zasekana opera

Zpráva

cica18 · #1 Příspěvek od **cica18** » 28 říj 2014 16:30

prosim o kontrolu...diky

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-10-2014 01
Ran by Petr (administrator) on PETR-PC on 28-10-2014 16:23:01
Running from C:\Users\Petr\Desktop
Loaded Profile: Petr (Available profiles: Petr & Michal & Peta)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(GOOBZO) C:\Program Files\YouTube Accelerator\YouTubeAcceleratorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(Finkit d.o.o.) C:\Program Files\ManicTime\ManicTime.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
() C:\ProgramData\Boxtools\Toolbox.exe
() C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(GOOBZO) C:\Program Files\YouTube Accelerator\YouTubeAccelerator.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Opera Software) C:\Program Files\Opera\25.0.1614.63\opera.exe
() C:\Program Files\Opera\25.0.1614.63\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\25.0.1614.63\opera.exe
(Opera Software) C:\Program Files\Opera\25.0.1614.63\opera.exe
(Opera Software) C:\Program Files\Opera\25.0.1614.63\opera.exe
(Opera Software) C:\Program Files\Opera\25.0.1614.63\opera.exe
(Opera Software) C:\Program Files\Opera\25.0.1614.63\opera.exe
(Opera Software) C:\Program Files\Opera\25.0.1614.63\opera.exe
(Opera Software) C:\Program Files\Opera\25.0.1614.63\opera.exe
(Opera Software) C:\Program Files\Opera\25.0.1614.63\opera.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Opera Software) C:\Program Files\Opera\25.0.1614.63\opera.exe
(Opera Software) C:\Program Files\Opera\25.0.1614.63\opera.exe
(forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1681408 2009-09-21] (VIA)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM\...\Run: [Mobile Partner] => C:\Program Files\Hi Suite\Hi Suite.exe [518656 2013-04-14] ()
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [747264 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1679360 2012-02-28] (Wondershare)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [SPDriver] => C:\Program Files\ShopperPro\JSDriver\1.37.0.1384\jsdrv.exe [3224064 2014-10-25] ()
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-10-16] (AMD)
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Run: [ManicTime] => C:\Program Files\ManicTime\ManicTime.exe [250120 2014-04-02] (Finkit d.o.o.)
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Run: [MKLOL] => C:\Program Files\MKJogo\MKLOL\MK.exe [846536 2014-08-01] (MK)
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Run: [MK LOL] => C:\Program Files\MKJogo\MK IM\Bin\MKIM.exe [1092296 2014-10-14] ()
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Run: [Boxoft Tools] => C:\ProgramData\Boxtools\Boxofttoolbox.exe [514048 2010-12-15] ()
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Run: [SPDriver] => C:\Program Files\ShopperPro\JSDriver\1.37.0.1384\jsdrv.exe [3224064 2014-10-25] ()
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-10-26] (GOOBZO)
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk
ShortcutTarget: TornTvDownloader.lnk -> C:\Users\Petr\AppData\Roaming\TornTV.com\Torntv Downloader.exe (No File)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
GroupPolicyUsers\S-1-5-21-1941282194-1708415242-375424287-1020\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1941282194-1708415242-375424287-1019\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp ... 1_1C9FFC9D
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... 1_1C9FFC9D
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?typ ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... 1_1C9FFC9D
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp ... 1_1C9FFC9D
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?typ ... earchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc ... 1_1C9FFC9D
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Apps Hat -> {11111111-1111-1111-1111-110411851159} -> C:\Program Files\Apps Hat\Apps Hat-bho.dll (Nero)
BHO: Senses -> {11111111-1111-1111-1111-110611191115} -> C:\Program Files\Senses\Senses-bho.dll No File
BHO: No Name -> {11111111-1111-1111-1111-110611331111} -> No File
BHO: iWebar -> {11111111-1111-1111-1111-110611511123} -> C:\Program Files\iWebar\iWebar-bho.dll No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro.dll (Goobzo Ltd.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: No Name -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab
Winsock: Catalog9 01 C:\Program Files\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 02 C:\Program Files\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 03 C:\Program Files\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 04 C:\Program Files\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 05 C:\Program Files\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 06 C:\Program Files\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 07 C:\Program Files\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 08 C:\Program Files\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 09 C:\Program Files\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 10 C:\Program Files\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 11 C:\Program Files\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 12 C:\Program Files\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 13 C:\Program Files\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 14 C:\Program Files\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 15 C:\Program Files\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 16 C:\Program Files\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 17 C:\Program Files\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 18 C:\Program Files\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 19 C:\Program Files\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 20 C:\Program Files\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 21 C:\Program Files\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 22 C:\Program Files\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 23 C:\Program Files\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 24 C:\Program Files\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 49 C:\Program Files\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204
FF DefaultSearchEngine: webssearches
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @winzip.com/Winzip Courier -> C:\Program Files\WinZip Courier\npwzwmc.dll (WinZip Computing, S.L.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF user.js: detected! => C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\webssearches.xml
FF Extension: Apps Hat - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com [2014-10-26]
FF Extension: TheTorntv V10 - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [2014-08-31]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\ascsurfingprotection@iobit.com [2014-01-01]
FF Extension: Fast Start - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\faststartff@gmail.com [2014-08-31]
FF Extension: iWebar - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\ROUAILDE73397174@UXGZI17268980.com [2014-10-26]
FF Extension: Senses - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\warnerroberts@hotmail.com [2014-10-26]
FF Extension: Youtube Accelerator Helper - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-10-26]
FF Extension: Shopper-Pro - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-10-26]
FF Extension: Seznam lištička - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-10-27]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2014-02-17]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-02-17]
FF Extension: Adblock Plus - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-12]
FF HKLM\...\Firefox\Extensions: [{74c841e3-b59f-479e-8d7a-e26a942a87c8}] - C:\Program Files\WinZip Courier\FFExt
FF Extension: WinZip Courier - C:\Program Files\WinZip Courier\FFExt [2011-11-25]
FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\extensions\faststartff@gmail.com

