Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-09-2014 02
Ran by Ruda (administrator) on RUDA-PC on 29-09-2014 16:33:37
Running from C:\PerfLogs\Desktop
Loaded Profile: Ruda (Available profiles: Ruda & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Akamai Technologies, Inc.) C:\Users\Ruda\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Ruda\AppData\Local\Akamai\netsession_win.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Ruda\Downloads\ChromeSetup(1).exe
(Google Inc.) C:\Users\Ruda\AppData\Local\Temp\GUM4C7B.tmp\GoogleUpdate.exe
(Google Inc.) C:\Users\Ruda\AppData\Local\Temp\GUM4C7B.tmp\GoogleUpdateSetup.exe
(Google Inc.) C:\Program Files (x86)\GUMC10E.tmp\GoogleUpdate.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(MyHeritage) D:\MyHeritage\Bin\FamilyTreePublisher.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2661672 2012-02-19] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-05-26] (Alcor Micro Corp.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\btvstack.exe [1023616 2012-05-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\athbttray.exe [801920 2012-05-31] (Atheros Commnucations)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1275608 2014-03-25] (COMODO)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4694192 2000-01-01] (VIA)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2000-01-01] (Intel Corporation)
HKLM-x32\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [102568 2012-02-22] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-03] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3802448 2014-09-04] (LogMeIn Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKLM-x32\...\Run: [SystemExplorerAutoStart] => C:\Program Files (x86)\System Explorer\SystemExplorer.exe [3385192 2014-09-15] (Mister Group)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-841361005-909514878-2309378359-1002\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [759712 2014-09-12] (Adobe Systems Incorporated)
HKU\S-1-5-21-841361005-909514878-2309378359-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Ruda\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-841361005-909514878-2309378359-1002\...\Run: [Gadwin PrintScreen Pro (64-bit)] => "C:\Program Files\Gadwin\Gadwin PrintScreenPro\PrintScreenPro64.exe" /nosplash
HKU\S-1-5-21-841361005-909514878-2309378359-1002\...\Run: [Gadwin PrintScreen (64-bit)] => "C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe" /nosplash
HKU\S-1-5-21-841361005-909514878-2309378359-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6480664 2014-09-25] (Piriform Ltd)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: , c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemExplorerDisabled ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - SuggestionsURL_JSON http://api.widdit.com/suggestions/?form ... earchTerms}
SearchScopes: HKLM-x32 - TopResultURLFallback http://search.certified-toolbar.com?si= ... earchTerms}
SearchScopes: HKCU - 71BD073478A94B0FA4DA1114F6676BEC URL = http://search.certified-toolbar.com?si= ... earchTerms}
SearchScopes: HKCU - {1E1F17B7-F889-4480-8A29-31EC9A9EFF8C} URL = http://www.novinky.cz/hledej?w={searchT ... arch_12454
SearchScopes: HKCU - {1E2C0E9F-5A57-404C-B006-0935D8B62540} URL = http://www.alza.cz/SearchAdvanced.asp?EXPS={searchTerms}
SearchScopes: HKCU - {206BE1CD-D8E5-4E8B-82A6-7642EF131402} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKCU - {261F48F8-D058-48FB-AF2F-1612D1198CC3} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
SearchScopes: HKCU - {45A4A77E-0CE3-4426-AE53-A7EF90CB4628} URL = http://www.gsrch.com/#q={searchTerms}
SearchScopes: HKCU - {4B2BCD33-D984-4D8E-9C54-B803E34B1CA9} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
SearchScopes: HKCU - {593B6F83-B0BB-4B83-A5D9-7AC258B674B2} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12454
SearchScopes: HKCU - {9249FFDB-058C-45D6-9AF3-F1B23BF48FF0} URL = http://search.seznam.cz/?q={searchTerms ... arch_12454
SearchScopes: HKCU - {9FF53AE7-AE60-4664-949F-033A0F77247D} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKCU - {A11803E2-62F5-4A23-B930-9F8D435E2A78} URL = http://www.firmy.cz/phr/{searchTerms}?s ... arch_12454
SearchScopes: HKCU - {A3A70049-68EA-44AC-905D-25C4A57E654C} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKCU - {C7C7B0ED-D00A-4989-9D5A-29377FA141AF} URL = http://cs.wikipedia.org/w/index.php?tit ... earchTerms}
SearchScopes: HKCU - {D55EDDC6-DF84-4DE3-A258-8E0FC1DAE671} URL = http://www.radirna.cz/search/{searchTerms}/
SearchScopes: HKCU - {DCEBF011-A869-4BF6-AF25-376F5EE21962} URL = http://cs.wikipedia.org/w/index.php?tit ... earchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DownloadHelper Class -> {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} -> C:\Program Files\Common Files\Download Helper\DownloadHelperx64.dll (IE Download Helper)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DownloadHelper Class -> {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} -> C:\Program Files (x86)\Common Files\Download Helper\DownloadHelper.dll (IE Download Helper)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - No Name - {61539ecd-cc67-4437-a03c-9aaccbd14326} - No File
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://www.asus.com/support/asusTek_sys_ctrl3.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
FireFox:
========
FF ProfilePath: C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297
FF Homepage: hxxp://www.seznam.cz/?logged=1#obsah
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin64.dll (Skype)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @exent.com/npExentCtl,version=7.0.0.0 -> C:\Program Files (x86)\Free Ride Games\npExentCtl.dll No File
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Program Files (x86)\TVUPlayer\npTVUAx.dll No File
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: http://www.exent.com/GameTreatWidget -> C:\Program Files (x86)\Free Ride Games\NPGameTreatPlugin.dll No File
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Ruda\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Ruda\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Ruda\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: LastPass - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\support@lastpass.com [2014-08-10]
FF Extension: DownloadHelper - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: SearchPreview - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [2014-08-15]
FF Extension: JavaScript View - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\jid1-u9RbFp9JcoEGGw@jetpack.xpi [2014-06-27]
FF Extension: S3.Google Translator - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\s3google@translator.xpi [2014-08-25]
FF Extension: Speed Dial - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2014-08-07]
FF Extension: Adblock Plus - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-26]
FF Extension: Tab Mix Plus - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-07-23]
FF Extension: QuickJava - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2014-06-27]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-25]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-25]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: No Name - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2014-08-07]
Chrome:
=======
CHR Profile: C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (HD for YouTube™) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjbfncbadcmnkopckegnmjgihagponf [2014-03-29]
CHR Extension: (Translator for all languages) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\amdeidgbmcliegnpcbbkhlflkbdpomhk [2014-03-29]
CHR Extension: (Google Docs) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-29]
CHR Extension: (Google Drive) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-14]
CHR Extension: (Greeting Card Maker) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\benkgplfnlmgnpooclhbngibhmconcnn [2014-03-29]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-07-23]
CHR Extension: (YouTube) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-27]
CHR Extension: (Facebook) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2014-03-29]
CHR Extension: (TV) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bppbpeijolfcampacpljolaegibfhjph [2014-03-29]
CHR Extension: (Google Search) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-29]
CHR Extension: (CSS reload!) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba [2014-08-27]
CHR Extension: (Team Czech Republic) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fennihehgicanbibbangdgcmnmhfcell [2014-03-29]
CHR Extension: (AdBlock Premium) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2014-03-29]
CHR Extension: (Facebook for Chrome) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2014-03-29]
CHR Extension: (How to Whatsapp™ on pc) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gehnjenlljoafdhngpkkbigkoofcnmcg [2014-04-23]
CHR Extension: (converter) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gncebhdkjgopkmaklokjadihihfakeoi [2014-03-29]
CHR Extension: (Mortgage Calculators) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gophjlpndiolpbmkiioffbikoegnnapb [2014-03-29]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-03-29]
CHR Extension: (Street Maps) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgkgohkhjofgjpcebjdhkjompkabdoaj [2014-03-29]
CHR Extension: (Translator) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjlihpknefpcggkkbceadkcaapkkjikh [2014-06-27]
CHR Extension: (Seesmic) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikhnbijacmpeikpnoeddepkehmcofgbh [2014-03-29]
CHR Extension: (Business Card Maker) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\jllleebddagfipdaphlahknlfipmnehj [2014-03-29]
CHR Extension: (Calculator) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdkgihpbaofhkiliohfepioflkkbapao [2014-03-29]
CHR Extension: (Free Online Games) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfalblilehghcdahejnnejepagmccbib [2014-03-29]
CHR Extension: (Webmaster & SEO Tools) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfnkfoehpejigjhhjffdhmjpdkofcpmi [2014-03-29]
CHR Extension: (Cooking Recipes) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\leakjfgpfppjkjmbmbnpmjeandfnhncm [2014-03-29]
CHR Extension: (Facebook Email Signature - By WiseStamp) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mddbjkchhjpknjmkmkifidnpdnecmbjn [2014-03-29]
CHR Extension: (News and Pictures) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfkkkggciojbhfhehfaodadkoheomhbc [2014-03-29]
CHR Extension: (Job Search) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgehfboljmhjbmmjhgbakmoocikpkeid [2014-03-29]
CHR Extension: (Google Wallet) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Travel Math) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofpimeaclblbaodahnhhmlblagijlnad [2014-03-29]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-03-29]
CHR Extension: (Picasa) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2014-03-29]
CHR Extension: (Click&Clean App) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-03-29]
CHR Extension: (Outlook.com) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2014-03-29]
CHR Extension: (Free Online TV) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\picldhpkcgmgfnmombladhakcganoghd [2014-03-29]
CHR Extension: (Gmail) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-27]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Ruda\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-09-14]
CHR HKLM-x32\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files (x86)\Linguarde\wcxChrome.crx [2013-09-14]
CHR HKLM-x32\...\Chrome\Extension: [ohjkicjidmohhfcjjlahfppkdblibkkb] - C:\Program Files (x86)\Youdao\ShoppingAssistant\other\youdaogouwu-2.9.crx [2013-09-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6817544 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232 2014-05-21] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-08-08] (LogMeIn, Inc.)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-14] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-14] (Microsoft Corporation)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [2324216 2013-11-01] (PS Media s.r.o.)
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [821096 2014-08-13] (Mister Group)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2000-01-01] (VIA Technologies, Inc.)
S4 VideoAcceleratorService; C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe [298152 2014-02-24] (SPEEDbit)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [327296 2012-05-31] (Atheros)
S2 YouTubeAcceleratorService; C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe -start -scm [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2012-04-12] (Windows (R) Win 7 DDK provider)
R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2012-04-12] (Windows (R) Win 7 DDK provider)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-04-16] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [738472 2014-04-16] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48360 2014-04-16] (COMODO)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105552 2014-04-16] (COMODO)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [117912 2000-01-01] (Qualcomm Atheros Co., Ltd.)
S3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2014-02-14] (Intel Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-14] (Microsoft Corporation)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2014-07-06] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 PCWinSoft; C:\Windows\System32\DRIVERS\scrcamhrdrv_x64.sys [241800 2012-10-11] (Windows (R) Server 2003 DDK provider)
S3 XHCIdrv; C:\Windows\System32\DRIVERS\XHCIdrv.sys [119720 2013-08-08] (Windows (R) Win 7 DDK provider)
S3 dcdbas; system32\DRIVERS\dcdbas64.sys [X]
U3 DfSdkS; No ImagePath
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 KDHacker; \??\c:\program files (x86)\kingsoft\kingsoft antivirus\security\kxescan\kdhacker64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 MsgPlusDriver; system32\DRIVERS\MsgPlusDriver.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
S2 X5XSEx_Pr143; \??\C:\Program Files (x86)\Free Ride Games\X5XSEx_Pr143.Sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-29 16:27 - 2014-09-29 16:27 - 00015327 _____ () C:\Users\Ruda\Desktop\LM.bat
2014-09-29 16:18 - 2014-09-29 16:33 - 00000000 ___DC () C:\FRST
2014-09-29 16:09 - 2014-09-29 16:27 - 00029696 _____ () C:\Users\Ruda\AppData\Local\MSGBOX.EXE
2014-09-29 15:45 - 2014-09-29 15:45 - 00000582 _____ () C:\Users\Ruda\Documents\XSXWVAbu
2014-09-29 14:46 - 2014-09-29 15:55 - 00000000 ____D () C:\Users\Ruda\Downloads\Database
2014-09-29 14:46 - 2014-09-29 15:54 - 00000000 ____D () C:\Users\Ruda\Downloads\Photos
2014-09-29 13:45 - 2014-09-29 13:50 - 00033280 ___SH () C:\Users\Ruda\Downloads\Thumbs.db
2014-09-29 12:19 - 2014-09-29 12:20 - 00073728 _____ () C:\Users\Ruda\Documents\29_09_2014_12_19_42.sdb
2014-09-28 22:10 - 2014-09-28 22:10 - 00169140 _____ () C:\Users\Ruda\Downloads\[SkT]Exploze___Live_Wire_(1992)(CZ)_=_CSFD_55%.torrent
2014-09-28 21:57 - 2014-09-28 21:57 - 00019363 _____ () C:\Users\Ruda\Downloads\[SkT]Kraska_a_zvire_-_La_Belle_et_la_bete_(2014)(CZ)_=_CSFD_64%.torrent
2014-09-28 17:28 - 2014-09-28 17:28 - 00000000 ___RD () C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-09-28 16:37 - 2014-09-28 16:37 - 00001210 _____ () C:\Users\Public\Desktop\Ashampoo Photo Optimizer FREE.lnk
2014-09-28 16:36 - 2014-09-28 16:37 - 10431416 _____ (ashampoo GmbH & Co. KG ) C:\Users\Ruda\Downloads\ashampoo_photo_optimizer_free_120_5023.exe
2014-09-28 16:19 - 2014-09-28 16:19 - 00002217 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-28 16:19 - 2014-09-28 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-28 16:17 - 2014-09-28 16:17 - 06010880 ____N () C:\Program Files (x86)\GUTC12E.tmp
2014-09-28 16:17 - 2014-09-28 16:17 - 00000000 ____D () C:\Program Files (x86)\GUMC10E.tmp
2014-09-28 16:16 - 2014-09-28 16:16 - 00895120 _____ (Google Inc.) C:\Users\Ruda\Downloads\ChromeSetup(1).exe
2014-09-28 15:27 - 2014-09-28 15:27 - 00000000 ___HD () C:\Windows\AxInstSV
2014-09-28 14:04 - 2014-09-28 14:04 - 00000000 ____D () C:\Users\Ruda\AppData\Local\Ashampoo Photo Optimizer
2014-09-27 16:01 - 2014-09-28 18:38 - 00000000 ____D () C:\Users\Ruda\Documents\OpenOffice
2014-09-26 11:34 - 2014-09-26 11:34 - 04964488 _____ (Piriform Ltd) C:\Users\Ruda\Downloads\ccsetup418.exe
2014-09-26 10:57 - 2014-09-26 10:57 - 05809785 _____ () C:\Users\Ruda\Downloads\FSViewerSetup52.exe
2014-09-25 20:40 - 2014-09-25 20:40 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Gadwin
2014-09-25 16:53 - 2014-09-25 16:53 - 00000891 _____ () C:\Users\Ruda\Desktop\Plus500.lnk
2014-09-25 16:53 - 2014-09-25 16:53 - 00000891 _____ () C:\Users\Guest\Desktop\Plus500.lnk
2014-09-25 16:53 - 2014-09-25 16:53 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plus500
2014-09-25 16:53 - 2014-09-25 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plus500
2014-09-25 16:52 - 2014-09-25 16:53 - 00000000 ____D () C:\Users\Ruda\AppData\Local\Plus500
2014-09-25 16:52 - 2014-09-25 16:52 - 00384488 _____ () C:\Users\Ruda\Downloads\InstallPlus500.exe
2014-09-25 16:52 - 2014-09-25 16:52 - 00000000 ____D () C:\Program Files (x86)\Plus500
2014-09-25 09:10 - 2014-09-29 09:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 09:31 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 09:31 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 23:44 - 2014-09-23 23:44 - 09889400 _____ (Martin Roubec ) C:\Users\Ruda\Downloads\InstalRecepty(1).exe
2014-09-18 10:28 - 2014-09-18 10:28 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-18 10:28 - 2014-09-18 10:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-17 20:29 - 2009-12-06 14:13 - 01145096 _____ () C:\Users\Ruda\Downloads\imddup.exe
2014-09-17 20:28 - 2014-09-17 20:28 - 00916229 _____ () C:\Users\Ruda\Downloads\image_deduplicator_15.zip
2014-09-17 20:09 - 2009-12-06 14:17 - 00000000 ____D () C:\Users\Ruda\Downloads\_rel_w36
2014-09-17 20:09 - 2008-01-05 12:41 - 00056773 _____ () C:\Users\Ruda\Downloads\Help.chm
2014-09-17 20:09 - 2008-01-05 12:29 - 00426496 _____ () C:\Users\Ruda\Downloads\setup.exe
2014-09-17 20:09 - 2004-04-16 12:10 - 00229376 _____ () C:\Users\Ruda\Downloads\libjasper.dll
2014-09-17 18:29 - 2014-09-17 18:33 - 00000000 ___DC () C:\Shoty
2014-09-17 17:57 - 2014-09-17 17:57 - 00000058 _____ () C:\Users\Ruda\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2014-09-17 17:57 - 2014-09-17 17:57 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\DonationCoder
2014-09-17 17:49 - 2014-09-17 17:49 - 00000000 ____D () C:\Users\Ruda\AppData\Local\Marko_Devcic
