe
2014-09-06 15:43 - 2014-09-06 15:31 - 00000000 ____D () C:\AdwCleaner
2014-09-06 15:29 - 2014-09-06 15:29 - 01370467 _____ () C:\Users\vodka lemon\Desktop\adwcleaner_3.309.exe
2014-09-06 15:17 - 2014-09-06 15:17 - 00006486 _____ () C:\Users\vodka lemon\Desktop\JRT.txt
2014-09-06 15:06 - 2014-09-06 15:06 - 00000000 ____D () C:\windows\ERUNT
2014-09-06 15:05 - 2014-09-06 15:04 - 01016261 _____ (Thisisu) C:\Users\vodka lemon\Desktop\JRT.exe
2014-09-06 14:11 - 2014-09-06 14:10 - 00000000 ____D () C:\rsit
2014-09-06 14:11 - 2014-09-06 14:10 - 00000000 ____D () C:\Program Files\trend micro
2014-09-06 13:42 - 2014-06-10 18:05 - 00000000 ____D () C:\Users\vodka lemon\Desktop\tes bundle
2014-09-06 13:40 - 2009-10-29 01:23 - 00000000 ____D () C:\Users\vodka lemon\AppData\Roaming\Skype
2014-09-05 21:49 - 2009-11-14 12:29 - 00000052 _____ () C:\windows\system32\DOErrors.log
2014-09-03 19:52 - 2006-11-02 14:44 - 00505072 _____ () C:\windows\system32\FNTCACHE.DAT
2014-09-03 09:54 - 2009-09-07 13:25 - 00000000 ____D () C:\ProgramData\PDFC
2014-08-31 14:48 - 2010-03-06 15:53 - 00001744 ____H () C:\Users\vodka lemon\Documents\Default.rdp
2014-08-31 13:36 - 2006-11-02 12:33 - 01541318 _____ () C:\windows\system32\PerfStringBackup.INI
2014-08-31 13:12 - 2011-03-18 14:05 - 00000000 ____D () C:\Users\postgres
2014-08-31 13:12 - 2009-10-26 16:01 - 00000000 ____D () C:\Users\vodka lemon
2014-08-31 13:12 - 2006-11-02 12:22 - 82313216 _____ () C:\windows\system32\config\software_previous
2014-08-31 13:12 - 2006-11-02 12:22 - 31981568 _____ () C:\windows\system32\config\system_previous
2014-08-31 13:11 - 2006-11-02 13:18 - 00000000 ____D () C:\windows\system32\spool
2014-08-31 13:11 - 2006-11-02 13:18 - 00000000 ____D () C:\windows\system32\Msdtc
2014-08-31 13:11 - 2006-11-02 13:18 - 00000000 ____D () C:\windows\registration
2014-08-31 13:07 - 2006-11-02 12:22 - 46923776 _____ () C:\windows\system32\config\components_previous
2014-08-31 13:07 - 2006-11-02 12:22 - 00061440 _____ () C:\windows\system32\config\sam_previous
2014-08-31 12:05 - 2006-11-02 12:22 - 00376832 _____ () C:\windows\system32\config\default_previous
2014-08-31 12:05 - 2006-11-02 12:22 - 00028672 _____ () C:\windows\system32\config\security_previous
2014-08-24 13:43 - 2009-10-26 22:52 - 00000000 ____D () C:\Users\vodka lemon\AppData\Roaming\vlc