Chrome:
=======
CHR HomePage: Default -> hxxp://istart.webssearches.com/?type=hp&ts=1409511149&from=ild&uid=395049983_1052451_1C9FFC9D
CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hp&ts=1409511149&from=ild&uid=395049983_1052451_1C9FFC9D"
CHR DefaultSearchKeyword: Default -> webssearches
CHR DefaultSearchURL: Default -> http://istart.webssearches.com/web/?typ ... earchTerms}
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bejeweled) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm [2014-01-22]
CHR Extension: (Angry Birds) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-01-22]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-18]
CHR Extension: (TV) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-01-22]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-22]
CHR Extension: (Adblock Plus) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-21]
CHR Extension: (VyhledÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ä‚â€žĂ„â€¦Ä‚â€žĂ„ÄľĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬Ä…Ä‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇĂ„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚Â¬Ă„â€šĂ˘â‚¬ĹľÄ‚â€žĂ˘â‚¬Â¦Ă„â€šĂ˘â‚¬Ä…Ä‚ËĂ˘â€šÂ¬Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬Ă„â€¦Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚ÂĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬Ä…Ä‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ä‚â€žĂ„â€¦Ä‚â€ąĂ˘â‚¬Ë‡Ä‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚Â¬Ä‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬Ă‚Â¦Ä‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ˘â‚¬ĹľÄ‚â€žĂ„ÄľĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ä‚â€žĂ„â€¦Ä‚â€ąĂ˘â‚¬Ë‡Ă„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ä‚â€žĂ˘â‚¬Â¦Ä‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬Ă„â€¦Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚ÂĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬Ä…Ä‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇĂ„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚Â¬Ă„â€šĂ˘â‚¬ĹľÄ‚â€žĂ˘â‚¬Â¦Ă„â€šĂ˘â‚¬Ä…Ä‚ËĂ˘â€šÂ¬Ă‹â€ˇĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚Â¬Ă„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ä‚â€šĂ‚Â¦Ă„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ä‚â€žĂ˘â‚¬Â¦Ä‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ă„â€šĂ˘â‚¬Ä…Ä‚ËĂ˘â€šÂ¬Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ä‚â€žĂ„â€¦Ä‚â€žĂ„ÄľĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬Ä…Ä‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„�CHR Extension: (Plants vs Zombies) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2014-01-22]
CHR Extension: (PenĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ä‚â€žĂ„â€¦Ä‚â€ąĂ˘â‚¬Ë‡Ă„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬Ä…Ä‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇĂ„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚Â¬Ă„â€šĂ˘â‚¬ĹľÄ‚â€žĂ˘â‚¬Â¦Ă„â€šĂ˘â‚¬ĹľÄ‚â€žĂ„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬Ă„â€¦Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚ÂĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬Ä…Ä‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ä‚â€žĂ„â€¦Ä‚â€ąĂ˘â‚¬Ë‡Ä‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚Â¬Ä‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬Ă‚Â¦Ä‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬Ă„â€¦Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ä‚â€ąĂ˘â‚¬Ë‡Ă„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ä‚â€žĂ„â€¦Ä‚â€ąĂ˘â‚¬Ë‡Ă„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ä‚â€žĂ˘â‚¬Â¦Ä‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬Ă„â€¦Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚ÂĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬Ä…Ä‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇĂ„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚Â¬Ă„â€šĂ˘â‚¬ĹľÄ‚â€žĂ˘â‚¬Â¦Ă„â€šĂ˘â‚¬Ä…Ä‚ËĂ˘â€šÂ¬Ă‹â€ˇĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚Â¬Ă„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ä‚â€šĂ‚Â¦Ă„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ˘â‚¬ĹľÄ‚â€žĂ„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ä‚â€žĂ„â€¦Ä‚â€žĂ„ÄľĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬Ä…Ä‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹�========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [276992 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed]
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-26] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-26] (globalUpdate) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-08-31] (Cherished Technololgy LIMITED)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [1813504 2014-10-25] (ShopperPro) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [1514304 2011-12-08] (TuneUp Software)
R2 YouTubeAcceleratorService; C:\Program Files\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-10-26] (GOOBZO)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\Windows\System32\Drivers\fxxandroidusb.sys [25728 2011-03-22] (Google Inc)
R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [50432 2013-09-19] (Advanced Micro Devices)
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [50432 2013-09-19] (Advanced Micro Devices)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [232512 2011-09-26] (DT Soft Ltd)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R1 MpKsldfad6744; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0FA83ABC-946D-44C9-A976-EEDB7879F82E}\MpKsldfad6744.sys [39464 2014-10-28] (Microsoft Corporation)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Ralink Technology Corp.)
S3 qcusbser; C:\Windows\System32\DRIVERS\FXX\qcusbser.sys [103424 2011-03-22] (QUALCOMM Incorporated)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [26112 2014-10-25] () [File not signed]
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1086976 2009-09-17] (VIA Technologies, Inc.)
R3 WsAudioDevice_383; C:\Windows\System32\drivers\WsAudioDevice_383.sys [16640 2011-11-17] (Wondershare) [File not signed]
R1 {ed7eb956-75ed-460d-8f69-29a93b07afd1}w; C:\Windows\System32\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w.sys [52416 2014-08-30] (StdLib)
S1 A2DDA; \??\D:\RUN\a2ddax86.sys [X]
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 cleanhlp; \??\D:\RUN\cleanhlp32.sys [X]
S3 FreshIO; \??\C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys [X]
S2 SPDRIVER_1.37.0.1384; \??\C:\Program Files\ShopperPro\JSDriver\1.37.0.1384\jsdrv.sys [X]
S3 TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-28 16:23 - 2014-10-28 16:24 - 04820857 _____ () C:\Users\Petr\Desktop\FRST.txt
2014-10-28 16:22 - 2014-10-28 16:23 - 00000000 ____D () C:\FRST
2014-10-28 16:21 - 2014-10-28 16:22 - 01104896 _____ (Farbar) C:\Users\Petr\Desktop\FRST.exe
2014-10-28 16:21 - 2014-10-28 16:21 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
2014-10-28 08:24 - 2014-10-28 08:24 - 00001716 _____ () C:\Windows\PFRO.log
2014-10-27 21:16 - 2014-10-27 21:18 - 00000000 ____D () C:\Users\Petr\Documents\Bound by Flame
2014-10-27 20:37 - 2014-10-27 20:37 - 00001027 _____ () C:\Users\Public\Desktop\Bound By Flame.lnk
2014-10-27 20:37 - 2014-10-27 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bound By Flame
2014-10-27 19:49 - 2014-10-27 20:37 - 00000000 ____D () C:\Program Files\Bound By Flame
2014-10-26 11:53 - 2014-10-28 09:48 - 00000000 ____D () C:\Users\Peta\AppData\Roaming\Seznam.cz
2014-10-26 10:09 - 2014-10-28 12:33 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Seznam.cz
2014-10-26 08:33 - 2014-10-28 16:09 - 00004450 _____ () C:\Windows\Tasks\b1c36cc8-8040-4e4d-b087-94988946c30a-4.job
2014-10-26 08:33 - 2014-10-28 16:09 - 00003736 _____ () C:\Windows\Tasks\b1c36cc8-8040-4e4d-b087-94988946c30a-1.job
2014-10-26 08:33 - 2014-10-28 16:09 - 00002746 _____ () C:\Windows\Tasks\b1c36cc8-8040-4e4d-b087-94988946c30a-5_user.job
2014-10-26 08:33 - 2014-10-28 16:09 - 00002746 _____ () C:\Windows\Tasks\b1c36cc8-8040-4e4d-b087-94988946c30a-5.job
2014-10-26 08:33 - 2014-10-28 16:09 - 00002402 _____ () C:\Windows\Tasks\b1c36cc8-8040-4e4d-b087-94988946c30a-2.job
2014-10-26 08:32 - 2014-10-28 16:09 - 00005476 _____ () C:\Windows\Tasks\b1c36cc8-8040-4e4d-b087-94988946c30a-11.job
2014-10-26 08:32 - 2014-10-28 16:09 - 00004450 _____ () C:\Windows\Tasks\b1c36cc8-8040-4e4d-b087-94988946c30a-6.job
2014-10-26 08:32 - 2014-10-28 16:09 - 00004114 _____ () C:\Windows\Tasks\b1c36cc8-8040-4e4d-b087-94988946c30a-7.job
2014-10-26 08:32 - 2014-10-27 21:56 - 00000000 ____D () C:\Program Files\iWebar
2014-10-26 08:15 - 2014-10-28 16:09 - 00002746 _____ () C:\Windows\Tasks\d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-5_user.job
2014-10-26 08:15 - 2014-10-28 16:09 - 00002746 _____ () C:\Windows\Tasks\d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-5.job
2014-10-26 08:14 - 2014-10-28 16:14 - 00004450 _____ () C:\Windows\Tasks\d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-6.job
2014-10-26 08:14 - 2014-10-28 16:09 - 00004450 _____ () C:\Windows\Tasks\d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-4.job
2014-10-26 08:14 - 2014-10-28 16:09 - 00003736 _____ () C:\Windows\Tasks\d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-1.job
2014-10-26 08:14 - 2014-10-28 16:09 - 00002402 _____ () C:\Windows\Tasks\d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-2.job
2014-10-26 08:14 - 2014-10-28 16:09 - 00001328 _____ () C:\Windows\Tasks\FZM.job
2014-10-26 08:14 - 2014-10-26 08:14 - 01511840 _____ (Object Browser) C:\Users\Petr\AppData\Roaming\FZM.exe
2014-10-26 08:13 - 2014-10-28 16:09 - 00005476 _____ () C:\Windows\Tasks\d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-11.job
2014-10-26 08:13 - 2014-10-28 16:09 - 00004114 _____ () C:\Windows\Tasks\d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-7.job
2014-10-26 08:13 - 2014-10-28 16:09 - 00003770 _____ () C:\Windows\Tasks\d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-3.job
2014-10-26 08:13 - 2014-10-28 16:09 - 00001680 _____ () C:\Windows\Tasks\ELHEXRH.job
2014-10-26 08:13 - 2014-10-27 21:55 - 00000000 ____D () C:\Program Files\Senses
2014-10-26 08:13 - 2014-10-26 08:13 - 02002336 _____ (Object Browser) C:\Users\Petr\AppData\Roaming\ELHEXRH.exe
2014-10-26 08:06 - 2014-10-28 16:09 - 00002406 _____ () C:\Windows\Tasks\07050b38-1064-4757-a89c-fb7383a998f7-5_user.job
2014-10-26 08:06 - 2014-10-28 16:09 - 00002406 _____ () C:\Windows\Tasks\07050b38-1064-4757-a89c-fb7383a998f7-5.job
2014-10-26 08:06 - 2014-10-28 16:09 - 00002070 _____ () C:\Windows\Tasks\07050b38-1064-4757-a89c-fb7383a998f7-2.job
2014-10-26 08:05 - 2014-10-28 16:18 - 00004118 _____ () C:\Windows\Tasks\07050b38-1064-4757-a89c-fb7383a998f7-6.job
2014-10-26 08:05 - 2014-10-28 16:09 - 00004798 _____ () C:\Windows\Tasks\07050b38-1064-4757-a89c-fb7383a998f7-4.job
2014-10-26 08:05 - 2014-10-28 16:09 - 00003774 _____ () C:\Windows\Tasks\07050b38-1064-4757-a89c-fb7383a998f7-7.job
2014-10-26 08:05 - 2014-10-28 16:09 - 00003400 _____ () C:\Windows\Tasks\07050b38-1064-4757-a89c-fb7383a998f7-1.job
2014-10-26 08:04 - 2014-10-28 16:09 - 00005144 _____ () C:\Windows\Tasks\07050b38-1064-4757-a89c-fb7383a998f7-11.job
2014-10-26 08:04 - 2014-10-26 08:06 - 00000000 ____D () C:\Program Files\Apps Hat
2014-10-26 08:03 - 2014-10-26 08:03 - 00001104 _____ () C:\Users\Petr\Desktop\YouTube Accelerator.lnk
2014-10-26 08:03 - 2014-10-26 08:03 - 00001104 _____ () C:\Users\Peta\Desktop\YouTube Accelerator.lnk
2014-10-26 08:03 - 2014-10-26 08:03 - 00001104 _____ () C:\Users\Michal\Desktop\YouTube Accelerator.lnk
2014-10-26 08:03 - 2014-10-26 08:03 - 00000000 ____D () C:\Users\Public\Documents\YTAHelper
2014-10-26 08:03 - 2014-10-26 08:03 - 00000000 ____D () C:\Users\Public\Documents\GOOBZO
2014-10-26 08:03 - 2014-10-26 08:03 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-10-26 08:03 - 2014-10-26 08:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-10-26 08:03 - 2014-10-26 08:03 - 00000000 ____D () C:\Program Files\YTAHelper
2014-10-26 08:03 - 2014-10-26 08:03 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-10-26 08:02 - 2014-10-27 21:54 - 00000000 ____D () C:\Program Files\YouTube Accelerator
2014-10-26 08:02 - 2014-10-26 08:03 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-10-26 08:02 - 2014-10-26 08:02 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2014-10-26 08:01 - 2014-10-27 21:54 - 00000000 ____D () C:\Program Files\ShopperPro
2014-10-26 08:01 - 2014-10-26 08:01 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) C:\Windows\system32\AniGIF.ocx
2014-10-26 08:01 - 2014-10-26 08:01 - 00000000 ____D () C:\Users\Petr\AppData\Local\CrashRpt
2014-10-26 08:01 - 2014-10-26 08:01 - 00000000 ____D () C:\Program Files\Seznam.cz
2014-10-26 08:00 - 2014-10-28 16:14 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Seznam.cz
2014-10-26 08:00 - 2014-10-26 08:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DeepBurner
2014-10-24 06:51 - 2014-10-24 06:55 - 00000000 ____D () C:\Users\Petr\Desktop\MANES
2014-10-23 12:32 - 2014-10-23 12:32 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Steam
2014-10-23 12:31 - 2014-10-23 12:31 - 00001552 _____ () C:\Users\Public\Desktop\Sherlock Holmes Zločin a trest.lnk
2014-10-23 12:31 - 2014-10-23 12:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REPACK BY TOMI2K9
2014-10-23 12:13 - 2014-10-23 12:13 - 00000000 ____D () C:\Program Files\REPACK BY TOMI2K9
2014-10-21 08:24 - 2014-10-21 08:24 - 00000454 _____ () C:\Users\Petr\Desktop\Trefík 12.lnk
2014-10-21 07:40 - 2014-10-21 07:40 - 00206336 _____ () C:\Users\Petr\Desktop\unrar64.dll
2014-10-21 07:40 - 2014-10-21 07:40 - 00165376 _____ () C:\Users\Petr\Desktop\unrar.dll
2014-10-18 18:49 - 2014-10-18 18:50 - 00000000 ____D () C:\Users\Petr\Desktop\Estas Tonne - Discography (320kbps)
2014-10-17 20:30 - 2014-10-17 20:30 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-10-17 20:29 - 2014-10-17 20:29 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-17 20:29 - 2014-10-17 20:29 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-17 20:29 - 2014-10-17 20:29 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-17 20:29 - 2014-10-17 20:29 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-10-17 20:29 - 2014-10-17 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-16 06:28 - 2014-09-29 01:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 06:28 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 06:27 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 06:27 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 06:27 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 06:27 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 06:27 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 06:27 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 06:27 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 06:27 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 06:27 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 06:27 - 2014-09-19 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 06:27 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 06:27 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 06:27 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 06:27 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 06:27 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 06:27 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 06:27 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 06:27 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 06:27 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 06:27 - 2014-09-19 01:50 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 06:27 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 06:27 - 2014-09-19 01:44 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 06:27 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 06:27 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 06:27 - 2014-09-19 01:20 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 06:27 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 06:27 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 06:27 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 06:27 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 06:27 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 06:27 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 06:27 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 06:27 - 2014-08-29 02:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 06:27 - 2014-08-29 02:44 - 02744320 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-16 06:27 - 2014-08-29 02:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 06:27 - 2014-08-29 02:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-16 06:27 - 2014-08-29 02:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-16 06:27 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 06:27 - 2014-07-17 02:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 06:27 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 06:27 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 06:27 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 06:27 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 06:27 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 06:27 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 06:27 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-16 06:27 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-10-16 06:27 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-16 06:27 - 2014-07-07 02:28 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-16 06:27 - 2014-06-28 01:21 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-16 06:27 - 2014-06-28 01:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-16 06:27 - 2014-06-28 01:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-16 06:27 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 06:27 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 06:27 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 06:26 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-16 06:26 - 2014-08-19 03:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-16 06:26 - 2014-08-19 03:41 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-16 06:26 - 2014-08-19 03:40 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-16 06:26 - 2014-08-19 03:40 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-16 06:26 - 2014-08-19 02:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-16 06:26 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-16 06:26 - 2014-07-07 02:40 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-16 06:26 - 2014-07-07 02:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-16 06:26 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-16 06:26 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-16 06:26 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-16 06:26 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-16 06:26 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-16 06:26 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-16 06:26 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-16 06:26 - 2014-07-07 02:39 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-16 06:26 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-16 06:26 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-16 06:26 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-13 20:56 - 2014-10-13 21:00 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\freac
2014-10-13 20:55 - 2014-10-13 20:55 - 00000921 _____ () C:\Users\Public\Desktop\freac - free audio converter.lnk
2014-10-13 20:55 - 2014-10-13 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freac - free audio converter
2014-10-13 20:55 - 2014-10-13 20:55 - 00000000 ____D () C:\Program Files\freac
2014-10-13 20:48 - 2014-10-13 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Convert Audio Free
2014-10-13 20:48 - 2014-10-13 20:48 - 00000000 ____D () C:\Program Files\Convert Audio Free
2014-10-13 20:47 - 2014-10-13 20:47 - 00002781 _____ () C:\Users\Public\Desktop\Free FLAC Player.lnk
2014-10-13 20:47 - 2014-10-13 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Freeware
2014-10-13 20:47 - 2014-10-13 20:47 - 00000000 ____D () C:\Program Files\Media Freeware
2014-10-13 20:46 - 2014-10-13 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org
2014-10-13 20:46 - 2014-10-13 20:46 - 00000000 ____D () C:\Program Files\Xiph.Org
2014-10-13 15:36 - 2014-10-13 15:37 - 00000045 _____ () C:\Windows\system32\null
2014-10-13 15:33 - 2014-10-13 15:33 - 00000000 ____D () C:\Users\Petr\Desktop\activator
2014-10-10 20:57 - 2014-10-10 20:57 - 00001022 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2014-10-10 20:57 - 2014-10-10 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-10-10 20:57 - 2014-10-10 20:57 - 00000000 ____D () C:\Program Files\CPUID
2014-10-08 21:23 - 2014-10-28 16:09 - 00029466 _____ () C:\Windows\setupact.log
2014-10-08 21:23 - 2014-10-08 21:23 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-08 13:36 - 2014-10-08 13:36 - 00000000 ____D () C:\Users\Michal\AppData\Local\Wondershare
2014-10-08 12:39 - 2014-10-08 12:39 - 00000000 ____D () C:\Users\Peta\AppData\Local\Wondershare
2014-10-08 07:33 - 2014-10-08 07:36 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Wondershare
2014-10-08 07:33 - 2014-10-08 07:33 - 00001299 _____ () C:\Users\Petr\Desktop\Wondershare Streaming Audio Recorder.lnk
2014-10-08 07:33 - 2014-10-08 07:33 - 00000000 ____D () C:\Users\Petr\AppData\Local\Wondershare
2014-10-08 07:33 - 2014-10-08 07:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2014-10-08 07:33 - 2014-10-08 07:33 - 00000000 ____D () C:\Program Files\Common Files\Wondershare
2014-10-08 07:31 - 2014-10-08 07:31 - 00000000 ____D () C:\Program Files\Wondershare
2014-10-08 07:31 - 2011-11-17 15:08 - 00016640 _____ (Wondershare) C:\Windows\system32\Drivers\WsAudioDevice_383.sys
2014-10-08 06:45 - 2014-10-28 16:09 - 00000000 ____D () C:\ProgramData\Boxtools
2014-10-08 06:45 - 2014-10-08 19:59 - 00000000 ____D () C:\Program Files\Boxoft Flac to MP3 (freeware)
2014-10-08 06:45 - 2014-10-08 07:34 - 00000040 _____ () C:\Users\Petr\AppData\Roaming\cdr.ini
2014-10-08 06:45 - 2010-12-06 08:53 - 00756736 _____ (http://www.mp3dev.org/) C:\Windows\system32\LameACM.acm
2014-10-08 06:45 - 2010-12-06 08:53 - 00000401 _____ () C:\Windows\system32\lame_acm.xml
2014-10-06 11:29 - 2014-10-06 11:29 - 00000000 ____D () C:\Users\Petr\Desktop\pohadky
2014-10-01 13:37 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 18:57 - 2014-09-30 18:57 - 00000216 _____ () C:\Users\Petr\Desktop\Heroes & Generals.url

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-28 16:24 - 2012-09-20 19:16 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-28 16:23 - 2011-09-26 22:02 - 01894587 _____ () C:\Windows\WindowsUpdate.log
2014-10-28 16:18 - 2009-07-14 05:34 - 00014416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-28 16:18 - 2009-07-14 05:34 - 00014416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-28 16:10 - 2014-09-17 19:40 - 00000000 ___RD () C:\Users\Petr\Disk Google
2014-10-28 16:09 - 2014-08-31 19:50 - 00004128 _____ () C:\Windows\Tasks\edeabcf9-c6e9-428e-8a29-4541b988eb6b.job
2014-10-28 16:09 - 2014-08-31 19:50 - 00002716 _____ () C:\Windows\Tasks\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-4.job
2014-10-28 16:09 - 2014-08-31 19:50 - 00001820 _____ () C:\Windows\Tasks\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-1.job
2014-10-28 16:09 - 2014-08-31 19:50 - 00001726 _____ () C:\Windows\Tasks\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-5_user.job
2014-10-28 16:09 - 2014-08-31 19:50 - 00001706 _____ () C:\Windows\Tasks\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-5.job
2014-10-28 16:09 - 2014-08-31 19:50 - 00001418 _____ () C:\Windows\Tasks\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-2.job
2014-10-28 16:09 - 2014-08-31 19:49 - 00004466 _____ () C:\Windows\Tasks\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-11.job
2014-10-28 16:09 - 2014-08-31 19:49 - 00003104 _____ () C:\Windows\Tasks\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-3.job
2014-10-28 16:09 - 2014-08-31 19:49 - 00002376 _____ () C:\Windows\Tasks\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-6.job
2014-10-28 16:09 - 2014-08-31 19:49 - 00002252 _____ () C:\Windows\Tasks\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-7.job
2014-10-28 16:09 - 2014-08-31 19:49 - 00000890 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-10-28 16:09 - 2012-09-20 19:16 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-28 16:09 - 2011-10-03 02:27 - 00000000 ____D () C:\ProgramData\TEMP
2014-10-28 16:09 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-28 14:44 - 2013-01-03 19:09 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-28 14:37 - 2014-08-31 19:49 - 00000894 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-10-28 08:31 - 2014-09-07 12:22 - 00006578 _____ () C:\Windows\system32\PerfStringBackup.TMP
2014-10-27 22:02 - 2011-09-26 22:15 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\uTorrent
2014-10-27 21:58 - 2011-09-27 19:42 - 00000000 ____D () C:\Users\Petr\Documents\Soubory aplikace Outlook
2014-10-27 17:18 - 2014-05-11 12:17 - 00000000 ____D () C:\Program Files\Opera
2014-10-26 10:45 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-24 21:02 - 2014-08-21 14:11 - 00000000 ____D () C:\Users\Petr\AppData\Local\Adobe
2014-10-24 20:09 - 2012-03-31 07:57 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-10-24 20:09 - 2011-09-29 08:22 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-10-23 12:32 - 2011-09-27 04:47 - 00000000 ____D () C:\Users\Petr\Documents\My Games
2014-10-20 15:48 - 2013-06-01 09:29 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\.minecraft
2014-10-20 15:39 - 2014-06-23 21:58 - 00000000 ____D () C:\Users\Petr\AppData\Local\Battle.net
2014-10-18 08:07 - 2011-09-26 23:36 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-10-17 20:38 - 2013-09-03 16:41 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-10-17 20:38 - 2013-09-03 16:41 - 00000000 ____D () C:\Program Files\PopCap Games
2014-10-17 20:37 - 2009-07-14 05:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-17 20:30 - 2013-11-24 18:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-17 20:27 - 2013-08-25 18:07 - 00000000 ____D () C:\Program Files\Worms Clan Wars
2014-10-17 02:51 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-17 02:36 - 2009-07-14 05:33 - 03760128 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-17 02:36 - 2009-07-14 03:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-17 02:17 - 2011-09-27 16:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-17 02:15 - 2013-08-14 14:11 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-17 02:03 - 2011-09-27 08:31 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-16 16:15 - 2014-06-27 11:10 - 00000000 ____D () C:\Users\Peta\AppData\Local\Battle.net
2014-10-13 20:59 - 2011-09-27 17:31 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Winamp
2014-10-13 20:44 - 2011-09-26 22:05 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2014-10-12 20:26 - 2014-07-28 16:47 - 00000000 ____D () C:\Program Files\Steam
2014-10-12 20:24 - 2014-06-23 21:58 - 00000000 ____D () C:\Program Files\Battle.net
2014-10-10 15:38 - 2011-09-26 22:44 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Media Player Classic
2014-10-10 14:25 - 2014-05-01 09:39 - 00000000 ____D () C:\Users\Peta\AppData\Roaming\.minecraft
2014-10-05 12:34 - 2014-05-02 19:08 - 00000000 ____D () C:\Users\Petr\Desktop\Spongebob
2014-10-04 10:39 - 2013-02-23 12:17 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-10-04 10:26 - 2014-08-05 11:13 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-02 21:17 - 2014-06-23 22:00 - 00000000 ____D () C:\Program Files\Hearthstone
2014-09-30 18:57 - 2014-07-28 17:17 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-09-30 18:51 - 2014-07-28 16:47 - 00000000 ____D () C:\Program Files\Common Files\Steam

Some content of TEMP:
====================
C:\Users\Michal\AppData\Local\temp\i4jdel0.exe
C:\Users\Michal\AppData\Local\temp\i4jdel1.exe
C:\Users\Peta\AppData\Local\temp\BullseyeCoverage-2-x86.dll
C:\Users\Petr\AppData\Local\temp\appshat_generic.exe
C:\Users\Petr\AppData\Local\temp\cabex.dll
C:\Users\Petr\AppData\Local\temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Petr\AppData\Local\temp\listicka-partner-13415-1.1.2-offline.exe
C:\Users\Petr\AppData\Local\temp\unelevate.exe
C:\Users\Petr\AppData\Local\temp\ytaiesmt.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\07050b38-1064-4757-a89c-fb7383a998f7-1.job => C:\Program Files\Apps Hat\Apps Hat-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\07050b38-1064-4757-a89c-fb7383a998f7-11.job => C:\Program Files\Apps Hat\07050b38-1064-4757-a89c-fb7383a998f7-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\07050b38-1064-4757-a89c-fb7383a998f7-2.job => C:\Program Files\Apps Hat\07050b38-1064-4757-a89c-fb7383a998f7-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\07050b38-1064-4757-a89c-fb7383a998f7-4.job => C:\Program Files\Apps Hat\07050b38-1064-4757-a89c-fb7383a998f7-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\07050b38-1064-4757-a89c-fb7383a998f7-5.job => C:\Program Files\Apps Hat\07050b38-1064-4757-a89c-fb7383a998f7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\07050b38-1064-4757-a89c-fb7383a998f7-5_user.job => C:\Program Files\Apps Hat\07050b38-1064-4757-a89c-fb7383a998f7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\07050b38-1064-4757-a89c-fb7383a998f7-6.job => C:\Program Files\Apps Hat\07050b38-1064-4757-a89c-fb7383a998f7-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\07050b38-1064-4757-a89c-fb7383a998f7-7.job => C:\Program Files\Apps Hat\07050b38-1064-4757-a89c-fb7383a998f7-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\b1c36cc8-8040-4e4d-b087-94988946c30a-1.job => C:\Program Files\iWebar\iWebar-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\b1c36cc8-8040-4e4d-b087-94988946c30a-11.job => C:\Program Files\iWebar\b1c36cc8-8040-4e4d-b087-94988946c30a-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\b1c36cc8-8040-4e4d-b087-94988946c30a-2.job => C:\Program Files\iWebar\b1c36cc8-8040-4e4d-b087-94988946c30a-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\b1c36cc8-8040-4e4d-b087-94988946c30a-4.job => C:\Program Files\iWebar\b1c36cc8-8040-4e4d-b087-94988946c30a-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\b1c36cc8-8040-4e4d-b087-94988946c30a-5.job => C:\Program Files\iWebar\b1c36cc8-8040-4e4d-b087-94988946c30a-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\b1c36cc8-8040-4e4d-b087-94988946c30a-5_user.job => C:\Program Files\iWebar\b1c36cc8-8040-4e4d-b087-94988946c30a-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\b1c36cc8-8040-4e4d-b087-94988946c30a-6.job => C:\Program Files\iWebar\b1c36cc8-8040-4e4d-b087-94988946c30a-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\b1c36cc8-8040-4e4d-b087-94988946c30a-7.job => C:\Program Files\iWebar\b1c36cc8-8040-4e4d-b087-94988946c30a-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-1.job => C:\Program Files\TheTorntv V10\TheTorntv V10-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-11.job => C:\Program Files\TheTorntv V10\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-2.job => C:\Program Files\TheTorntv V10\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-3.job => C:\Program Files\TheTorntv V10\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-4.job => C:\Program Files\TheTorntv V10\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-5.job => C:\Program Files\TheTorntv V10\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-5_user.job => C:\Program Files\TheTorntv V10\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-6.job => C:\Program Files\TheTorntv V10\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-6.exeö/agentregpath='TheTorntv V10-nv' /appid=63311 /srcid='001823' /subid='0' /zdata='0' /bic=692ADA08C7DC4282AB8BCDAB7C1461E6IE /verifier=093342ace3cd1a5fe413e883cea6df4d /installerversion=1_34_08_12 /installerfullversion=1.34.8.12 /installationtime=1409510925 /statsdomain=http://stats.loadclientinputsrv.com /errorsdomain=http://errors.loadclientinputsrv.com /codedownloaddomain=http://cr.install-daddy.com /defbro=opera /DllName32ToInjectToChrome='dae19526-e006-41d2-96bd-9d6ab1e9e3a0.dll' /DllName64ToInjectToChrome='1dbcaa14-4ef6-4afb-8af4-5069db0ae3ac.dll' /nova64bitexe='b6511cbe-7463-4cd9-91e8-f3f4037b11d7-64.exe <==== ATTENTION
Task: C:\Windows\Tasks\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-7.job => C:\Program Files\TheTorntv V10\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-7.exe¸/updateapp /agentregpath='TheTorntv V10-nv' /appid=63311 /srcid='001823' /subid='0' /zdata='0' /bic=692ADA08C7DC4282AB8BCDAB7C1461E6IE /verifier=093342ace3cd1a5fe413e883cea6df4d /installerversion=1_34_08_12 /installerfullversion=1.34.8.12 /installationtime=1409510925 /statsdomain=http://stats.loadclientinputsrv.com /errorsdomain=http://errors.loadclientinputsrv.com /codedownloaddomain=http://cr.install-daddy.com /defbro=opera /DllName32ToInjectToChrome='dae19526-e006-41d2-96bd-9d6ab1e9e3a0.dll' /DllName64ToInjectToChrome='1dbcaa14-4ef6-4afb-8af4-5069db0ae3ac.dll' /nova64bitexe='b6511cbe-7463-4cd9-91e8-f3f4037b11d7-64.exe <==== ATTENTION
Task: C:\Windows\Tasks\d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-1.job => C:\Program Files\Senses\Senses-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-11.job => C:\Program Files\Senses\d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-2.job => C:\Program Files\Senses\d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-3.job => C:\Program Files\Senses\d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-4.job => C:\Program Files\Senses\d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-5.job => C:\Program Files\Senses\d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-5_user.job => C:\Program Files\Senses\d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-6.job => C:\Program Files\Senses\d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-7.job => C:\Program Files\Senses\d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\edeabcf9-c6e9-428e-8a29-4541b988eb6b.job => C:\Program Files\TheTorntv V10\b6511cbe-7463-4cd9-91e8-f3f4037b11d7-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\ELHEXRH.job => C:\Users\Petr\AppData\Roaming\ELHEXRH.exe <==== ATTENTION
Task: C:\Windows\Tasks\FZM.job => C:\Users\Petr\AppData\Roaming\FZM.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Petr\Desktop" je 17587 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#2 Příspěvek od **Rudy** » 28 říj 2014 17:02

Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

cica18 · #3 Příspěvek od **cica18** » 28 říj 2014 17:03

# AdwCleaner v4.002 - Report created 28/10/2014 at 16:50:23
# DB v2014-10-26.6
# Updated 27/10/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Petr - PETR-PC
# Running from : C:\Users\Petr\Desktop\adwcleaner_4.002.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : IePluginServices
Service Deleted : SPBIUpd
[#] Service Deleted : SPBIUpdd
Service Deleted : YouTubeAcceleratorService
Service Deleted : {ed7eb956-75ed-460d-8f69-29a93b07afd1}w

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Converter
Folder Deleted : C:\Program Files\Free Video Converter
Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Users\Petr\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Petr\AppData\LocalLow\Goobzo
Folder Deleted : C:\Users\Public\Documents\Goobzo
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\Program Files\iWebar
Folder Deleted : C:\ProgramData\ShopperPro
Folder Deleted : C:\Program Files\ShopperPro
Folder Deleted : C:\Program Files\Common Files\ShopperPro
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Program Files\WebSpades
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
Folder Deleted : C:\Program Files\YouTube Accelerator
Folder Deleted : C:\ProgramData\YTAHelper
Folder Deleted : C:\Program Files\YTAHelper
Folder Deleted : C:\Users\Public\Documents\YTAHelper
Folder Deleted : C:\Users\Petr\AppData\Local\CrashRpt
Folder Deleted : C:\Program Files\Apps Hat
Folder Deleted : C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E}
Folder Deleted : C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
Folder Deleted : C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\faststartff@gmail.com
Folder Deleted : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\cdmo5wk8.default\Extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com
Folder Deleted : C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com
File Deleted : C:\Users\Michal\Desktop\YouTube Accelerator.lnk
File Deleted : C:\Users\Peta\Desktop\YouTube Accelerator.lnk
File Deleted : C:\Users\Petr\Desktop\YouTube Accelerator.lnk
File Deleted : C:\Windows\system32\\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w.sys
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\webssearches.xml
File Deleted : C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\user.js
File Deleted : C:\Users\Peta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Peta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : ShopperPro
Task Deleted : ShopperProJSUpd
Task Deleted : SPDriver
Task Deleted : YTAHelper
Task Deleted : YTAUpdate_logon
Task Deleted : 07050b38-1064-4757-a89c-fb7383a998f7-1
Task Deleted : 07050b38-1064-4757-a89c-fb7383a998f7-11
Task Deleted : 07050b38-1064-4757-a89c-fb7383a998f7-2
Task Deleted : 07050b38-1064-4757-a89c-fb7383a998f7-4
Task Deleted : 07050b38-1064-4757-a89c-fb7383a998f7-5
Task Deleted : 07050b38-1064-4757-a89c-fb7383a998f7-5_user
Task Deleted : 07050b38-1064-4757-a89c-fb7383a998f7-6
Task Deleted : 07050b38-1064-4757-a89c-fb7383a998f7-7
Task Deleted : b1c36cc8-8040-4e4d-b087-94988946c30a-1
Task Deleted : b1c36cc8-8040-4e4d-b087-94988946c30a-11
Task Deleted : b1c36cc8-8040-4e4d-b087-94988946c30a-2
Task Deleted : b1c36cc8-8040-4e4d-b087-94988946c30a-4
Task Deleted : b1c36cc8-8040-4e4d-b087-94988946c30a-5
Task Deleted : b1c36cc8-8040-4e4d-b087-94988946c30a-5_user
Task Deleted : b1c36cc8-8040-4e4d-b087-94988946c30a-6
Task Deleted : b1c36cc8-8040-4e4d-b087-94988946c30a-7
Task Deleted : b6511cbe-7463-4cd9-91e8-f3f4037b11d7-1
Task Deleted : b6511cbe-7463-4cd9-91e8-f3f4037b11d7-11
Task Deleted : b6511cbe-7463-4cd9-91e8-f3f4037b11d7-2
Task Deleted : b6511cbe-7463-4cd9-91e8-f3f4037b11d7-3
Task Deleted : b6511cbe-7463-4cd9-91e8-f3f4037b11d7-4
Task Deleted : b6511cbe-7463-4cd9-91e8-f3f4037b11d7-5
Task Deleted : b6511cbe-7463-4cd9-91e8-f3f4037b11d7-5_user
Task Deleted : b6511cbe-7463-4cd9-91e8-f3f4037b11d7-6
Task Deleted : b6511cbe-7463-4cd9-91e8-f3f4037b11d7-7
Task Deleted : d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-1
Task Deleted : d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-11
Task Deleted : d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-2
Task Deleted : d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-3
Task Deleted : d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-4
Task Deleted : d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-5
Task Deleted : d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-5_user
Task Deleted : d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-6
Task Deleted : d1aa8a69-fe44-4fdd-9cd0-80ae8344c39b-7
Task Deleted : edeabcf9-c6e9-428e-8a29-4541b988eb6b

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome (2).lnk
Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox (2).lnk
Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [GoobzoYouTubeAccelerator]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SPDriver]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0063311.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0063311.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0063311.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0063311.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411851159}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611191115}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611511123}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422852259}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622192215}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622512223}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455855559}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655195515}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655335511}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655515523}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466856659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666196615}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666336611}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666516623}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444854459}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644194415}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644514423}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411851159}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191115}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611511123}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Goobzo
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\TornTv Downloader
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\iWebar
Key Deleted : HKCU\Software\AppDataLow\Software\TheTorntv V10
Key Deleted : HKCU\Software\AppDataLow\Software\Apps Hat
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\Goobzo
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\iWebar
Key Deleted : HKLM\SOFTWARE\iWebar-nv
Key Deleted : HKLM\SOFTWARE\Senses-nv
Key Deleted : HKLM\SOFTWARE\ShopperPro
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\supWPM
Key Deleted : HKLM\SOFTWARE\TheTorntv V10
Key Deleted : HKLM\SOFTWARE\Apps Hat
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]

-\\ Mozilla Firefox v31.0 (x86 cs)

-\\ Google Chrome v38.0.2125.111

*************************

AdwCleaner[R4].txt - [18707 octets] - [28/10/2014 16:45:37]
AdwCleaner[S1].txt - [18578 octets] - [28/10/2014 16:50:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [18639 octets] ##########

#4 Příspěvek od **Rudy** » 28 říj 2014 17:10

Dejte nový log FRST.

cica18 · #5 Příspěvek od **cica18** » 28 říj 2014 17:20

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-10-2014 01
Ran by Petr (administrator) on PETR-PC on 28-10-2014 17:19:26
Running from C:\Users\Petr\Desktop
Loaded Profile: Petr (Available profiles: Petr & Michal & Peta)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(Finkit d.o.o.) C:\Program Files\ManicTime\ManicTime.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
() C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\ProgramData\Boxtools\Toolbox.exe
(Opera Software) C:\Program Files\Opera\25.0.1614.63\opera.exe
() C:\Program Files\Opera\25.0.1614.63\opera_crashreporter.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Opera Software) C:\Program Files\Opera\25.0.1614.63\opera.exe
(Opera Software) C:\Program Files\Opera\25.0.1614.63\opera.exe
(Opera Software) C:\Program Files\Opera\25.0.1614.63\opera.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Opera Software) C:\Program Files\Opera\25.0.1614.63\opera.exe
(Opera Software) C:\Program Files\Opera\25.0.1614.63\opera.exe
(Opera Software) C:\Program Files\Opera\25.0.1614.63\opera.exe
(Opera Software) C:\Program Files\Opera\25.0.1614.63\opera.exe
(Opera Software) C:\Program Files\Opera\25.0.1614.63\opera.exe
(Opera Software) C:\Program Files\Opera\25.0.1614.63\opera.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1681408 2009-09-21] (VIA)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM\...\Run: [Mobile Partner] => C:\Program Files\Hi Suite\Hi Suite.exe [518656 2013-04-14] ()
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [747264 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1679360 2012-02-28] (Wondershare)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-10-16] (AMD)
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Run: [ManicTime] => C:\Program Files\ManicTime\ManicTime.exe [250120 2014-04-02] (Finkit d.o.o.)
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Run: [MKLOL] => C:\Program Files\MKJogo\MKLOL\MK.exe [846536 2014-08-01] (MK)
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Run: [MK LOL] => C:\Program Files\MKJogo\MK IM\Bin\MKIM.exe [1092296 2014-10-14] ()
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Run: [Boxoft Tools] => C:\ProgramData\Boxtools\Boxofttoolbox.exe [514048 2010-12-15] ()
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Run: [SPDriver] => C:\Program Files\ShopperPro\JSDriver\1.37.0.1384\jsdrv.exe
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1941282194-1708415242-375424287-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk
ShortcutTarget: TornTvDownloader.lnk -> C:\Users\Petr\AppData\Roaming\TornTV.com\Torntv Downloader.exe (No File)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
GroupPolicyUsers\S-1-5-21-1941282194-1708415242-375424287-1020\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1941282194-1708415242-375424287-1019\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
BHO: No Name -> {11111111-1111-1111-1111-110611331111} -> No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: No Name -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204
FF DefaultSearchEngine: webssearches
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @winzip.com/Winzip Courier -> C:\Program Files\WinZip Courier\npwzwmc.dll (WinZip Computing, S.L.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: TheTorntv V10 - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [2014-08-31]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\ascsurfingprotection@iobit.com [2014-01-01]
FF Extension: iWebar - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\ROUAILDE73397174@UXGZI17268980.com [2014-10-26]
FF Extension: Senses - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\warnerroberts@hotmail.com [2014-10-26]
FF Extension: Seznam lištička - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-10-27]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2014-02-17]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-02-17]
FF Extension: Adblock Plus - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-12]
FF HKLM\...\Firefox\Extensions: [{74c841e3-b59f-479e-8d7a-e26a942a87c8}] - C:\Program Files\WinZip Courier\FFExt
FF Extension: WinZip Courier - C:\Program Files\WinZip Courier\FFExt [2011-11-25]
FF Extension: No Name - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [Not Found]
FF Extension: No Name - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [Not Found]
FF Extension: No Name - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com [Not Found]

Chrome:
=======
CHR HomePage: Default -> hxxp://istart.webssearches.com/?type=hp&ts=1409511149&from=ild&uid=395049983_1052451_1C9FFC9D
CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hp&ts=1409511149&from=ild&uid=395049983_1052451_1C9FFC9D"
CHR DefaultSearchKeyword: Default -> webssearches
CHR DefaultSearchURL: Default -> http://istart.webssearches.com/web/?typ ... earchTerms}
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bejeweled) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm [2014-01-22]
CHR Extension: (Angry Birds) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-01-22]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-18]
CHR Extension: (TV) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-01-22]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-22]
CHR Extension: (Adblock Plus) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-21]
CHR Extension: (VyhledÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ä‚â€žĂ„â€¦Ä‚â€žĂ„ÄľĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬Ä…Ä‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇĂ„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚Â¬Ă„â€šĂ˘â‚¬ĹľÄ‚â€žĂ˘â‚¬Â¦Ă„â€šĂ˘â‚¬Ä…Ä‚ËĂ˘â€šÂ¬Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬Ă„â€¦Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚ÂĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬Ä…Ä‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ä‚â€žĂ„â€¦Ä‚â€ąĂ˘â‚¬Ë‡Ä‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚Â¬Ä‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬Ă‚Â¦Ä‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ˘â‚¬ĹľÄ‚â€žĂ„ÄľĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ä‚â€žĂ„â€¦Ä‚â€ąĂ˘â‚¬Ë‡Ă„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ä‚â€žĂ˘â‚¬Â¦Ä‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬Ă„â€¦Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚ÂĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬Ä…Ä‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇĂ„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚Â¬Ă„â€šĂ˘â‚¬ĹľÄ‚â€žĂ˘â‚¬Â¦Ă„â€šĂ˘â‚¬Ä…Ä‚ËĂ˘â€šÂ¬Ă‹â€ˇĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚Â¬Ă„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ä‚â€šĂ‚Â¦Ă„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ä‚â€žĂ˘â‚¬Â¦Ä‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ă„â€šĂ˘â‚¬Ä…Ä‚ËĂ˘â€šÂ¬Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ä‚â€žĂ„â€¦Ä‚â€žĂ„ÄľĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬Ä…Ä‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„�CHR Extension: (Plants vs Zombies) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2014-01-22]
CHR Extension: (PenĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ä‚â€žĂ„â€¦Ä‚â€ąĂ˘â‚¬Ë‡Ă„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬Ä…Ä‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇĂ„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚Â¬Ă„â€šĂ˘â‚¬ĹľÄ‚â€žĂ˘â‚¬Â¦Ă„â€šĂ˘â‚¬ĹľÄ‚â€žĂ„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬Ă„â€¦Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚ÂĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬Ä…Ä‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ä‚â€žĂ„â€¦Ä‚â€ąĂ˘â‚¬Ë‡Ä‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚Â¬Ä‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬Ă‚Â¦Ä‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬Ă„â€¦Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ä‚â€ąĂ˘â‚¬Ë‡Ă„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ä‚â€žĂ„â€¦Ä‚â€ąĂ˘â‚¬Ë‡Ă„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ä‚â€žĂ˘â‚¬Â¦Ä‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬Ă„â€¦Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚ÂĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬Ä…Ä‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇĂ„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚Â¬Ă„â€šĂ˘â‚¬ĹľÄ‚â€žĂ˘â‚¬Â¦Ă„â€šĂ˘â‚¬Ä…Ä‚ËĂ˘â€šÂ¬Ă‹â€ˇĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚Â¬Ă„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ä‚â€šĂ‚Â¦Ă„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ˘â‚¬ĹľÄ‚â€žĂ„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ä‚â€žĂ„â€¦Ä‚â€žĂ„ÄľĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬Ä…Ä‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹�
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [276992 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [1514304 2011-12-08] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\Windows\System32\Drivers\fxxandroidusb.sys [25728 2011-03-22] (Google Inc)
R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [50432 2013-09-19] (Advanced Micro Devices)
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [50432 2013-09-19] (Advanced Micro Devices)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [232512 2011-09-26] (DT Soft Ltd)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Ralink Technology Corp.)
S3 qcusbser; C:\Windows\System32\DRIVERS\FXX\qcusbser.sys [103424 2011-03-22] (QUALCOMM Incorporated)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1086976 2009-09-17] (VIA Technologies, Inc.)
R3 WsAudioDevice_383; C:\Windows\System32\drivers\WsAudioDevice_383.sys [16640 2011-11-17] (Wondershare) [File not signed]
S1 A2DDA; \??\D:\RUN\a2ddax86.sys [X]
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 cleanhlp; \??\D:\RUN\cleanhlp32.sys [X]
S3 FreshIO; \??\C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys [X]
S2 SPDRIVER_1.37.0.1384; \??\C:\Program Files\ShopperPro\JSDriver\1.37.0.1384\jsdrv.sys [X]
S3 TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-28 16:45 - 2014-10-28 16:51 - 00000000 ____D () C:\AdwCleaner
2014-10-28 16:45 - 2014-10-28 16:45 - 01998336 _____ () C:\Users\Petr\Desktop\adwcleaner_4.002.exe
2014-10-28 16:31 - 2014-10-28 16:31 - 00009522 _____ () C:\Users\Petr\Desktop\Addition.zip
2014-10-28 16:23 - 2014-10-28 17:21 - 04813845 _____ () C:\Users\Petr\Desktop\FRST.txt
2014-10-28 16:22 - 2014-10-28 17:19 - 00000000 ____D () C:\FRST
2014-10-28 16:21 - 2014-10-28 16:22 - 01104896 _____ (Farbar) C:\Users\Petr\Desktop\FRST.exe
2014-10-28 16:21 - 2014-10-28 16:21 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
2014-10-28 08:24 - 2014-10-28 16:51 - 00002034 _____ () C:\Windows\PFRO.log
2014-10-27 21:16 - 2014-10-27 21:18 - 00000000 ____D () C:\Users\Petr\Documents\Bound by Flame
2014-10-27 20:37 - 2014-10-27 20:37 - 00001027 _____ () C:\Users\Public\Desktop\Bound By Flame.lnk
2014-10-27 20:37 - 2014-10-27 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bound By Flame
2014-10-27 19:49 - 2014-10-27 20:37 - 00000000 ____D () C:\Program Files\Bound By Flame
2014-10-26 11:53 - 2014-10-28 09:48 - 00000000 ____D () C:\Users\Peta\AppData\Roaming\Seznam.cz
2014-10-26 10:09 - 2014-10-28 12:33 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Seznam.cz
2014-10-26 08:14 - 2014-10-28 16:52 - 00001328 _____ () C:\Windows\Tasks\FZM.job
2014-10-26 08:14 - 2014-10-26 08:14 - 01511840 _____ (Object Browser) C:\Users\Petr\AppData\Roaming\FZM.exe
2014-10-26 08:13 - 2014-10-28 16:52 - 00001680 _____ () C:\Windows\Tasks\ELHEXRH.job
2014-10-26 08:13 - 2014-10-27 21:55 - 00000000 ____D () C:\Program Files\Senses
2014-10-26 08:13 - 2014-10-26 08:13 - 02002336 _____ (Object Browser) C:\Users\Petr\AppData\Roaming\ELHEXRH.exe
2014-10-26 08:01 - 2014-10-26 08:01 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) C:\Windows\system32\AniGIF.ocx
2014-10-26 08:01 - 2014-10-26 08:01 - 00000000 ____D () C:\Program Files\Seznam.cz
2014-10-26 08:00 - 2014-10-28 16:57 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Seznam.cz
2014-10-26 08:00 - 2014-10-26 08:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DeepBurner
2014-10-24 06:51 - 2014-10-24 06:55 - 00000000 ____D () C:\Users\Petr\Desktop\MANES
2014-10-23 12:32 - 2014-10-23 12:32 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Steam
2014-10-23 12:31 - 2014-10-23 12:31 - 00001552 _____ () C:\Users\Public\Desktop\Sherlock Holmes Zločin a trest.lnk
2014-10-23 12:31 - 2014-10-23 12:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REPACK BY TOMI2K9
2014-10-23 12:13 - 2014-10-23 12:13 - 00000000 ____D () C:\Program Files\REPACK BY TOMI2K9
2014-10-21 08:24 - 2014-10-21 08:24 - 00000454 _____ () C:\Users\Petr\Desktop\Trefík 12.lnk
2014-10-21 07:40 - 2014-10-21 07:40 - 00206336 _____ () C:\Users\Petr\Desktop\unrar64.dll
2014-10-21 07:40 - 2014-10-21 07:40 - 00165376 _____ () C:\Users\Petr\Desktop\unrar.dll
2014-10-18 18:49 - 2014-10-18 18:50 - 00000000 ____D () C:\Users\Petr\Desktop\Estas Tonne - Discography (320kbps)
2014-10-17 20:30 - 2014-10-17 20:30 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-10-17 20:29 - 2014-10-17 20:29 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-17 20:29 - 2014-10-17 20:29 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-17 20:29 - 2014-10-17 20:29 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-17 20:29 - 2014-10-17 20:29 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-10-17 20:29 - 2014-10-17 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-16 06:28 - 2014-09-29 01:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 06:28 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 06:27 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 06:27 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 06:27 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 06:27 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 06:27 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 06:27 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 06:27 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 06:27 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 06:27 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 06:27 - 2014-09-19 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 06:27 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 06:27 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 06:27 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 06:27 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 06:27 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 06:27 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 06:27 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 06:27 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 06:27 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 06:27 - 2014-09-19 01:50 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 06:27 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 06:27 - 2014-09-19 01:44 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 06:27 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 06:27 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 06:27 - 2014-09-19 01:20 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 06:27 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 06:27 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 06:27 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 06:27 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 06:27 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 06:27 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 06:27 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 06:27 - 2014-08-29 02:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 06:27 - 2014-08-29 02:44 - 02744320 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-16 06:27 - 2014-08-29 02:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 06:27 - 2014-08-29 02:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-16 06:27 - 2014-08-29 02:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-16 06:27 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 06:27 - 2014-07-17 02:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 06:27 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 06:27 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 06:27 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 06:27 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 06:27 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 06:27 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 06:27 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-16 06:27 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-16 06:27 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-10-16 06:27 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-16 06:27 - 2014-07-07 02:28 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-16 06:27 - 2014-06-28 01:21 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-16 06:27 - 2014-06-28 01:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-16 06:27 - 2014-06-28 01:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-16 06:27 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 06:27 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 06:27 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 06:26 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-16 06:26 - 2014-08-19 03:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-16 06:26 - 2014-08-19 03:41 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-16 06:26 - 2014-08-19 03:40 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-16 06:26 - 2014-08-19 03:40 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-16 06:26 - 2014-08-19 02:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-16 06:26 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-16 06:26 - 2014-07-07 02:40 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-16 06:26 - 2014-07-07 02:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-16 06:26 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-16 06:26 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-16 06:26 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-16 06:26 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-16 06:26 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-16 06:26 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-16 06:26 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-16 06:26 - 2014-07-07 02:39 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-16 06:26 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-16 06:26 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-16 06:26 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-13 20:56 - 2014-10-13 21:00 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\freac
2014-10-13 20:55 - 2014-10-13 20:55 - 00000921 _____ () C:\Users\Public\Desktop\freac - free audio converter.lnk
2014-10-13 20:55 - 2014-10-13 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freac - free audio converter
2014-10-13 20:55 - 2014-10-13 20:55 - 00000000 ____D () C:\Program Files\freac
2014-10-13 20:48 - 2014-10-13 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Convert Audio Free
2014-10-13 20:48 - 2014-10-13 20:48 - 00000000 ____D () C:\Program Files\Convert Audio Free
2014-10-13 20:47 - 2014-10-13 20:47 - 00002781 _____ () C:\Users\Public\Desktop\Free FLAC Player.lnk
2014-10-13 20:47 - 2014-10-13 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Freeware
2014-10-13 20:47 - 2014-10-13 20:47 - 00000000 ____D () C:\Program Files\Media Freeware
2014-10-13 20:46 - 2014-10-13 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org
2014-10-13 20:46 - 2014-10-13 20:46 - 00000000 ____D () C:\Program Files\Xiph.Org
2014-10-13 15:36 - 2014-10-13 15:37 - 00000045 _____ () C:\Windows\system32\null
2014-10-13 15:33 - 2014-10-13 15:33 - 00000000 ____D () C:\Users\Petr\Desktop\activator
2014-10-10 20:57 - 2014-10-10 20:57 - 00001022 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2014-10-10 20:57 - 2014-10-10 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-10-10 20:57 - 2014-10-10 20:57 - 00000000 ____D () C:\Program Files\CPUID
2014-10-08 21:23 - 2014-10-28 17:15 - 00030418 _____ () C:\Windows\setupact.log
2014-10-08 21:23 - 2014-10-08 21:23 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-08 13:36 - 2014-10-08 13:36 - 00000000 ____D () C:\Users\Michal\AppData\Local\Wondershare
2014-10-08 12:39 - 2014-10-08 12:39 - 00000000 ____D () C:\Users\Peta\AppData\Local\Wondershare
2014-10-08 07:33 - 2014-10-08 07:36 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Wondershare
2014-10-08 07:33 - 2014-10-08 07:33 - 00001299 _____ () C:\Users\Petr\Desktop\Wondershare Streaming Audio Recorder.lnk
2014-10-08 07:33 - 2014-10-08 07:33 - 00000000 ____D () C:\Users\Petr\AppData\Local\Wondershare
2014-10-08 07:33 - 2014-10-08 07:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2014-10-08 07:33 - 2014-10-08 07:33 - 00000000 ____D () C:\Program Files\Common Files\Wondershare
2014-10-08 07:31 - 2014-10-08 07:31 - 00000000 ____D () C:\Program Files\Wondershare
2014-10-08 07:31 - 2011-11-17 15:08 - 00016640 _____ (Wondershare) C:\Windows\system32\Drivers\WsAudioDevice_383.sys
2014-10-08 06:45 - 2014-10-28 16:52 - 00000000 ____D () C:\ProgramData\Boxtools
2014-10-08 06:45 - 2014-10-08 19:59 - 00000000 ____D () C:\Program Files\Boxoft Flac to MP3 (freeware)
2014-10-08 06:45 - 2014-10-08 07:34 - 00000040 _____ () C:\Users\Petr\AppData\Roaming\cdr.ini
2014-10-08 06:45 - 2010-12-06 08:53 - 00756736 _____ (http://www.mp3dev.org/) C:\Windows\system32\LameACM.acm
2014-10-08 06:45 - 2010-12-06 08:53 - 00000401 _____ () C:\Windows\system32\lame_acm.xml
2014-10-06 11:29 - 2014-10-06 11:29 - 00000000 ____D () C:\Users\Petr\Desktop\pohadky
2014-10-01 13:37 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 18:57 - 2014-09-30 18:57 - 00000216 _____ () C:\Users\Petr\Desktop\Heroes & Generals.url

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-28 17:14 - 2011-09-26 22:02 - 01906652 _____ () C:\Windows\WindowsUpdate.log
2014-10-28 17:00 - 2009-07-14 05:34 - 00014416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-28 17:00 - 2009-07-14 05:34 - 00014416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-28 16:58 - 2014-09-07 12:22 - 00006578 _____ () C:\Windows\system32\PerfStringBackup.TMP
2014-10-28 16:54 - 2014-09-17 19:40 - 00000000 ___RD () C:\Users\Petr\Disk Google
2014-10-28 16:52 - 2012-09-20 19:16 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-28 16:52 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-28 16:51 - 2013-09-01 08:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-28 16:51 - 2011-09-29 08:19 - 00001019 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-28 16:51 - 2011-09-26 22:01 - 00001120 _____ () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-28 16:50 - 2011-10-03 02:27 - 00000000 ____D () C:\ProgramData\TEMP
2014-10-28 16:44 - 2013-01-03 19:09 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-28 16:24 - 2012-09-20 19:16 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-27 22:02 - 2011-09-26 22:15 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\uTorrent
2014-10-27 21:58 - 2011-09-27 19:42 - 00000000 ____D () C:\Users\Petr\Documents\Soubory aplikace Outlook
2014-10-27 17:18 - 2014-05-11 12:17 - 00000000 ____D () C:\Program Files\Opera
2014-10-26 10:45 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-24 21:02 - 2014-08-21 14:11 - 00000000 ____D () C:\Users\Petr\AppData\Local\Adobe
2014-10-24 20:09 - 2012-03-31 07:57 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-10-24 20:09 - 2011-09-29 08:22 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-10-23 12:32 - 2011-09-27 04:47 - 00000000 ____D () C:\Users\Petr\Documents\My Games
2014-10-20 15:48 - 2013-06-01 09:29 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\.minecraft
2014-10-20 15:39 - 2014-06-23 21:58 - 00000000 ____D () C:\Users\Petr\AppData\Local\Battle.net
2014-10-18 08:07 - 2011-09-26 23:36 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-10-17 20:38 - 2013-09-03 16:41 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-10-17 20:38 - 2013-09-03 16:41 - 00000000 ____D () C:\Program Files\PopCap Games
2014-10-17 20:37 - 2009-07-14 05:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-17 20:30 - 2013-11-24 18:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-17 20:27 - 2013-08-25 18:07 - 00000000 ____D () C:\Program Files\Worms Clan Wars
2014-10-17 02:51 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-17 02:36 - 2009-07-14 05:33 - 03760128 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-17 02:36 - 2009-07-14 03:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-17 02:17 - 2011-09-27 16:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-17 02:15 - 2013-08-14 14:11 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-17 02:03 - 2011-09-27 08:31 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-16 16:15 - 2014-06-27 11:10 - 00000000 ____D () C:\Users\Peta\AppData\Local\Battle.net
2014-10-13 20:59 - 2011-09-27 17:31 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Winamp
2014-10-13 20:44 - 2011-09-26 22:05 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2014-10-12 20:26 - 2014-07-28 16:47 - 00000000 ____D () C:\Program Files\Steam
2014-10-12 20:24 - 2014-06-23 21:58 - 00000000 ____D () C:\Program Files\Battle.net
2014-10-10 15:38 - 2011-09-26 22:44 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Media Player Classic
2014-10-10 14:25 - 2014-05-01 09:39 - 00000000 ____D () C:\Users\Peta\AppData\Roaming\.minecraft
2014-10-05 12:34 - 2014-05-02 19:08 - 00000000 ____D () C:\Users\Petr\Desktop\Spongebob
2014-10-04 10:39 - 2013-02-23 12:17 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-10-04 10:26 - 2014-08-05 11:13 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-02 21:17 - 2014-06-23 22:00 - 00000000 ____D () C:\Program Files\Hearthstone
2014-09-30 18:57 - 2014-07-28 17:17 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-09-30 18:51 - 2014-07-28 16:47 - 00000000 ____D () C:\Program Files\Common Files\Steam

Some content of TEMP:
====================
C:\Users\Michal\AppData\Local\temp\i4jdel0.exe
C:\Users\Michal\AppData\Local\temp\i4jdel1.exe
C:\Users\Peta\AppData\Local\temp\BullseyeCoverage-2-x86.dll
C:\Users\Petr\AppData\Local\temp\appshat_generic.exe
C:\Users\Petr\AppData\Local\temp\cabex.dll
C:\Users\Petr\AppData\Local\temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Petr\AppData\Local\temp\listicka-partner-13415-1.1.2-offline.exe
C:\Users\Petr\AppData\Local\temp\Quarantine.exe
C:\Users\Petr\AppData\Local\temp\sqlite3.dll
C:\Users\Petr\AppData\Local\temp\unelevate.exe
C:\Users\Petr\AppData\Local\temp\ytaiesmt.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ELHEXRH.job => C:\Users\Petr\AppData\Roaming\ELHEXRH.exe <==== ATTENTION
Task: C:\Windows\Tasks\FZM.job => C:\Users\Petr\AppData\Roaming\FZM.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Petr\Desktop" je 17589 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#6 Příspěvek od **Rudy** » 28 říj 2014 18:54

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
ShortcutTarget: TornTvDownloader.lnk -> C:\Users\Petr\AppData\Roaming\TornTV.com\Torntv Downloader.exe (No File)
GroupPolicyUsers\S-1-5-21-1941282194-1708415242-375424287-1020\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1941282194-1708415242-375424287-1019\User: Group Policy restriction detected <======= ATTENTION
BHO: No Name -> {11111111-1111-1111-1111-110611331111} -> No File
BHO: No Name -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> No File
FF DefaultSearchEngine: webssearches
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\dz7qs4bs.default-1381346508204\Extensions\ascsurfingprotection@iobit.com [2014-01-01]
CHR HomePage: Default -> hxxp://istart.webssearches.com/?type=hp ... 1_1C9FFC9D
CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hp&ts=1409511149&from=ild&uid=395049983_1052451_1C9FFC9D"
CHR DefaultSearchKeyword: Default -> webssearches
CHR DefaultSearchURL: Default -> http://istart.webssearches.com/web/?typ ... C9FFC9D&q={searchTerms}
CHR Extension: (VyhledÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ä‚â€žĂ„â€¦Ä‚â€žĂ„ÄľĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬Ä…Ä‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇĂ„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚Â¬Ă„â€šĂ˘â‚¬ĹľÄ‚â€žĂ˘â‚¬Â¦Ă„â€šĂ˘â‚¬Ä…Ä‚ËĂ˘â€šÂ¬Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬Ă„â€¦Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚ÂĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬Ä…Ä‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ä‚â€žĂ„â€¦Ä‚â€ąĂ˘â‚¬Ë‡Ä‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚Â¬Ä‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬Ă‚Â¦Ä‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ˘â‚¬ĹľÄ‚â€žĂ„ÄľĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ä‚â€žĂ„â€¦Ä‚â€ąĂ˘â‚¬Ë‡Ă„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ä‚â€žĂ˘â‚¬Â¦Ä‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬Ă„â€¦Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚ÂĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬Ä…Ä‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇĂ„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚Â¬Ă„â€šĂ˘â‚¬ĹľÄ‚â€žĂ˘â‚¬Â¦Ă„â€šĂ˘â‚¬Ä…Ä‚ËĂ˘â€šÂ¬Ă‹â€ˇĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚Â¬Ă„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ä‚â€šĂ‚Â¦Ă„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ä‚â€žĂ˘â‚¬Â¦Ä‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ă„â€šĂ˘â‚¬Ä…Ä‚ËĂ˘â€šÂ¬Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ä‚â€žĂ„â€¦Ä‚â€žĂ„ÄľĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬Ä…Ä‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„�CHR Extension: (Plants vs Zombies) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2014-01-22]
CHR Extension: (PenĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ä‚â€žĂ„â€¦Ä‚â€ąĂ˘â‚¬Ë‡Ă„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬Ä…Ä‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇĂ„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚Â¬Ă„â€šĂ˘â‚¬ĹľÄ‚â€žĂ˘â‚¬Â¦Ă„â€šĂ˘â‚¬ĹľÄ‚â€žĂ„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬Ă„â€¦Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚ÂĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬Ä…Ä‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ä‚â€žĂ„â€¦Ä‚â€ąĂ˘â‚¬Ë‡Ä‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚Â¬Ä‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬Ă‚Â¦Ä‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬Ă„â€¦Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ä‚â€ąĂ˘â‚¬Ë‡Ă„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ä‚â€žĂ„â€¦Ä‚â€ąĂ˘â‚¬Ë‡Ă„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ä‚â€žĂ˘â‚¬Â¦Ä‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬Ă„â€¦Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚ÂĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬Ä…Ä‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇĂ„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚Â¬Ă„â€šĂ˘â‚¬ĹľÄ‚â€žĂ˘â‚¬Â¦Ă„â€šĂ˘â‚¬Ä…Ä‚ËĂ˘â€šÂ¬Ă‹â€ˇĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚Â¬Ă„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ä‚â€šĂ‚Â¦Ă„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ˘â‚¬ĹľÄ‚â€žĂ„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ä‚â€žĂ„â€¦Ä‚â€žĂ„ÄľĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬Ä…Ä‚â€šĂ‚ÂÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹�
S1 A2DDA; \??\D:\RUN\a2ddax86.sys [X]
S3 cleanhlp; \??\D:\RUN\cleanhlp32.sys [X]
C:\Windows\Tasks\FZM.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Michal\AppData\Local\temp
C:\Users\Peta\AppData\Local\temp
C:\Users\Petr\AppData\Local\temp
Task: C:\Windows\Tasks\ELHEXRH.job => C:\Users\Petr\AppData\Roaming\ELHEXRH.exe <==== ATTENTION
Task: C:\Windows\Tasks\FZM.job => C:\Users\Petr\AppData\Roaming\FZM.exe <==== ATTENTION
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Velikost souborů na ploše je celkem 17,5GB, což je hodně. Plocha, jakožto otevřený adresář se při startu kompletně načítá a při této velikosti jej může zpomalovat. Přesuňte vše, co máte na ploše (kromě zástupců) do jiného adresáře v Users a na plochu dejte pouze zástupce té složky kvůli snazšímu přístupu.

cica18 · #7 Příspěvek od **cica18** » 28 říj 2014 19:47

Vaše zpráva obsahuje 764160 znaků. Maximální povolený počet znaků je 100000

priloha

#8 Příspěvek od **Rudy** » 28 říj 2014 20:18

Smazáno. Nastala nějaká změna?

cica18 · #9 Příspěvek od **cica18** » 28 říj 2014 20:33

zda se ok...diky

#10 Příspěvek od **Rudy** » 28 říj 2014 20:39

Rádo se stalo!

VIRY.CZ

zasekana opera

zasekana opera

Re: zasekana opera

Re: zasekana opera

Re: zasekana opera

Re: zasekana opera

Re: zasekana opera

Re: zasekana opera

Re: zasekana opera

Re: zasekana opera

Re: zasekana opera