2014-09-17 17:48 - 2013-04-02 13:08 - 00182272 _____ () C:\Users\Ruda\Downloads\FluidKit.dll
2014-09-17 11:58 - 2014-09-17 11:58 - 02097120 _____ (Mister Group ) C:\Users\Ruda\Downloads\SystemExplorerSetup_594.exe
2014-09-16 22:50 - 2014-09-16 22:51 - 00000000 ____D () C:\Users\Ruda\AppData\Local\Zoner
2014-09-16 22:50 - 2014-09-16 22:50 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Zoner
2014-09-16 22:50 - 2014-09-16 22:50 - 00000000 ____D () C:\ProgramData\Zoner
2014-09-16 00:55 - 2014-09-16 00:55 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-09-16 00:52 - 2014-09-28 15:56 - 00001100 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-09-16 00:52 - 2014-09-16 00:54 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-09-16 00:39 - 2014-09-16 00:41 - 128741109 _____ () C:\Users\Ruda\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_cs.exe
2014-09-15 20:30 - 2014-09-15 20:30 - 00000000 ____D () C:\Users\Ruda\Documents\BlazeVideo
2014-09-15 20:28 - 2014-09-15 20:28 - 00002035 _____ () C:\Users\Public\Desktop\BlazeDTV 6.0.lnk
2014-09-15 20:28 - 2014-09-15 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlazeDTV 6.0
2014-09-15 20:28 - 2014-09-15 20:28 - 00000000 ____D () C:\Program Files (x86)\BlazeVideo
2014-09-14 18:23 - 2014-09-14 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2014-09-14 18:22 - 2014-09-26 11:43 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-14 18:22 - 2014-09-14 18:26 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-09-14 18:21 - 2014-09-14 18:21 - 16409960 _____ (Safer Networking Limited ) C:\Users\Ruda\Downloads\spybotsd162.exe
2014-09-14 13:37 - 2014-09-28 15:27 - 00000000 _____ () C:\Windows\SysWOW64\sinstall.log
2014-09-14 13:01 - 2014-09-14 13:01 - 00011862 _____ () C:\Users\Ruda\Downloads\OutlookContacts.csv
2014-09-14 11:43 - 2014-09-14 11:43 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Thunderbird
2014-09-13 01:22 - 2014-09-28 15:30 - 00080712 _____ () C:\Users\Ruda\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-12 23:45 - 2014-09-29 09:46 - 00000452 _____ () C:\Windows\Tasks\Wise Disk Cleaner Schedule Task.job
2014-09-12 23:45 - 2014-09-12 23:45 - 00003320 _____ () C:\Windows\System32\Tasks\Wise Disk Cleaner Schedule Task
2014-09-12 23:43 - 2014-09-28 15:51 - 00001166 _____ () C:\Users\Public\Desktop\Wise Disk Cleaner.lnk
2014-09-12 23:43 - 2014-09-14 19:25 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Wise Disk Cleaner
2014-09-12 23:43 - 2014-09-12 23:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Disk Cleaner
2014-09-12 23:42 - 2014-09-12 23:42 - 00000000 ____D () C:\Program Files (x86)\Wise
2014-09-12 23:41 - 2014-09-12 23:41 - 02471232 _____ (WiseCleaner.com ) C:\Users\Ruda\Downloads\WDCFree.exe
2014-09-11 14:34 - 2014-09-11 14:34 - 00003120 _____ () C:\Windows\System32\Tasks\{4CAE5787-73F8-42AA-820D-13DFD7C1BC04}
2014-09-11 10:38 - 2014-09-11 10:38 - 00003154 _____ () C:\Windows\System32\Tasks\{7E2599D8-728D-4529-B8DF-4D3425C0E6A8}
2014-09-11 02:46 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 02:46 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 02:46 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 02:46 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 02:46 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 02:46 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 02:46 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 02:46 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 02:46 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 02:46 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 02:46 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 02:46 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 02:46 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 02:46 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 02:46 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 02:46 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 02:46 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 02:46 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 02:46 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 02:46 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 02:46 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 02:46 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 02:46 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-11 02:46 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 02:46 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 02:46 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 02:46 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 02:46 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 02:46 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 02:46 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 02:46 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 02:46 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 02:46 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 02:46 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 02:46 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 02:46 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 02:46 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 02:46 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 02:46 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 02:46 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 02:46 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-11 02:46 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 02:46 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 02:46 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 02:46 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 02:46 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 02:46 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 02:46 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 02:46 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 02:46 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-11 02:46 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 02:46 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 02:46 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 02:46 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 02:46 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-11 02:45 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 02:26 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 02:26 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-11 02:23 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-11 02:23 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-11 02:23 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-11 02:23 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-11 02:22 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-11 02:22 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-11 02:22 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-11 02:22 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-11 02:22 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-11 02:20 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-11 02:20 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-09 14:55 - 2014-09-09 14:55 - 00003172 _____ () C:\Windows\System32\Tasks\{EA700A6E-4619-4175-87F5-4DD8516627A9}
2014-09-08 23:31 - 2014-09-11 10:35 - 17328816 _____ (Adobe Systems Incorporated) C:\Users\Ruda\Downloads\install_flash_player_ax.exe
2014-09-08 16:07 - 2014-09-08 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP
2014-09-08 10:06 - 2014-09-08 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft ICE
2014-09-08 10:06 - 2014-09-08 20:34 - 00000000 ____D () C:\Program Files\Microsoft Research
2014-09-08 00:28 - 2014-09-08 00:28 - 00005881 _____ () C:\Users\Ruda\AppData\Local\recently-used.xbel
2014-09-06 21:33 - 2014-09-06 21:34 - 00000000 ____D () C:\Users\Ruda\Documents\protokoly
2014-09-06 13:18 - 2014-09-28 15:51 - 00001791 _____ () C:\Users\Public\Desktop\Q-Dir.lnk
2014-09-06 13:18 - 2014-09-06 13:18 - 00001797 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Q-Dir.lnk
2014-09-06 13:18 - 2014-09-06 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Q-Dir
2014-09-06 13:18 - 2014-09-06 13:18 - 00000000 ____D () C:\Program Files (x86)\Q-Dir
2014-09-06 13:18 - 2014-08-14 09:17 - 00756736 ____N (Nenad Hrg (SoftwareOK.com)) C:\Users\Ruda\Downloads\Q-Dir_Installer.exe
2014-09-06 11:38 - 2014-09-06 11:38 - 01370467 _____ () C:\Users\Ruda\Downloads\AdwCleaner.exe
2014-09-06 10:09 - 2014-09-06 10:09 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\FlashGetBHO
2014-09-05 10:41 - 2014-09-05 10:41 - 00000000 ____D () C:\ProgramData\PicPick
2014-09-04 16:31 - 2014-09-04 16:31 - 00001041 _____ () C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-09-04 16:31 - 2014-09-04 16:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2014-09-04 16:31 - 2014-09-04 16:31 - 00000000 ____D () C:\Program Files (x86)\PDF24
2014-09-04 16:30 - 2014-09-04 16:30 - 16319576 _____ (Geek Software GmbH ) C:\Users\Ruda\Downloads\pdf24-creator.exe
2014-09-04 14:33 - 2014-09-04 14:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-09-01 23:03 - 2000-01-01 02:00 - 00795632 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2014-09-01 23:03 - 2000-01-01 02:00 - 00358896 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
2014-09-01 23:03 - 2000-01-01 02:00 - 00020464 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys
2014-09-01 17:37 - 2014-09-28 15:24 - 00000000 ____D () C:\Users\Ruda\TapinRadio
2014-09-01 17:37 - 2014-09-01 17:37 - 00000000 ____D () C:\Program Files (x86)\TapinRadio
2014-08-31 17:00 - 2014-08-31 17:12 - 00000000 ____D () C:\Program Files (x86)\WinThruster
2014-08-30 12:24 - 2014-08-28 16:51 - 00110776 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-29 16:24 - 2013-11-26 20:54 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-29 16:18 - 2013-03-18 17:14 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B9C26119-2806-4546-B247-5A5B1261D67E}
2014-09-29 16:10 - 2013-10-09 23:39 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2014-09-29 15:52 - 2013-11-03 14:54 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-29 15:43 - 2014-06-12 10:23 - 00000958 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002UA.job
2014-09-29 15:32 - 2013-05-29 01:14 - 01749669 _____ () C:\Windows\WindowsUpdate.log
2014-09-29 14:08 - 2014-02-26 00:03 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002UA.job
2014-09-29 09:33 - 2014-06-12 10:23 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002Core.job
2014-09-29 09:33 - 2013-11-26 20:54 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-29 09:21 - 2013-07-15 20:59 - 00000000 ____D () C:\Users\Ruda\AppData\Local\LogMeIn Hamachi
2014-09-28 23:08 - 2014-02-26 00:03 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002Core.job
2014-09-28 23:05 - 2013-11-23 01:33 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\vlc
2014-09-28 23:02 - 2013-10-02 18:41 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\uTorrent
2014-09-28 21:37 - 2013-08-23 17:09 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Skype
2014-09-28 18:42 - 2013-04-05 00:33 - 00040448 _____ () C:\Users\Ruda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-28 18:34 - 2013-04-07 17:45 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\PhotoScape
2014-09-28 18:34 - 2013-03-07 11:49 - 00000000 ____D () C:\Users\Ruda\AppData\Local\CrashDumps
2014-09-28 17:28 - 2013-03-07 03:52 - 00000000 ____D () C:\Users\Ruda\Documents\Bluetooth Folder
2014-09-28 16:37 - 2014-04-22 09:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2014-09-28 16:37 - 2014-04-22 09:49 - 00000000 ____D () C:\Program Files (x86)\Ashampoo
2014-09-28 16:10 - 2014-05-11 22:34 - 00001279 _____ () C:\Users\Public\Desktop\Ashampoo Burning Studio 6 FREE.lnk
2014-09-28 16:10 - 2013-12-29 20:08 - 00001028 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-28 16:08 - 2014-06-13 11:59 - 00000958 _____ () C:\Users\Public\Desktop\ProgTV.lnk
2014-09-28 16:01 - 2013-05-31 10:15 - 00000000 ____D () C:\Program Files\Recuva
2014-09-28 15:59 - 2014-07-23 00:45 - 00001202 _____ () C:\Users\Public\Desktop\paint.net.lnk
2014-09-28 15:59 - 2013-11-14 12:56 - 00001067 _____ () C:\Users\Public\Desktop\FastStone Image Viewer.lnk
2014-09-28 15:58 - 2013-12-24 01:50 - 00001068 _____ () C:\Users\Public\Desktop\Picasa 3.lnk
2014-09-28 15:57 - 2014-06-30 11:56 - 00001043 _____ () C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk
2014-09-28 15:57 - 2014-01-10 03:45 - 00001118 _____ () C:\Users\Public\Desktop\Comodo Dragon.lnk
2014-09-28 15:56 - 2014-02-24 21:49 - 00001117 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-28 15:55 - 2014-08-16 15:30 - 00001148 _____ () C:\Users\Public\Desktop\aTube Catcher.lnk
2014-09-28 15:55 - 2013-03-09 16:31 - 00000977 _____ () C:\Users\Public\Desktop\Evidence LSoft.lnk
2014-09-28 15:53 - 2014-05-21 13:46 - 00001024 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2014-09-28 15:52 - 2013-10-28 20:06 - 00001349 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-09-28 15:52 - 2012-02-24 13:54 - 00001196 _____ () C:\Users\Public\Desktop\ASUS WebStorage.lnk
2014-09-28 15:50 - 2014-07-03 22:45 - 00000905 _____ () C:\Users\Public\Desktop\µTorrent.lnk
2014-09-28 15:50 - 2014-06-14 02:25 - 00001879 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-09-28 15:48 - 2014-05-05 01:52 - 00001048 _____ () C:\Users\Public\Desktop\System Explorer.lnk
2014-09-28 15:48 - 2013-11-16 02:04 - 00000951 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-09-28 15:48 - 2013-05-31 10:15 - 00001813 _____ () C:\Users\Public\Desktop\Recuva.lnk
2014-09-28 15:47 - 2014-06-13 11:59 - 00000980 _____ () C:\Users\Public\Desktop\ProgDVB 7.lnk
2014-09-28 15:37 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-28 15:37 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-28 15:30 - 2013-03-07 03:52 - 00000467 _____ () C:\Users\Ruda\AppData\Roaming\sp_data.sys
2014-09-28 15:28 - 2013-03-07 03:48 - 00000000 ____D () C:\Users\Ruda
2014-09-28 15:27 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-28 15:27 - 2009-07-14 06:45 - 04923696 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-28 15:26 - 2014-01-05 16:51 - 00000000 ____D () C:\Users\Guest
2014-09-28 15:26 - 2013-12-07 19:51 - 00000000 ____D () C:\Users\Classic .NET AppPool
2014-09-28 15:26 - 2013-07-28 11:32 - 00000000 ____D () C:\Users\DefaultAppPool
2014-09-28 15:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-28 15:25 - 2014-08-14 18:46 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-09-28 15:25 - 2014-05-09 16:49 - 00000000 ____D () C:\Users\Ruda\AppData\Local\Akamai
2014-09-28 15:25 - 2014-05-05 01:52 - 00000000 ____D () C:\ProgramData\SystemExplorer
2014-09-28 15:25 - 2014-01-05 16:53 - 00000000 ____D () C:\Users\Guest\AppData\Local\LogMeIn Hamachi
2014-09-28 15:25 - 2013-12-02 12:38 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-28 15:25 - 2013-11-30 01:32 - 00000000 ____D () C:\Program Files (x86)\LastPass
2014-09-28 15:25 - 2013-10-09 23:40 - 00000000 ____D () C:\Windows\System32\Tasks\COMODO
2014-09-28 15:25 - 2013-07-04 16:39 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\IrfanView
2014-09-28 15:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-09-28 15:22 - 2013-03-10 13:40 - 00000000 __RHD () C:\MSOCache
2014-09-28 15:09 - 2014-01-05 16:53 - 00084680 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-28 14:38 - 2013-03-07 04:44 - 00000000 ____D () C:\Users\Ruda\AppData\Local\Windows Live
2014-09-27 00:17 - 2013-03-14 00:20 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\dvdcss
2014-09-26 11:35 - 2013-12-02 12:38 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-26 11:00 - 2013-11-14 12:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer
2014-09-26 11:00 - 2013-11-14 12:56 - 00000000 ____D () C:\Program Files (x86)\FastStone Image Viewer
2014-09-25 20:40 - 2014-04-23 10:50 - 00000000 ____D () C:\Users\Ruda\AppData\Local\Gadwin
2014-09-25 15:54 - 2014-02-13 12:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-24 22:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-23 23:46 - 2014-06-19 15:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recepty doma
2014-09-23 23:46 - 2014-06-19 15:40 - 00000000 ____D () C:\Program Files (x86)\Recepty doma
2014-09-23 20:53 - 2013-11-03 14:54 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 20:52 - 2013-11-03 14:54 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-23 20:52 - 2013-11-03 14:54 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-23 09:39 - 2014-03-25 02:22 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-21 00:26 - 2014-01-15 22:31 - 00003136 _____ () C:\Windows\System32\Tasks\{F631C605-FF2F-4804-AA14-842D626AB4D0}
2014-09-19 12:32 - 2014-01-06 03:52 - 00000000 ____D () C:\Users\Ruda\.gimp-2.8
2014-09-18 20:02 - 2013-12-10 16:23 - 00000000 ____D () C:\ProgramData\ProgDVB
2014-09-18 10:28 - 2014-02-24 12:28 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-18 10:28 - 2013-08-23 16:45 - 00000000 ____D () C:\ProgramData\Skype
2014-09-18 00:26 - 2012-02-24 13:40 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-18 00:20 - 2014-01-23 15:20 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-17 11:59 - 2014-05-05 01:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer
2014-09-17 11:59 - 2014-04-21 14:00 - 00000000 ____D () C:\Program Files (x86)\System Explorer
2014-09-16 23:38 - 2011-02-19 07:36 - 00735924 _____ () C:\Windows\system32\perfh005.dat
2014-09-16 23:38 - 2011-02-19 07:36 - 00170710 _____ () C:\Windows\system32\perfc005.dat
2014-09-16 23:38 - 2009-07-14 07:13 - 01774156 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-16 00:54 - 2014-07-13 20:01 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-09-15 21:12 - 2014-06-03 09:57 - 00011880 _____ () C:\ProgramData\LSDmbTH.log
2014-09-15 21:12 - 2014-06-03 09:57 - 00011866 _____ () C:\ProgramData\LmeUSB.log
2014-09-15 20:28 - 2014-06-03 09:49 - 00000000 ____D () C:\ProgramData\BlazeVideo
2014-09-15 20:06 - 2014-06-03 23:25 - 00073728 _____ (ITE) C:\Windows\SysWOW64\AF15BDAEX.dll
2014-09-15 20:06 - 2014-06-03 23:25 - 00073728 _____ (ITE) C:\Windows\system32\AF15BDAEX.dll
2014-09-15 00:09 - 2014-01-07 21:47 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\BitTorrent
2014-09-15 00:09 - 2013-12-12 12:54 - 00000000 ____D () C:\ProgramData\tmp
2014-09-15 00:09 - 2013-08-23 11:42 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Maxthon3
2014-09-15 00:09 - 2013-03-09 02:08 - 00000000 ___RD () C:\ASUS I
2014-09-15 00:08 - 2013-11-22 19:20 - 00000000 ____D () C:\Users\Ruda\Documents\prilohy_21879
2014-09-15 00:08 - 2013-06-30 18:55 - 00000000 ____D () C:\Users\Ruda\Documents\Photos
2014-09-15 00:08 - 2013-06-20 11:23 - 00000000 ____D () C:\Users\Ruda\Documents\Mozilla Firefox
2014-09-15 00:08 - 2013-06-17 15:39 - 00000000 ____D () C:\Users\Ruda\dwhelper
2014-09-15 00:08 - 2013-03-14 01:57 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Seznam.cz
2014-09-13 02:58 - 2013-10-10 00:52 - 02537132 _____ () C:\Windows\system32\Drivers\fvstore.dat
2014-09-12 23:48 - 2013-04-18 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-09-12 23:48 - 2012-02-24 13:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-09-12 11:33 - 2014-05-30 23:00 - 00000000 ____D () C:\Users\Ruda\Documents\Čištění-protokoly
2014-09-11 10:28 - 2013-03-07 04:23 - 00000000 ____D () C:\Users\Ruda\AppData\Local\Adobe
2014-09-11 02:43 - 2012-02-24 13:39 - 01749806 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 02:40 - 2013-07-10 14:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 02:28 - 2013-03-07 10:48 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-11 02:25 - 2014-04-28 22:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-09 19:17 - 2013-09-03 10:22 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Q-Dir
2014-09-08 20:36 - 2014-06-21 15:47 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-09-08 00:28 - 2014-01-06 03:55 - 00000000 ____D () C:\Users\Ruda\AppData\Local\gtk-2.0
2014-09-06 21:59 - 2013-03-09 16:31 - 00000000 ____D () C:\Users\Ruda\Documents\Evidence LSoft
2014-09-06 13:18 - 2013-09-03 10:22 - 00051562 _____ () C:\Windows\Q-Dir.ini
2014-09-06 11:41 - 2014-07-03 22:04 - 00000000 ___DC () C:\AdwCleaner
2014-09-06 10:14 - 2014-01-04 18:16 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\BITS
2014-09-06 10:09 - 2014-01-04 18:16 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\FlashgetSetup
2014-09-04 19:31 - 2013-12-02 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-04 14:33 - 2013-07-15 20:57 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-09-01 22:58 - 2014-05-08 23:08 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-08-31 12:54 - 2013-03-07 03:52 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Atheros
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-26 16:03
==================== End Of Log ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím pěkně o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Prosím pěkně o kontrolu logu
- Přílohy
-
- Addition.zip
- (15.22 KiB) Staženo 98 x
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím pěkně o kontrolu logu
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím pěkně o kontrolu logu
# AdwCleaner v3.310 - Report created 29/09/2014 at 19:15:09
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Ruda - RUDA-PC
# Running from : C:\PerfLogs\Desktop\adwcleaner_3.310.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : YouTubeAcceleratorService
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17280
-\\ Mozilla Firefox v32.0.3 (x86 cs)
[ File : C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\nr746uxa.default\prefs.js ]
[ File : C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\prefs.js ]
-\\ Google Chrome v37.0.2062.124
[ File : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://search.certified-toolbar.com/?si=71578&st=bs&tid=8195&ver=4.9&ts=1383433200000.000007&tguid=71578-8195-1383444228385-7077C284AEBE65440D00D038ED049FA9&q={searchTerms}
Deleted [Search Provider] : hxxp://go.speedbit.com/search.aspx?s=E2Ob&q={searchTerms}
Deleted [Search Provider] : hxxp://start.funmoods.com/results.php?f=4&a=ddrnw&q={searchTerms}
*************************
AdwCleaner[R16].txt - [1820 octets] - [03/07/2014 22:06:44]
AdwCleaner[R17].txt - [1866 octets] - [18/07/2014 01:39:20]
AdwCleaner[R18].txt - [1877 octets] - [20/07/2014 20:22:15]
AdwCleaner[R19].txt - [2596 octets] - [23/07/2014 17:14:31]
AdwCleaner[R20].txt - [2764 octets] - [04/08/2014 21:32:05]
AdwCleaner[R21].txt - [9601 octets] - [07/08/2014 16:57:11]
AdwCleaner[R22].txt - [5712 octets] - [07/08/2014 17:08:41]
AdwCleaner[R23].txt - [2650 octets] - [29/09/2014 19:09:01]
AdwCleaner[S16].txt - [1896 octets] - [03/07/2014 22:08:31]
AdwCleaner[S17].txt - [1940 octets] - [18/07/2014 01:40:52]
AdwCleaner[S18].txt - [1947 octets] - [20/07/2014 20:27:05]
AdwCleaner[S19].txt - [2640 octets] - [23/07/2014 17:24:12]
AdwCleaner[S20].txt - [2866 octets] - [04/08/2014 21:35:12]
AdwCleaner[S21].txt - [8065 octets] - [07/08/2014 16:58:47]
AdwCleaner[S22].txt - [5682 octets] - [07/08/2014 17:10:02]
AdwCleaner[S23].txt - [2586 octets] - [29/09/2014 19:15:09]
########## EOF - C:\AdwCleaner\AdwCleaner[S23].txt - [2647 octets] ##########
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Ruda - RUDA-PC
# Running from : C:\PerfLogs\Desktop\adwcleaner_3.310.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : YouTubeAcceleratorService
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17280
-\\ Mozilla Firefox v32.0.3 (x86 cs)
[ File : C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\nr746uxa.default\prefs.js ]
[ File : C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\prefs.js ]
-\\ Google Chrome v37.0.2062.124
[ File : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://search.certified-toolbar.com/?si=71578&st=bs&tid=8195&ver=4.9&ts=1383433200000.000007&tguid=71578-8195-1383444228385-7077C284AEBE65440D00D038ED049FA9&q={searchTerms}
Deleted [Search Provider] : hxxp://go.speedbit.com/search.aspx?s=E2Ob&q={searchTerms}
Deleted [Search Provider] : hxxp://start.funmoods.com/results.php?f=4&a=ddrnw&q={searchTerms}
*************************
AdwCleaner[R16].txt - [1820 octets] - [03/07/2014 22:06:44]
AdwCleaner[R17].txt - [1866 octets] - [18/07/2014 01:39:20]
AdwCleaner[R18].txt - [1877 octets] - [20/07/2014 20:22:15]
AdwCleaner[R19].txt - [2596 octets] - [23/07/2014 17:14:31]
AdwCleaner[R20].txt - [2764 octets] - [04/08/2014 21:32:05]
AdwCleaner[R21].txt - [9601 octets] - [07/08/2014 16:57:11]
AdwCleaner[R22].txt - [5712 octets] - [07/08/2014 17:08:41]
AdwCleaner[R23].txt - [2650 octets] - [29/09/2014 19:09:01]
AdwCleaner[S16].txt - [1896 octets] - [03/07/2014 22:08:31]
AdwCleaner[S17].txt - [1940 octets] - [18/07/2014 01:40:52]
AdwCleaner[S18].txt - [1947 octets] - [20/07/2014 20:27:05]
AdwCleaner[S19].txt - [2640 octets] - [23/07/2014 17:24:12]
AdwCleaner[S20].txt - [2866 octets] - [04/08/2014 21:35:12]
AdwCleaner[S21].txt - [8065 octets] - [07/08/2014 16:58:47]
AdwCleaner[S22].txt - [5682 octets] - [07/08/2014 17:10:02]
AdwCleaner[S23].txt - [2586 octets] - [29/09/2014 19:15:09]
########## EOF - C:\AdwCleaner\AdwCleaner[S23].txt - [2647 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím pěkně o kontrolu logu
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím pěkně o kontrolu logu
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-09-2014 02
Ran by Ruda (administrator) on RUDA-PC on 29-09-2014 20:01:32
Running from C:\PerfLogs\Desktop
Loaded Profile: Ruda (Available profiles: Ruda & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Akamai Technologies, Inc.) C:\Users\Ruda\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Ruda\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe
(Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2661672 2012-02-19] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-05-26] (Alcor Micro Corp.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\btvstack.exe [1023616 2012-05-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\athbttray.exe [801920 2012-05-31] (Atheros Commnucations)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1275608 2014-03-25] (COMODO)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4694192 2000-01-01] (VIA)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2000-01-01] (Intel Corporation)
HKLM-x32\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [102568 2012-02-22] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-03] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3802448 2014-09-04] (LogMeIn Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKLM-x32\...\Run: [SystemExplorerAutoStart] => C:\Program Files (x86)\System Explorer\SystemExplorer.exe [3385192 2014-09-15] (Mister Group)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-841361005-909514878-2309378359-1002\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [759712 2014-09-12] (Adobe Systems Incorporated)
HKU\S-1-5-21-841361005-909514878-2309378359-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Ruda\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-841361005-909514878-2309378359-1002\...\Run: [Gadwin PrintScreen Pro (64-bit)] => "C:\Program Files\Gadwin\Gadwin PrintScreenPro\PrintScreenPro64.exe" /nosplash
HKU\S-1-5-21-841361005-909514878-2309378359-1002\...\Run: [Gadwin PrintScreen (64-bit)] => "C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe" /nosplash
HKU\S-1-5-21-841361005-909514878-2309378359-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6480664 2014-09-25] (Piriform Ltd)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: , c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemExplorerDisabled ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - SuggestionsURL_JSON http://api.widdit.com/suggestions/?form ... earchTerms}
SearchScopes: HKLM-x32 - TopResultURLFallback http://search.certified-toolbar.com?si= ... earchTerms}
SearchScopes: HKCU - 71BD073478A94B0FA4DA1114F6676BEC URL = http://search.certified-toolbar.com?si= ... earchTerms}
SearchScopes: HKCU - {1E1F17B7-F889-4480-8A29-31EC9A9EFF8C} URL = http://www.novinky.cz/hledej?w={searchT ... arch_12454
SearchScopes: HKCU - {1E2C0E9F-5A57-404C-B006-0935D8B62540} URL = http://www.alza.cz/SearchAdvanced.asp?EXPS={searchTerms}
SearchScopes: HKCU - {206BE1CD-D8E5-4E8B-82A6-7642EF131402} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKCU - {261F48F8-D058-48FB-AF2F-1612D1198CC3} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
SearchScopes: HKCU - {45A4A77E-0CE3-4426-AE53-A7EF90CB4628} URL = http://www.gsrch.com/#q={searchTerms}
SearchScopes: HKCU - {4B2BCD33-D984-4D8E-9C54-B803E34B1CA9} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
SearchScopes: HKCU - {593B6F83-B0BB-4B83-A5D9-7AC258B674B2} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12454
SearchScopes: HKCU - {9249FFDB-058C-45D6-9AF3-F1B23BF48FF0} URL = http://search.seznam.cz/?q={searchTerms ... arch_12454
SearchScopes: HKCU - {9FF53AE7-AE60-4664-949F-033A0F77247D} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKCU - {A11803E2-62F5-4A23-B930-9F8D435E2A78} URL = http://www.firmy.cz/phr/{searchTerms}?s ... arch_12454
SearchScopes: HKCU - {A3A70049-68EA-44AC-905D-25C4A57E654C} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKCU - {C7C7B0ED-D00A-4989-9D5A-29377FA141AF} URL = http://cs.wikipedia.org/w/index.php?tit ... earchTerms}
SearchScopes: HKCU - {D55EDDC6-DF84-4DE3-A258-8E0FC1DAE671} URL = http://www.radirna.cz/search/{searchTerms}/
SearchScopes: HKCU - {DCEBF011-A869-4BF6-AF25-376F5EE21962} URL = http://cs.wikipedia.org/w/index.php?tit ... earchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DownloadHelper Class -> {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} -> C:\Program Files\Common Files\Download Helper\DownloadHelperx64.dll (IE Download Helper)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DownloadHelper Class -> {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} -> C:\Program Files (x86)\Common Files\Download Helper\DownloadHelper.dll (IE Download Helper)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - No Name - {61539ecd-cc67-4437-a03c-9aaccbd14326} - No File
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://www.asus.com/support/asusTek_sys_ctrl3.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
FireFox:
========
FF ProfilePath: C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297
FF Homepage: hxxp://www.seznam.cz/?logged=1#obsah
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin64.dll (Skype)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @exent.com/npExentCtl,version=7.0.0.0 -> C:\Program Files (x86)\Free Ride Games\npExentCtl.dll No File
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Program Files (x86)\TVUPlayer\npTVUAx.dll No File
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: http://www.exent.com/GameTreatWidget -> C:\Program Files (x86)\Free Ride Games\NPGameTreatPlugin.dll No File
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Ruda\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Ruda\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Ruda\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: LastPass - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\support@lastpass.com [2014-08-10]
FF Extension: DownloadHelper - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: SearchPreview - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [2014-08-15]
FF Extension: JavaScript View - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\jid1-u9RbFp9JcoEGGw@jetpack.xpi [2014-06-27]
FF Extension: S3.Google Translator - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\s3google@translator.xpi [2014-08-25]
FF Extension: Speed Dial - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2014-08-07]
FF Extension: Adblock Plus - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-26]
FF Extension: Tab Mix Plus - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-07-23]
FF Extension: QuickJava - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2014-06-27]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-25]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-25]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: No Name - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2014-08-07]
Chrome:
=======
CHR HomePage: Default ->
CHR Profile: C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (HD for YouTube™) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjbfncbadcmnkopckegnmjgihagponf [2014-03-29]
CHR Extension: (Translator for all languages) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\amdeidgbmcliegnpcbbkhlflkbdpomhk [2014-03-29]
CHR Extension: (Google Docs) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-29]
CHR Extension: (Google Drive) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-14]
CHR Extension: (Greeting Card Maker) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\benkgplfnlmgnpooclhbngibhmconcnn [2014-03-29]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-07-23]
CHR Extension: (YouTube) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-27]
CHR Extension: (Facebook) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2014-03-29]
CHR Extension: (TV) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bppbpeijolfcampacpljolaegibfhjph [2014-03-29]
CHR Extension: (Google Search) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-29]
CHR Extension: (No Name) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba [2014-08-27]
CHR Extension: (Team Czech Republic) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fennihehgicanbibbangdgcmnmhfcell [2014-03-29]
CHR Extension: (AdBlock Premium) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2014-03-29]
CHR Extension: (Facebook for Chrome) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2014-03-29]
CHR Extension: (How to Whatsapp™ on pc) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gehnjenlljoafdhngpkkbigkoofcnmcg [2014-04-23]
CHR Extension: (converter) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gncebhdkjgopkmaklokjadihihfakeoi [2014-03-29]
CHR Extension: (Mortgage Calculators) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gophjlpndiolpbmkiioffbikoegnnapb [2014-03-29]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-03-29]
CHR Extension: (Street Maps) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgkgohkhjofgjpcebjdhkjompkabdoaj [2014-03-29]
CHR Extension: (Translator) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjlihpknefpcggkkbceadkcaapkkjikh [2014-06-27]
CHR Extension: (Seesmic) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikhnbijacmpeikpnoeddepkehmcofgbh [2014-03-29]
CHR Extension: (Business Card Maker) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\jllleebddagfipdaphlahknlfipmnehj [2014-03-29]
CHR Extension: (Calculator) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdkgihpbaofhkiliohfepioflkkbapao [2014-03-29]
CHR Extension: (Free Online Games) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfalblilehghcdahejnnejepagmccbib [2014-03-29]
CHR Extension: (Webmaster & SEO Tools) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfnkfoehpejigjhhjffdhmjpdkofcpmi [2014-03-29]
CHR Extension: (Cooking Recipes) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\leakjfgpfppjkjmbmbnpmjeandfnhncm [2014-03-29]
CHR Extension: (Facebook Email Signature - By WiseStamp) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mddbjkchhjpknjmkmkifidnpdnecmbjn [2014-03-29]
CHR Extension: (News and Pictures) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfkkkggciojbhfhehfaodadkoheomhbc [2014-03-29]
CHR Extension: (Job Search) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgehfboljmhjbmmjhgbakmoocikpkeid [2014-03-29]
CHR Extension: (Google Wallet) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Travel Math) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofpimeaclblbaodahnhhmlblagijlnad [2014-03-29]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-03-29]
CHR Extension: (Picasa) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2014-03-29]
CHR Extension: (Click&Clean App) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-03-29]
CHR Extension: (Outlook.com) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2014-03-29]
CHR Extension: (Free Online TV) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\picldhpkcgmgfnmombladhakcganoghd [2014-03-29]
CHR Extension: (Gmail) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-27]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Ruda\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-09-14]
CHR HKLM-x32\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files (x86)\Linguarde\wcxChrome.crx [2013-09-14]
CHR HKLM-x32\...\Chrome\Extension: [ohjkicjidmohhfcjjlahfppkdblibkkb] - C:\Program Files (x86)\Youdao\ShoppingAssistant\other\youdaogouwu-2.9.crx [2013-09-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6817544 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232 2014-05-21] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-08-08] (LogMeIn, Inc.)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-14] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-14] (Microsoft Corporation)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [2324216 2013-11-01] (PS Media s.r.o.)
R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [821096 2014-08-13] (Mister Group)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2000-01-01] (VIA Technologies, Inc.)
S4 VideoAcceleratorService; C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe [298152 2014-02-24] (SPEEDbit)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [327296 2012-05-31] (Atheros)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2012-04-12] (Windows (R) Win 7 DDK provider)
R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2012-04-12] (Windows (R) Win 7 DDK provider)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-04-16] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [738472 2014-04-16] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48360 2014-04-16] (COMODO)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105552 2014-04-16] (COMODO)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [117912 2000-01-01] (Qualcomm Atheros Co., Ltd.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2014-02-14] (Intel Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-14] (Microsoft Corporation)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2014-07-06] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 PCWinSoft; C:\Windows\System32\DRIVERS\scrcamhrdrv_x64.sys [241800 2012-10-11] (Windows (R) Server 2003 DDK provider)
S3 XHCIdrv; C:\Windows\System32\DRIVERS\XHCIdrv.sys [119720 2013-08-08] (Windows (R) Win 7 DDK provider)
S3 dcdbas; system32\DRIVERS\dcdbas64.sys [X]
U3 DfSdkS; No ImagePath
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 KDHacker; \??\c:\program files (x86)\kingsoft\kingsoft antivirus\security\kxescan\kdhacker64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 MsgPlusDriver; system32\DRIVERS\MsgPlusDriver.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
S2 X5XSEx_Pr143; \??\C:\Program Files (x86)\Free Ride Games\X5XSEx_Pr143.Sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-29 19:27 - 2014-09-29 19:27 - 00002728 _____ () C:\Users\Ruda\Documents\AdwCleaner[S23].txt
2014-09-29 19:20 - 2014-09-29 19:20 - 00000000 ___RD () C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-09-29 19:18 - 2014-09-29 19:18 - 00000168 _____ () C:\Windows\setupact.log
2014-09-29 19:18 - 2014-09-29 19:18 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-29 19:17 - 2014-09-29 19:18 - 00030916 _____ () C:\Windows\PFRO.log
2014-09-29 19:13 - 2014-09-29 19:13 - 00002650 _____ () C:\Users\Ruda\Documents\AdwCleaner[R23].txt
2014-09-29 17:03 - 2014-09-29 17:03 - 00070761 _____ () C:\Users\Ruda\Documents\FRST.txt
2014-09-29 16:46 - 2014-09-29 17:02 - 00063838 _____ () C:\Users\Ruda\Documents\Addition.txt
2014-09-29 16:46 - 2014-09-29 16:46 - 00015590 _____ () C:\Users\Ruda\Documents\Addition.zip
2014-09-29 16:27 - 2014-09-29 16:27 - 00015327 _____ () C:\Users\Ruda\Desktop\LM.bat
2014-09-29 16:18 - 2014-09-29 20:01 - 00000000 ___DC () C:\FRST
2014-09-29 16:09 - 2014-09-29 16:27 - 00029696 _____ () C:\Users\Ruda\AppData\Local\MSGBOX.EXE
2014-09-29 14:46 - 2014-09-29 15:55 - 00000000 ____D () C:\Users\Ruda\Downloads\Database
2014-09-29 14:46 - 2014-09-29 15:54 - 00000000 ____D () C:\Users\Ruda\Downloads\Photos
2014-09-29 13:45 - 2014-09-29 13:50 - 00033280 ___SH () C:\Users\Ruda\Downloads\Thumbs.db
2014-09-29 12:19 - 2014-09-29 12:20 - 00073728 _____ () C:\Users\Ruda\Documents\29_09_2014_12_19_42.sdb
2014-09-28 22:10 - 2014-09-28 22:10 - 00169140 _____ () C:\Users\Ruda\Downloads\[SkT]Exploze___Live_Wire_(1992)(CZ)_=_CSFD_55%.torrent
2014-09-28 21:57 - 2014-09-28 21:57 - 00019363 _____ () C:\Users\Ruda\Downloads\[SkT]Kraska_a_zvire_-_La_Belle_et_la_bete_(2014)(CZ)_=_CSFD_64%.torrent
2014-09-28 16:37 - 2014-09-28 16:37 - 00001210 _____ () C:\Users\Public\Desktop\Ashampoo Photo Optimizer FREE.lnk
2014-09-28 16:36 - 2014-09-28 16:37 - 10431416 _____ (ashampoo GmbH & Co. KG ) C:\Users\Ruda\Downloads\ashampoo_photo_optimizer_free_120_5023.exe
2014-09-28 16:19 - 2014-09-28 16:19 - 00002217 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-28 16:19 - 2014-09-28 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-28 16:17 - 2014-09-28 16:17 - 00000000 ____D () C:\Program Files (x86)\GUMC10E.tmp
2014-09-28 16:16 - 2014-09-28 16:16 - 00895120 _____ (Google Inc.) C:\Users\Ruda\Downloads\ChromeSetup(1).exe
2014-09-28 14:04 - 2014-09-28 14:04 - 00000000 ____D () C:\Users\Ruda\AppData\Local\Ashampoo Photo Optimizer
2014-09-27 16:01 - 2014-09-28 18:38 - 00000000 ____D () C:\Users\Ruda\Documents\OpenOffice
2014-09-26 11:34 - 2014-09-26 11:34 - 04964488 _____ (Piriform Ltd) C:\Users\Ruda\Downloads\ccsetup418.exe
2014-09-26 10:57 - 2014-09-26 10:57 - 05809785 _____ () C:\Users\Ruda\Downloads\FSViewerSetup52.exe
2014-09-25 20:40 - 2014-09-25 20:40 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Gadwin
2014-09-25 16:53 - 2014-09-25 16:53 - 00000891 _____ () C:\Users\Ruda\Desktop\Plus500.lnk
2014-09-25 16:53 - 2014-09-25 16:53 - 00000891 _____ () C:\Users\Guest\Desktop\Plus500.lnk
2014-09-25 16:53 - 2014-09-25 16:53 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plus500
2014-09-25 16:53 - 2014-09-25 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plus500
2014-09-25 16:52 - 2014-09-25 16:53 - 00000000 ____D () C:\Users\Ruda\AppData\Local\Plus500
2014-09-25 16:52 - 2014-09-25 16:52 - 00384488 _____ () C:\Users\Ruda\Downloads\InstallPlus500.exe
2014-09-25 16:52 - 2014-09-25 16:52 - 00000000 ____D () C:\Program Files (x86)\Plus500
2014-09-25 09:10 - 2014-09-29 09:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 09:31 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 09:31 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 23:44 - 2014-09-23 23:44 - 09889400 _____ (Martin Roubec ) C:\Users\Ruda\Downloads\InstalRecepty(1).exe
2014-09-18 10:28 - 2014-09-18 10:28 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-18 10:28 - 2014-09-18 10:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-17 20:29 - 2009-12-06 14:13 - 01145096 _____ () C:\Users\Ruda\Downloads\imddup.exe
2014-09-17 20:28 - 2014-09-17 20:28 - 00916229 _____ () C:\Users\Ruda\Downloads\image_deduplicator_15.zip
2014-09-17 20:09 - 2009-12-06 14:17 - 00000000 ____D () C:\Users\Ruda\Downloads\_rel_w36
2014-09-17 20:09 - 2008-01-05 12:41 - 00056773 _____ () C:\Users\Ruda\Downloads\Help.chm
2014-09-17 20:09 - 2008-01-05 12:29 - 00426496 _____ () C:\Users\Ruda\Downloads\setup.exe
2014-09-17 20:09 - 2004-04-16 12:10 - 00229376 _____ () C:\Users\Ruda\Downloads\libjasper.dll
2014-09-17 18:29 - 2014-09-17 18:33 - 00000000 ___DC () C:\Shoty
2014-09-17 17:57 - 2014-09-17 17:57 - 00000058 _____ () C:\Users\Ruda\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2014-09-17 17:57 - 2014-09-17 17:57 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\DonationCoder
2014-09-17 17:49 - 2014-09-17 17:49 - 00000000 ____D () C:\Users\Ruda\AppData\Local\Marko_Devcic
2014-09-17 17:48 - 2013-04-02 13:08 - 00182272 _____ () C:\Users\Ruda\Downloads\FluidKit.dll
2014-09-17 11:58 - 2014-09-17 11:58 - 02097120 _____ (Mister Group ) C:\Users\Ruda\Downloads\SystemExplorerSetup_594.exe
2014-09-16 22:50 - 2014-09-16 22:51 - 00000000 ____D () C:\Users\Ruda\AppData\Local\Zoner
2014-09-16 22:50 - 2014-09-16 22:50 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Zoner
2014-09-16 22:50 - 2014-09-16 22:50 - 00000000 ____D () C:\ProgramData\Zoner
2014-09-16 00:55 - 2014-09-16 00:55 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-09-16 00:52 - 2014-09-28 15:56 - 00001100 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-09-16 00:52 - 2014-09-16 00:54 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-09-16 00:39 - 2014-09-16 00:41 - 128741109 _____ () C:\Users\Ruda\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_cs.exe
2014-09-15 20:30 - 2014-09-15 20:30 - 00000000 ____D () C:\Users\Ruda\Documents\BlazeVideo
2014-09-15 20:28 - 2014-09-15 20:28 - 00002035 _____ () C:\Users\Public\Desktop\BlazeDTV 6.0.lnk
2014-09-15 20:28 - 2014-09-15 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlazeDTV 6.0
2014-09-15 20:28 - 2014-09-15 20:28 - 00000000 ____D () C:\Program Files (x86)\BlazeVideo
2014-09-14 18:23 - 2014-09-14 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2014-09-14 18:22 - 2014-09-26 11:43 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-14 18:22 - 2014-09-14 18:26 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-09-14 18:21 - 2014-09-14 18:21 - 16409960 _____ (Safer Networking Limited ) C:\Users\Ruda\Downloads\spybotsd162.exe
2014-09-14 13:37 - 2014-09-29 19:18 - 00000000 _____ () C:\Windows\SysWOW64\sinstall.log
2014-09-14 13:01 - 2014-09-14 13:01 - 00011862 _____ () C:\Users\Ruda\Downloads\OutlookContacts.csv
2014-09-14 11:43 - 2014-09-14 11:43 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Thunderbird
2014-09-13 01:22 - 2014-09-28 15:30 - 00080712 _____ () C:\Users\Ruda\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-12 23:45 - 2014-09-29 09:46 - 00000452 _____ () C:\Windows\Tasks\Wise Disk Cleaner Schedule Task.job
2014-09-12 23:45 - 2014-09-12 23:45 - 00003320 _____ () C:\Windows\System32\Tasks\Wise Disk Cleaner Schedule Task
2014-09-12 23:43 - 2014-09-28 15:51 - 00001166 _____ () C:\Users\Public\Desktop\Wise Disk Cleaner.lnk
2014-09-12 23:43 - 2014-09-14 19:25 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Wise Disk Cleaner
2014-09-12 23:43 - 2014-09-12 23:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Disk Cleaner
2014-09-12 23:42 - 2014-09-12 23:42 - 00000000 ____D () C:\Program Files (x86)\Wise
2014-09-12 23:41 - 2014-09-12 23:41 - 02471232 _____ (WiseCleaner.com ) C:\Users\Ruda\Downloads\WDCFree.exe
2014-09-11 14:34 - 2014-09-11 14:34 - 00003120 _____ () C:\Windows\System32\Tasks\{4CAE5787-73F8-42AA-820D-13DFD7C1BC04}
2014-09-11 10:38 - 2014-09-11 10:38 - 00003154 _____ () C:\Windows\System32\Tasks\{7E2599D8-728D-4529-B8DF-4D3425C0E6A8}
2014-09-11 02:46 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 02:46 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 02:46 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 02:46 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 02:46 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 02:46 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 02:46 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 02:46 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 02:46 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 02:46 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 02:46 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 02:46 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 02:46 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 02:46 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 02:46 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 02:46 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 02:46 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 02:46 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 02:46 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 02:46 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 02:46 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 02:46 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 02:46 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-11 02:46 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 02:46 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 02:46 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 02:46 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 02:46 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 02:46 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 02:46 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 02:46 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 02:46 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 02:46 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 02:46 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 02:46 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 02:46 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 02:46 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 02:46 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 02:46 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 02:46 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 02:46 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-11 02:46 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 02:46 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 02:46 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 02:46 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 02:46 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 02:46 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 02:46 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 02:46 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 02:46 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-11 02:46 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 02:46 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 02:46 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 02:46 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 02:46 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-11 02:45 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 02:26 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 02:26 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-11 02:23 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-11 02:23 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-11 02:23 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-11 02:23 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-11 02:22 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-11 02:22 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-11 02:22 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-11 02:22 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-11 02:22 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-11 02:20 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-11 02:20 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-09 14:55 - 2014-09-09 14:55 - 00003172 _____ () C:\Windows\System32\Tasks\{EA700A6E-4619-4175-87F5-4DD8516627A9}
2014-09-08 23:31 - 2014-09-11 10:35 - 17328816 _____ (Adobe Systems Incorporated) C:\Users\Ruda\Downloads\install_flash_player_ax.exe
2014-09-08 16:07 - 2014-09-08 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP
2014-09-08 10:06 - 2014-09-08 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft ICE
2014-09-08 10:06 - 2014-09-08 20:34 - 00000000 ____D () C:\Program Files\Microsoft Research
2014-09-08 00:28 - 2014-09-08 00:28 - 00005881 _____ () C:\Users\Ruda\AppData\Local\recently-used.xbel
2014-09-06 21:33 - 2014-09-06 21:34 - 00000000 ____D () C:\Users\Ruda\Documents\protokoly
2014-09-06 13:18 - 2014-09-28 15:51 - 00001791 _____ () C:\Users\Public\Desktop\Q-Dir.lnk
2014-09-06 13:18 - 2014-09-06 13:18 - 00001797 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Q-Dir.lnk
2014-09-06 13:18 - 2014-09-06 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Q-Dir
2014-09-06 13:18 - 2014-09-06 13:18 - 00000000 ____D () C:\Program Files (x86)\Q-Dir
2014-09-06 13:18 - 2014-08-14 09:17 - 00756736 ____N (Nenad Hrg (SoftwareOK.com)) C:\Users\Ruda\Downloads\Q-Dir_Installer.exe
2014-09-06 11:38 - 2014-09-06 11:38 - 01370467 _____ () C:\Users\Ruda\Downloads\AdwCleaner.exe
2014-09-06 10:09 - 2014-09-06 10:09 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\FlashGetBHO
2014-09-05 10:41 - 2014-09-05 10:41 - 00000000 ____D () C:\ProgramData\PicPick
2014-09-04 16:31 - 2014-09-04 16:31 - 00001041 _____ () C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-09-04 16:31 - 2014-09-04 16:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2014-09-04 16:31 - 2014-09-04 16:31 - 00000000 ____D () C:\Program Files (x86)\PDF24
2014-09-04 16:30 - 2014-09-04 16:30 - 16319576 _____ (Geek Software GmbH ) C:\Users\Ruda\Downloads\pdf24-creator.exe
2014-09-04 14:33 - 2014-09-04 14:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-09-01 23:03 - 2000-01-01 02:00 - 00795632 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2014-09-01 23:03 - 2000-01-01 02:00 - 00358896 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
2014-09-01 23:03 - 2000-01-01 02:00 - 00020464 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys
2014-09-01 17:37 - 2014-09-28 15:24 - 00000000 ____D () C:\Users\Ruda\TapinRadio
2014-09-01 17:37 - 2014-09-01 17:37 - 00000000 ____D () C:\Program Files (x86)\TapinRadio
2014-08-31 17:00 - 2014-08-31 17:12 - 00000000 ____D () C:\Program Files (x86)\WinThruster
2014-08-30 12:24 - 2014-08-28 16:51 - 00110776 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-29 19:57 - 2013-10-09 23:39 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2014-09-29 19:54 - 2013-03-18 17:14 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B9C26119-2806-4546-B247-5A5B1261D67E}
2014-09-29 19:52 - 2013-11-03 14:54 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-29 19:43 - 2014-06-12 10:23 - 00000958 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002UA.job
2014-09-29 19:26 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-29 19:26 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-29 19:24 - 2013-11-26 20:54 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-29 19:23 - 2013-05-29 01:14 - 01756352 _____ () C:\Windows\WindowsUpdate.log
2014-09-29 19:21 - 2013-07-15 20:59 - 00000000 ____D () C:\Users\Ruda\AppData\Local\LogMeIn Hamachi
2014-09-29 19:20 - 2013-11-26 20:54 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-29 19:20 - 2013-03-07 03:52 - 00000467 _____ () C:\Users\Ruda\AppData\Roaming\sp_data.sys
2014-09-29 19:18 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-29 19:15 - 2014-07-03 22:04 - 00000000 ___DC () C:\AdwCleaner
2014-09-29 17:08 - 2014-02-26 00:03 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002UA.job
2014-09-29 09:33 - 2014-06-12 10:23 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002Core.job
2014-09-28 23:08 - 2014-02-26 00:03 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002Core.job
2014-09-28 23:05 - 2013-11-23 01:33 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\vlc
2014-09-28 23:02 - 2013-10-02 18:41 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\uTorrent
2014-09-28 21:37 - 2013-08-23 17:09 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Skype
2014-09-28 18:42 - 2013-04-05 00:33 - 00040448 _____ () C:\Users\Ruda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-28 18:34 - 2013-04-07 17:45 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\PhotoScape
2014-09-28 18:34 - 2013-03-07 11:49 - 00000000 ____D () C:\Users\Ruda\AppData\Local\CrashDumps
2014-09-28 17:28 - 2013-03-07 03:52 - 00000000 ____D () C:\Users\Ruda\Documents\Bluetooth Folder
2014-09-28 16:37 - 2014-04-22 09:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2014-09-28 16:37 - 2014-04-22 09:49 - 00000000 ____D () C:\Program Files (x86)\Ashampoo
2014-09-28 16:10 - 2014-05-11 22:34 - 00001279 _____ () C:\Users\Public\Desktop\Ashampoo Burning Studio 6 FREE.lnk
2014-09-28 16:10 - 2013-12-29 20:08 - 00001028 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-28 16:08 - 2014-06-13 11:59 - 00000958 _____ () C:\Users\Public\Desktop\ProgTV.lnk
2014-09-28 16:01 - 2013-05-31 10:15 - 00000000 ____D () C:\Program Files\Recuva
2014-09-28 15:59 - 2014-07-23 00:45 - 00001202 _____ () C:\Users\Public\Desktop\paint.net.lnk
2014-09-28 15:59 - 2013-11-14 12:56 - 00001067 _____ () C:\Users\Public\Desktop\FastStone Image Viewer.lnk
2014-09-28 15:58 - 2013-12-24 01:50 - 00001068 _____ () C:\Users\Public\Desktop\Picasa 3.lnk
2014-09-28 15:57 - 2014-06-30 11:56 - 00001043 _____ () C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk
2014-09-28 15:57 - 2014-01-10 03:45 - 00001118 _____ () C:\Users\Public\Desktop\Comodo Dragon.lnk
2014-09-28 15:56 - 2014-02-24 21:49 - 00001117 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-28 15:55 - 2014-08-16 15:30 - 00001148 _____ () C:\Users\Public\Desktop\aTube Catcher.lnk
2014-09-28 15:55 - 2013-03-09 16:31 - 00000977 _____ () C:\Users\Public\Desktop\Evidence LSoft.lnk
2014-09-28 15:53 - 2014-05-21 13:46 - 00001024 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2014-09-28 15:52 - 2013-10-28 20:06 - 00001349 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-09-28 15:52 - 2012-02-24 13:54 - 00001196 _____ () C:\Users\Public\Desktop\ASUS WebStorage.lnk
2014-09-28 15:50 - 2014-07-03 22:45 - 00000905 _____ () C:\Users\Public\Desktop\µTorrent.lnk
2014-09-28 15:50 - 2014-06-14 02:25 - 00001879 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-09-28 15:48 - 2014-05-05 01:52 - 00001048 _____ () C:\Users\Public\Desktop\System Explorer.lnk
2014-09-28 15:48 - 2013-11-16 02:04 - 00000951 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-09-28 15:48 - 2013-05-31 10:15 - 00001813 _____ () C:\Users\Public\Desktop\Recuva.lnk
2014-09-28 15:47 - 2014-06-13 11:59 - 00000980 _____ () C:\Users\Public\Desktop\ProgDVB 7.lnk
2014-09-28 15:28 - 2013-03-07 03:48 - 00000000 ____D () C:\Users\Ruda
2014-09-28 15:27 - 2009-07-14 06:45 - 04923696 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-28 15:26 - 2014-01-05 16:51 - 00000000 ____D () C:\Users\Guest
2014-09-28 15:26 - 2013-12-07 19:51 - 00000000 ____D () C:\Users\Classic .NET AppPool
2014-09-28 15:26 - 2013-07-28 11:32 - 00000000 ____D () C:\Users\DefaultAppPool
2014-09-28 15:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-28 15:25 - 2014-08-14 18:46 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-09-28 15:25 - 2014-05-09 16:49 - 00000000 ____D () C:\Users\Ruda\AppData\Local\Akamai
2014-09-28 15:25 - 2014-05-05 01:52 - 00000000 ____D () C:\ProgramData\SystemExplorer
2014-09-28 15:25 - 2014-01-05 16:53 - 00000000 ____D () C:\Users\Guest\AppData\Local\LogMeIn Hamachi
2014-09-28 15:25 - 2013-12-02 12:38 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-28 15:25 - 2013-11-30 01:32 - 00000000 ____D () C:\Program Files (x86)\LastPass
2014-09-28 15:25 - 2013-10-09 23:40 - 00000000 ____D () C:\Windows\System32\Tasks\COMODO
2014-09-28 15:25 - 2013-07-04 16:39 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\IrfanView
2014-09-28 15:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-09-28 15:22 - 2013-03-10 13:40 - 00000000 __RHD () C:\MSOCache
2014-09-28 15:09 - 2014-01-05 16:53 - 00084680 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-28 14:38 - 2013-03-07 04:44 - 00000000 ____D () C:\Users\Ruda\AppData\Local\Windows Live
2014-09-27 00:17 - 2013-03-14 00:20 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\dvdcss
2014-09-26 11:35 - 2013-12-02 12:38 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-26 11:00 - 2013-11-14 12:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer
2014-09-26 11:00 - 2013-11-14 12:56 - 00000000 ____D () C:\Program Files (x86)\FastStone Image Viewer
2014-09-25 20:40 - 2014-04-23 10:50 - 00000000 ____D () C:\Users\Ruda\AppData\Local\Gadwin
2014-09-25 15:54 - 2014-02-13 12:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-24 22:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-23 23:46 - 2014-06-19 15:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recepty doma
2014-09-23 23:46 - 2014-06-19 15:40 - 00000000 ____D () C:\Program Files (x86)\Recepty doma
2014-09-23 20:53 - 2013-11-03 14:54 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 20:52 - 2013-11-03 14:54 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-23 20:52 - 2013-11-03 14:54 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-23 09:39 - 2014-03-25 02:22 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-21 00:26 - 2014-01-15 22:31 - 00003136 _____ () C:\Windows\System32\Tasks\{F631C605-FF2F-4804-AA14-842D626AB4D0}
2014-09-19 12:32 - 2014-01-06 03:52 - 00000000 ____D () C:\Users\Ruda\.gimp-2.8
2014-09-18 20:02 - 2013-12-10 16:23 - 00000000 ____D () C:\ProgramData\ProgDVB
2014-09-18 10:28 - 2014-02-24 12:28 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-18 10:28 - 2013-08-23 16:45 - 00000000 ____D () C:\ProgramData\Skype
2014-09-18 00:26 - 2012-02-24 13:40 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-18 00:20 - 2014-01-23 15:20 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-17 11:59 - 2014-05-05 01:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer
2014-09-17 11:59 - 2014-04-21 14:00 - 00000000 ____D () C:\Program Files (x86)\System Explorer
2014-09-16 23:38 - 2011-02-19 07:36 - 00735924 _____ () C:\Windows\system32\perfh005.dat
2014-09-16 23:38 - 2011-02-19 07:36 - 00170710 _____ () C:\Windows\system32\perfc005.dat
2014-09-16 23:38 - 2009-07-14 07:13 - 01774156 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-16 00:54 - 2014-07-13 20:01 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-09-15 21:12 - 2014-06-03 09:57 - 00011880 _____ () C:\ProgramData\LSDmbTH.log
2014-09-15 21:12 - 2014-06-03 09:57 - 00011866 _____ () C:\ProgramData\LmeUSB.log
2014-09-15 20:28 - 2014-06-03 09:49 - 00000000 ____D () C:\ProgramData\BlazeVideo
2014-09-15 20:06 - 2014-06-03 23:25 - 00073728 _____ (ITE) C:\Windows\SysWOW64\AF15BDAEX.dll
2014-09-15 20:06 - 2014-06-03 23:25 - 00073728 _____ (ITE) C:\Windows\system32\AF15BDAEX.dll
2014-09-15 00:09 - 2014-01-07 21:47 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\BitTorrent
2014-09-15 00:09 - 2013-12-12 12:54 - 00000000 ____D () C:\ProgramData\tmp
2014-09-15 00:09 - 2013-08-23 11:42 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Maxthon3
2014-09-15 00:09 - 2013-03-09 02:08 - 00000000 ___RD () C:\ASUS I
2014-09-15 00:08 - 2013-11-22 19:20 - 00000000 ____D () C:\Users\Ruda\Documents\prilohy_21879
2014-09-15 00:08 - 2013-06-30 18:55 - 00000000 ____D () C:\Users\Ruda\Documents\Photos
2014-09-15 00:08 - 2013-06-20 11:23 - 00000000 ____D () C:\Users\Ruda\Documents\Mozilla Firefox
2014-09-15 00:08 - 2013-06-17 15:39 - 00000000 ____D () C:\Users\Ruda\dwhelper
2014-09-15 00:08 - 2013-03-14 01:57 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Seznam.cz
2014-09-13 02:58 - 2013-10-10 00:52 - 02537132 _____ () C:\Windows\system32\Drivers\fvstore.dat
2014-09-12 23:48 - 2013-04-18 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-09-12 23:48 - 2012-02-24 13:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-09-12 11:33 - 2014-05-30 23:00 - 00000000 ____D () C:\Users\Ruda\Documents\Čištění-protokoly
2014-09-11 10:28 - 2013-03-07 04:23 - 00000000 ____D () C:\Users\Ruda\AppData\Local\Adobe
2014-09-11 02:43 - 2012-02-24 13:39 - 01749806 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 02:40 - 2013-07-10 14:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 02:28 - 2013-03-07 10:48 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-11 02:25 - 2014-04-28 22:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-09 19:17 - 2013-09-03 10:22 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Q-Dir
2014-09-08 20:36 - 2014-06-21 15:47 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-09-08 00:28 - 2014-01-06 03:55 - 00000000 ____D () C:\Users\Ruda\AppData\Local\gtk-2.0
2014-09-06 21:59 - 2013-03-09 16:31 - 00000000 ____D () C:\Users\Ruda\Documents\Evidence LSoft
2014-09-06 13:18 - 2013-09-03 10:22 - 00051562 _____ () C:\Windows\Q-Dir.ini
2014-09-06 10:14 - 2014-01-04 18:16 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\BITS
2014-09-06 10:09 - 2014-01-04 18:16 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\FlashgetSetup
2014-09-04 19:31 - 2013-12-02 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-04 14:33 - 2013-07-15 20:57 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-09-01 22:58 - 2014-05-08 23:08 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-08-31 12:54 - 2013-03-07 03:52 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Atheros
Some content of TEMP:
====================
C:\Users\Ruda\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-26 16:03
==================== End Of Log ============================
Ran by Ruda (administrator) on RUDA-PC on 29-09-2014 20:01:32
Running from C:\PerfLogs\Desktop
Loaded Profile: Ruda (Available profiles: Ruda & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Akamai Technologies, Inc.) C:\Users\Ruda\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Ruda\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe
(Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2661672 2012-02-19] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-05-26] (Alcor Micro Corp.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\btvstack.exe [1023616 2012-05-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\athbttray.exe [801920 2012-05-31] (Atheros Commnucations)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1275608 2014-03-25] (COMODO)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4694192 2000-01-01] (VIA)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2000-01-01] (Intel Corporation)
HKLM-x32\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [102568 2012-02-22] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-03] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3802448 2014-09-04] (LogMeIn Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKLM-x32\...\Run: [SystemExplorerAutoStart] => C:\Program Files (x86)\System Explorer\SystemExplorer.exe [3385192 2014-09-15] (Mister Group)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-841361005-909514878-2309378359-1002\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [759712 2014-09-12] (Adobe Systems Incorporated)
HKU\S-1-5-21-841361005-909514878-2309378359-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Ruda\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-841361005-909514878-2309378359-1002\...\Run: [Gadwin PrintScreen Pro (64-bit)] => "C:\Program Files\Gadwin\Gadwin PrintScreenPro\PrintScreenPro64.exe" /nosplash
HKU\S-1-5-21-841361005-909514878-2309378359-1002\...\Run: [Gadwin PrintScreen (64-bit)] => "C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe" /nosplash
HKU\S-1-5-21-841361005-909514878-2309378359-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6480664 2014-09-25] (Piriform Ltd)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: , c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemExplorerDisabled ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - SuggestionsURL_JSON http://api.widdit.com/suggestions/?form ... earchTerms}
SearchScopes: HKLM-x32 - TopResultURLFallback http://search.certified-toolbar.com?si= ... earchTerms}
SearchScopes: HKCU - 71BD073478A94B0FA4DA1114F6676BEC URL = http://search.certified-toolbar.com?si= ... earchTerms}
SearchScopes: HKCU - {1E1F17B7-F889-4480-8A29-31EC9A9EFF8C} URL = http://www.novinky.cz/hledej?w={searchT ... arch_12454
SearchScopes: HKCU - {1E2C0E9F-5A57-404C-B006-0935D8B62540} URL = http://www.alza.cz/SearchAdvanced.asp?EXPS={searchTerms}
SearchScopes: HKCU - {206BE1CD-D8E5-4E8B-82A6-7642EF131402} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKCU - {261F48F8-D058-48FB-AF2F-1612D1198CC3} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
SearchScopes: HKCU - {45A4A77E-0CE3-4426-AE53-A7EF90CB4628} URL = http://www.gsrch.com/#q={searchTerms}
SearchScopes: HKCU - {4B2BCD33-D984-4D8E-9C54-B803E34B1CA9} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
SearchScopes: HKCU - {593B6F83-B0BB-4B83-A5D9-7AC258B674B2} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12454
SearchScopes: HKCU - {9249FFDB-058C-45D6-9AF3-F1B23BF48FF0} URL = http://search.seznam.cz/?q={searchTerms ... arch_12454
SearchScopes: HKCU - {9FF53AE7-AE60-4664-949F-033A0F77247D} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKCU - {A11803E2-62F5-4A23-B930-9F8D435E2A78} URL = http://www.firmy.cz/phr/{searchTerms}?s ... arch_12454
SearchScopes: HKCU - {A3A70049-68EA-44AC-905D-25C4A57E654C} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKCU - {C7C7B0ED-D00A-4989-9D5A-29377FA141AF} URL = http://cs.wikipedia.org/w/index.php?tit ... earchTerms}
SearchScopes: HKCU - {D55EDDC6-DF84-4DE3-A258-8E0FC1DAE671} URL = http://www.radirna.cz/search/{searchTerms}/
SearchScopes: HKCU - {DCEBF011-A869-4BF6-AF25-376F5EE21962} URL = http://cs.wikipedia.org/w/index.php?tit ... earchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DownloadHelper Class -> {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} -> C:\Program Files\Common Files\Download Helper\DownloadHelperx64.dll (IE Download Helper)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DownloadHelper Class -> {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} -> C:\Program Files (x86)\Common Files\Download Helper\DownloadHelper.dll (IE Download Helper)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - No Name - {61539ecd-cc67-4437-a03c-9aaccbd14326} - No File
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://www.asus.com/support/asusTek_sys_ctrl3.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
FireFox:
========
FF ProfilePath: C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297
FF Homepage: hxxp://www.seznam.cz/?logged=1#obsah
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin64.dll (Skype)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @exent.com/npExentCtl,version=7.0.0.0 -> C:\Program Files (x86)\Free Ride Games\npExentCtl.dll No File
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Program Files (x86)\TVUPlayer\npTVUAx.dll No File
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: http://www.exent.com/GameTreatWidget -> C:\Program Files (x86)\Free Ride Games\NPGameTreatPlugin.dll No File
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Ruda\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Ruda\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Ruda\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: LastPass - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\support@lastpass.com [2014-08-10]
FF Extension: DownloadHelper - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: SearchPreview - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [2014-08-15]
FF Extension: JavaScript View - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\jid1-u9RbFp9JcoEGGw@jetpack.xpi [2014-06-27]
FF Extension: S3.Google Translator - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\s3google@translator.xpi [2014-08-25]
FF Extension: Speed Dial - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2014-08-07]
FF Extension: Adblock Plus - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-26]
FF Extension: Tab Mix Plus - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-07-23]
FF Extension: QuickJava - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\97apsu2u.default-1403817709297\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2014-06-27]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-25]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-25]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: No Name - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2014-08-07]
Chrome:
=======
CHR HomePage: Default ->
CHR Profile: C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (HD for YouTube™) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjbfncbadcmnkopckegnmjgihagponf [2014-03-29]
CHR Extension: (Translator for all languages) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\amdeidgbmcliegnpcbbkhlflkbdpomhk [2014-03-29]
CHR Extension: (Google Docs) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-29]
CHR Extension: (Google Drive) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-14]
CHR Extension: (Greeting Card Maker) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\benkgplfnlmgnpooclhbngibhmconcnn [2014-03-29]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-07-23]
CHR Extension: (YouTube) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-27]
CHR Extension: (Facebook) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2014-03-29]
CHR Extension: (TV) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bppbpeijolfcampacpljolaegibfhjph [2014-03-29]
CHR Extension: (Google Search) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-29]
CHR Extension: (No Name) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba [2014-08-27]
CHR Extension: (Team Czech Republic) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fennihehgicanbibbangdgcmnmhfcell [2014-03-29]
CHR Extension: (AdBlock Premium) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2014-03-29]
CHR Extension: (Facebook for Chrome) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2014-03-29]
CHR Extension: (How to Whatsapp™ on pc) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gehnjenlljoafdhngpkkbigkoofcnmcg [2014-04-23]
CHR Extension: (converter) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gncebhdkjgopkmaklokjadihihfakeoi [2014-03-29]
CHR Extension: (Mortgage Calculators) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gophjlpndiolpbmkiioffbikoegnnapb [2014-03-29]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-03-29]
CHR Extension: (Street Maps) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgkgohkhjofgjpcebjdhkjompkabdoaj [2014-03-29]
CHR Extension: (Translator) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjlihpknefpcggkkbceadkcaapkkjikh [2014-06-27]
CHR Extension: (Seesmic) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikhnbijacmpeikpnoeddepkehmcofgbh [2014-03-29]
CHR Extension: (Business Card Maker) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\jllleebddagfipdaphlahknlfipmnehj [2014-03-29]
CHR Extension: (Calculator) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdkgihpbaofhkiliohfepioflkkbapao [2014-03-29]
CHR Extension: (Free Online Games) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfalblilehghcdahejnnejepagmccbib [2014-03-29]
CHR Extension: (Webmaster & SEO Tools) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfnkfoehpejigjhhjffdhmjpdkofcpmi [2014-03-29]
CHR Extension: (Cooking Recipes) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\leakjfgpfppjkjmbmbnpmjeandfnhncm [2014-03-29]
CHR Extension: (Facebook Email Signature - By WiseStamp) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mddbjkchhjpknjmkmkifidnpdnecmbjn [2014-03-29]
CHR Extension: (News and Pictures) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfkkkggciojbhfhehfaodadkoheomhbc [2014-03-29]
CHR Extension: (Job Search) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgehfboljmhjbmmjhgbakmoocikpkeid [2014-03-29]
CHR Extension: (Google Wallet) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Travel Math) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofpimeaclblbaodahnhhmlblagijlnad [2014-03-29]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-03-29]
CHR Extension: (Picasa) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2014-03-29]
CHR Extension: (Click&Clean App) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-03-29]
CHR Extension: (Outlook.com) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2014-03-29]
CHR Extension: (Free Online TV) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\picldhpkcgmgfnmombladhakcganoghd [2014-03-29]
CHR Extension: (Gmail) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-27]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Ruda\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-09-14]
CHR HKLM-x32\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files (x86)\Linguarde\wcxChrome.crx [2013-09-14]
CHR HKLM-x32\...\Chrome\Extension: [ohjkicjidmohhfcjjlahfppkdblibkkb] - C:\Program Files (x86)\Youdao\ShoppingAssistant\other\youdaogouwu-2.9.crx [2013-09-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6817544 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232 2014-05-21] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-08-08] (LogMeIn, Inc.)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-14] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-14] (Microsoft Corporation)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [2324216 2013-11-01] (PS Media s.r.o.)
R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [821096 2014-08-13] (Mister Group)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2000-01-01] (VIA Technologies, Inc.)
S4 VideoAcceleratorService; C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe [298152 2014-02-24] (SPEEDbit)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [327296 2012-05-31] (Atheros)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2012-04-12] (Windows (R) Win 7 DDK provider)
R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2012-04-12] (Windows (R) Win 7 DDK provider)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-04-16] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [738472 2014-04-16] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48360 2014-04-16] (COMODO)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105552 2014-04-16] (COMODO)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [117912 2000-01-01] (Qualcomm Atheros Co., Ltd.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2014-02-14] (Intel Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-14] (Microsoft Corporation)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2014-07-06] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 PCWinSoft; C:\Windows\System32\DRIVERS\scrcamhrdrv_x64.sys [241800 2012-10-11] (Windows (R) Server 2003 DDK provider)
S3 XHCIdrv; C:\Windows\System32\DRIVERS\XHCIdrv.sys [119720 2013-08-08] (Windows (R) Win 7 DDK provider)
S3 dcdbas; system32\DRIVERS\dcdbas64.sys [X]
U3 DfSdkS; No ImagePath
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 KDHacker; \??\c:\program files (x86)\kingsoft\kingsoft antivirus\security\kxescan\kdhacker64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 MsgPlusDriver; system32\DRIVERS\MsgPlusDriver.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
S2 X5XSEx_Pr143; \??\C:\Program Files (x86)\Free Ride Games\X5XSEx_Pr143.Sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-29 19:27 - 2014-09-29 19:27 - 00002728 _____ () C:\Users\Ruda\Documents\AdwCleaner[S23].txt
2014-09-29 19:20 - 2014-09-29 19:20 - 00000000 ___RD () C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-09-29 19:18 - 2014-09-29 19:18 - 00000168 _____ () C:\Windows\setupact.log
2014-09-29 19:18 - 2014-09-29 19:18 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-29 19:17 - 2014-09-29 19:18 - 00030916 _____ () C:\Windows\PFRO.log
2014-09-29 19:13 - 2014-09-29 19:13 - 00002650 _____ () C:\Users\Ruda\Documents\AdwCleaner[R23].txt
2014-09-29 17:03 - 2014-09-29 17:03 - 00070761 _____ () C:\Users\Ruda\Documents\FRST.txt
2014-09-29 16:46 - 2014-09-29 17:02 - 00063838 _____ () C:\Users\Ruda\Documents\Addition.txt
2014-09-29 16:46 - 2014-09-29 16:46 - 00015590 _____ () C:\Users\Ruda\Documents\Addition.zip
2014-09-29 16:27 - 2014-09-29 16:27 - 00015327 _____ () C:\Users\Ruda\Desktop\LM.bat
2014-09-29 16:18 - 2014-09-29 20:01 - 00000000 ___DC () C:\FRST
2014-09-29 16:09 - 2014-09-29 16:27 - 00029696 _____ () C:\Users\Ruda\AppData\Local\MSGBOX.EXE
2014-09-29 14:46 - 2014-09-29 15:55 - 00000000 ____D () C:\Users\Ruda\Downloads\Database
2014-09-29 14:46 - 2014-09-29 15:54 - 00000000 ____D () C:\Users\Ruda\Downloads\Photos
2014-09-29 13:45 - 2014-09-29 13:50 - 00033280 ___SH () C:\Users\Ruda\Downloads\Thumbs.db
2014-09-29 12:19 - 2014-09-29 12:20 - 00073728 _____ () C:\Users\Ruda\Documents\29_09_2014_12_19_42.sdb
2014-09-28 22:10 - 2014-09-28 22:10 - 00169140 _____ () C:\Users\Ruda\Downloads\[SkT]Exploze___Live_Wire_(1992)(CZ)_=_CSFD_55%.torrent
2014-09-28 21:57 - 2014-09-28 21:57 - 00019363 _____ () C:\Users\Ruda\Downloads\[SkT]Kraska_a_zvire_-_La_Belle_et_la_bete_(2014)(CZ)_=_CSFD_64%.torrent
2014-09-28 16:37 - 2014-09-28 16:37 - 00001210 _____ () C:\Users\Public\Desktop\Ashampoo Photo Optimizer FREE.lnk
2014-09-28 16:36 - 2014-09-28 16:37 - 10431416 _____ (ashampoo GmbH & Co. KG ) C:\Users\Ruda\Downloads\ashampoo_photo_optimizer_free_120_5023.exe
2014-09-28 16:19 - 2014-09-28 16:19 - 00002217 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-28 16:19 - 2014-09-28 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-28 16:17 - 2014-09-28 16:17 - 00000000 ____D () C:\Program Files (x86)\GUMC10E.tmp
2014-09-28 16:16 - 2014-09-28 16:16 - 00895120 _____ (Google Inc.) C:\Users\Ruda\Downloads\ChromeSetup(1).exe
2014-09-28 14:04 - 2014-09-28 14:04 - 00000000 ____D () C:\Users\Ruda\AppData\Local\Ashampoo Photo Optimizer
2014-09-27 16:01 - 2014-09-28 18:38 - 00000000 ____D () C:\Users\Ruda\Documents\OpenOffice
2014-09-26 11:34 - 2014-09-26 11:34 - 04964488 _____ (Piriform Ltd) C:\Users\Ruda\Downloads\ccsetup418.exe
2014-09-26 10:57 - 2014-09-26 10:57 - 05809785 _____ () C:\Users\Ruda\Downloads\FSViewerSetup52.exe
2014-09-25 20:40 - 2014-09-25 20:40 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Gadwin
2014-09-25 16:53 - 2014-09-25 16:53 - 00000891 _____ () C:\Users\Ruda\Desktop\Plus500.lnk
2014-09-25 16:53 - 2014-09-25 16:53 - 00000891 _____ () C:\Users\Guest\Desktop\Plus500.lnk
2014-09-25 16:53 - 2014-09-25 16:53 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plus500
2014-09-25 16:53 - 2014-09-25 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plus500
2014-09-25 16:52 - 2014-09-25 16:53 - 00000000 ____D () C:\Users\Ruda\AppData\Local\Plus500
2014-09-25 16:52 - 2014-09-25 16:52 - 00384488 _____ () C:\Users\Ruda\Downloads\InstallPlus500.exe
2014-09-25 16:52 - 2014-09-25 16:52 - 00000000 ____D () C:\Program Files (x86)\Plus500
2014-09-25 09:10 - 2014-09-29 09:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 09:31 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 09:31 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 23:44 - 2014-09-23 23:44 - 09889400 _____ (Martin Roubec ) C:\Users\Ruda\Downloads\InstalRecepty(1).exe
2014-09-18 10:28 - 2014-09-18 10:28 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-18 10:28 - 2014-09-18 10:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-17 20:29 - 2009-12-06 14:13 - 01145096 _____ () C:\Users\Ruda\Downloads\imddup.exe
2014-09-17 20:28 - 2014-09-17 20:28 - 00916229 _____ () C:\Users\Ruda\Downloads\image_deduplicator_15.zip
2014-09-17 20:09 - 2009-12-06 14:17 - 00000000 ____D () C:\Users\Ruda\Downloads\_rel_w36
2014-09-17 20:09 - 2008-01-05 12:41 - 00056773 _____ () C:\Users\Ruda\Downloads\Help.chm
2014-09-17 20:09 - 2008-01-05 12:29 - 00426496 _____ () C:\Users\Ruda\Downloads\setup.exe
2014-09-17 20:09 - 2004-04-16 12:10 - 00229376 _____ () C:\Users\Ruda\Downloads\libjasper.dll
2014-09-17 18:29 - 2014-09-17 18:33 - 00000000 ___DC () C:\Shoty
2014-09-17 17:57 - 2014-09-17 17:57 - 00000058 _____ () C:\Users\Ruda\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2014-09-17 17:57 - 2014-09-17 17:57 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\DonationCoder
2014-09-17 17:49 - 2014-09-17 17:49 - 00000000 ____D () C:\Users\Ruda\AppData\Local\Marko_Devcic
2014-09-17 17:48 - 2013-04-02 13:08 - 00182272 _____ () C:\Users\Ruda\Downloads\FluidKit.dll
2014-09-17 11:58 - 2014-09-17 11:58 - 02097120 _____ (Mister Group ) C:\Users\Ruda\Downloads\SystemExplorerSetup_594.exe
2014-09-16 22:50 - 2014-09-16 22:51 - 00000000 ____D () C:\Users\Ruda\AppData\Local\Zoner
2014-09-16 22:50 - 2014-09-16 22:50 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Zoner
2014-09-16 22:50 - 2014-09-16 22:50 - 00000000 ____D () C:\ProgramData\Zoner
2014-09-16 00:55 - 2014-09-16 00:55 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-09-16 00:52 - 2014-09-28 15:56 - 00001100 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-09-16 00:52 - 2014-09-16 00:54 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-09-16 00:39 - 2014-09-16 00:41 - 128741109 _____ () C:\Users\Ruda\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_cs.exe
2014-09-15 20:30 - 2014-09-15 20:30 - 00000000 ____D () C:\Users\Ruda\Documents\BlazeVideo
2014-09-15 20:28 - 2014-09-15 20:28 - 00002035 _____ () C:\Users\Public\Desktop\BlazeDTV 6.0.lnk
2014-09-15 20:28 - 2014-09-15 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlazeDTV 6.0
2014-09-15 20:28 - 2014-09-15 20:28 - 00000000 ____D () C:\Program Files (x86)\BlazeVideo
2014-09-14 18:23 - 2014-09-14 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2014-09-14 18:22 - 2014-09-26 11:43 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-14 18:22 - 2014-09-14 18:26 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-09-14 18:21 - 2014-09-14 18:21 - 16409960 _____ (Safer Networking Limited ) C:\Users\Ruda\Downloads\spybotsd162.exe
2014-09-14 13:37 - 2014-09-29 19:18 - 00000000 _____ () C:\Windows\SysWOW64\sinstall.log
2014-09-14 13:01 - 2014-09-14 13:01 - 00011862 _____ () C:\Users\Ruda\Downloads\OutlookContacts.csv
2014-09-14 11:43 - 2014-09-14 11:43 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Thunderbird
2014-09-13 01:22 - 2014-09-28 15:30 - 00080712 _____ () C:\Users\Ruda\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-12 23:45 - 2014-09-29 09:46 - 00000452 _____ () C:\Windows\Tasks\Wise Disk Cleaner Schedule Task.job
2014-09-12 23:45 - 2014-09-12 23:45 - 00003320 _____ () C:\Windows\System32\Tasks\Wise Disk Cleaner Schedule Task
2014-09-12 23:43 - 2014-09-28 15:51 - 00001166 _____ () C:\Users\Public\Desktop\Wise Disk Cleaner.lnk
2014-09-12 23:43 - 2014-09-14 19:25 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Wise Disk Cleaner
2014-09-12 23:43 - 2014-09-12 23:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Disk Cleaner
2014-09-12 23:42 - 2014-09-12 23:42 - 00000000 ____D () C:\Program Files (x86)\Wise
2014-09-12 23:41 - 2014-09-12 23:41 - 02471232 _____ (WiseCleaner.com ) C:\Users\Ruda\Downloads\WDCFree.exe
2014-09-11 14:34 - 2014-09-11 14:34 - 00003120 _____ () C:\Windows\System32\Tasks\{4CAE5787-73F8-42AA-820D-13DFD7C1BC04}
2014-09-11 10:38 - 2014-09-11 10:38 - 00003154 _____ () C:\Windows\System32\Tasks\{7E2599D8-728D-4529-B8DF-4D3425C0E6A8}
2014-09-11 02:46 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 02:46 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 02:46 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 02:46 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 02:46 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 02:46 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 02:46 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 02:46 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 02:46 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 02:46 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 02:46 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 02:46 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 02:46 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 02:46 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 02:46 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 02:46 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 02:46 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 02:46 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 02:46 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 02:46 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 02:46 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 02:46 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 02:46 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-11 02:46 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 02:46 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 02:46 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 02:46 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 02:46 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 02:46 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 02:46 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 02:46 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 02:46 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 02:46 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 02:46 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 02:46 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 02:46 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 02:46 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 02:46 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 02:46 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 02:46 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 02:46 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-11 02:46 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 02:46 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 02:46 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 02:46 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 02:46 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 02:46 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 02:46 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 02:46 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 02:46 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-11 02:46 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 02:46 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 02:46 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 02:46 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 02:46 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-11 02:45 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 02:26 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 02:26 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-11 02:23 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-11 02:23 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-11 02:23 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-11 02:23 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-11 02:22 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-11 02:22 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-11 02:22 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-11 02:22 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-11 02:22 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-11 02:20 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-11 02:20 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-09 14:55 - 2014-09-09 14:55 - 00003172 _____ () C:\Windows\System32\Tasks\{EA700A6E-4619-4175-87F5-4DD8516627A9}
2014-09-08 23:31 - 2014-09-11 10:35 - 17328816 _____ (Adobe Systems Incorporated) C:\Users\Ruda\Downloads\install_flash_player_ax.exe
2014-09-08 16:07 - 2014-09-08 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP
2014-09-08 10:06 - 2014-09-08 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft ICE
2014-09-08 10:06 - 2014-09-08 20:34 - 00000000 ____D () C:\Program Files\Microsoft Research
2014-09-08 00:28 - 2014-09-08 00:28 - 00005881 _____ () C:\Users\Ruda\AppData\Local\recently-used.xbel
2014-09-06 21:33 - 2014-09-06 21:34 - 00000000 ____D () C:\Users\Ruda\Documents\protokoly
2014-09-06 13:18 - 2014-09-28 15:51 - 00001791 _____ () C:\Users\Public\Desktop\Q-Dir.lnk
2014-09-06 13:18 - 2014-09-06 13:18 - 00001797 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Q-Dir.lnk
2014-09-06 13:18 - 2014-09-06 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Q-Dir
2014-09-06 13:18 - 2014-09-06 13:18 - 00000000 ____D () C:\Program Files (x86)\Q-Dir
2014-09-06 13:18 - 2014-08-14 09:17 - 00756736 ____N (Nenad Hrg (SoftwareOK.com)) C:\Users\Ruda\Downloads\Q-Dir_Installer.exe
2014-09-06 11:38 - 2014-09-06 11:38 - 01370467 _____ () C:\Users\Ruda\Downloads\AdwCleaner.exe
2014-09-06 10:09 - 2014-09-06 10:09 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\FlashGetBHO
2014-09-05 10:41 - 2014-09-05 10:41 - 00000000 ____D () C:\ProgramData\PicPick
2014-09-04 16:31 - 2014-09-04 16:31 - 00001041 _____ () C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-09-04 16:31 - 2014-09-04 16:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2014-09-04 16:31 - 2014-09-04 16:31 - 00000000 ____D () C:\Program Files (x86)\PDF24
2014-09-04 16:30 - 2014-09-04 16:30 - 16319576 _____ (Geek Software GmbH ) C:\Users\Ruda\Downloads\pdf24-creator.exe
2014-09-04 14:33 - 2014-09-04 14:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-09-01 23:03 - 2000-01-01 02:00 - 00795632 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2014-09-01 23:03 - 2000-01-01 02:00 - 00358896 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
2014-09-01 23:03 - 2000-01-01 02:00 - 00020464 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys
2014-09-01 17:37 - 2014-09-28 15:24 - 00000000 ____D () C:\Users\Ruda\TapinRadio
2014-09-01 17:37 - 2014-09-01 17:37 - 00000000 ____D () C:\Program Files (x86)\TapinRadio
2014-08-31 17:00 - 2014-08-31 17:12 - 00000000 ____D () C:\Program Files (x86)\WinThruster
2014-08-30 12:24 - 2014-08-28 16:51 - 00110776 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-29 19:57 - 2013-10-09 23:39 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2014-09-29 19:54 - 2013-03-18 17:14 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B9C26119-2806-4546-B247-5A5B1261D67E}
2014-09-29 19:52 - 2013-11-03 14:54 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-29 19:43 - 2014-06-12 10:23 - 00000958 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002UA.job
2014-09-29 19:26 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-29 19:26 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-29 19:24 - 2013-11-26 20:54 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-29 19:23 - 2013-05-29 01:14 - 01756352 _____ () C:\Windows\WindowsUpdate.log
2014-09-29 19:21 - 2013-07-15 20:59 - 00000000 ____D () C:\Users\Ruda\AppData\Local\LogMeIn Hamachi
2014-09-29 19:20 - 2013-11-26 20:54 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-29 19:20 - 2013-03-07 03:52 - 00000467 _____ () C:\Users\Ruda\AppData\Roaming\sp_data.sys
2014-09-29 19:18 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-29 19:15 - 2014-07-03 22:04 - 00000000 ___DC () C:\AdwCleaner
2014-09-29 17:08 - 2014-02-26 00:03 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002UA.job
2014-09-29 09:33 - 2014-06-12 10:23 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002Core.job
2014-09-28 23:08 - 2014-02-26 00:03 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002Core.job
2014-09-28 23:05 - 2013-11-23 01:33 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\vlc
2014-09-28 23:02 - 2013-10-02 18:41 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\uTorrent
2014-09-28 21:37 - 2013-08-23 17:09 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Skype
2014-09-28 18:42 - 2013-04-05 00:33 - 00040448 _____ () C:\Users\Ruda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-28 18:34 - 2013-04-07 17:45 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\PhotoScape
2014-09-28 18:34 - 2013-03-07 11:49 - 00000000 ____D () C:\Users\Ruda\AppData\Local\CrashDumps
2014-09-28 17:28 - 2013-03-07 03:52 - 00000000 ____D () C:\Users\Ruda\Documents\Bluetooth Folder
2014-09-28 16:37 - 2014-04-22 09:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2014-09-28 16:37 - 2014-04-22 09:49 - 00000000 ____D () C:\Program Files (x86)\Ashampoo
2014-09-28 16:10 - 2014-05-11 22:34 - 00001279 _____ () C:\Users\Public\Desktop\Ashampoo Burning Studio 6 FREE.lnk
2014-09-28 16:10 - 2013-12-29 20:08 - 00001028 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-28 16:08 - 2014-06-13 11:59 - 00000958 _____ () C:\Users\Public\Desktop\ProgTV.lnk
2014-09-28 16:01 - 2013-05-31 10:15 - 00000000 ____D () C:\Program Files\Recuva
2014-09-28 15:59 - 2014-07-23 00:45 - 00001202 _____ () C:\Users\Public\Desktop\paint.net.lnk
2014-09-28 15:59 - 2013-11-14 12:56 - 00001067 _____ () C:\Users\Public\Desktop\FastStone Image Viewer.lnk
2014-09-28 15:58 - 2013-12-24 01:50 - 00001068 _____ () C:\Users\Public\Desktop\Picasa 3.lnk
2014-09-28 15:57 - 2014-06-30 11:56 - 00001043 _____ () C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk
2014-09-28 15:57 - 2014-01-10 03:45 - 00001118 _____ () C:\Users\Public\Desktop\Comodo Dragon.lnk
2014-09-28 15:56 - 2014-02-24 21:49 - 00001117 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-28 15:55 - 2014-08-16 15:30 - 00001148 _____ () C:\Users\Public\Desktop\aTube Catcher.lnk
2014-09-28 15:55 - 2013-03-09 16:31 - 00000977 _____ () C:\Users\Public\Desktop\Evidence LSoft.lnk
2014-09-28 15:53 - 2014-05-21 13:46 - 00001024 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2014-09-28 15:52 - 2013-10-28 20:06 - 00001349 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-09-28 15:52 - 2012-02-24 13:54 - 00001196 _____ () C:\Users\Public\Desktop\ASUS WebStorage.lnk
2014-09-28 15:50 - 2014-07-03 22:45 - 00000905 _____ () C:\Users\Public\Desktop\µTorrent.lnk
2014-09-28 15:50 - 2014-06-14 02:25 - 00001879 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-09-28 15:48 - 2014-05-05 01:52 - 00001048 _____ () C:\Users\Public\Desktop\System Explorer.lnk
2014-09-28 15:48 - 2013-11-16 02:04 - 00000951 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-09-28 15:48 - 2013-05-31 10:15 - 00001813 _____ () C:\Users\Public\Desktop\Recuva.lnk
2014-09-28 15:47 - 2014-06-13 11:59 - 00000980 _____ () C:\Users\Public\Desktop\ProgDVB 7.lnk
2014-09-28 15:28 - 2013-03-07 03:48 - 00000000 ____D () C:\Users\Ruda
2014-09-28 15:27 - 2009-07-14 06:45 - 04923696 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-28 15:26 - 2014-01-05 16:51 - 00000000 ____D () C:\Users\Guest
2014-09-28 15:26 - 2013-12-07 19:51 - 00000000 ____D () C:\Users\Classic .NET AppPool
2014-09-28 15:26 - 2013-07-28 11:32 - 00000000 ____D () C:\Users\DefaultAppPool
2014-09-28 15:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-28 15:25 - 2014-08-14 18:46 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-09-28 15:25 - 2014-05-09 16:49 - 00000000 ____D () C:\Users\Ruda\AppData\Local\Akamai
2014-09-28 15:25 - 2014-05-05 01:52 - 00000000 ____D () C:\ProgramData\SystemExplorer
2014-09-28 15:25 - 2014-01-05 16:53 - 00000000 ____D () C:\Users\Guest\AppData\Local\LogMeIn Hamachi
2014-09-28 15:25 - 2013-12-02 12:38 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-28 15:25 - 2013-11-30 01:32 - 00000000 ____D () C:\Program Files (x86)\LastPass
2014-09-28 15:25 - 2013-10-09 23:40 - 00000000 ____D () C:\Windows\System32\Tasks\COMODO
2014-09-28 15:25 - 2013-07-04 16:39 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\IrfanView
2014-09-28 15:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-09-28 15:22 - 2013-03-10 13:40 - 00000000 __RHD () C:\MSOCache
2014-09-28 15:09 - 2014-01-05 16:53 - 00084680 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-28 14:38 - 2013-03-07 04:44 - 00000000 ____D () C:\Users\Ruda\AppData\Local\Windows Live
2014-09-27 00:17 - 2013-03-14 00:20 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\dvdcss
2014-09-26 11:35 - 2013-12-02 12:38 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-26 11:00 - 2013-11-14 12:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer
2014-09-26 11:00 - 2013-11-14 12:56 - 00000000 ____D () C:\Program Files (x86)\FastStone Image Viewer
2014-09-25 20:40 - 2014-04-23 10:50 - 00000000 ____D () C:\Users\Ruda\AppData\Local\Gadwin
2014-09-25 15:54 - 2014-02-13 12:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-24 22:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-23 23:46 - 2014-06-19 15:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recepty doma
2014-09-23 23:46 - 2014-06-19 15:40 - 00000000 ____D () C:\Program Files (x86)\Recepty doma
2014-09-23 20:53 - 2013-11-03 14:54 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 20:52 - 2013-11-03 14:54 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-23 20:52 - 2013-11-03 14:54 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-23 09:39 - 2014-03-25 02:22 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-21 00:26 - 2014-01-15 22:31 - 00003136 _____ () C:\Windows\System32\Tasks\{F631C605-FF2F-4804-AA14-842D626AB4D0}
2014-09-19 12:32 - 2014-01-06 03:52 - 00000000 ____D () C:\Users\Ruda\.gimp-2.8
2014-09-18 20:02 - 2013-12-10 16:23 - 00000000 ____D () C:\ProgramData\ProgDVB
2014-09-18 10:28 - 2014-02-24 12:28 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-18 10:28 - 2013-08-23 16:45 - 00000000 ____D () C:\ProgramData\Skype
2014-09-18 00:26 - 2012-02-24 13:40 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-18 00:20 - 2014-01-23 15:20 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-17 11:59 - 2014-05-05 01:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer
2014-09-17 11:59 - 2014-04-21 14:00 - 00000000 ____D () C:\Program Files (x86)\System Explorer
2014-09-16 23:38 - 2011-02-19 07:36 - 00735924 _____ () C:\Windows\system32\perfh005.dat
2014-09-16 23:38 - 2011-02-19 07:36 - 00170710 _____ () C:\Windows\system32\perfc005.dat
2014-09-16 23:38 - 2009-07-14 07:13 - 01774156 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-16 00:54 - 2014-07-13 20:01 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-09-15 21:12 - 2014-06-03 09:57 - 00011880 _____ () C:\ProgramData\LSDmbTH.log
2014-09-15 21:12 - 2014-06-03 09:57 - 00011866 _____ () C:\ProgramData\LmeUSB.log
2014-09-15 20:28 - 2014-06-03 09:49 - 00000000 ____D () C:\ProgramData\BlazeVideo
2014-09-15 20:06 - 2014-06-03 23:25 - 00073728 _____ (ITE) C:\Windows\SysWOW64\AF15BDAEX.dll
2014-09-15 20:06 - 2014-06-03 23:25 - 00073728 _____ (ITE) C:\Windows\system32\AF15BDAEX.dll
2014-09-15 00:09 - 2014-01-07 21:47 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\BitTorrent
2014-09-15 00:09 - 2013-12-12 12:54 - 00000000 ____D () C:\ProgramData\tmp
2014-09-15 00:09 - 2013-08-23 11:42 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Maxthon3
2014-09-15 00:09 - 2013-03-09 02:08 - 00000000 ___RD () C:\ASUS I
2014-09-15 00:08 - 2013-11-22 19:20 - 00000000 ____D () C:\Users\Ruda\Documents\prilohy_21879
2014-09-15 00:08 - 2013-06-30 18:55 - 00000000 ____D () C:\Users\Ruda\Documents\Photos
2014-09-15 00:08 - 2013-06-20 11:23 - 00000000 ____D () C:\Users\Ruda\Documents\Mozilla Firefox
2014-09-15 00:08 - 2013-06-17 15:39 - 00000000 ____D () C:\Users\Ruda\dwhelper
2014-09-15 00:08 - 2013-03-14 01:57 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Seznam.cz
2014-09-13 02:58 - 2013-10-10 00:52 - 02537132 _____ () C:\Windows\system32\Drivers\fvstore.dat
2014-09-12 23:48 - 2013-04-18 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-09-12 23:48 - 2012-02-24 13:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-09-12 11:33 - 2014-05-30 23:00 - 00000000 ____D () C:\Users\Ruda\Documents\Čištění-protokoly
2014-09-11 10:28 - 2013-03-07 04:23 - 00000000 ____D () C:\Users\Ruda\AppData\Local\Adobe
2014-09-11 02:43 - 2012-02-24 13:39 - 01749806 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 02:40 - 2013-07-10 14:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 02:28 - 2013-03-07 10:48 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-11 02:25 - 2014-04-28 22:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-09 19:17 - 2013-09-03 10:22 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Q-Dir
2014-09-08 20:36 - 2014-06-21 15:47 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-09-08 00:28 - 2014-01-06 03:55 - 00000000 ____D () C:\Users\Ruda\AppData\Local\gtk-2.0
2014-09-06 21:59 - 2013-03-09 16:31 - 00000000 ____D () C:\Users\Ruda\Documents\Evidence LSoft
2014-09-06 13:18 - 2013-09-03 10:22 - 00051562 _____ () C:\Windows\Q-Dir.ini
2014-09-06 10:14 - 2014-01-04 18:16 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\BITS
2014-09-06 10:09 - 2014-01-04 18:16 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\FlashgetSetup
2014-09-04 19:31 - 2013-12-02 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-04 14:33 - 2013-07-15 20:57 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-09-01 22:58 - 2014-05-08 23:08 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-08-31 12:54 - 2013-03-07 03:52 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Atheros
Some content of TEMP:
====================
C:\Users\Ruda\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-26 16:03
==================== End Of Log ============================
- Přílohy
-
- Addition2.zip
- (15.51 KiB) Staženo 106 x
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím pěkně o kontrolu logu
Otevřte poznámkový blok a zkopírujte do něj:
Dále stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
C:\Users\Ruda\AppData\Local\Akamai
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-841361005-909514878-2309378359-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Ruda\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
SearchScopes: HKLM-x32 - SuggestionsURL_JSON http://api.widdit.com/suggestions/?form ... 1&command={searchTerms}
SearchScopes: HKLM-x32 - TopResultURLFallback http://search.certified-toolbar.com?si= ... D049FA9&q={searchTerms}
SearchScopes: HKCU - 71BD073478A94B0FA4DA1114F6676BEC URL = http://search.certified-toolbar.com?si= ... D049FA9&q={searchTerms}
SearchScopes: HKCU - {45A4A77E-0CE3-4426-AE53-A7EF90CB4628} URL = http://www.gsrch.com/#q={searchTerms}
BHO-x32: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File
BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - No Name - {61539ecd-cc67-4437-a03c-9aaccbd14326} - No File
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Program Files (x86)\TVUPlayer\npTVUAx.dll No File
C:\Program Files (x86)\TVUPlayer
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Ruda\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Extension: (Facebook) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2014-03-29]
CHR Extension: (No Name) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba [2014-08-27]
CHR Extension: (Facebook for Chrome) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2014-03-29]
CHR Extension: (Facebook Email Signature - By WiseStamp) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mddbjkchhjpknjmkmkifidnpdnecmbjn [2014-03-29]
CHR HKLM-x32\...\Chrome\Extension: [ohjkicjidmohhfcjjlahfppkdblibkkb] - C:\Program Files (x86)\Youdao\ShoppingAssistant\other\youdaogouwu-2.9.crx [2013-09-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
U3 DfSdkS; No ImagePath
U0 Partizan; system32\drivers\Partizan.sys [X]
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002UA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002Core.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002Core.job
C:\Users\Ruda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Ruda\AppData\Local\Temp
Task: {F4065802-CBBF-48B6-84D1-95BA792A5A81} - \Driver Booster SkipUAC (Ruda) No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:373C6DC2
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:77846FFE
AlternateDataStreams: C:\ProgramData\Temp:798A3728
AlternateDataStreams: C:\ProgramData\Temp:D20FFA63
AlternateDataStreams: C:\ProgramData\Temp:D5AD7675
AlternateDataStreams: C:\ProgramData\Temp:FAB80532
AlternateDataStreams: C:\ProgramData\Temp:FEF919E6
End
Dále stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC.:commands
[Purity]
[Emptytemp]
[Emptyflash]
[Resethost]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím pěkně o kontrolu logu
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-09-2014 02
Ran by Ruda at 2014-09-29 21:25:21 Run:1
Running from C:\PerfLogs\Desktop
Loaded Profile: Ruda (Available profiles: Ruda & Guest)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
C:\Users\Ruda\AppData\Local\Akamai
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-841361005-909514878-2309378359-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Ruda\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
SearchScopes: HKLM-x32 - SuggestionsURL_JSON http://api.widdit.com/suggestions/?form ... 1&command={searchTerms}
SearchScopes: HKLM-x32 - TopResultURLFallback http://search.certified-toolbar.com?si= ... D049FA9&q={searchTerms}
SearchScopes: HKCU - 71BD073478A94B0FA4DA1114F6676BEC URL = http://search.certified-toolbar.com?si= ... D049FA9&q={searchTerms}
SearchScopes: HKCU - {45A4A77E-0CE3-4426-AE53-A7EF90CB4628} URL = http://www.gsrch.com/#q={searchTerms}
BHO-x32: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File
BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - No Name - {61539ecd-cc67-4437-a03c-9aaccbd14326} - No File
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Program Files (x86)\TVUPlayer\npTVUAx.dll No File
C:\Program Files (x86)\TVUPlayer
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Ruda\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Extension: (Facebook) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2014-03-29]
CHR Extension: (No Name) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba [2014-08-27]
CHR Extension: (Facebook for Chrome) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2014-03-29]
CHR Extension: (Facebook Email Signature - By WiseStamp) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mddbjkchhjpknjmkmkifidnpdnecmbjn [2014-03-29]
CHR HKLM-x32\...\Chrome\Extension: [ohjkicjidmohhfcjjlahfppkdblibkkb] - C:\Program Files (x86)\Youdao\ShoppingAssistant\other\youdaogouwu-2.9.crx [2013-09-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
U3 DfSdkS; No ImagePath
U0 Partizan; system32\drivers\Partizan.sys [X]
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002UA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002Core.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002Core.job
C:\Users\Ruda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Ruda\AppData\Local\Temp
Task: {F4065802-CBBF-48B6-84D1-95BA792A5A81} - \Driver Booster SkipUAC (Ruda) No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:373C6DC2
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:77846FFE
AlternateDataStreams: C:\ProgramData\Temp:798A3728
AlternateDataStreams: C:\ProgramData\Temp:D20FFA63
AlternateDataStreams: C:\ProgramData\Temp:D5AD7675
AlternateDataStreams: C:\ProgramData\Temp:FAB80532
AlternateDataStreams: C:\ProgramData\Temp:FEF919E6
End
*****************
"C:\Users\Ruda\AppData\Local\Akamai" directory move:
C:\Users\Ruda\AppData\Local\Akamai\admintool.exe => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\client.ini => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\ControlPanel.exe => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\control_panel.txt => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\CplTasks.xml => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\euc_state.json => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\extraroot.pem => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\guid.ini => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\installer.txt => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\netsession_win.exe => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\readme.txt => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\root.pem => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\rswinui.exe => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\uninstall.exe => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\user.dat => Moved successfully.
Could not move "C:\Users\Ruda\AppData\Local\Akamai\Logs\daemon.debug.log" => Scheduled to move on reboot.
C:\Users\Ruda\AppData\Local\Akamai\Logs\daemon.debug.log.140924_205546.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\daemon.debug.log.140924_205921.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\daemon.debug.log.140925_131603.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\daemon.debug.log.140925_135651.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\daemon.debug.log.140927_233007.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\daemon.debug.log.140927_233616.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\daemon.debug.log.140928_000200.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\daemon.debug.log.140928_015458.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\daemon.debug.log.140928_133027.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\daemon.debug.log.140929_172036.sent => Moved successfully.
Could not move "C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log" => Scheduled to move on reboot.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140922_203446.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140922_213446.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_073354.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_083355.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_093356.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_103357.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_113357.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_123358.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_133358.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_143358.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_153359.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_163359.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_173400.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_183400.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_193401.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_203401.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_213402.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_223402.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_071229.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_081230.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_091231.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_101231.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_111232.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_121233.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_131233.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_141234.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_151234.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_161235.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_171236.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_181236.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_191236.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_201237.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_205544.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_210222.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_220223.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_230223.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_070110.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_080111.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_104323.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_114320.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_124320.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_131602.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_135716.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_145717.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_155717.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_165718.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_175719.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_185719.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_195720.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_205720.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_215720.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_225721.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_080637.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_090637.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_100638.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_110639.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_120639.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_130639.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_140640.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_150640.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_160640.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_170641.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_180642.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_190642.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_200643.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_210644.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_220644.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_230645.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_080030.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_090030.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_100031.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_110031.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_120032.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_130032.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_140032.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_150033.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_160034.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_170035.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_180036.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_190036.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_200036.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_210037.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_220037.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_230038.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_233005.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_233646.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140928_000207.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140928_010208.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140928_015457.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140928_133041.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140928_143042.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140928_153042.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140928_163042.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140928_173043.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140928_183044.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140928_193044.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140928_203044.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140928_213045.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140929_072029.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140929_082030.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140929_092031.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140929_102031.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140929_112031.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140929_122031.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140929_132031.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140929_142032.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140929_152032.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140929_162032.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140929_172105.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140929_182105.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140929_192105.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\chs.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\cht.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\csy.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\dan.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\deu.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\esp.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\fin.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\fra.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\ita.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\jpn.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\kor.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\nld.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\nor.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\plk.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\ptb.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\ptg.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\rus.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\sve.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\trk.dll => Moved successfully.