2014-08-24 11:55 - 2014-08-23 23:19 - 00000000 ____D () C:\Users\vodka lemon\AppData\Local\Adobe
2014-08-23 21:06 - 2010-11-29 22:28 - 00000000 ____D () C:\Users\vodka lemon\AppData\Local\PokerStars
2014-08-23 14:08 - 2009-11-25 16:57 - 00000000 ____D () C:\Program Files\JDownloader
2014-08-23 08:55 - 2012-04-03 19:23 - 00699568 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2014-08-23 08:55 - 2011-06-03 08:13 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2014-08-23 03:03 - 2014-09-03 10:04 - 00297984 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-23 01:26 - 2014-09-03 10:04 - 02054656 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-21 16:26 - 2009-10-31 17:34 - 00000000 ___RD () C:\Users\vodka lemon\Desktop\trash
2014-08-18 21:40 - 2011-03-10 00:50 - 00000000 ____D () C:\Program Files\Full Tilt Poker
2014-08-18 20:55 - 2014-02-13 17:28 - 00000000 ____D () C:\Users\vodka lemon\AppData\Local\AuxClient
2014-08-17 00:38 - 2012-08-03 00:46 - 04460620 _____ () C:\blitzerr.txt
2014-08-15 04:06 - 2006-11-02 13:18 - 00000000 ____D () C:\windows\rescache
2014-08-15 04:02 - 2006-11-02 13:18 - 00000000 ____D () C:\windows\Microsoft.NET
2014-08-15 03:28 - 2009-09-07 13:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-15 03:27 - 2013-08-14 12:25 - 00000000 ____D () C:\windows\system32\MRT
2014-08-15 03:16 - 2006-11-02 12:24 - 96303304 _____ (Microsoft Corporation) C:\windows\system32\mrt.exe
2014-08-14 13:38 - 2011-03-10 00:51 - 00000000 ____D () C:\Users\vodka lemon\AppData\Local\FullTiltPoker
2014-08-14 11:02 - 2010-11-29 22:28 - 00000000 ____D () C:\Program Files\PokerStars
2014-08-10 22:47 - 2014-08-10 21:36 - 00000000 ____D () C:\Users\vodka lemon\Desktop\fotek
2014-08-10 21:31 - 2014-08-10 21:31 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-10 21:31 - 2013-03-31 11:30 - 00000000 ___RD () C:\Program Files\Skype
2014-08-10 21:31 - 2009-10-26 16:16 - 00000000 ____D () C:\ProgramData\Skype
2014-08-10 17:17 - 2014-08-10 17:11 - 00000000 ____D () C:\Users\vodka lemon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Superhry.cz
2014-08-10 17:17 - 2014-08-10 17:10 - 00000000 ____D () C:\Program Files\Superhry.cz
2014-08-10 17:11 - 2014-08-10 17:11 - 00000000 ____D () C:\ProgramData\AWEM
2014-08-08 15:11 - 2013-08-03 13:29 - 00000000 ____D () C:\Users\vodka lemon\Desktop\x