Could not move "C:\Users\Ruda\AppData\Local\Akamai" directory. => Scheduled to move on reboot.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-841361005-909514878-2309378359-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\SuggestionsURL_JSON http://api.widdit.com/suggestions/?form ... => Value not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\TopResultURLFallback http://search.certified-toolbar.com?si= ... => Value not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\71BD073478A94B0FA4DA1114F6676BEC" => Key deleted successfully.
"HKCR\CLSID\71BD073478A94B0FA4DA1114F6676BEC" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{45A4A77E-0CE3-4426-AE53-A7EF90CB4628}" => Key deleted successfully.
"HKCR\CLSID\{45A4A77E-0CE3-4426-AE53-A7EF90CB4628}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} => value deleted successfully.
"HKCR\CLSID\{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{61539ecd-cc67-4437-a03c-9aaccbd14326} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{61539ecd-cc67-4437-a03c-9aaccbd14326}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key Deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pages.tvunetworks.com/WebPlayer" => Key deleted successfully.
"C:\Program Files (x86)\TVUPlayer" => File/Directory not found.
"HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin" => Key deleted successfully.
C:\Users\Ruda\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll not found.
C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm => Moved successfully.
C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba => Moved successfully.
C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp => Moved successfully.
C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mddbjkchhjpknjmkmkifidnpdnecmbjn => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ohjkicjidmohhfcjjlahfppkdblibkkb" => Key deleted successfully.
"C:\Program Files (x86)\Youdao\ShoppingAssistant\other\youdaogouwu-2.9.crx" => File/Directory not found.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
DfSdkS => Service deleted successfully.
Partizan => Service deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002Core.job => Moved successfully.
C:\Users\Ruda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => Moved successfully.
"C:\Users\Ruda\AppData\Local\Temp" directory move:
C:\Users\Ruda\AppData\Local\Temp\.challenge_plain => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\AdobeARM.log => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\chrome_installer.log => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\Donate.ico => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\EULA.txt => Moved successfully.
Could not move "C:\Users\Ruda\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Ruda\AppData\Local\Temp\JavaDeployReg.log => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\jusched.log => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\MyHeritage_Updates.ini => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\qtsingleapp-EAABFC-151a-1-lockfile => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\Report.ico => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\Scan.ico => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\Uninstall.ico => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\~3BB4.tmp => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\~525F.tmp => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\~8FBC.tmp => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\~B49A.tmp => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\~C7EB.tmp => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\~D6F9.tmp => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\MaxthonCrashData\CRASH_INFO => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\Maxthon3Cache\Temp\Webkit\Cache\data_0 => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\Maxthon3Cache\Temp\Webkit\Cache\data_1 => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\Maxthon3Cache\Temp\Webkit\Cache\data_2 => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\Maxthon3Cache\Temp\Webkit\Cache\data_3 => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\Maxthon3Cache\Temp\Webkit\Cache\index => Moved successfully.
Could not move "C:\Users\Ruda\AppData\Local\Temp" directory. => Scheduled to move on reboot.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F4065802-CBBF-48B6-84D1-95BA792A5A81}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4065802-CBBF-48B6-84D1-95BA792A5A81}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Ruda)" => Key deleted successfully.
C:\ProgramData\Temp => ":373C6DC2" ADS removed successfully.
C:\ProgramData\Temp => ":56E2E879" ADS removed successfully.
C:\ProgramData\Temp => ":77846FFE" ADS removed successfully.
C:\ProgramData\Temp => ":798A3728" ADS removed successfully.
C:\ProgramData\Temp => ":D20FFA63" ADS removed successfully.
C:\ProgramData\Temp => ":D5AD7675" ADS removed successfully.
C:\ProgramData\Temp => ":FAB80532" ADS removed successfully.
C:\ProgramData\Temp => ":FEF919E6" ADS removed successfully.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-09-29 21:29:17)<=
C:\Users\Ruda\AppData\Local\Akamai\Logs\daemon.debug.log => Is moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log => Is moved successfully.
C:\Users\Ruda\AppData\Local\Akamai => Is moved successfully.
C:\Users\Ruda\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
"C:\Users\Ruda\AppData\Local\Temp" => Directory could not move.
==== End of Fixlog ====
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Classic .NET AppPool
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57311 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: DefaultAppPool
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Guest
->Temp folder emptied: 86964 bytes
->Temporary Internet Files folder emptied: 128 bytes
->FireFox cache emptied: 4824123 bytes
->Google Chrome cache emptied: 6523546 bytes
->Flash cache emptied: 57472 bytes
User: Public
User: Ruda
->Temp folder emptied: 1050 bytes
->Temporary Internet Files folder emptied: 97581 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 2678159 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 58178 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1716043 bytes
%systemroot%\System32 .tmp files removed: 4082008 bytes
%systemroot%\System32 (64bit) .tmp files removed: 4578392 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 188169 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 1560775 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 69205 bytes
RecycleBin emptied: 908765599 bytes
Total Files Cleaned = 892,00 mb
[EMPTYFLASH]
User: All Users
User: Classic .NET AppPool
->Flash cache emptied: 0 bytes
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: DefaultAppPool
User: Guest
->Flash cache emptied: 0 bytes
User: Public
User: Ruda
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 09292014_213649
Files moved on Reboot...
C:\Users\Ruda\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Ruda\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File C:\Windows\temp\officeclicktorun.exe_c2ruidll(2014092921280592C).log not found!
File C:\Windows\temp\officeclicktorun.exe_streamserver(2014092921280592C).log not found!
C:\Windows\temp\RUDA-PC-20140929-2128.log moved successfully.
File move failed. C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Ran by Ruda at 2014-09-29 21:25:21 Run:1
Running from C:\PerfLogs\Desktop
Loaded Profile: Ruda (Available profiles: Ruda & Guest)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
C:\Users\Ruda\AppData\Local\Akamai
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-841361005-909514878-2309378359-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Ruda\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
SearchScopes: HKLM-x32 - SuggestionsURL_JSON http://api.widdit.com/suggestions/?form ... 1&command={searchTerms}
SearchScopes: HKLM-x32 - TopResultURLFallback http://search.certified-toolbar.com?si= ... D049FA9&q={searchTerms}
SearchScopes: HKCU - 71BD073478A94B0FA4DA1114F6676BEC URL = http://search.certified-toolbar.com?si= ... D049FA9&q={searchTerms}
SearchScopes: HKCU - {45A4A77E-0CE3-4426-AE53-A7EF90CB4628} URL = http://www.gsrch.com/#q={searchTerms}
BHO-x32: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File
BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - No Name - {61539ecd-cc67-4437-a03c-9aaccbd14326} - No File
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Program Files (x86)\TVUPlayer\npTVUAx.dll No File
C:\Program Files (x86)\TVUPlayer
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Ruda\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Extension: (Facebook) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2014-03-29]
CHR Extension: (No Name) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba [2014-08-27]
CHR Extension: (Facebook for Chrome) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2014-03-29]
CHR Extension: (Facebook Email Signature - By WiseStamp) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mddbjkchhjpknjmkmkifidnpdnecmbjn [2014-03-29]
CHR HKLM-x32\...\Chrome\Extension: [ohjkicjidmohhfcjjlahfppkdblibkkb] - C:\Program Files (x86)\Youdao\ShoppingAssistant\other\youdaogouwu-2.9.crx [2013-09-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
U3 DfSdkS; No ImagePath
U0 Partizan; system32\drivers\Partizan.sys [X]
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002UA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002Core.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002Core.job
C:\Users\Ruda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Ruda\AppData\Local\Temp
Task: {F4065802-CBBF-48B6-84D1-95BA792A5A81} - \Driver Booster SkipUAC (Ruda) No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:373C6DC2
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:77846FFE
AlternateDataStreams: C:\ProgramData\Temp:798A3728
AlternateDataStreams: C:\ProgramData\Temp:D20FFA63
AlternateDataStreams: C:\ProgramData\Temp:D5AD7675
AlternateDataStreams: C:\ProgramData\Temp:FAB80532
AlternateDataStreams: C:\ProgramData\Temp:FEF919E6
End
*****************
"C:\Users\Ruda\AppData\Local\Akamai" directory move:
C:\Users\Ruda\AppData\Local\Akamai\admintool.exe => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\client.ini => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\ControlPanel.exe => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\control_panel.txt => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\CplTasks.xml => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\euc_state.json => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\extraroot.pem => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\guid.ini => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\installer.txt => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\netsession_win.exe => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\readme.txt => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\root.pem => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\rswinui.exe => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\uninstall.exe => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\user.dat => Moved successfully.
Could not move "C:\Users\Ruda\AppData\Local\Akamai\Logs\daemon.debug.log" => Scheduled to move on reboot.
C:\Users\Ruda\AppData\Local\Akamai\Logs\daemon.debug.log.140924_205546.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\daemon.debug.log.140924_205921.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\daemon.debug.log.140925_131603.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\daemon.debug.log.140925_135651.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\daemon.debug.log.140927_233007.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\daemon.debug.log.140927_233616.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\daemon.debug.log.140928_000200.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\daemon.debug.log.140928_015458.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\daemon.debug.log.140928_133027.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\daemon.debug.log.140929_172036.sent => Moved successfully.
Could not move "C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log" => Scheduled to move on reboot.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140922_203446.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140922_213446.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_073354.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_083355.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_093356.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_103357.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_113357.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_123358.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_133358.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_143358.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_153359.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_163359.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_173400.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_183400.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_193401.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_203401.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_213402.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140923_223402.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_071229.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_081230.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_091231.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_101231.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_111232.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_121233.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_131233.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_141234.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_151234.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_161235.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_171236.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_181236.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_191236.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_201237.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_205544.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_210222.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_220223.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140924_230223.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_070110.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_080111.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_104323.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_114320.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_124320.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_131602.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_135716.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_145717.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_155717.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_165718.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_175719.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_185719.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_195720.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_205720.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_215720.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140925_225721.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_080637.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_090637.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_100638.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_110639.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_120639.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_130639.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_140640.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_150640.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_160640.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_170641.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_180642.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_190642.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_200643.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_210644.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_220644.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140926_230645.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_080030.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_090030.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_100031.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_110031.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_120032.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_130032.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_140032.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_150033.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_160034.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_170035.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_180036.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_190036.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_200036.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_210037.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_220037.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_230038.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_233005.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140927_233646.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140928_000207.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140928_010208.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140928_015457.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140928_133041.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140928_143042.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140928_153042.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140928_163042.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140928_173043.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140928_183044.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140928_193044.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140928_203044.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140928_213045.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140929_072029.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140929_082030.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140929_092031.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140929_102031.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140929_112031.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140929_122031.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140929_132031.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140929_142032.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140929_152032.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140929_162032.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140929_172105.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140929_182105.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log.140929_192105.sent => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\chs.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\cht.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\csy.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\dan.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\deu.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\esp.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\fin.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\fra.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\ita.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\jpn.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\kor.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\nld.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\nor.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\plk.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\ptb.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\ptg.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\rus.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\sve.dll => Moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Languages\trk.dll => Moved successfully.
Could not move "C:\Users\Ruda\AppData\Local\Akamai" directory. => Scheduled to move on reboot.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-841361005-909514878-2309378359-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\SuggestionsURL_JSON http://api.widdit.com/suggestions/?form ... => Value not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\TopResultURLFallback http://search.certified-toolbar.com?si= ... => Value not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\71BD073478A94B0FA4DA1114F6676BEC" => Key deleted successfully.
"HKCR\CLSID\71BD073478A94B0FA4DA1114F6676BEC" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{45A4A77E-0CE3-4426-AE53-A7EF90CB4628}" => Key deleted successfully.
"HKCR\CLSID\{45A4A77E-0CE3-4426-AE53-A7EF90CB4628}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} => value deleted successfully.
"HKCR\CLSID\{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{61539ecd-cc67-4437-a03c-9aaccbd14326} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{61539ecd-cc67-4437-a03c-9aaccbd14326}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key Deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pages.tvunetworks.com/WebPlayer" => Key deleted successfully.
"C:\Program Files (x86)\TVUPlayer" => File/Directory not found.
"HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin" => Key deleted successfully.
C:\Users\Ruda\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll not found.
C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm => Moved successfully.
C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba => Moved successfully.
C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp => Moved successfully.
C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mddbjkchhjpknjmkmkifidnpdnecmbjn => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ohjkicjidmohhfcjjlahfppkdblibkkb" => Key deleted successfully.
"C:\Program Files (x86)\Youdao\ShoppingAssistant\other\youdaogouwu-2.9.crx" => File/Directory not found.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
DfSdkS => Service deleted successfully.
Partizan => Service deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002Core.job => Moved successfully.
C:\Users\Ruda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => Moved successfully.
"C:\Users\Ruda\AppData\Local\Temp" directory move:
C:\Users\Ruda\AppData\Local\Temp\.challenge_plain => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\AdobeARM.log => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\chrome_installer.log => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\Donate.ico => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\EULA.txt => Moved successfully.
Could not move "C:\Users\Ruda\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Ruda\AppData\Local\Temp\JavaDeployReg.log => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\jusched.log => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\MyHeritage_Updates.ini => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\qtsingleapp-EAABFC-151a-1-lockfile => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\Report.ico => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\Scan.ico => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\Uninstall.ico => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\~3BB4.tmp => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\~525F.tmp => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\~8FBC.tmp => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\~B49A.tmp => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\~C7EB.tmp => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\~D6F9.tmp => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\MaxthonCrashData\CRASH_INFO => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\Maxthon3Cache\Temp\Webkit\Cache\data_0 => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\Maxthon3Cache\Temp\Webkit\Cache\data_1 => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\Maxthon3Cache\Temp\Webkit\Cache\data_2 => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\Maxthon3Cache\Temp\Webkit\Cache\data_3 => Moved successfully.
C:\Users\Ruda\AppData\Local\Temp\Maxthon3Cache\Temp\Webkit\Cache\index => Moved successfully.
Could not move "C:\Users\Ruda\AppData\Local\Temp" directory. => Scheduled to move on reboot.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F4065802-CBBF-48B6-84D1-95BA792A5A81}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4065802-CBBF-48B6-84D1-95BA792A5A81}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Ruda)" => Key deleted successfully.
C:\ProgramData\Temp => ":373C6DC2" ADS removed successfully.
C:\ProgramData\Temp => ":56E2E879" ADS removed successfully.
C:\ProgramData\Temp => ":77846FFE" ADS removed successfully.
C:\ProgramData\Temp => ":798A3728" ADS removed successfully.
C:\ProgramData\Temp => ":D20FFA63" ADS removed successfully.
C:\ProgramData\Temp => ":D5AD7675" ADS removed successfully.
C:\ProgramData\Temp => ":FAB80532" ADS removed successfully.
C:\ProgramData\Temp => ":FEF919E6" ADS removed successfully.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-09-29 21:29:17)<=
C:\Users\Ruda\AppData\Local\Akamai\Logs\daemon.debug.log => Is moved successfully.
C:\Users\Ruda\AppData\Local\Akamai\Logs\debug.log => Is moved successfully.
C:\Users\Ruda\AppData\Local\Akamai => Is moved successfully.
C:\Users\Ruda\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
"C:\Users\Ruda\AppData\Local\Temp" => Directory could not move.
==== End of Fixlog ====
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Classic .NET AppPool
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57311 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: DefaultAppPool
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Guest
->Temp folder emptied: 86964 bytes
->Temporary Internet Files folder emptied: 128 bytes
->FireFox cache emptied: 4824123 bytes
->Google Chrome cache emptied: 6523546 bytes
->Flash cache emptied: 57472 bytes
User: Public
User: Ruda
->Temp folder emptied: 1050 bytes
->Temporary Internet Files folder emptied: 97581 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 2678159 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 58178 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1716043 bytes
%systemroot%\System32 .tmp files removed: 4082008 bytes
%systemroot%\System32 (64bit) .tmp files removed: 4578392 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 188169 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 1560775 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 69205 bytes
RecycleBin emptied: 908765599 bytes
Total Files Cleaned = 892,00 mb
[EMPTYFLASH]
User: All Users
User: Classic .NET AppPool
->Flash cache emptied: 0 bytes
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: DefaultAppPool
User: Guest
->Flash cache emptied: 0 bytes
User: Public
User: Ruda
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 09292014_213649
Files moved on Reboot...
C:\Users\Ruda\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Ruda\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File C:\Windows\temp\officeclicktorun.exe_c2ruidll(2014092921280592C).log not found!
File C:\Windows\temp\officeclicktorun.exe_streamserver(2014092921280592C).log not found!
C:\Windows\temp\RUDA-PC-20140929-2128.log moved successfully.
File move failed. C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
Registry entries deleted on Reboot...
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím pěkně o kontrolu logu
Vše smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím pěkně o kontrolu logu
Díky móóóc!
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím pěkně o kontrolu logu
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?