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================


==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\vodka lemon\Desktop" je 31328 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001


==================== End Of Log ==============================


Addition.txt v příloze.

[vyosek]

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
  HKLM\...\Run: [] => [X]
  HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
  HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
  HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
  HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-08-19] (Hewlett-Packard)
  HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
  HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
  HKU\S-1-5-21-758965938-1497452166-1016383648-1001\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
  HKU\S-1-5-21-758965938-1497452166-1016383648-1001\...\Run: [] => [X]
  HKU\S-1-5-21-758965938-1497452166-1016383648-1001\...\MountPoints2: {03ca1521-c4c7-11de-94b4-00247eef65d9} - H:\Toshiba\more4you.exe
  HKU\S-1-5-21-758965938-1497452166-1016383648-1001\...\MountPoints2: {cb546911-02ea-11e0-8790-002655cbf46a} - G:\LaunchU3.exe -a
  HKU\S-1-5-21-758965938-1497452166-1016383648-1002\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
  
  HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://ie.redirect.hp.com/svs/rdr?type= ... ll&pf=cmnb
  
  2014-09-06 17:54 - 2014-09-06 17:56 - 00026284 _____ () C:\Users\vodka lemon\Desktop\FRST.txt
  2014-09-06 17:51 - 2014-09-06 17:51 - 00112640 _____ (forum.viry.cz) C:\Users\vodka lemon\Desktop\FRSTLauncher.exe
  2014-09-06 16:30 - 2014-09-06 16:07 - 00024064 _____ () C:\windows\zoek-delete.exe
  2014-09-06 16:11 - 2014-09-06 16:33 - 00011849 _____ () C:\zoek-results.log
  2014-09-06 16:07 - 2014-09-06 16:26 - 00000000 ____D () C:\zoek_backup
  2014-09-06 16:05 - 2014-09-06 16:05 - 01288704 _____ () C:\Users\vodka lemon\Desktop\zoek.exe
  2014-09-06 15:31 - 2014-09-06 15:43 - 00000000 ____D () C:\AdwCleaner
  2014-09-06 15:29 - 2014-09-06 15:29 - 01370467 _____ () C:\Users\vodka lemon\Desktop\adwcleaner_3.309.exe
  2014-09-06 15:17 - 2014-09-06 15:17 - 00006486 _____ () C:\Users\vodka lemon\Desktop\JRT.txt
  2014-09-06 15:06 - 2014-09-06 15:06 - 00000000 ____D () C:\windows\ERUNT
  2014-09-06 15:04 - 2014-09-06 15:05 - 01016261 _____ (Thisisu) C:\Users\vodka lemon\Desktop\JRT.exe
  2014-09-06 14:10 - 2014-09-06 14:11 - 00000000 ____D () C:\rsit
  2014-09-06 14:10 - 2014-09-06 14:11 - 00000000 ____D () C:\Program Files\trend micro
  2014-09-06 16:33 - 2010-02-14 19:17 - 00000946 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  2014-09-06 17:48 - 2010-02-14 19:17 - 00000950 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  
  Hosts:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[Karel Hrábě]

Dobrý den vespolek, fixlog:

[vyosek]

Pekne nedelni odpoledne

Jak se chova nas pacient

[Karel Hrábě]

tomu by nejvíc prospěl reinstall, ale na ten si bude muset ještě chvíli počkat

startup systému - subjektivně se mi zdá rychlejší, ale přesný rozdíly těžko měřit, kolik s trval startup za starých pořádků jsem nikdy nezkoumal. Ale fakt je, že člověk přišel zvenku, nastartoval stroj, svlékl se.... udělal si kávu a zašel na záchod, vrátil se zpět ke stroji... a stále měl čas přečíst si noviny . Vypínání vypadalo dost podobně, nyní také o dost lepší. Vzpamatování z režimu spánku a ukládání do něj je rychlejší rozhodně.

idle - zdá se klidnější a míň vytíženej, větrák občas připomínal vysavač i v režimech, kdy rozhodně nárok na vytížení neměl.

Firefox - velmi znatelnej posun kupředu, nastartování FF bez (kratšího, cca 5s) záseku nemožný, stejně tak přechody v nové záložce na složitější www. Nebyl vyjímkou zásek + čekání na ukončení různých skryptů i v rámci nízkých desítek vteřin. Zmizelo zcela, nyní funguje víceméně bez problémů. Díkybohu, jestli bylo něco skutečně o nervy, tak tohle. Zmizel i dost otravnej pitomec, kterej našeptával "ratingy" navštěvovaných stránek a o kterýho jsem super nestál, ale nepodařilo se mi ho vyblokovat/zakázat ve FF.

programy - nejčasteji používám ACAD 09 + Word, obojí při startu znatelně rychlejší, CAD k tomu ještě přidával lehčí zámrz po startu při prvním kliku do načteného výkresu, což také zmizelo.


suma sumárum: i když jsem ještě nezkoušel jak "to" bude vypadat při/po celodenní práci, už teď jsou vidět dílčí změny k lepšímu. Je s podivem, kolik se člověku do počítače nastěhuje balastu, i když vážně nechce. Ty breberky očividně umí nahlodat systém až na hranici použitelnosti, Vy jste ten stav vrátil do bodu, kdy jde ntb opět celkem rozumně používat aniž bych se musel učekat k smrti. Děkuji velmi, bez Vaší pomoci by to pro mě nebylo možné, určitě ne v takovém rozsahu .

So, tell me, doctor, is this it?

[vyosek]

Vyyyyborne napsano


Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse