Prosím o kontrolu a případnou pomoc s vyčištěním. Děkuji
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2014 01
Ran by budikt (administrator) on NX60127IMO on 10-11-2014 18:44:12
Running from C:\Users\budikt\Desktop
Loaded Profile: budikt (Available profiles: ZN-J2 VeSps & budikt & Ivanka & Štábní nácvik & Administrator & Guest)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\ATService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast Business\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe
() C:\Program Files\Anydata\Anydata ADU890-WH\CMSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(TOSHIBA) C:\Program Files\Toshiba\TFPU\TFPUPWDBank.exe
(TOSHIBA) C:\Program Files\Toshiba\TFPU\TFPUTaskMonitor.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TNROTATE\TNROTATE.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast Business\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\budikt\Desktop\FRSTLauncher (1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [913720 2010-03-25] (TOSHIBA Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [313344 2009-09-11] (Alps Electric Co., Ltd.)
HKLM\...\Run: [TFPUPWDBankService] => C:\Program Files\TOSHIBA\TFPU\TFPUPWDBank.exe [925104 2009-12-23] (TOSHIBA)
HKLM\...\Run: [TFPUService] => C:\Program Files\TOSHIBA\TFPU\TFPUTaskMonitor.exe [793008 2009-12-23] (TOSHIBA)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1489760 2010-04-06] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050072 2010-10-26] (Toshiba Europe GmbH)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TNRotate] => C:\Program Files (x86)\TOSHIBA\TNRotate\TNRotate.exe [607616 2010-02-22] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2009-12-09] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [TUSBSleepChargeSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe [253312 2009-10-26] (TOSHIBA)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avast] => C:\Program Files\AVAST Software\Avast Business\avastUI.exe [4769352 2014-01-14] (AVAST Software)
HKLM-x32\...\Run: [20131121] => C:\Program Files\AVAST Software\Avast Business\setup\emupdate\bee9eb5a-d44a-4ad0-ab01-f6b4a230eb9c.exe [180184 2013-11-23] (AVAST Software)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1295736 2011-02-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-891148495-1099679057-1463982643-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-891148495-1099679057-1463982643-1003\...\Run: [Google Update] => C:\Users\budikt\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-18] (Google Inc.)
HKU\S-1-5-21-891148495-1099679057-1463982643-1003\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-891148495-1099679057-1463982643-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-29] (Piriform Ltd)
HKU\S-1-5-21-891148495-1099679057-1463982643-1003\...\MountPoints2: {27a66cc4-86e8-11e2-bc13-0023182c6392} - G:\Launcher.exe
HKU\S-1-5-18\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
HKU\S-1-5-18\...\Run: [Advanced SystemCare 6] => "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\chrome – zástupce.lnk
ShortcutTarget: chrome – zástupce.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Štábní nácvik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast Business\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [ATFPUOverlayIcon] -> {3239DBC1-B76D-4dc7-8B29-D99CBA3C7336} => C:\Program Files\TOSHIBA\TFPU\TFPUOverlayIcon.dll (TOSHIBA)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: proxy.army.cz:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
URLSearchHook: HKCU - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.6\iobitappsToolbarIE64.dll (Spigot, Inc.)
URLSearchHook: HKCU - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.6\iobitappsToolbarIE.dll (Spigot, Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {BF1992EA-80ED-4AD5-8CBE-CE4292D47033} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {BF1992EA-80ED-4AD5-8CBE-CE4292D47033} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {ECB139F5-E994-4AC0-B843-32CB346B242D} URL = http://de.search.yahoo.com/search?p={se ... type=horus
BHO: avast! Online Security -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast Business\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO-x32: TFPUPWDBankBHO Class -> {030AC7B6-E7EC-40F1-8FB2-C0FD344DE0B9} -> C:\Program Files\TOSHIBA\TFPU\x86\TFPUPWDBankBHO.dll (TODO: <Company name>)
BHO-x32: IObit Apps Toolbar -> {03EB0E9C-7A91-4381-A220-9B52B641CDB1} -> C:\Program Files (x86)\IObit Apps Toolbar\IE\9.6\iobitappsToolbarIE.dll (Spigot, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast Business\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast Business\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.6\iobitappsToolbarIE64.dll (Spigot, Inc.)
Toolbar: HKLM-x32 - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.6\iobitappsToolbarIE.dll (Spigot, Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast Business\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
DPF: HKLM-x32 {672EE252-D813-4F5E-81BB-5DD163DD4FA5} https://www.mojedatovaschranka.cz/stati ... ?3,16,13,0
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\budikt\AppData\Roaming\Mozilla\Firefox\Profiles\21j0w5zi.default
FF Homepage: hxxp://www.seznam.cz/
FF NetworkProxy: "http", "proxy.army.cz"
FF NetworkProxy: "http_port", 8080
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-891148495-1099679057-1463982643-1003: @talk.google.com/GoogleTalkPlugin -> C:\Users\budikt\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-891148495-1099679057-1463982643-1003: @talk.google.com/O1DPlugin -> C:\Users\budikt\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-891148495-1099679057-1463982643-1003: @tools.google.com/Google Update;version=3 -> C:\Users\budikt\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-891148495-1099679057-1463982643-1003: @tools.google.com/Google Update;version=9 -> C:\Users\budikt\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\budikt\AppData\Roaming\Mozilla\Firefox\Profiles\21j0w5zi.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\budikt\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\budikt\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Browser Utility - C:\Users\budikt\AppData\Roaming\Mozilla\Firefox\Profiles\21j0w5zi.default\Extensions\browserutility [2013-11-22]
FF Extension: LastPass - C:\Users\budikt\AppData\Roaming\Mozilla\Firefox\Profiles\21j0w5zi.default\Extensions\support@lastpass.com [2014-09-01]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-09-25]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-09-25]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-09-25]
FF HKLM\...\Firefox\Extensions: [{C1CA7765-44E4-452e-9D00-A04F3D434281}] -
FF HKLM-x32\...\Firefox\Extensions: [{C1CA7765-44E4-452e-9D00-A04F3D434281}] -
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast Business\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast Business\WebRep\FF [2013-06-10]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> https://www.google.com/search?q={search ... 8&oe=utf-8
CHR DefaultSuggestURL: Default -> https://www.google.com/complete/search?q={searchTerms}
CHR Profile: C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-01-10]
CHR Extension: (Disk Google) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-10]
CHR Extension: (Seznam Lištička - Email) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-05-27]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-08-18]
CHR Extension: (YouTube) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-10]
CHR Extension: (No Name) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg [2014-01-23]
CHR Extension: (Vyhledávání Google) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-10]
CHR Extension: (Hodiny) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2014-01-10]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-01-10]
CHR Extension: (Battlestar Galactica Online) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihbmdfdhanakpfoiaomnelodiejioflb [2014-01-10]
CHR Extension: (Mapy Google) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-01-10]
CHR Extension: (Hodiny) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjocghlclkpgheifflemilcnblodjohg [2014-11-08]
CHR Extension: (Earthly Raindrop) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfafifkblojjoeogacijogdmkjhkgkh [2014-11-08]
CHR Extension: (Peněženka Google) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Prohlížeč dokumentů ve formátu PDF/PowerPoint (od společnosti Google)) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2014-01-10]
CHR Extension: (Gmail) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-10]
CHR HKLM-x32\...\Chrome\Extension: [ajhcekcffkpnaednoeoegnmnjdlnjjmg] - C:\ProgramData\TheBflix\ajhcekcffkpnaednoeoegnmnjdlnjjmg.crx []
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast Business\WebRep\Chrome\aswWebRepChrome.crx [2013-06-10]
CHR HKLM-x32\...\Chrome\Extension: [mbcjjdjanpccmehilicphhmeobiljcpk] - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx [2013-06-10]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [73728 2010-04-14] (Software602 a.s.) [File not signed]
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast Business\AvastSvc.exe [45248 2014-01-14] (AVAST Software)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-10-26] (Toshiba Europe GmbH)
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
R2 Wireless modem support.; C:\Program Files\Anydata\Anydata ADU890-WH\CMSrv.exe [79360 2011-08-26] () [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 adusbnet; C:\Windows\System32\DRIVERS\adusbnet.sys [154112 2010-12-20] (QUALCOMM Incorporated)
S3 adusbser; C:\Windows\System32\DRIVERS\adusbser.sys [123392 2010-12-20] (QUALCOMM Incorporated)
S3 AF9035HB; C:\Windows\System32\Drivers\AF9035HB.sys [900480 2013-06-11] (AfaTech )
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2014-01-14] (AVAST Software)
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2014-01-14] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [80816 2014-01-14] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [70992 2014-01-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2014-01-14] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1034024 2014-01-14] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [377920 2014-01-14] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [68920 2014-01-14] (AVAST Software)
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2014-01-14] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-09] (DT Soft Ltd)
S3 FsUsbExDisk; C:\windows\SysWOW64\FsUsbExDisk.SYS [37344 2014-01-23] () [File not signed]
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [158024 2013-08-21] (MCCI Corporation)
S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2010-12-21] (MCCI Corporation)
U3 DfSdkS; No ImagePath
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-10 18:44 - 2014-11-10 18:45 - 00028823 _____ () C:\Users\budikt\Desktop\FRST.txt
2014-11-10 18:44 - 2014-11-10 18:44 - 00000000 ____D () C:\FRST
2014-11-10 18:41 - 2014-11-10 18:41 - 00112640 _____ (forum.viry.cz) C:\Users\budikt\Desktop\FRSTLauncher (1).exe
2014-11-10 18:40 - 2014-11-10 18:40 - 00112640 _____ (forum.viry.cz) C:\Users\budikt\Downloads\Nepotvrzeno 8660.crdownload
2014-11-10 18:37 - 2014-11-10 18:38 - 02116096 _____ (Farbar) C:\Users\budikt\Desktop\FRST64.exe
2014-11-10 18:13 - 2014-11-10 18:13 - 00032256 _____ () C:\Users\budikt\Downloads\K_Nemocenske_2014.xls
2014-11-10 16:50 - 2014-11-10 16:50 - 00001562 _____ () C:\windows\PFRO.log
2014-11-10 16:50 - 2014-11-10 16:50 - 00000056 _____ () C:\windows\setupact.log
2014-11-10 16:50 - 2014-11-10 16:50 - 00000000 _____ () C:\windows\setuperr.log
2014-11-08 12:57 - 2014-11-08 13:02 - 00000000 ____D () C:\Program Files (x86)\AntiTwin
2014-11-08 12:57 - 2014-11-08 12:57 - 00001032 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Twin.lnk
2014-11-08 12:57 - 2014-11-08 12:57 - 00001020 _____ () C:\Users\Public\Desktop\Anti-Twin.lnk
2014-11-08 12:56 - 2014-11-08 12:56 - 00903638 _____ () C:\Users\budikt\Downloads\AntiTwin_Setup.exe
2014-11-08 12:47 - 2014-11-08 12:48 - 00000000 ____D () C:\Users\budikt\Documents\CloneSpy
2014-11-08 12:47 - 2014-11-08 12:47 - 00000000 ____D () C:\Users\budikt\AppData\Roaming\CloneSpy
2014-11-08 12:45 - 2014-11-08 12:46 - 00757612 _____ (Marcus Kleinehagenbrock) C:\Users\budikt\Downloads\cspy251.exe
2014-11-08 12:34 - 2014-11-08 12:35 - 00000000 ____D () C:\totalcmd
2014-11-08 12:34 - 2014-11-08 12:34 - 00000000 ____D () C:\Users\budikt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2014-11-08 12:34 - 2014-11-08 12:34 - 00000000 ____D () C:\Users\budikt\AppData\Roaming\GHISLER
2014-11-08 12:33 - 2014-11-08 12:34 - 03722264 _____ (Ghisler Software GmbH) C:\Users\budikt\Downloads\tcm851x32.exe
2014-11-05 18:41 - 2014-11-05 18:41 - 04977216 _____ (Piriform Ltd) C:\Users\budikt\Downloads\ccsetup419.exe
2014-11-04 21:43 - 2014-11-04 21:43 - 00075264 _____ () C:\Users\budikt\Downloads\FINAL ChybÄ-jÃ-cÃ- tech 7 mb - 30 10 2014.xls
2014-11-04 21:42 - 2014-11-04 21:42 - 00205824 _____ () C:\Users\budikt\Downloads\27865_DoubravaVladan8227100.xls
2014-11-04 20:27 - 2014-11-04 20:27 - 00264183 _____ () C:\Users\budikt\Downloads\2014 11 04 7. mb - Kalendarni plan na rok 2015.xlsx
2014-10-25 20:56 - 2014-10-25 21:08 - 815629484 _____ () C:\Users\budikt\Desktop\Jako nikdy 2013 Cz dab..avi
2014-10-24 11:13 - 2014-10-24 11:14 - 01834300 _____ () C:\Users\budikt\Downloads\Gmail(1).zip
2014-10-24 11:13 - 2014-10-24 11:13 - 06159039 _____ () C:\Users\budikt\Downloads\Gmail.zip
2014-10-24 11:10 - 2014-10-24 11:10 - 02478879 _____ () C:\Users\budikt\Downloads\fwdkolydokorespondence.zip
2014-10-24 11:10 - 2014-10-24 11:10 - 00000000 ____D () C:\Users\budikt\Venda
2014-10-24 08:41 - 2014-10-24 09:00 - 178341606 _____ () C:\Users\budikt\Downloads\Kryštof---2007-Poločas---Best-Of---Limited-Edition.rar
2014-10-24 07:25 - 2014-10-24 07:35 - 100284513 _____ () C:\Users\budikt\Downloads\Krystof---Jeviste--(2009).rar
2014-10-24 07:24 - 2014-10-24 11:08 - 00000000 ____D () C:\Users\budikt\Desktop\Kryštof
2014-10-24 07:06 - 2014-10-24 07:17 - 99326437 _____ () C:\Users\budikt\Downloads\Kryštof---Inzerát-(celé-album).rar
2014-10-20 17:39 - 2014-10-20 17:38 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-10-20 17:38 - 2014-10-20 17:38 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-10-20 17:38 - 2014-10-20 17:38 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-10-20 17:38 - 2014-10-20 17:38 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-20 17:38 - 2014-10-20 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-20 17:38 - 2014-10-20 17:38 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-20 06:19 - 2013-12-27 16:55 - 00000000 ____D () C:\Users\budikt\Desktop\Portable SpyHunter 4.16.5.4290 Multilanguage
2014-10-20 06:18 - 2014-10-20 06:19 - 75916442 _____ () C:\Users\budikt\Downloads\Portable-SpyHunter-4.16.5.4290-Multilanguage.rar
2014-10-19 20:45 - 2014-10-19 20:45 - 04834344 ____N (AVAST Software) C:\Users\budikt\Downloads\avast_premier_antivirus_setup_online.exe
2014-10-17 14:25 - 2014-10-17 14:31 - 00000000 ____D () C:\Users\budikt\Desktop\Fotky ZTE
2014-10-15 20:59 - 2014-10-17 14:32 - 00000000 ____D () C:\Users\budikt\Desktop\Fotky Jirka
2014-10-15 08:10 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-15 08:10 - 2014-08-19 04:11 - 00693176 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2014-10-15 08:10 - 2014-08-19 04:10 - 00616352 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2014-10-15 08:10 - 2014-08-19 04:08 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2014-10-15 08:10 - 2014-08-19 04:08 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2014-10-15 08:10 - 2014-08-19 04:08 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2014-10-15 08:10 - 2014-08-19 04:07 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2014-10-15 08:10 - 2014-08-19 04:07 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2014-10-15 08:10 - 2014-08-19 04:07 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2014-10-15 08:10 - 2014-08-19 04:07 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2014-10-15 08:10 - 2014-08-19 04:07 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2014-10-15 08:10 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2014-10-15 08:10 - 2014-08-19 03:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2014-10-15 08:10 - 2014-08-19 03:06 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2014-10-15 08:10 - 2014-07-07 03:07 - 14632960 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2014-10-15 08:10 - 2014-07-07 03:07 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2014-10-15 08:10 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 05551032 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-10-15 08:10 - 2014-07-07 03:06 - 04120576 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 01574400 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 01069056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00842240 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00679424 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2014-10-15 08:10 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2014-10-15 08:10 - 2014-07-07 03:05 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2014-10-15 08:10 - 2014-07-07 02:52 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2014-10-15 08:10 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
2014-10-15 08:10 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2014-10-15 08:10 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2014-10-15 08:10 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2014-10-15 08:10 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2014-10-15 08:10 - 2014-06-28 01:21 - 00619056 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2014-10-15 08:10 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2014-10-15 08:10 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2014-10-15 08:10 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2014-10-15 08:10 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2014-10-15 08:10 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2014-10-15 08:10 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2014-10-15 08:10 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2014-10-15 08:10 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2014-10-15 08:09 - 2014-07-07 03:06 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2014-10-15 08:09 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2014-10-15 08:09 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2014-10-15 08:09 - 2014-07-07 03:05 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2014-10-15 08:09 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2014-10-15 08:09 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2014-10-15 08:09 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2014-10-15 08:09 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2014-10-15 08:09 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2014-10-15 08:09 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2014-10-15 08:08 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-15 08:08 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-15 08:08 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-15 08:08 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-15 08:08 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-10-15 08:08 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-15 08:08 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-10-15 08:08 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-10-15 08:08 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-10-15 08:08 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-10-15 08:08 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-10-15 08:08 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-15 08:08 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-15 08:08 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-15 08:08 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-10-15 08:08 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-10-15 08:08 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-15 08:08 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-10-15 08:08 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-10-15 08:08 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-10-15 08:08 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-10-15 08:08 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-15 08:08 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-15 08:08 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-10-15 08:08 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-10-15 08:08 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-10-15 08:08 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-10-15 08:08 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-10-15 08:08 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-10-15 08:08 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-15 08:08 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-10-15 08:08 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-15 08:08 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 08:08 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-10-15 08:08 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-10-15 08:08 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-10-15 08:08 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-10-15 08:08 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-15 08:08 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-10-15 08:08 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-15 08:08 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-10-15 08:08 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-10-15 08:08 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-10-15 08:08 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-10-15 08:08 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-10-15 08:08 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-10-15 08:08 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-15 08:08 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-15 08:08 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-10-15 08:08 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 08:08 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-15 08:08 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-10-15 08:08 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-10-15 08:08 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-10-15 08:08 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-15 08:08 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-10-15 08:08 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-10-15 08:08 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-10-15 08:08 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-10-15 08:07 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-15 08:07 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-15 08:07 - 2014-08-29 03:07 - 00322560 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll
2014-10-15 08:07 - 2014-08-29 03:07 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2014-10-15 08:07 - 2014-08-29 03:06 - 01125888 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-10-15 08:07 - 2014-08-29 02:44 - 04922368 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-15 08:07 - 2014-08-29 02:44 - 01050112 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-10-15 08:07 - 2014-08-29 02:44 - 00269312 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2014-10-15 08:07 - 2014-08-29 02:44 - 00037376 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2014-10-15 08:06 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-15 08:06 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-15 08:06 - 2014-08-29 03:07 - 05780480 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-15 08:06 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-10-15 08:06 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-15 08:06 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-10-15 08:06 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-15 08:06 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2014-10-15 08:06 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-10-15 08:06 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-15 08:06 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-10-15 08:06 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-10-15 08:05 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-15 08:05 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-15 08:05 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-10-15 08:05 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-10-15 08:05 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2014-10-13 12:34 - 2014-09-09 23:11 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-10-13 12:34 - 2014-09-09 22:47 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-10-13 12:33 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2014-10-13 12:33 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-10 18:44 - 2012-01-04 20:09 - 00000952 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-10 18:42 - 2009-07-14 05:45 - 00022208 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-10 18:42 - 2009-07-14 05:45 - 00022208 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-10 18:32 - 2012-04-02 17:02 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-10 17:58 - 2013-10-18 17:31 - 00000966 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003UA.job
2014-11-10 16:55 - 2011-11-16 18:44 - 01119049 _____ () C:\windows\WindowsUpdate.log
2014-11-10 16:51 - 2012-01-04 20:09 - 00000948 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-10 16:50 - 2011-04-03 18:46 - 00065536 _____ () C:\windows\system32\Ikeext.etl
2014-11-10 16:50 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-09 20:45 - 2011-09-10 09:28 - 00000000 ____D () C:\Program Files (x86)\Nokia
2014-11-09 20:44 - 2011-03-09 18:39 - 00000000 ____D () C:\windows\WindowsMobile
2014-11-09 20:44 - 2011-03-09 18:34 - 00000000 ____D () C:\Program Files (x86)\Spb Wallet
2014-11-09 20:43 - 2010-07-13 03:23 - 00000000 ____D () C:\ProgramData\Skype
2014-11-08 21:25 - 2013-10-18 17:31 - 00000914 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003Core.job
2014-11-08 13:02 - 2011-03-08 21:26 - 00000000 ____D () C:\Program Files (x86)\The KMPlayer
2014-11-05 18:42 - 2013-11-01 08:59 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-03 16:41 - 2013-09-24 19:46 - 00000000 ____D () C:\Users\budikt\Documents\Lexicon
2014-10-31 20:09 - 2009-07-14 16:18 - 00673072 _____ () C:\windows\system32\perfh005.dat
2014-10-31 20:09 - 2009-07-14 16:18 - 00143820 _____ () C:\windows\system32\perfc005.dat
2014-10-31 20:09 - 2009-07-14 06:13 - 01596928 _____ () C:\windows\system32\PerfStringBackup.INI
2014-10-31 18:08 - 2013-06-10 08:51 - 00003942 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-10-31 18:08 - 2013-06-10 08:51 - 00000000 _____ () C:\windows\SysWOW64\config.nt
2014-10-28 16:59 - 2013-06-10 12:55 - 00000000 ____D () C:\Users\budikt\AppData\Roaming\Mozilla
2014-10-28 06:34 - 2011-03-08 16:40 - 00275080 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-10-24 16:10 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2014-10-24 15:59 - 2009-07-14 06:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-10-24 11:10 - 2013-06-10 11:05 - 00000000 ____D () C:\Users\budikt
2014-10-24 07:26 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-20 17:39 - 2013-10-20 07:48 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-20 11:30 - 2014-04-22 17:28 - 00000000 ____D () C:\Users\Public\Util
2014-10-20 11:30 - 2013-11-22 18:10 - 00000000 ____D () C:\Program Files (x86)\Browser Utility
2014-10-19 20:45 - 2013-06-10 08:51 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-19 19:53 - 2013-10-18 17:31 - 00003938 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003UA
2014-10-19 19:53 - 2013-10-18 17:31 - 00003542 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003Core
2014-10-18 09:39 - 2012-01-04 20:09 - 00003948 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-18 09:39 - 2012-01-04 20:09 - 00003696 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-17 14:19 - 2013-12-28 20:28 - 00000000 ____D () C:\Users\budikt\Desktop\flash
2014-10-16 18:00 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2014-10-16 08:29 - 2013-06-11 09:53 - 04853832 _____ () C:\windows\system32\FNTCACHE.DAT
2014-10-16 08:29 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-16 08:27 - 2014-05-08 12:30 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-16 08:27 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-10-16 08:27 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\Dism
2014-10-15 22:51 - 2013-06-06 09:09 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-15 22:46 - 2013-07-23 02:01 - 00000000 ____D () C:\windows\system32\MRT
2014-10-15 22:41 - 2011-03-11 21:26 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-13 12:33 - 2012-04-02 17:02 - 00003852 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-10-13 12:32 - 2012-04-02 17:02 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-10-13 12:32 - 2011-05-17 15:41 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-11 10:44 - 2013-06-10 11:12 - 00000000 ____D () C:\Users\budikt\AppData\Local\Anydata ADU890-WH
Some content of TEMP:
====================
C:\Users\budikt\AppData\Local\temp\Foxit Reader Updater.exe
C:\Users\budikt\AppData\Local\temp\KMP_3.9.1.129.exe
C:\Users\budikt\AppData\Local\temp\KMP_3.9.1.130.exe
C:\Users\budikt\AppData\Local\temp\{BCE8E17B-1D35-49A6-9D1B-0B23DC8CE1DA}-38.0.2125.101_37.0.2062.120_chrome_updater.exe
C:\Users\ZN J-2 VeSpS\AppData\Local\temp\uninst1.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-05 19:20
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (TI30643400A) (Fixed) (Total:152.22 GB) (Free:82.79 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:136.72 GB) (Free:60.16 GB) NTFS
Available physical RAM: 1871.43 MB
Total physical RAM: 3824.43 MB
Percentage of memory in use: 51%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 231DDDB6)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=152.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=136.7 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=7.7 GB) - (Type=17)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003Core.job => C:\Users\budikt\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003UA.job => C:\Users\budikt\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51
AlternateDataStreams: C:\ProgramData\TEMP:8CE646EE
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Disabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\budikt\Desktop" je 5167 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage
C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyDrive
"C:\Users\ZN J-2 VeSpS\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall C:
%windir%\WindowsMobile\wmdc.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center
Re�im ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass FF RunOnce.lnk
C:\PROGRA~2\COMMON~1\LPUNIN~1.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass IE RunOnce.lnk
C:\PROGRA~2\COMMON~1\LPUNIN~1.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk
C:\PROGRA~2\ArcSoft\TOTALM~1.5\TMMONI~1.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^ZN J-2 VeSpS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Lingea Update Center.lnk
C:\PROGRA~2\COMMON~1\LINGEA~1\luc.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu NT
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Prosím o kontrolu NT
- Přílohy
-
- Addition.7z
- (11.47 KiB) Staženo 53 x
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu NT
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu NT
# AdwCleaner v4.101 - Report created 10/11/2014 at 19:25:17
# Updated 09/11/2014 by Xplode
# Database : 2014-11-07.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : budikt - NX60127IMO
# Running from : C:\Users\budikt\Desktop\adwcleaner_4.101.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\f7fe5d965f35c206
Folder Deleted : C:\Program Files (x86)\Application Updater
Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files (x86)\IObit Apps Toolbar
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\windows\SysWOW64\BrowserProtect
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\budikt\AppData\Local\DownloadGuide
Folder Deleted : C:\Users\budikt\AppData\Local\torch
Folder Deleted : C:\Users\budikt\AppData\LocalLow\GutscheinCodes
Folder Deleted : C:\Users\budikt\AppData\Roaming\Windows Net Data
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Guest\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Ivanka\AppData\Local\torch
Folder Deleted : C:\Users\Public\Util
Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\Local\Conduit
Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\Local\OpenCandy
Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\Local\PutLockerDownloader
Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\Local\torch
Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\LocalLow\Application Updater
Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\Roaming\Babylon
Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com
Folder Deleted : C:\Users\ZN J-2 VeSpS\Documents\PCSpeedUp
[!] Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\Roaming\Mozilla\Firefox\Profiles\7zy60hms.default\Extensions\wtxpcom@mybrowserbar.com
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\inlokmpjkdeihjimjhcbolfhkfenpadf
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\inlokmpjkdeihjimjhcbolfhkfenpadf
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\inlokmpjkdeihjimjhcbolfhkfenpadf
Folder Deleted : C:\Users\Ivanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\inlokmpjkdeihjimjhcbolfhkfenpadf
Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\Extensions\inlokmpjkdeihjimjhcbolfhkfenpadf
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
Folder Deleted : C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
Folder Deleted : C:\Users\Ivanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\inlokmpjkdeihjimjhcbolfhkfenpadf
Folder Deleted : C:\Users\budikt\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\inlokmpjkdeihjimjhcbolfhkfenpadf
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\inlokmpjkdeihjimjhcbolfhkfenpadf
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\inlokmpjkdeihjimjhcbolfhkfenpadf
Folder Deleted : C:\Users\Ivanka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\inlokmpjkdeihjimjhcbolfhkfenpadf
Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\inlokmpjkdeihjimjhcbolfhkfenpadf
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
Folder Deleted : C:\Users\budikt\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
Folder Deleted : C:\Users\Ivanka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
File Deleted : C:\Users\budikt\AppData\Roaming\aps.uninstall.scan.results
File Deleted : C:\Users\budikt\AppData\Roaming\LiveSupport.exe_log.txt
File Deleted : C:\Users\budikt\AppData\Roaming\regsvr32.exe_log.txt
File Deleted : C:\Users\budikt\AppData\Roaming\Mozilla\Firefox\Profiles\21j0w5zi.default\defaulttab.config
File Deleted : C:\Users\ZN J-2 VeSpS\AppData\Roaming\Mozilla\Firefox\Profiles\7zy60hms.default\searchplugins\daemon-search.xml
File Deleted : C:\Users\budikt\AppData\Roaming\Mozilla\Firefox\Profiles\21j0w5zi.default\user.js
File Deleted : C:\Users\ZN J-2 VeSpS\AppData\Roaming\Mozilla\Firefox\Profiles\7zy60hms.default\user.js
***** [ Scheduled Tasks ] *****
Task Deleted : BitGuard
Task Deleted : Scheduled Update for Ask Toolbar
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ajhcekcffkpnaednoeoegnmnjdlnjjmg
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mbcjjdjanpccmehilicphhmeobiljcpk
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GutscheinCodes.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKCU\Software\592d7dcb03cba45
Key Deleted : HKLM\SOFTWARE\592d7dcb03cba45
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{59279625-EFF0-4F55-98F0-51EDDD800DD9}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VIS
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v32.0.3 (x86 cs)
[qodecefw.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
[qodecefw.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
[qodecefw.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://isearch.avg.com/?cid={2FC650B8-5466-4A9B-BA92-36DA1E6AEA8F}&mid=6addd6197fcc47d682cbd16a5ec88a61-85431635ccf6544a83f44d1f529e1df4d42e137f&lang=cs&ds=ts023[...]
-\\ Google Chrome v38.0.2125.111
[C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxps://isearch.avg.com/search?cid={C680C4EC-4C86-4C86-9D8D-80767B810CF7}&mid=c639169a1bae47d6b646d16d120708c2-717e988083dff3653a2c6673f36ff6c16efa5404&lang=cz&ds=AVG&pr=pa&d=2011-12-11 17:25:46&v=12.2.5.32&sap=dsp&q={searchTerms}
[C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.icq.com/search/results/?q={searchTerms}&ch_id=icq-fx-plug
[C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
[C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg
[C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : hbcennhacfaagdopikcegfcobcadeocj
[C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : hphibigbodkkohoglgfkddblldpfohjl
[C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
[C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
[C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : kincjchfokkeneeofpeefomkikfkiedl
[C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
[C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
[C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : pfndaklgolladniicklehhancnlgocpp
[C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc
[C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : inlokmpjkdeihjimjhcbolfhkfenpadf
[C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : cabllodmihocpcifponbpmcklgnfekdg
[C:\Users\Štábní nácvik\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : hbcennhacfaagdopikcegfcobcadeocj
[C:\Users\Štábní nácvik\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
[C:\Users\Štábní nácvik\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : kdidombaedgpfiiedeimiebkmbilgmlc
[C:\Users\Štábní nácvik\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
[C:\Users\Štábní nácvik\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : pfndaklgolladniicklehhancnlgocpp
-\\ Comodo Dragon v
[C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxps://isearch.avg.com/search?cid={C680C4EC-4C86-4C86-9D8D-80767B810CF7}&mid=c639169a1bae47d6b646d16d120708c2-717e988083dff3653a2c6673f36ff6c16efa5404&lang=cz&ds=AVG&pr=pa&d=2011-12-11 17:25:46&v=12.2.5.32&sap=dsp&q={searchTerms}
[C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.icq.com/search/results/?q={searchTerms}&ch_id=icq-fx-plug
*************************
AdwCleaner[R0].txt - [16831 octets] - [10/11/2014 19:23:10]
AdwCleaner[S0].txt - [17231 octets] - [10/11/2014 19:25:17]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17292 octets] ##########
# Updated 09/11/2014 by Xplode
# Database : 2014-11-07.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : budikt - NX60127IMO
# Running from : C:\Users\budikt\Desktop\adwcleaner_4.101.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\f7fe5d965f35c206
Folder Deleted : C:\Program Files (x86)\Application Updater
Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files (x86)\IObit Apps Toolbar
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\windows\SysWOW64\BrowserProtect
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\budikt\AppData\Local\DownloadGuide
Folder Deleted : C:\Users\budikt\AppData\Local\torch
Folder Deleted : C:\Users\budikt\AppData\LocalLow\GutscheinCodes
Folder Deleted : C:\Users\budikt\AppData\Roaming\Windows Net Data
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Guest\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Ivanka\AppData\Local\torch
Folder Deleted : C:\Users\Public\Util
Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\Local\Conduit
Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\Local\OpenCandy
Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\Local\PutLockerDownloader
Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\Local\torch
Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\LocalLow\Application Updater
Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\Roaming\Babylon
Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com
Folder Deleted : C:\Users\ZN J-2 VeSpS\Documents\PCSpeedUp
[!] Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\Roaming\Mozilla\Firefox\Profiles\7zy60hms.default\Extensions\wtxpcom@mybrowserbar.com
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\inlokmpjkdeihjimjhcbolfhkfenpadf
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\inlokmpjkdeihjimjhcbolfhkfenpadf
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\inlokmpjkdeihjimjhcbolfhkfenpadf
Folder Deleted : C:\Users\Ivanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\inlokmpjkdeihjimjhcbolfhkfenpadf
Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\Extensions\inlokmpjkdeihjimjhcbolfhkfenpadf
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
Folder Deleted : C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
Folder Deleted : C:\Users\Ivanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\inlokmpjkdeihjimjhcbolfhkfenpadf
Folder Deleted : C:\Users\budikt\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\inlokmpjkdeihjimjhcbolfhkfenpadf
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\inlokmpjkdeihjimjhcbolfhkfenpadf
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\inlokmpjkdeihjimjhcbolfhkfenpadf
Folder Deleted : C:\Users\Ivanka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\inlokmpjkdeihjimjhcbolfhkfenpadf
Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\inlokmpjkdeihjimjhcbolfhkfenpadf
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
Folder Deleted : C:\Users\budikt\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
Folder Deleted : C:\Users\Ivanka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
Folder Deleted : C:\Users\ZN J-2 VeSpS\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
File Deleted : C:\Users\budikt\AppData\Roaming\aps.uninstall.scan.results
File Deleted : C:\Users\budikt\AppData\Roaming\LiveSupport.exe_log.txt
File Deleted : C:\Users\budikt\AppData\Roaming\regsvr32.exe_log.txt
File Deleted : C:\Users\budikt\AppData\Roaming\Mozilla\Firefox\Profiles\21j0w5zi.default\defaulttab.config
File Deleted : C:\Users\ZN J-2 VeSpS\AppData\Roaming\Mozilla\Firefox\Profiles\7zy60hms.default\searchplugins\daemon-search.xml
File Deleted : C:\Users\budikt\AppData\Roaming\Mozilla\Firefox\Profiles\21j0w5zi.default\user.js
File Deleted : C:\Users\ZN J-2 VeSpS\AppData\Roaming\Mozilla\Firefox\Profiles\7zy60hms.default\user.js
***** [ Scheduled Tasks ] *****
Task Deleted : BitGuard
Task Deleted : Scheduled Update for Ask Toolbar
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ajhcekcffkpnaednoeoegnmnjdlnjjmg
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mbcjjdjanpccmehilicphhmeobiljcpk
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GutscheinCodes.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKCU\Software\592d7dcb03cba45
Key Deleted : HKLM\SOFTWARE\592d7dcb03cba45
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{59279625-EFF0-4F55-98F0-51EDDD800DD9}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VIS
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v32.0.3 (x86 cs)
[qodecefw.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
[qodecefw.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
[qodecefw.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://isearch.avg.com/?cid={2FC650B8-5466-4A9B-BA92-36DA1E6AEA8F}&mid=6addd6197fcc47d682cbd16a5ec88a61-85431635ccf6544a83f44d1f529e1df4d42e137f&lang=cs&ds=ts023[...]
-\\ Google Chrome v38.0.2125.111
[C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxps://isearch.avg.com/search?cid={C680C4EC-4C86-4C86-9D8D-80767B810CF7}&mid=c639169a1bae47d6b646d16d120708c2-717e988083dff3653a2c6673f36ff6c16efa5404&lang=cz&ds=AVG&pr=pa&d=2011-12-11 17:25:46&v=12.2.5.32&sap=dsp&q={searchTerms}
[C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.icq.com/search/results/?q={searchTerms}&ch_id=icq-fx-plug
[C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
[C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg
[C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : hbcennhacfaagdopikcegfcobcadeocj
[C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : hphibigbodkkohoglgfkddblldpfohjl
[C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
[C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
[C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : kincjchfokkeneeofpeefomkikfkiedl
[C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
[C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
[C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : pfndaklgolladniicklehhancnlgocpp
[C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc
[C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : inlokmpjkdeihjimjhcbolfhkfenpadf
[C:\Users\ZN J-2 VeSpS\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : cabllodmihocpcifponbpmcklgnfekdg
[C:\Users\Štábní nácvik\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : hbcennhacfaagdopikcegfcobcadeocj
[C:\Users\Štábní nácvik\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
[C:\Users\Štábní nácvik\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : kdidombaedgpfiiedeimiebkmbilgmlc
[C:\Users\Štábní nácvik\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
[C:\Users\Štábní nácvik\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : pfndaklgolladniicklehhancnlgocpp
-\\ Comodo Dragon v
[C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxps://isearch.avg.com/search?cid={C680C4EC-4C86-4C86-9D8D-80767B810CF7}&mid=c639169a1bae47d6b646d16d120708c2-717e988083dff3653a2c6673f36ff6c16efa5404&lang=cz&ds=AVG&pr=pa&d=2011-12-11 17:25:46&v=12.2.5.32&sap=dsp&q={searchTerms}
[C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.icq.com/search/results/?q={searchTerms}&ch_id=icq-fx-plug
*************************
AdwCleaner[R0].txt - [16831 octets] - [10/11/2014 19:23:10]
AdwCleaner[S0].txt - [17231 octets] - [10/11/2014 19:25:17]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17292 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu NT
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu NT
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2014 01
Ran by budikt (administrator) on NX60127IMO on 10-11-2014 20:14:15
Running from C:\Users\budikt\Desktop
Loaded Profile: budikt (Available profiles: ZN-J2 VeSps & budikt & Ivanka & Štábní nácvik & Administrator & Guest)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\ATService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast Business\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe
() C:\Program Files\Anydata\Anydata ADU890-WH\CMSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(TOSHIBA) C:\Program Files\Toshiba\TFPU\TFPUPWDBank.exe
(TOSHIBA) C:\Program Files\Toshiba\TFPU\TFPUTaskMonitor.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TNROTATE\TNROTATE.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast Business\AvastUI.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\budikt\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [913720 2010-03-25] (TOSHIBA Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [313344 2009-09-11] (Alps Electric Co., Ltd.)
HKLM\...\Run: [TFPUPWDBankService] => C:\Program Files\TOSHIBA\TFPU\TFPUPWDBank.exe [925104 2009-12-23] (TOSHIBA)
HKLM\...\Run: [TFPUService] => C:\Program Files\TOSHIBA\TFPU\TFPUTaskMonitor.exe [793008 2009-12-23] (TOSHIBA)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1489760 2010-04-06] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050072 2010-10-26] (Toshiba Europe GmbH)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TNRotate] => C:\Program Files (x86)\TOSHIBA\TNRotate\TNRotate.exe [607616 2010-02-22] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2009-12-09] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [TUSBSleepChargeSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe [253312 2009-10-26] (TOSHIBA)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avast] => C:\Program Files\AVAST Software\Avast Business\avastUI.exe [4769352 2014-01-14] (AVAST Software)
HKLM-x32\...\Run: [20131121] => C:\Program Files\AVAST Software\Avast Business\setup\emupdate\bee9eb5a-d44a-4ad0-ab01-f6b4a230eb9c.exe [180184 2013-11-23] (AVAST Software)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1295736 2011-02-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-891148495-1099679057-1463982643-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-891148495-1099679057-1463982643-1003\...\Run: [Google Update] => C:\Users\budikt\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-18] (Google Inc.)
HKU\S-1-5-21-891148495-1099679057-1463982643-1003\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-891148495-1099679057-1463982643-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-29] (Piriform Ltd)
HKU\S-1-5-21-891148495-1099679057-1463982643-1003\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-891148495-1099679057-1463982643-1003\...\MountPoints2: {27a66cc4-86e8-11e2-bc13-0023182c6392} - G:\Launcher.exe
HKU\S-1-5-18\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
HKU\S-1-5-18\...\Run: [Advanced SystemCare 6] => "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\chrome – zástupce.lnk
ShortcutTarget: chrome – zástupce.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Štábní nácvik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast Business\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [ATFPUOverlayIcon] -> {3239DBC1-B76D-4dc7-8B29-D99CBA3C7336} => C:\Program Files\TOSHIBA\TFPU\TFPUOverlayIcon.dll (TOSHIBA)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: proxy.army.cz:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {BF1992EA-80ED-4AD5-8CBE-CE4292D47033} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {BF1992EA-80ED-4AD5-8CBE-CE4292D47033} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {ECB139F5-E994-4AC0-B843-32CB346B242D} URL = http://de.search.yahoo.com/search?p={se ... type=horus
BHO: avast! Online Security -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast Business\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO-x32: TFPUPWDBankBHO Class -> {030AC7B6-E7EC-40F1-8FB2-C0FD344DE0B9} -> C:\Program Files\TOSHIBA\TFPU\x86\TFPUPWDBankBHO.dll (TODO: <Company name>)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast Business\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast Business\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast Business\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
DPF: HKLM-x32 {672EE252-D813-4F5E-81BB-5DD163DD4FA5} https://www.mojedatovaschranka.cz/stati ... ?3,16,13,0
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\budikt\AppData\Roaming\Mozilla\Firefox\Profiles\21j0w5zi.default
FF Homepage: hxxp://www.seznam.cz/
FF NetworkProxy: "http", "proxy.army.cz"
FF NetworkProxy: "http_port", 8080
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-891148495-1099679057-1463982643-1003: @talk.google.com/GoogleTalkPlugin -> C:\Users\budikt\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-891148495-1099679057-1463982643-1003: @talk.google.com/O1DPlugin -> C:\Users\budikt\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-891148495-1099679057-1463982643-1003: @tools.google.com/Google Update;version=3 -> C:\Users\budikt\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-891148495-1099679057-1463982643-1003: @tools.google.com/Google Update;version=9 -> C:\Users\budikt\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\budikt\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\budikt\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Browser Utility - C:\Users\budikt\AppData\Roaming\Mozilla\Firefox\Profiles\21j0w5zi.default\Extensions\browserutility [2013-11-22]
FF Extension: LastPass - C:\Users\budikt\AppData\Roaming\Mozilla\Firefox\Profiles\21j0w5zi.default\Extensions\support@lastpass.com [2014-09-01]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-09-25]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-09-25]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-09-25]
FF HKLM\...\Firefox\Extensions: [{C1CA7765-44E4-452e-9D00-A04F3D434281}] -
FF HKLM-x32\...\Firefox\Extensions: [{C1CA7765-44E4-452e-9D00-A04F3D434281}] -
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast Business\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast Business\WebRep\FF [2013-06-10]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> https://www.google.com/search?q={search ... 8&oe=utf-8
CHR DefaultSuggestURL: Default -> https://www.google.com/complete/search?q={searchTerms}
CHR Profile: C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-01-10]
CHR Extension: (Disk Google) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-10]
CHR Extension: (Seznam Lištička - Email) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-05-27]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-08-18]
CHR Extension: (YouTube) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-10]
CHR Extension: (Vyhledávání Google) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-10]
CHR Extension: (Hodiny) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2014-01-10]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-01-10]
CHR Extension: (Battlestar Galactica Online) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihbmdfdhanakpfoiaomnelodiejioflb [2014-01-10]
CHR Extension: (Mapy Google) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-01-10]
CHR Extension: (Hodiny) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjocghlclkpgheifflemilcnblodjohg [2014-11-08]
CHR Extension: (Earthly Raindrop) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfafifkblojjoeogacijogdmkjhkgkh [2014-11-08]
CHR Extension: (Peněženka Google) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Prohlížeč dokumentů ve formátu PDF/PowerPoint (od společnosti Google)) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2014-01-10]
CHR Extension: (Gmail) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-10]
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast Business\WebRep\Chrome\aswWebRepChrome.crx [2013-06-10]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [73728 2010-04-14] (Software602 a.s.) [File not signed]
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast Business\AvastSvc.exe [45248 2014-01-14] (AVAST Software)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-10-26] (Toshiba Europe GmbH)
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
R2 Wireless modem support.; C:\Program Files\Anydata\Anydata ADU890-WH\CMSrv.exe [79360 2011-08-26] () [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 adusbnet; C:\Windows\System32\DRIVERS\adusbnet.sys [154112 2010-12-20] (QUALCOMM Incorporated)
S3 adusbser; C:\Windows\System32\DRIVERS\adusbser.sys [123392 2010-12-20] (QUALCOMM Incorporated)
S3 AF9035HB; C:\Windows\System32\Drivers\AF9035HB.sys [900480 2013-06-11] (AfaTech )
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2014-01-14] (AVAST Software)
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2014-01-14] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [80816 2014-01-14] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [70992 2014-01-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2014-01-14] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1034024 2014-01-14] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [377920 2014-01-14] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [68920 2014-01-14] (AVAST Software)
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2014-01-14] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-09] (DT Soft Ltd)
S3 FsUsbExDisk; C:\windows\SysWOW64\FsUsbExDisk.SYS [37344 2014-01-23] () [File not signed]
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [158024 2013-08-21] (MCCI Corporation)
S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2010-12-21] (MCCI Corporation)
U3 DfSdkS; No ImagePath
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-10 20:14 - 2014-11-10 20:15 - 00027511 _____ () C:\Users\budikt\Desktop\FRST.txt
2014-11-10 20:12 - 2014-11-10 20:13 - 00112640 _____ (forum.viry.cz) C:\Users\budikt\Desktop\FRSTLauncher.exe
2014-11-10 20:02 - 2014-11-10 20:08 - 00000000 ___RD () C:\Users\budikt\Disk Google
2014-11-10 20:02 - 2014-11-10 20:02 - 00001727 _____ () C:\Users\budikt\Desktop\Disk Google.lnk
2014-11-10 20:00 - 2014-11-10 20:00 - 00002053 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-11-10 20:00 - 2014-11-10 20:00 - 00002051 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-11-10 20:00 - 2014-11-10 20:00 - 00002041 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-11-10 20:00 - 2014-11-10 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-11-10 19:58 - 2014-11-10 19:58 - 00880272 _____ (Google Inc.) C:\Users\budikt\Downloads\googledrivesync.exe
2014-11-10 19:23 - 2014-11-10 19:25 - 00000000 ____D () C:\AdwCleaner
2014-11-10 19:21 - 2014-11-10 19:21 - 02140160 _____ () C:\Users\budikt\Desktop\adwcleaner_4.101.exe
2014-11-10 18:44 - 2014-11-10 20:14 - 00000000 ____D () C:\FRST
2014-11-10 18:37 - 2014-11-10 18:38 - 02116096 _____ (Farbar) C:\Users\budikt\Desktop\FRST64.exe
2014-11-10 18:13 - 2014-11-10 18:13 - 00032256 _____ () C:\Users\budikt\Downloads\K_Nemocenske_2014.xls
2014-11-10 16:50 - 2014-11-10 19:26 - 00001880 _____ () C:\windows\PFRO.log
2014-11-10 16:50 - 2014-11-10 19:26 - 00000112 _____ () C:\windows\setupact.log
2014-11-10 16:50 - 2014-11-10 16:50 - 00000000 _____ () C:\windows\setuperr.log
2014-11-08 12:57 - 2014-11-08 13:02 - 00000000 ____D () C:\Program Files (x86)\AntiTwin
2014-11-08 12:57 - 2014-11-08 12:57 - 00001032 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Twin.lnk
2014-11-08 12:57 - 2014-11-08 12:57 - 00001020 _____ () C:\Users\Public\Desktop\Anti-Twin.lnk
2014-11-08 12:56 - 2014-11-08 12:56 - 00903638 _____ () C:\Users\budikt\Downloads\AntiTwin_Setup.exe
2014-11-08 12:47 - 2014-11-08 12:48 - 00000000 ____D () C:\Users\budikt\Documents\CloneSpy
2014-11-08 12:47 - 2014-11-08 12:47 - 00000000 ____D () C:\Users\budikt\AppData\Roaming\CloneSpy
2014-11-08 12:45 - 2014-11-08 12:46 - 00757612 _____ (Marcus Kleinehagenbrock) C:\Users\budikt\Downloads\cspy251.exe
2014-11-08 12:34 - 2014-11-08 12:35 - 00000000 ____D () C:\totalcmd
2014-11-08 12:34 - 2014-11-08 12:34 - 00000000 ____D () C:\Users\budikt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2014-11-08 12:34 - 2014-11-08 12:34 - 00000000 ____D () C:\Users\budikt\AppData\Roaming\GHISLER
2014-11-08 12:33 - 2014-11-08 12:34 - 03722264 _____ (Ghisler Software GmbH) C:\Users\budikt\Downloads\tcm851x32.exe
2014-11-05 18:41 - 2014-11-05 18:41 - 04977216 _____ (Piriform Ltd) C:\Users\budikt\Downloads\ccsetup419.exe
2014-11-04 21:43 - 2014-11-04 21:43 - 00075264 _____ () C:\Users\budikt\Downloads\FINAL ChybÄ-jÃ-cÃ- tech 7 mb - 30 10 2014.xls
2014-11-04 21:42 - 2014-11-04 21:42 - 00205824 _____ () C:\Users\budikt\Downloads\27865_DoubravaVladan8227100.xls
2014-11-04 20:27 - 2014-11-04 20:27 - 00264183 _____ () C:\Users\budikt\Downloads\2014 11 04 7. mb - Kalendarni plan na rok 2015.xlsx
2014-10-25 20:56 - 2014-10-25 21:08 - 815629484 _____ () C:\Users\budikt\Desktop\Jako nikdy 2013 Cz dab..avi
2014-10-24 11:13 - 2014-10-24 11:14 - 01834300 _____ () C:\Users\budikt\Downloads\Gmail(1).zip
2014-10-24 11:13 - 2014-10-24 11:13 - 06159039 _____ () C:\Users\budikt\Downloads\Gmail.zip
2014-10-24 11:10 - 2014-10-24 11:10 - 02478879 _____ () C:\Users\budikt\Downloads\fwdkolydokorespondence.zip
2014-10-24 11:10 - 2014-10-24 11:10 - 00000000 ____D () C:\Users\budikt\Venda
2014-10-24 08:41 - 2014-10-24 09:00 - 178341606 _____ () C:\Users\budikt\Downloads\Kryštof---2007-Poločas---Best-Of---Limited-Edition.rar
2014-10-24 07:25 - 2014-10-24 07:35 - 100284513 _____ () C:\Users\budikt\Downloads\Krystof---Jeviste--(2009).rar
2014-10-24 07:24 - 2014-10-24 11:08 - 00000000 ____D () C:\Users\budikt\Desktop\Kryštof
2014-10-24 07:06 - 2014-10-24 07:17 - 99326437 _____ () C:\Users\budikt\Downloads\Kryštof---Inzerát-(celé-album).rar
2014-10-20 17:39 - 2014-10-20 17:38 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-10-20 17:38 - 2014-10-20 17:38 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-10-20 17:38 - 2014-10-20 17:38 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-10-20 17:38 - 2014-10-20 17:38 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-20 17:38 - 2014-10-20 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-20 17:38 - 2014-10-20 17:38 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-20 06:19 - 2013-12-27 16:55 - 00000000 ____D () C:\Users\budikt\Desktop\Portable SpyHunter 4.16.5.4290 Multilanguage
2014-10-20 06:18 - 2014-10-20 06:19 - 75916442 _____ () C:\Users\budikt\Downloads\Portable-SpyHunter-4.16.5.4290-Multilanguage.rar
2014-10-19 20:45 - 2014-10-19 20:45 - 04834344 ____N (AVAST Software) C:\Users\budikt\Downloads\avast_premier_antivirus_setup_online.exe
2014-10-17 14:25 - 2014-10-17 14:31 - 00000000 ____D () C:\Users\budikt\Desktop\Fotky ZTE
2014-10-15 20:59 - 2014-10-17 14:32 - 00000000 ____D () C:\Users\budikt\Desktop\Fotky Jirka
2014-10-15 08:10 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-15 08:10 - 2014-08-19 04:11 - 00693176 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2014-10-15 08:10 - 2014-08-19 04:10 - 00616352 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2014-10-15 08:10 - 2014-08-19 04:08 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2014-10-15 08:10 - 2014-08-19 04:08 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2014-10-15 08:10 - 2014-08-19 04:08 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2014-10-15 08:10 - 2014-08-19 04:07 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2014-10-15 08:10 - 2014-08-19 04:07 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2014-10-15 08:10 - 2014-08-19 04:07 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2014-10-15 08:10 - 2014-08-19 04:07 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2014-10-15 08:10 - 2014-08-19 04:07 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2014-10-15 08:10 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2014-10-15 08:10 - 2014-08-19 03:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2014-10-15 08:10 - 2014-08-19 03:06 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2014-10-15 08:10 - 2014-07-07 03:07 - 14632960 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2014-10-15 08:10 - 2014-07-07 03:07 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2014-10-15 08:10 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 05551032 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-10-15 08:10 - 2014-07-07 03:06 - 04120576 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 01574400 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 01069056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00842240 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00679424 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2014-10-15 08:10 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2014-10-15 08:10 - 2014-07-07 03:05 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2014-10-15 08:10 - 2014-07-07 02:52 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2014-10-15 08:10 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
2014-10-15 08:10 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2014-10-15 08:10 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2014-10-15 08:10 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2014-10-15 08:10 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2014-10-15 08:10 - 2014-06-28 01:21 - 00619056 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2014-10-15 08:10 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2014-10-15 08:10 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2014-10-15 08:10 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2014-10-15 08:10 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2014-10-15 08:10 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2014-10-15 08:10 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2014-10-15 08:10 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2014-10-15 08:10 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2014-10-15 08:09 - 2014-07-07 03:06 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2014-10-15 08:09 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2014-10-15 08:09 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2014-10-15 08:09 - 2014-07-07 03:05 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2014-10-15 08:09 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2014-10-15 08:09 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2014-10-15 08:09 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2014-10-15 08:09 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2014-10-15 08:09 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2014-10-15 08:09 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2014-10-15 08:08 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-15 08:08 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-15 08:08 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-15 08:08 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-15 08:08 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-10-15 08:08 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-15 08:08 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-10-15 08:08 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-10-15 08:08 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-10-15 08:08 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-10-15 08:08 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-10-15 08:08 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-15 08:08 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-15 08:08 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-15 08:08 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-10-15 08:08 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-10-15 08:08 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-15 08:08 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-10-15 08:08 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-10-15 08:08 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-10-15 08:08 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-10-15 08:08 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-15 08:08 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-15 08:08 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-10-15 08:08 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-10-15 08:08 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-10-15 08:08 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-10-15 08:08 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-10-15 08:08 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-10-15 08:08 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-15 08:08 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-10-15 08:08 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-15 08:08 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 08:08 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-10-15 08:08 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-10-15 08:08 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-10-15 08:08 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-10-15 08:08 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-15 08:08 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-10-15 08:08 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-15 08:08 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-10-15 08:08 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-10-15 08:08 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-10-15 08:08 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-10-15 08:08 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-10-15 08:08 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-10-15 08:08 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-15 08:08 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-15 08:08 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-10-15 08:08 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 08:08 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-15 08:08 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-10-15 08:08 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-10-15 08:08 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-10-15 08:08 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-15 08:08 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-10-15 08:08 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-10-15 08:08 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-10-15 08:08 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-10-15 08:07 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-15 08:07 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-15 08:07 - 2014-08-29 03:07 - 00322560 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll
2014-10-15 08:07 - 2014-08-29 03:07 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2014-10-15 08:07 - 2014-08-29 03:06 - 01125888 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-10-15 08:07 - 2014-08-29 02:44 - 04922368 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-15 08:07 - 2014-08-29 02:44 - 01050112 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-10-15 08:07 - 2014-08-29 02:44 - 00269312 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2014-10-15 08:07 - 2014-08-29 02:44 - 00037376 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2014-10-15 08:06 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-15 08:06 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-15 08:06 - 2014-08-29 03:07 - 05780480 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-15 08:06 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-10-15 08:06 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-15 08:06 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-10-15 08:06 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-15 08:06 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2014-10-15 08:06 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-10-15 08:06 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-15 08:06 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-10-15 08:06 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-10-15 08:05 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-15 08:05 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-15 08:05 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-10-15 08:05 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-10-15 08:05 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2014-10-13 12:34 - 2014-09-09 23:11 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-10-13 12:34 - 2014-09-09 22:47 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-10-13 12:33 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2014-10-13 12:33 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-10 20:02 - 2013-06-10 11:05 - 00000000 ____D () C:\Users\budikt
2014-11-10 20:00 - 2013-06-10 12:52 - 00000000 ____D () C:\Users\budikt\AppData\Local\Google
2014-11-10 20:00 - 2012-01-04 20:09 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-10 19:58 - 2013-10-18 17:31 - 00000966 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003UA.job
2014-11-10 19:44 - 2012-01-04 20:09 - 00000952 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-10 19:34 - 2009-07-14 05:45 - 00022208 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-10 19:34 - 2009-07-14 05:45 - 00022208 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-10 19:32 - 2012-04-02 17:02 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-10 19:31 - 2011-11-16 18:44 - 01125812 _____ () C:\windows\WindowsUpdate.log
2014-11-10 19:28 - 2012-01-04 20:09 - 00000948 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-10 19:26 - 2011-04-03 18:46 - 00065536 _____ () C:\windows\system32\Ikeext.etl
2014-11-10 19:26 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-09 20:45 - 2011-09-10 09:28 - 00000000 ____D () C:\Program Files (x86)\Nokia
2014-11-09 20:44 - 2011-03-09 18:39 - 00000000 ____D () C:\windows\WindowsMobile
2014-11-09 20:44 - 2011-03-09 18:34 - 00000000 ____D () C:\Program Files (x86)\Spb Wallet
2014-11-09 20:43 - 2010-07-13 03:23 - 00000000 ____D () C:\ProgramData\Skype
2014-11-08 21:25 - 2013-10-18 17:31 - 00000914 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003Core.job
2014-11-08 13:02 - 2011-03-08 21:26 - 00000000 ____D () C:\Program Files (x86)\The KMPlayer
2014-11-05 18:42 - 2013-11-01 08:59 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-03 16:41 - 2013-09-24 19:46 - 00000000 ____D () C:\Users\budikt\Documents\Lexicon
2014-10-31 20:09 - 2009-07-14 16:18 - 00673072 _____ () C:\windows\system32\perfh005.dat
2014-10-31 20:09 - 2009-07-14 16:18 - 00143820 _____ () C:\windows\system32\perfc005.dat
2014-10-31 20:09 - 2009-07-14 06:13 - 01596928 _____ () C:\windows\system32\PerfStringBackup.INI
2014-10-31 18:08 - 2013-06-10 08:51 - 00003942 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-10-31 18:08 - 2013-06-10 08:51 - 00000000 _____ () C:\windows\SysWOW64\config.nt
2014-10-28 16:59 - 2013-06-10 12:55 - 00000000 ____D () C:\Users\budikt\AppData\Roaming\Mozilla
2014-10-28 06:34 - 2011-03-08 16:40 - 00275080 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-10-24 16:10 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2014-10-24 15:59 - 2009-07-14 06:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-10-24 07:26 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-20 17:39 - 2013-10-20 07:48 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-20 11:30 - 2013-11-22 18:10 - 00000000 ____D () C:\Program Files (x86)\Browser Utility
2014-10-19 20:45 - 2013-06-10 08:51 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-19 19:53 - 2013-10-18 17:31 - 00003938 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003UA
2014-10-19 19:53 - 2013-10-18 17:31 - 00003542 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003Core
2014-10-18 09:39 - 2012-01-04 20:09 - 00003948 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-18 09:39 - 2012-01-04 20:09 - 00003696 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-17 14:19 - 2013-12-28 20:28 - 00000000 ____D () C:\Users\budikt\Desktop\flash
2014-10-16 18:00 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2014-10-16 08:29 - 2013-06-11 09:53 - 04853832 _____ () C:\windows\system32\FNTCACHE.DAT
2014-10-16 08:29 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-16 08:27 - 2014-05-08 12:30 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-16 08:27 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-10-16 08:27 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\Dism
2014-10-15 22:51 - 2013-06-06 09:09 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-15 22:46 - 2013-07-23 02:01 - 00000000 ____D () C:\windows\system32\MRT
2014-10-15 22:41 - 2011-03-11 21:26 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-13 12:33 - 2012-04-02 17:02 - 00003852 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-10-13 12:32 - 2012-04-02 17:02 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-10-13 12:32 - 2011-05-17 15:41 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-11 10:44 - 2013-06-10 11:12 - 00000000 ____D () C:\Users\budikt\AppData\Local\Anydata ADU890-WH
Some content of TEMP:
====================
C:\Users\budikt\AppData\Local\temp\Foxit Reader Updater.exe
C:\Users\budikt\AppData\Local\temp\KMP_3.9.1.129.exe
C:\Users\budikt\AppData\Local\temp\KMP_3.9.1.130.exe
C:\Users\budikt\AppData\Local\temp\Quarantine.exe
C:\Users\budikt\AppData\Local\temp\sqlite3.dll
C:\Users\budikt\AppData\Local\temp\{BCE8E17B-1D35-49A6-9D1B-0B23DC8CE1DA}-38.0.2125.101_37.0.2062.120_chrome_updater.exe
C:\Users\ZN J-2 VeSpS\AppData\Local\temp\uninst1.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-05 19:20
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (TI30643400A) (Fixed) (Total:152.22 GB) (Free:82.74 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:136.72 GB) (Free:60.16 GB) NTFS
Available physical RAM: 1824.75 MB
Total physical RAM: 3824.43 MB
Percentage of memory in use: 52%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 231DDDB6)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=152.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=136.7 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=7.7 GB) - (Type=17)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003Core.job => C:\Users\budikt\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003UA.job => C:\Users\budikt\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51
AlternateDataStreams: C:\ProgramData\TEMP:8CE646EE
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Disabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\budikt\Desktop" je 5169 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage
C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyDrive
"C:\Users\ZN J-2 VeSpS\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall C:
%windir%\WindowsMobile\wmdc.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center
Re�im ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass FF RunOnce.lnk
C:\PROGRA~2\COMMON~1\LPUNIN~1.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass IE RunOnce.lnk
C:\PROGRA~2\COMMON~1\LPUNIN~1.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk
C:\PROGRA~2\ArcSoft\TOTALM~1.5\TMMONI~1.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^ZN J-2 VeSpS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Lingea Update Center.lnk
C:\PROGRA~2\COMMON~1\LINGEA~1\luc.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by budikt (administrator) on NX60127IMO on 10-11-2014 20:14:15
Running from C:\Users\budikt\Desktop
Loaded Profile: budikt (Available profiles: ZN-J2 VeSps & budikt & Ivanka & Štábní nácvik & Administrator & Guest)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\ATService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast Business\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe
() C:\Program Files\Anydata\Anydata ADU890-WH\CMSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(TOSHIBA) C:\Program Files\Toshiba\TFPU\TFPUPWDBank.exe
(TOSHIBA) C:\Program Files\Toshiba\TFPU\TFPUTaskMonitor.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TNROTATE\TNROTATE.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast Business\AvastUI.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\budikt\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [913720 2010-03-25] (TOSHIBA Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [313344 2009-09-11] (Alps Electric Co., Ltd.)
HKLM\...\Run: [TFPUPWDBankService] => C:\Program Files\TOSHIBA\TFPU\TFPUPWDBank.exe [925104 2009-12-23] (TOSHIBA)
HKLM\...\Run: [TFPUService] => C:\Program Files\TOSHIBA\TFPU\TFPUTaskMonitor.exe [793008 2009-12-23] (TOSHIBA)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1489760 2010-04-06] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050072 2010-10-26] (Toshiba Europe GmbH)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TNRotate] => C:\Program Files (x86)\TOSHIBA\TNRotate\TNRotate.exe [607616 2010-02-22] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2009-12-09] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [TUSBSleepChargeSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe [253312 2009-10-26] (TOSHIBA)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avast] => C:\Program Files\AVAST Software\Avast Business\avastUI.exe [4769352 2014-01-14] (AVAST Software)
HKLM-x32\...\Run: [20131121] => C:\Program Files\AVAST Software\Avast Business\setup\emupdate\bee9eb5a-d44a-4ad0-ab01-f6b4a230eb9c.exe [180184 2013-11-23] (AVAST Software)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1295736 2011-02-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-891148495-1099679057-1463982643-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-891148495-1099679057-1463982643-1003\...\Run: [Google Update] => C:\Users\budikt\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-18] (Google Inc.)
HKU\S-1-5-21-891148495-1099679057-1463982643-1003\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-891148495-1099679057-1463982643-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-29] (Piriform Ltd)
HKU\S-1-5-21-891148495-1099679057-1463982643-1003\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-891148495-1099679057-1463982643-1003\...\MountPoints2: {27a66cc4-86e8-11e2-bc13-0023182c6392} - G:\Launcher.exe
HKU\S-1-5-18\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
HKU\S-1-5-18\...\Run: [Advanced SystemCare 6] => "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\chrome – zástupce.lnk
ShortcutTarget: chrome – zástupce.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Štábní nácvik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast Business\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [ATFPUOverlayIcon] -> {3239DBC1-B76D-4dc7-8B29-D99CBA3C7336} => C:\Program Files\TOSHIBA\TFPU\TFPUOverlayIcon.dll (TOSHIBA)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: proxy.army.cz:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {BF1992EA-80ED-4AD5-8CBE-CE4292D47033} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {BF1992EA-80ED-4AD5-8CBE-CE4292D47033} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {ECB139F5-E994-4AC0-B843-32CB346B242D} URL = http://de.search.yahoo.com/search?p={se ... type=horus
BHO: avast! Online Security -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast Business\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO-x32: TFPUPWDBankBHO Class -> {030AC7B6-E7EC-40F1-8FB2-C0FD344DE0B9} -> C:\Program Files\TOSHIBA\TFPU\x86\TFPUPWDBankBHO.dll (TODO: <Company name>)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast Business\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast Business\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast Business\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
DPF: HKLM-x32 {672EE252-D813-4F5E-81BB-5DD163DD4FA5} https://www.mojedatovaschranka.cz/stati ... ?3,16,13,0
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\budikt\AppData\Roaming\Mozilla\Firefox\Profiles\21j0w5zi.default
FF Homepage: hxxp://www.seznam.cz/
FF NetworkProxy: "http", "proxy.army.cz"
FF NetworkProxy: "http_port", 8080
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-891148495-1099679057-1463982643-1003: @talk.google.com/GoogleTalkPlugin -> C:\Users\budikt\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-891148495-1099679057-1463982643-1003: @talk.google.com/O1DPlugin -> C:\Users\budikt\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-891148495-1099679057-1463982643-1003: @tools.google.com/Google Update;version=3 -> C:\Users\budikt\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-891148495-1099679057-1463982643-1003: @tools.google.com/Google Update;version=9 -> C:\Users\budikt\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\budikt\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\budikt\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Browser Utility - C:\Users\budikt\AppData\Roaming\Mozilla\Firefox\Profiles\21j0w5zi.default\Extensions\browserutility [2013-11-22]
FF Extension: LastPass - C:\Users\budikt\AppData\Roaming\Mozilla\Firefox\Profiles\21j0w5zi.default\Extensions\support@lastpass.com [2014-09-01]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-09-25]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-09-25]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-09-25]
FF HKLM\...\Firefox\Extensions: [{C1CA7765-44E4-452e-9D00-A04F3D434281}] -
FF HKLM-x32\...\Firefox\Extensions: [{C1CA7765-44E4-452e-9D00-A04F3D434281}] -
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast Business\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast Business\WebRep\FF [2013-06-10]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> https://www.google.com/search?q={search ... 8&oe=utf-8
CHR DefaultSuggestURL: Default -> https://www.google.com/complete/search?q={searchTerms}
CHR Profile: C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-01-10]
CHR Extension: (Disk Google) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-10]
CHR Extension: (Seznam Lištička - Email) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-05-27]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-08-18]
CHR Extension: (YouTube) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-10]
CHR Extension: (Vyhledávání Google) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-10]
CHR Extension: (Hodiny) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2014-01-10]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-01-10]
CHR Extension: (Battlestar Galactica Online) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihbmdfdhanakpfoiaomnelodiejioflb [2014-01-10]
CHR Extension: (Mapy Google) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-01-10]
CHR Extension: (Hodiny) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjocghlclkpgheifflemilcnblodjohg [2014-11-08]
CHR Extension: (Earthly Raindrop) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfafifkblojjoeogacijogdmkjhkgkh [2014-11-08]
CHR Extension: (Peněženka Google) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Prohlížeč dokumentů ve formátu PDF/PowerPoint (od společnosti Google)) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2014-01-10]
CHR Extension: (Gmail) - C:\Users\budikt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-10]
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast Business\WebRep\Chrome\aswWebRepChrome.crx [2013-06-10]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [73728 2010-04-14] (Software602 a.s.) [File not signed]
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast Business\AvastSvc.exe [45248 2014-01-14] (AVAST Software)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-10-26] (Toshiba Europe GmbH)
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
R2 Wireless modem support.; C:\Program Files\Anydata\Anydata ADU890-WH\CMSrv.exe [79360 2011-08-26] () [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 adusbnet; C:\Windows\System32\DRIVERS\adusbnet.sys [154112 2010-12-20] (QUALCOMM Incorporated)
S3 adusbser; C:\Windows\System32\DRIVERS\adusbser.sys [123392 2010-12-20] (QUALCOMM Incorporated)
S3 AF9035HB; C:\Windows\System32\Drivers\AF9035HB.sys [900480 2013-06-11] (AfaTech )
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2014-01-14] (AVAST Software)
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2014-01-14] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [80816 2014-01-14] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [70992 2014-01-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2014-01-14] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1034024 2014-01-14] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [377920 2014-01-14] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [68920 2014-01-14] (AVAST Software)
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2014-01-14] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-09] (DT Soft Ltd)
S3 FsUsbExDisk; C:\windows\SysWOW64\FsUsbExDisk.SYS [37344 2014-01-23] () [File not signed]
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [158024 2013-08-21] (MCCI Corporation)
S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2010-12-21] (MCCI Corporation)
U3 DfSdkS; No ImagePath
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-10 20:14 - 2014-11-10 20:15 - 00027511 _____ () C:\Users\budikt\Desktop\FRST.txt
2014-11-10 20:12 - 2014-11-10 20:13 - 00112640 _____ (forum.viry.cz) C:\Users\budikt\Desktop\FRSTLauncher.exe
2014-11-10 20:02 - 2014-11-10 20:08 - 00000000 ___RD () C:\Users\budikt\Disk Google
2014-11-10 20:02 - 2014-11-10 20:02 - 00001727 _____ () C:\Users\budikt\Desktop\Disk Google.lnk
2014-11-10 20:00 - 2014-11-10 20:00 - 00002053 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-11-10 20:00 - 2014-11-10 20:00 - 00002051 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-11-10 20:00 - 2014-11-10 20:00 - 00002041 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-11-10 20:00 - 2014-11-10 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-11-10 19:58 - 2014-11-10 19:58 - 00880272 _____ (Google Inc.) C:\Users\budikt\Downloads\googledrivesync.exe
2014-11-10 19:23 - 2014-11-10 19:25 - 00000000 ____D () C:\AdwCleaner
2014-11-10 19:21 - 2014-11-10 19:21 - 02140160 _____ () C:\Users\budikt\Desktop\adwcleaner_4.101.exe
2014-11-10 18:44 - 2014-11-10 20:14 - 00000000 ____D () C:\FRST
2014-11-10 18:37 - 2014-11-10 18:38 - 02116096 _____ (Farbar) C:\Users\budikt\Desktop\FRST64.exe
2014-11-10 18:13 - 2014-11-10 18:13 - 00032256 _____ () C:\Users\budikt\Downloads\K_Nemocenske_2014.xls
2014-11-10 16:50 - 2014-11-10 19:26 - 00001880 _____ () C:\windows\PFRO.log
2014-11-10 16:50 - 2014-11-10 19:26 - 00000112 _____ () C:\windows\setupact.log
2014-11-10 16:50 - 2014-11-10 16:50 - 00000000 _____ () C:\windows\setuperr.log
2014-11-08 12:57 - 2014-11-08 13:02 - 00000000 ____D () C:\Program Files (x86)\AntiTwin
2014-11-08 12:57 - 2014-11-08 12:57 - 00001032 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Twin.lnk
2014-11-08 12:57 - 2014-11-08 12:57 - 00001020 _____ () C:\Users\Public\Desktop\Anti-Twin.lnk
2014-11-08 12:56 - 2014-11-08 12:56 - 00903638 _____ () C:\Users\budikt\Downloads\AntiTwin_Setup.exe
2014-11-08 12:47 - 2014-11-08 12:48 - 00000000 ____D () C:\Users\budikt\Documents\CloneSpy
2014-11-08 12:47 - 2014-11-08 12:47 - 00000000 ____D () C:\Users\budikt\AppData\Roaming\CloneSpy
2014-11-08 12:45 - 2014-11-08 12:46 - 00757612 _____ (Marcus Kleinehagenbrock) C:\Users\budikt\Downloads\cspy251.exe
2014-11-08 12:34 - 2014-11-08 12:35 - 00000000 ____D () C:\totalcmd
2014-11-08 12:34 - 2014-11-08 12:34 - 00000000 ____D () C:\Users\budikt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2014-11-08 12:34 - 2014-11-08 12:34 - 00000000 ____D () C:\Users\budikt\AppData\Roaming\GHISLER
2014-11-08 12:33 - 2014-11-08 12:34 - 03722264 _____ (Ghisler Software GmbH) C:\Users\budikt\Downloads\tcm851x32.exe
2014-11-05 18:41 - 2014-11-05 18:41 - 04977216 _____ (Piriform Ltd) C:\Users\budikt\Downloads\ccsetup419.exe
2014-11-04 21:43 - 2014-11-04 21:43 - 00075264 _____ () C:\Users\budikt\Downloads\FINAL ChybÄ-jÃ-cÃ- tech 7 mb - 30 10 2014.xls
2014-11-04 21:42 - 2014-11-04 21:42 - 00205824 _____ () C:\Users\budikt\Downloads\27865_DoubravaVladan8227100.xls
2014-11-04 20:27 - 2014-11-04 20:27 - 00264183 _____ () C:\Users\budikt\Downloads\2014 11 04 7. mb - Kalendarni plan na rok 2015.xlsx
2014-10-25 20:56 - 2014-10-25 21:08 - 815629484 _____ () C:\Users\budikt\Desktop\Jako nikdy 2013 Cz dab..avi
2014-10-24 11:13 - 2014-10-24 11:14 - 01834300 _____ () C:\Users\budikt\Downloads\Gmail(1).zip
2014-10-24 11:13 - 2014-10-24 11:13 - 06159039 _____ () C:\Users\budikt\Downloads\Gmail.zip
2014-10-24 11:10 - 2014-10-24 11:10 - 02478879 _____ () C:\Users\budikt\Downloads\fwdkolydokorespondence.zip
2014-10-24 11:10 - 2014-10-24 11:10 - 00000000 ____D () C:\Users\budikt\Venda
2014-10-24 08:41 - 2014-10-24 09:00 - 178341606 _____ () C:\Users\budikt\Downloads\Kryštof---2007-Poločas---Best-Of---Limited-Edition.rar
2014-10-24 07:25 - 2014-10-24 07:35 - 100284513 _____ () C:\Users\budikt\Downloads\Krystof---Jeviste--(2009).rar
2014-10-24 07:24 - 2014-10-24 11:08 - 00000000 ____D () C:\Users\budikt\Desktop\Kryštof
2014-10-24 07:06 - 2014-10-24 07:17 - 99326437 _____ () C:\Users\budikt\Downloads\Kryštof---Inzerát-(celé-album).rar
2014-10-20 17:39 - 2014-10-20 17:38 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-10-20 17:38 - 2014-10-20 17:38 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-10-20 17:38 - 2014-10-20 17:38 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-10-20 17:38 - 2014-10-20 17:38 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-20 17:38 - 2014-10-20 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-20 17:38 - 2014-10-20 17:38 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-20 06:19 - 2013-12-27 16:55 - 00000000 ____D () C:\Users\budikt\Desktop\Portable SpyHunter 4.16.5.4290 Multilanguage
2014-10-20 06:18 - 2014-10-20 06:19 - 75916442 _____ () C:\Users\budikt\Downloads\Portable-SpyHunter-4.16.5.4290-Multilanguage.rar
2014-10-19 20:45 - 2014-10-19 20:45 - 04834344 ____N (AVAST Software) C:\Users\budikt\Downloads\avast_premier_antivirus_setup_online.exe
2014-10-17 14:25 - 2014-10-17 14:31 - 00000000 ____D () C:\Users\budikt\Desktop\Fotky ZTE
2014-10-15 20:59 - 2014-10-17 14:32 - 00000000 ____D () C:\Users\budikt\Desktop\Fotky Jirka
2014-10-15 08:10 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-15 08:10 - 2014-08-19 04:11 - 00693176 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2014-10-15 08:10 - 2014-08-19 04:10 - 00616352 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2014-10-15 08:10 - 2014-08-19 04:08 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2014-10-15 08:10 - 2014-08-19 04:08 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2014-10-15 08:10 - 2014-08-19 04:08 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2014-10-15 08:10 - 2014-08-19 04:07 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2014-10-15 08:10 - 2014-08-19 04:07 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2014-10-15 08:10 - 2014-08-19 04:07 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2014-10-15 08:10 - 2014-08-19 04:07 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2014-10-15 08:10 - 2014-08-19 04:07 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2014-10-15 08:10 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2014-10-15 08:10 - 2014-08-19 03:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2014-10-15 08:10 - 2014-08-19 03:06 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2014-10-15 08:10 - 2014-07-07 03:07 - 14632960 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2014-10-15 08:10 - 2014-07-07 03:07 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2014-10-15 08:10 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 05551032 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-10-15 08:10 - 2014-07-07 03:06 - 04120576 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 01574400 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 01069056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00842240 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00679424 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2014-10-15 08:10 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2014-10-15 08:10 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2014-10-15 08:10 - 2014-07-07 03:05 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2014-10-15 08:10 - 2014-07-07 02:52 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2014-10-15 08:10 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2014-10-15 08:10 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
2014-10-15 08:10 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2014-10-15 08:10 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2014-10-15 08:10 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2014-10-15 08:10 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2014-10-15 08:10 - 2014-06-28 01:21 - 00619056 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2014-10-15 08:10 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2014-10-15 08:10 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2014-10-15 08:10 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2014-10-15 08:10 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2014-10-15 08:10 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2014-10-15 08:10 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2014-10-15 08:10 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2014-10-15 08:10 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2014-10-15 08:09 - 2014-07-07 03:06 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2014-10-15 08:09 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2014-10-15 08:09 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2014-10-15 08:09 - 2014-07-07 03:05 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2014-10-15 08:09 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2014-10-15 08:09 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2014-10-15 08:09 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2014-10-15 08:09 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2014-10-15 08:09 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2014-10-15 08:09 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2014-10-15 08:08 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-15 08:08 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-15 08:08 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-15 08:08 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-15 08:08 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-10-15 08:08 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-15 08:08 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-10-15 08:08 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-10-15 08:08 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-10-15 08:08 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-10-15 08:08 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-10-15 08:08 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-15 08:08 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-15 08:08 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-15 08:08 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-10-15 08:08 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-10-15 08:08 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-15 08:08 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-10-15 08:08 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-10-15 08:08 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-10-15 08:08 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-10-15 08:08 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-15 08:08 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-15 08:08 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-10-15 08:08 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-10-15 08:08 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-10-15 08:08 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-10-15 08:08 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-10-15 08:08 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-10-15 08:08 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-15 08:08 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-10-15 08:08 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-15 08:08 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 08:08 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-10-15 08:08 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-10-15 08:08 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-10-15 08:08 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-10-15 08:08 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-15 08:08 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-10-15 08:08 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-15 08:08 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-10-15 08:08 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-10-15 08:08 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-10-15 08:08 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-10-15 08:08 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-10-15 08:08 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-10-15 08:08 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-15 08:08 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-15 08:08 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-10-15 08:08 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 08:08 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-15 08:08 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-10-15 08:08 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-10-15 08:08 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-10-15 08:08 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-15 08:08 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-10-15 08:08 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-10-15 08:08 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-10-15 08:08 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-10-15 08:07 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-15 08:07 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-15 08:07 - 2014-08-29 03:07 - 00322560 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll
2014-10-15 08:07 - 2014-08-29 03:07 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2014-10-15 08:07 - 2014-08-29 03:06 - 01125888 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-10-15 08:07 - 2014-08-29 02:44 - 04922368 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-15 08:07 - 2014-08-29 02:44 - 01050112 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-10-15 08:07 - 2014-08-29 02:44 - 00269312 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2014-10-15 08:07 - 2014-08-29 02:44 - 00037376 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2014-10-15 08:06 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-15 08:06 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-15 08:06 - 2014-08-29 03:07 - 05780480 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-15 08:06 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-10-15 08:06 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-15 08:06 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-10-15 08:06 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-15 08:06 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2014-10-15 08:06 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-10-15 08:06 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-15 08:06 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-10-15 08:06 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-10-15 08:05 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-15 08:05 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-15 08:05 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-10-15 08:05 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-10-15 08:05 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2014-10-13 12:34 - 2014-09-09 23:11 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-10-13 12:34 - 2014-09-09 22:47 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-10-13 12:33 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2014-10-13 12:33 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-10 20:02 - 2013-06-10 11:05 - 00000000 ____D () C:\Users\budikt
2014-11-10 20:00 - 2013-06-10 12:52 - 00000000 ____D () C:\Users\budikt\AppData\Local\Google
2014-11-10 20:00 - 2012-01-04 20:09 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-10 19:58 - 2013-10-18 17:31 - 00000966 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003UA.job
2014-11-10 19:44 - 2012-01-04 20:09 - 00000952 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-10 19:34 - 2009-07-14 05:45 - 00022208 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-10 19:34 - 2009-07-14 05:45 - 00022208 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-10 19:32 - 2012-04-02 17:02 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-10 19:31 - 2011-11-16 18:44 - 01125812 _____ () C:\windows\WindowsUpdate.log
2014-11-10 19:28 - 2012-01-04 20:09 - 00000948 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-10 19:26 - 2011-04-03 18:46 - 00065536 _____ () C:\windows\system32\Ikeext.etl
2014-11-10 19:26 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-09 20:45 - 2011-09-10 09:28 - 00000000 ____D () C:\Program Files (x86)\Nokia
2014-11-09 20:44 - 2011-03-09 18:39 - 00000000 ____D () C:\windows\WindowsMobile
2014-11-09 20:44 - 2011-03-09 18:34 - 00000000 ____D () C:\Program Files (x86)\Spb Wallet
2014-11-09 20:43 - 2010-07-13 03:23 - 00000000 ____D () C:\ProgramData\Skype
2014-11-08 21:25 - 2013-10-18 17:31 - 00000914 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003Core.job
2014-11-08 13:02 - 2011-03-08 21:26 - 00000000 ____D () C:\Program Files (x86)\The KMPlayer
2014-11-05 18:42 - 2013-11-01 08:59 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-03 16:41 - 2013-09-24 19:46 - 00000000 ____D () C:\Users\budikt\Documents\Lexicon
2014-10-31 20:09 - 2009-07-14 16:18 - 00673072 _____ () C:\windows\system32\perfh005.dat
2014-10-31 20:09 - 2009-07-14 16:18 - 00143820 _____ () C:\windows\system32\perfc005.dat
2014-10-31 20:09 - 2009-07-14 06:13 - 01596928 _____ () C:\windows\system32\PerfStringBackup.INI
2014-10-31 18:08 - 2013-06-10 08:51 - 00003942 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-10-31 18:08 - 2013-06-10 08:51 - 00000000 _____ () C:\windows\SysWOW64\config.nt
2014-10-28 16:59 - 2013-06-10 12:55 - 00000000 ____D () C:\Users\budikt\AppData\Roaming\Mozilla
2014-10-28 06:34 - 2011-03-08 16:40 - 00275080 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-10-24 16:10 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2014-10-24 15:59 - 2009-07-14 06:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-10-24 07:26 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-20 17:39 - 2013-10-20 07:48 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-20 11:30 - 2013-11-22 18:10 - 00000000 ____D () C:\Program Files (x86)\Browser Utility
2014-10-19 20:45 - 2013-06-10 08:51 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-19 19:53 - 2013-10-18 17:31 - 00003938 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003UA
2014-10-19 19:53 - 2013-10-18 17:31 - 00003542 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003Core
2014-10-18 09:39 - 2012-01-04 20:09 - 00003948 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-18 09:39 - 2012-01-04 20:09 - 00003696 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-17 14:19 - 2013-12-28 20:28 - 00000000 ____D () C:\Users\budikt\Desktop\flash
2014-10-16 18:00 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2014-10-16 08:29 - 2013-06-11 09:53 - 04853832 _____ () C:\windows\system32\FNTCACHE.DAT
2014-10-16 08:29 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-16 08:27 - 2014-05-08 12:30 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-16 08:27 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-10-16 08:27 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\Dism
2014-10-15 22:51 - 2013-06-06 09:09 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-15 22:46 - 2013-07-23 02:01 - 00000000 ____D () C:\windows\system32\MRT
2014-10-15 22:41 - 2011-03-11 21:26 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-13 12:33 - 2012-04-02 17:02 - 00003852 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-10-13 12:32 - 2012-04-02 17:02 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-10-13 12:32 - 2011-05-17 15:41 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-11 10:44 - 2013-06-10 11:12 - 00000000 ____D () C:\Users\budikt\AppData\Local\Anydata ADU890-WH
Some content of TEMP:
====================
C:\Users\budikt\AppData\Local\temp\Foxit Reader Updater.exe
C:\Users\budikt\AppData\Local\temp\KMP_3.9.1.129.exe
C:\Users\budikt\AppData\Local\temp\KMP_3.9.1.130.exe
C:\Users\budikt\AppData\Local\temp\Quarantine.exe
C:\Users\budikt\AppData\Local\temp\sqlite3.dll
C:\Users\budikt\AppData\Local\temp\{BCE8E17B-1D35-49A6-9D1B-0B23DC8CE1DA}-38.0.2125.101_37.0.2062.120_chrome_updater.exe
C:\Users\ZN J-2 VeSpS\AppData\Local\temp\uninst1.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-05 19:20
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (TI30643400A) (Fixed) (Total:152.22 GB) (Free:82.74 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:136.72 GB) (Free:60.16 GB) NTFS
Available physical RAM: 1824.75 MB
Total physical RAM: 3824.43 MB
Percentage of memory in use: 52%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 231DDDB6)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=152.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=136.7 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=7.7 GB) - (Type=17)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003Core.job => C:\Users\budikt\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003UA.job => C:\Users\budikt\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51
AlternateDataStreams: C:\ProgramData\TEMP:8CE646EE
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Disabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\budikt\Desktop" je 5169 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage
C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyDrive
"C:\Users\ZN J-2 VeSpS\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall C:
%windir%\WindowsMobile\wmdc.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center
Re�im ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass FF RunOnce.lnk
C:\PROGRA~2\COMMON~1\LPUNIN~1.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass IE RunOnce.lnk
C:\PROGRA~2\COMMON~1\LPUNIN~1.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk
C:\PROGRA~2\ArcSoft\TOTALM~1.5\TMMONI~1.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^ZN J-2 VeSpS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Lingea Update Center.lnk
C:\PROGRA~2\COMMON~1\LINGEA~1\luc.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.7z
- (12.14 KiB) Staženo 49 x
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu NT
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-891148495-1099679057-1463982643-1003\...\MountPoints2: {27a66cc4-86e8-11e2-bc13-0023182c6392} - G:\Launcher.exe
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {BF1992EA-80ED-4AD5-8CBE-CE4292D47033} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {BF1992EA-80ED-4AD5-8CBE-CE4292D47033} URL = http://www.mysearchresults.com/search?c ... earchTerms}
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
C:\Program Files (x86)\LastPass
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF HKLM\...\Firefox\Extensions: [{C1CA7765-44E4-452e-9D00-A04F3D434281}] -
FF HKLM-x32\...\Firefox\Extensions: [{C1CA7765-44E4-452e-9D00-A04F3D434281}] -
U3 DfSdkS; No ImagePath
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003UA.job
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003Core.job
C:\Users\budikt\AppData\Local\temp
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51
AlternateDataStreams: C:\ProgramData\TEMP:8CE646EE
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu NT
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-11-2014 01
Ran by budikt at 2014-11-10 21:24:04 Run:1
Running from C:\Users\budikt\Desktop
Loaded Profile: budikt (Available profiles: ZN-J2 VeSps & budikt & Ivanka & Štábní nácvik & Administrator & Guest)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-891148495-1099679057-1463982643-1003\...\MountPoints2: {27a66cc4-86e8-11e2-bc13-0023182c6392} - G:\Launcher.exe
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {BF1992EA-80ED-4AD5-8CBE-CE4292D47033} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {BF1992EA-80ED-4AD5-8CBE-CE4292D47033} URL = http://www.mysearchresults.com/search?c ... earchTerms}
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
C:\Program Files (x86)\LastPass
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF HKLM\...\Firefox\Extensions: [{C1CA7765-44E4-452e-9D00-A04F3D434281}] -
FF HKLM-x32\...\Firefox\Extensions: [{C1CA7765-44E4-452e-9D00-A04F3D434281}] -
U3 DfSdkS; No ImagePath
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003UA.job
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003Core.job
C:\Users\budikt\AppData\Local\temp
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51
AlternateDataStreams: C:\ProgramData\TEMP:8CE646EE
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
"HKU\S-1-5-21-891148495-1099679057-1463982643-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{27a66cc4-86e8-11e2-bc13-0023182c6392}" => Key deleted successfully.
"HKCR\CLSID\{27a66cc4-86e8-11e2-bc13-0023182c6392}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => Key deleted successfully.
"HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => Key deleted successfully.
"HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => Key deleted successfully.
"HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}" => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}" => Key not found.
C:\windows\system32\GroupPolicy\Machine => Moved successfully.
C:\windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BF1992EA-80ED-4AD5-8CBE-CE4292D47033}" => Key deleted successfully.
"HKCR\CLSID\{BF1992EA-80ED-4AD5-8CBE-CE4292D47033}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95D9ECF5-2A4D-4550-BE49-70D42F71296E}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{95D9ECF5-2A4D-4550-BE49-70D42F71296E}" => Key deleted successfully.
C:\Program Files (x86)\LastPass => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} => value deleted successfully.
"HKCR\CLSID\{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\FF HKLM\...\Firefox\Extensions: [{C1CA7765-44E4-452e-9D00-A04F3D434281}] - => Value not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\FF HKLM-x32\...\Firefox\Extensions: [{C1CA7765-44E4-452e-9D00-A04F3D434281}] - => Value not found.
DfSdkS => Service deleted successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003UA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003Core.job => Moved successfully.
"C:\Users\budikt\AppData\Local\temp" directory move:
C:\Users\budikt\AppData\Local\temp\102535089.od => Moved successfully.
C:\Users\budikt\AppData\Local\temp\1FBD.tmp => Moved successfully.
C:\Users\budikt\AppData\Local\temp\6FCEB99B-F958-4245-B09C-881A58155D53.Repair.1.etl => Moved successfully.
C:\Users\budikt\AppData\Local\temp\6FCEB99B-F958-4245-B09C-881A58155D53.Verify.2.etl => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AdobeARM.log => Moved successfully.
C:\Users\budikt\AppData\Local\temp\adwcleaner.db => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AdwCleaner.jpg => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed10067.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed10097.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed10119.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed10444.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed1045.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed10902.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed11617.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed12674.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed13558.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed13693.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed13797.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed13918.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed14175.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed14228.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed14265.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed14424.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed14561.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed15448.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed15618.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed15936.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed17332.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed17363.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed17412.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed17781.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed18113.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed18319.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed18420.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed18595.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed18800.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed1885.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed1898.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed19285.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed19316.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed19544.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed19746.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed19980.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed21274.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed21296.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed21373.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed21418.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed21458.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed21466.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed21518.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed21753.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed2219.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed22824.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed22835.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed22877.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed23925.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed24026.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed24087.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed24300.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed25514.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed25546.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed25630.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed26061.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed272.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed27466.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed27636.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed27908.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed2833.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed28540.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed28619.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed28962.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed29050.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed29151.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed29600.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed30317.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed30323.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed30608.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed30863.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed32116.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed32147.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed324.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed32673.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed334.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed3737.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed5912.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed5934.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed601.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed6035.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed6062.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed6786.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed6920.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed7111.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed80.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed8508.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed8560.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed996.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\au-descriptor-1.7.0_71-b14.xml => Moved successfully.
C:\Users\budikt\AppData\Local\temp\Cleaning.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\Donate.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\E9CB.tmp => Moved successfully.
C:\Users\budikt\AppData\Local\temp\EULA.txt => Moved successfully.
C:\Users\budikt\AppData\Local\temp\F726065C-652F-472E-8B31-0E6FF7F8277F.Diagnose.0.etl => Moved successfully.
C:\Users\budikt\AppData\Local\temp\Foxit Reader Updater.exe => Moved successfully.
Could not move "C:\Users\budikt\AppData\Local\temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\budikt\AppData\Local\temp\hosts.bk => Moved successfully.
C:\Users\budikt\AppData\Local\temp\IpAdrSet.log => Moved successfully.
C:\Users\budikt\AppData\Local\temp\jinstall.cfg => Moved successfully.
C:\Users\budikt\AppData\Local\temp\jusched.log => Moved successfully.
C:\Users\budikt\AppData\Local\temp\KMP_3.9.1.129.exe => Moved successfully.
C:\Users\budikt\AppData\Local\temp\KMP_3.9.1.130.exe => Moved successfully.
C:\Users\budikt\AppData\Local\temp\NclRegPermissions(1).log => Moved successfully.
C:\Users\budikt\AppData\Local\temp\NDSAPI.log => Moved successfully.
C:\Users\budikt\AppData\Local\temp\NDSTray.log => Moved successfully.
C:\Users\budikt\AppData\Local\temp\PI103710.doc => Moved successfully.
C:\Users\budikt\AppData\Local\temp\Quarantine.exe => Moved successfully.
C:\Users\budikt\AppData\Local\temp\RDD4B3.tmp => Moved successfully.
C:\Users\budikt\AppData\Local\temp\Report.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\Scan.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\sqlite3.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\system.ini.bk => Moved successfully.
C:\Users\budikt\AppData\Local\temp\t004902-1.pdf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\t004902.doc => Moved successfully.
C:\Users\budikt\AppData\Local\temp\t004902.pdf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\t0049a0.pdf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\t0049b0.pdf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\t0049c0.pdf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\t0049d0.pdf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\t0049e0.pdf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\t0049f0.pdf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\t0049g0.pdf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\t0049h0.pdf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\t0049i0.pdf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\Uninstall.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\win.ini.bk => Moved successfully.
C:\Users\budikt\AppData\Local\temp\wmplog00.sqm => Moved successfully.
C:\Users\budikt\AppData\Local\temp\wmplog01.sqm => Moved successfully.
C:\Users\budikt\AppData\Local\temp\wmplog02.sqm => Moved successfully.
C:\Users\budikt\AppData\Local\temp\wmplog03.sqm => Moved successfully.
C:\Users\budikt\AppData\Local\temp\x.htm => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_B417.tmp => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_FBE0.tmp => Moved successfully.
C:\Users\budikt\AppData\Local\temp\{BCE8E17B-1D35-49A6-9D1B-0B23DC8CE1DA}-38.0.2125.101_37.0.2062.120_chrome_updater.exe => Moved successfully.
C:\Users\budikt\AppData\Local\temp\~1601.tmp => Moved successfully.
C:\Users\budikt\AppData\Local\temp\~5053.bat => Moved successfully.
C:\Users\budikt\AppData\Local\temp\~5053.tmp => Moved successfully.
C:\Users\budikt\AppData\Local\temp\~90F9.tmp => Moved successfully.
C:\Users\budikt\AppData\Local\temp\~DFBAF8B7C263E4BB28.TMP => Moved successfully.
C:\Users\budikt\AppData\Local\temp\~DFE7FEE795289044E5.TMP => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\bz2.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\gdi32.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\hashobjs_ext.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\kernel32.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\main.exe.manifest => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\mfc90.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\mfc90u.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\mfcm90.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\mfcm90u.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\msvcp100.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\msvcr100.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\psapi.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\pyexpat.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\pysqlite2._sqlite.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\python27.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\pythoncom27.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\PyWinTypes27.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\select.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\shell32.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\unicodedata.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32api.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32com.shell.shell.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32crypt.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32event.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32evtlog.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32file.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32gui.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32inet.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32pdh.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32pipe.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32process.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32profile.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32security.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32trace.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32ts.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32ui.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32wnet.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\windows._lib_cacheinvalidation.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wx._animate.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wx._controls_.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wx._core_.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wx._gdi_.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wx._html2.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wx._misc_.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wx._windows_.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wx._wizard.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wxbase294u_net_vc90.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wxbase294u_vc90.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wxmsw294u_adv_vc90.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wxmsw294u_core_vc90.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wxmsw294u_html_vc90.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wxmsw294u_webview_vc90.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\_ctypes.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\_elementtree.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\_hashlib.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\_multiprocessing.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\_socket.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\_ssl.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\_win32sysloader.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\support\gen_py\__init__.py => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\mime\drive.mime.types => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\js\XMLHttpRequest.js => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\docs.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gdoc16.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gdoc256.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gdoc32.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gdoc48.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gdraw16.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gdraw256.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gdraw32.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gdraw48.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gform16.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gform256.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gform32.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gform48.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-glink16.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-glink256.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-glink32.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-glink48.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gsheet16.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gsheet256.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gsheet32.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gsheet48.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gslides16.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gslides256.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gslides32.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gslides48.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-photos-logo.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-sync16.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-sync16.xpm => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-sync256.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-sync32.xpm => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-sync64.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\exclaim.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\file.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\folder-mac.icns => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\folder-winseven.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\folder-winxp.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\folder.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gdoc.icns => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gdoc.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gdraw.icns => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gdraw.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gform.icns => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gform.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\glink.icns => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\glink.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gnote.icns => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gnote.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gscript.icns => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gscript.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gsheet.icns => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gsheet.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gslides.icns => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gslides.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gtable.icns => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gtable.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\image_resources.py => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\image_resources.pyo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate1-inverse.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate1-inverse_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate1.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate1_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate2-inverse.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate2-inverse_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate2.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate2_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate3-inverse.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate3-inverse_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate3.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate3_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate4-inverse.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate4-inverse_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate4.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate4_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate5-inverse.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate5-inverse_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate5.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate5_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate6-inverse.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate6-inverse_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate6.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate6_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate7-inverse.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate7-inverse_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate7.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate7_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate8-inverse.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate8-inverse_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate8.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate8_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-error-inverse.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-error-inverse_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-error.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-error_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-inactive-inverse.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-inactive-inverse_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-inactive.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-inactive_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-normal-inverse.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-normal-inverse_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-normal.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-normal_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-pause-inverse_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-paused-inverse.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-paused-inverse_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-paused.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-paused_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_backups.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_backups_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_check.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_check_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_create.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_create_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_docs_16.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_down-arrow.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_down-arrow_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_drive-logo.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_drive-logo_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_error.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_error_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_file_32.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_folder.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_folder_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_folder_32.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_google-logo-gray.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_google-logo-gray_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_link.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_link_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_settings.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_settings_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_share.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_share_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_sheets_16.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_slides_16.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_sm_warning_red.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_sm_warning_red_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_sm_warning_yellow.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_sm_warning_yellow_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_sync-paused.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_sync.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_sync_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_sync_anim.gif => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_sync_anim_2x.gif => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_sync_anim_grey.gif => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_up-arrow.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_up-arrow_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_warning.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_warning_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_warning_color.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_warning_color_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_web.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_web_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\setup_drive_folder_lin.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\setup_drive_folder_mac.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\setup_drive_folder_win.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\setup_mobile_bottom.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\setup_mobile_right.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\setup_right_click_mac.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\setup_right_click_win.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\setup_taskbar_lin.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\setup_taskbar_mac.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\setup_taskbar_win.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\setup_welcome.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sharedfolder-mac.icns => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sharedfolder-winseven.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sharedfolder-winxp.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\shareguyicon.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sheets.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\slides.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sync.icns => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sync.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sync.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sync_128.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sync_menu_done.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sync_menu_done_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sync_menu_error.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sync_menu_error_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sync_menu_syncing.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sync_menu_syncing_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\toprighticon.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\warning-hdpi_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\warning_128.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\warning_256.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\warning_64.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\win-animate1.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\win-animate2.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\win-animate3.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\win-animate4.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\win-animate5.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\win-animate6.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\win-animate7.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\win-animate8.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\win-normal.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\win7-error.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\win7-inactive.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\win7-paused.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\winxp-error.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\winxp-inactive.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\winxp-paused.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\__init__.py => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\__init__.pyo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\overlays\Blacklisted.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\overlays\Shared.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\overlays\Synced.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\overlays\Syncing.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\zh_TW\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\zh_HK\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\zh_CN\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\zh-Hant\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\zh-Hans\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\zh\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\vi\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\uk\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\tr\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\th\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\te\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\ta\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\sv\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\sr\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\sl\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\sk\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\ru\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\ro\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\pt_PT\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\pt_BR\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\pt\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\pl\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\no\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\nl\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\mr\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\ml\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\lv\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\lt\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\ko\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\kn\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\ja\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\it\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\id\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\hu\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\hr\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\hi\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\he\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\gu\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\fr\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\fil\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\fi\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\es\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\en_US\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\en_GB\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\en\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\el\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\de\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\da\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\cs\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\ca\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\bn\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\bg\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\ar\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\fonts\OpenSans-Light.ttf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\fonts\Roboto-Bold.ttf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\fonts\Roboto-Regular.ttf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\fonts\Roboto-Thin.ttf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\chrome_ext\com.google.drive.nativeproxy.json.template => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx => Moved successfully.
C:\Users\budikt\AppData\Local\temp\lang\cz_cz\mts_lang_cz_cz.xml => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlmB328.tmp\checkmark.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlmB328.tmp\dlmbg.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlmB328.tmp\dlmDlLogo.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlmB328.tmp\dlmGryBtm.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlmB328.tmp\dlmGryLft.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlmB328.tmp\dlmGryRgt.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlmB328.tmp\dlmGryTop.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlmB328.tmp\iconimg_67161.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlmB328.tmp\KMPlayer_3.9.1.129.exe => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlmB328.tmp\pcspeedup1109.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlmB328.tmp\ttofferbullet.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlm6595.tmp\1x1.gif => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlm6595.tmp\checkmark.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlm6595.tmp\dlmbg.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlm6595.tmp\dlmDlLogo.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlm6595.tmp\dlmGryBtm.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlm6595.tmp\dlmGryLft.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlm6595.tmp\dlmGryRgt.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlm6595.tmp\dlmGryTop.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlm6595.tmp\iconimg_78523.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlm6595.tmp\KMPlayer_3.9.1.130.exe => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlm6595.tmp\pcspeedup1109.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlm6595.tmp\ttofferbullet.png => Moved successfully.
Could not move "C:\Users\budikt\AppData\Local\temp" directory. => Scheduled to move on reboot.
C:\ProgramData\TEMP => ":1CE11B51" ADS removed successfully.
C:\ProgramData\TEMP => ":8CE646EE" ADS removed successfully.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-11-10 21:27:41)<=
C:\Users\budikt\AppData\Local\temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\budikt\AppData\Local\temp => Moved successfully.
==== End of Fixlog ====
Ran by budikt at 2014-11-10 21:24:04 Run:1
Running from C:\Users\budikt\Desktop
Loaded Profile: budikt (Available profiles: ZN-J2 VeSps & budikt & Ivanka & Štábní nácvik & Administrator & Guest)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-891148495-1099679057-1463982643-1003\...\MountPoints2: {27a66cc4-86e8-11e2-bc13-0023182c6392} - G:\Launcher.exe
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {BF1992EA-80ED-4AD5-8CBE-CE4292D47033} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {BF1992EA-80ED-4AD5-8CBE-CE4292D47033} URL = http://www.mysearchresults.com/search?c ... earchTerms}
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
C:\Program Files (x86)\LastPass
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF HKLM\...\Firefox\Extensions: [{C1CA7765-44E4-452e-9D00-A04F3D434281}] -
FF HKLM-x32\...\Firefox\Extensions: [{C1CA7765-44E4-452e-9D00-A04F3D434281}] -
U3 DfSdkS; No ImagePath
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003UA.job
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003Core.job
C:\Users\budikt\AppData\Local\temp
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51
AlternateDataStreams: C:\ProgramData\TEMP:8CE646EE
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
"HKU\S-1-5-21-891148495-1099679057-1463982643-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{27a66cc4-86e8-11e2-bc13-0023182c6392}" => Key deleted successfully.
"HKCR\CLSID\{27a66cc4-86e8-11e2-bc13-0023182c6392}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => Key deleted successfully.
"HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => Key deleted successfully.
"HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => Key deleted successfully.
"HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}" => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}" => Key not found.
C:\windows\system32\GroupPolicy\Machine => Moved successfully.
C:\windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BF1992EA-80ED-4AD5-8CBE-CE4292D47033}" => Key deleted successfully.
"HKCR\CLSID\{BF1992EA-80ED-4AD5-8CBE-CE4292D47033}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95D9ECF5-2A4D-4550-BE49-70D42F71296E}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{95D9ECF5-2A4D-4550-BE49-70D42F71296E}" => Key deleted successfully.
C:\Program Files (x86)\LastPass => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} => value deleted successfully.
"HKCR\CLSID\{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\FF HKLM\...\Firefox\Extensions: [{C1CA7765-44E4-452e-9D00-A04F3D434281}] - => Value not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\FF HKLM-x32\...\Firefox\Extensions: [{C1CA7765-44E4-452e-9D00-A04F3D434281}] - => Value not found.
DfSdkS => Service deleted successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003UA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891148495-1099679057-1463982643-1003Core.job => Moved successfully.
"C:\Users\budikt\AppData\Local\temp" directory move:
C:\Users\budikt\AppData\Local\temp\102535089.od => Moved successfully.
C:\Users\budikt\AppData\Local\temp\1FBD.tmp => Moved successfully.
C:\Users\budikt\AppData\Local\temp\6FCEB99B-F958-4245-B09C-881A58155D53.Repair.1.etl => Moved successfully.
C:\Users\budikt\AppData\Local\temp\6FCEB99B-F958-4245-B09C-881A58155D53.Verify.2.etl => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AdobeARM.log => Moved successfully.
C:\Users\budikt\AppData\Local\temp\adwcleaner.db => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AdwCleaner.jpg => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed10067.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed10097.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed10119.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed10444.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed1045.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed10902.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed11617.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed12674.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed13558.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed13693.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed13797.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed13918.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed14175.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed14228.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed14265.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed14424.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed14561.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed15448.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed15618.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed15936.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed17332.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed17363.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed17412.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed17781.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed18113.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed18319.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed18420.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed18595.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed18800.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed1885.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed1898.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed19285.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed19316.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed19544.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed19746.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed19980.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed21274.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed21296.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed21373.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed21418.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed21458.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed21466.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed21518.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed21753.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed2219.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed22824.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed22835.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed22877.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed23925.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed24026.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed24087.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed24300.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed25514.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed25546.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed25630.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed26061.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed272.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed27466.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed27636.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed27908.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed2833.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed28540.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed28619.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed28962.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed29050.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed29151.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed29600.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed30317.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed30323.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed30608.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed30863.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed32116.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed32147.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed324.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed32673.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed334.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed3737.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed5912.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed5934.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed601.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed6035.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed6062.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed6786.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed6920.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed7111.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed80.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed8508.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed8560.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\AT_seed996.rnd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\au-descriptor-1.7.0_71-b14.xml => Moved successfully.
C:\Users\budikt\AppData\Local\temp\Cleaning.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\Donate.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\E9CB.tmp => Moved successfully.
C:\Users\budikt\AppData\Local\temp\EULA.txt => Moved successfully.
C:\Users\budikt\AppData\Local\temp\F726065C-652F-472E-8B31-0E6FF7F8277F.Diagnose.0.etl => Moved successfully.
C:\Users\budikt\AppData\Local\temp\Foxit Reader Updater.exe => Moved successfully.
Could not move "C:\Users\budikt\AppData\Local\temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\budikt\AppData\Local\temp\hosts.bk => Moved successfully.
C:\Users\budikt\AppData\Local\temp\IpAdrSet.log => Moved successfully.
C:\Users\budikt\AppData\Local\temp\jinstall.cfg => Moved successfully.
C:\Users\budikt\AppData\Local\temp\jusched.log => Moved successfully.
C:\Users\budikt\AppData\Local\temp\KMP_3.9.1.129.exe => Moved successfully.
C:\Users\budikt\AppData\Local\temp\KMP_3.9.1.130.exe => Moved successfully.
C:\Users\budikt\AppData\Local\temp\NclRegPermissions(1).log => Moved successfully.
C:\Users\budikt\AppData\Local\temp\NDSAPI.log => Moved successfully.
C:\Users\budikt\AppData\Local\temp\NDSTray.log => Moved successfully.
C:\Users\budikt\AppData\Local\temp\PI103710.doc => Moved successfully.
C:\Users\budikt\AppData\Local\temp\Quarantine.exe => Moved successfully.
C:\Users\budikt\AppData\Local\temp\RDD4B3.tmp => Moved successfully.
C:\Users\budikt\AppData\Local\temp\Report.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\Scan.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\sqlite3.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\system.ini.bk => Moved successfully.
C:\Users\budikt\AppData\Local\temp\t004902-1.pdf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\t004902.doc => Moved successfully.
C:\Users\budikt\AppData\Local\temp\t004902.pdf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\t0049a0.pdf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\t0049b0.pdf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\t0049c0.pdf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\t0049d0.pdf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\t0049e0.pdf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\t0049f0.pdf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\t0049g0.pdf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\t0049h0.pdf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\t0049i0.pdf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\Uninstall.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\win.ini.bk => Moved successfully.
C:\Users\budikt\AppData\Local\temp\wmplog00.sqm => Moved successfully.
C:\Users\budikt\AppData\Local\temp\wmplog01.sqm => Moved successfully.
C:\Users\budikt\AppData\Local\temp\wmplog02.sqm => Moved successfully.
C:\Users\budikt\AppData\Local\temp\wmplog03.sqm => Moved successfully.
C:\Users\budikt\AppData\Local\temp\x.htm => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_B417.tmp => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_FBE0.tmp => Moved successfully.
C:\Users\budikt\AppData\Local\temp\{BCE8E17B-1D35-49A6-9D1B-0B23DC8CE1DA}-38.0.2125.101_37.0.2062.120_chrome_updater.exe => Moved successfully.
C:\Users\budikt\AppData\Local\temp\~1601.tmp => Moved successfully.
C:\Users\budikt\AppData\Local\temp\~5053.bat => Moved successfully.
C:\Users\budikt\AppData\Local\temp\~5053.tmp => Moved successfully.
C:\Users\budikt\AppData\Local\temp\~90F9.tmp => Moved successfully.
C:\Users\budikt\AppData\Local\temp\~DFBAF8B7C263E4BB28.TMP => Moved successfully.
C:\Users\budikt\AppData\Local\temp\~DFE7FEE795289044E5.TMP => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\bz2.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\gdi32.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\hashobjs_ext.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\kernel32.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\main.exe.manifest => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\mfc90.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\mfc90u.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\mfcm90.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\mfcm90u.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\msvcp100.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\msvcr100.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\psapi.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\pyexpat.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\pysqlite2._sqlite.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\python27.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\pythoncom27.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\PyWinTypes27.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\select.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\shell32.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\unicodedata.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32api.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32com.shell.shell.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32crypt.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32event.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32evtlog.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32file.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32gui.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32inet.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32pdh.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32pipe.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32process.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32profile.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32security.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32trace.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32ts.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32ui.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\win32wnet.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\windows._lib_cacheinvalidation.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wx._animate.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wx._controls_.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wx._core_.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wx._gdi_.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wx._html2.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wx._misc_.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wx._windows_.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wx._wizard.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wxbase294u_net_vc90.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wxbase294u_vc90.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wxmsw294u_adv_vc90.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wxmsw294u_core_vc90.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wxmsw294u_html_vc90.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\wxmsw294u_webview_vc90.dll => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\_ctypes.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\_elementtree.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\_hashlib.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\_multiprocessing.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\_socket.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\_ssl.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\_win32sysloader.pyd => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\support\gen_py\__init__.py => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\mime\drive.mime.types => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\js\XMLHttpRequest.js => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\docs.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gdoc16.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gdoc256.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gdoc32.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gdoc48.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gdraw16.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gdraw256.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gdraw32.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gdraw48.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gform16.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gform256.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gform32.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gform48.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-glink16.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-glink256.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-glink32.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-glink48.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gsheet16.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gsheet256.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gsheet32.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gsheet48.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gslides16.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gslides256.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gslides32.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-gslides48.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-photos-logo.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-sync16.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-sync16.xpm => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-sync256.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-sync32.xpm => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\drive-sync64.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\exclaim.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\file.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\folder-mac.icns => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\folder-winseven.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\folder-winxp.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\folder.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gdoc.icns => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gdoc.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gdraw.icns => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gdraw.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gform.icns => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gform.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\glink.icns => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\glink.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gnote.icns => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gnote.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gscript.icns => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gscript.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gsheet.icns => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gsheet.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gslides.icns => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gslides.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gtable.icns => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\gtable.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\image_resources.py => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\image_resources.pyo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate1-inverse.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate1-inverse_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate1.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate1_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate2-inverse.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate2-inverse_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate2.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate2_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate3-inverse.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate3-inverse_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate3.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate3_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate4-inverse.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate4-inverse_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate4.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate4_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate5-inverse.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate5-inverse_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate5.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate5_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate6-inverse.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate6-inverse_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate6.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate6_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate7-inverse.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate7-inverse_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate7.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate7_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate8-inverse.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate8-inverse_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate8.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-animate8_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-error-inverse.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-error-inverse_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-error.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-error_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-inactive-inverse.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-inactive-inverse_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-inactive.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-inactive_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-normal-inverse.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-normal-inverse_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-normal.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-normal_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-pause-inverse_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-paused-inverse.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-paused-inverse_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-paused.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\mac-paused_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_backups.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_backups_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_check.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_check_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_create.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_create_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_docs_16.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_down-arrow.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_down-arrow_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_drive-logo.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_drive-logo_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_error.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_error_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_file_32.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_folder.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_folder_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_folder_32.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_google-logo-gray.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_google-logo-gray_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_link.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_link_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_settings.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_settings_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_share.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_share_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_sheets_16.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_slides_16.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_sm_warning_red.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_sm_warning_red_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_sm_warning_yellow.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_sm_warning_yellow_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_sync-paused.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_sync.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_sync_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_sync_anim.gif => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_sync_anim_2x.gif => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_sync_anim_grey.gif => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_up-arrow.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_up-arrow_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_warning.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_warning_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_warning_color.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_warning_color_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_web.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\menu_web_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\setup_drive_folder_lin.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\setup_drive_folder_mac.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\setup_drive_folder_win.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\setup_mobile_bottom.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\setup_mobile_right.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\setup_right_click_mac.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\setup_right_click_win.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\setup_taskbar_lin.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\setup_taskbar_mac.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\setup_taskbar_win.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\setup_welcome.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sharedfolder-mac.icns => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sharedfolder-winseven.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sharedfolder-winxp.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\shareguyicon.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sheets.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\slides.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sync.icns => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sync.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sync.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sync_128.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sync_menu_done.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sync_menu_done_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sync_menu_error.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sync_menu_error_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sync_menu_syncing.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\sync_menu_syncing_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\toprighticon.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\warning-hdpi_2x.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\warning_128.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\warning_256.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\warning_64.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\win-animate1.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\win-animate2.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\win-animate3.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\win-animate4.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\win-animate5.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\win-animate6.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\win-animate7.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\win-animate8.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\win-normal.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\win7-error.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\win7-inactive.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\win7-paused.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\winxp-error.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\winxp-inactive.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\winxp-paused.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\__init__.py => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\__init__.pyo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\overlays\Blacklisted.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\overlays\Shared.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\overlays\Synced.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\images\overlays\Syncing.ico => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\zh_TW\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\zh_HK\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\zh_CN\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\zh-Hant\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\zh-Hans\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\zh\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\vi\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\uk\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\tr\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\th\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\te\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\ta\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\sv\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\sr\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\sl\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\sk\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\ru\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\ro\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\pt_PT\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\pt_BR\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\pt\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\pl\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\no\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\nl\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\mr\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\ml\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\lv\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\lt\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\ko\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\kn\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\ja\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\it\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\id\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\hu\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\hr\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\hi\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\he\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\gu\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\fr\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\fil\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\fi\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\es\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\en_US\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\en_GB\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\en\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\el\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\de\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\da\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\cs\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\ca\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\bn\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\bg\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\i18n\locale\ar\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\fonts\OpenSans-Light.ttf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\fonts\Roboto-Bold.ttf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\fonts\Roboto-Regular.ttf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\fonts\Roboto-Thin.ttf => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\chrome_ext\com.google.drive.nativeproxy.json.template => Moved successfully.
C:\Users\budikt\AppData\Local\temp\_MEI55202\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx => Moved successfully.
C:\Users\budikt\AppData\Local\temp\lang\cz_cz\mts_lang_cz_cz.xml => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlmB328.tmp\checkmark.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlmB328.tmp\dlmbg.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlmB328.tmp\dlmDlLogo.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlmB328.tmp\dlmGryBtm.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlmB328.tmp\dlmGryLft.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlmB328.tmp\dlmGryRgt.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlmB328.tmp\dlmGryTop.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlmB328.tmp\iconimg_67161.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlmB328.tmp\KMPlayer_3.9.1.129.exe => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlmB328.tmp\pcspeedup1109.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlmB328.tmp\ttofferbullet.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlm6595.tmp\1x1.gif => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlm6595.tmp\checkmark.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlm6595.tmp\dlmbg.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlm6595.tmp\dlmDlLogo.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlm6595.tmp\dlmGryBtm.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlm6595.tmp\dlmGryLft.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlm6595.tmp\dlmGryRgt.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlm6595.tmp\dlmGryTop.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlm6595.tmp\iconimg_78523.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlm6595.tmp\KMPlayer_3.9.1.130.exe => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlm6595.tmp\pcspeedup1109.png => Moved successfully.
C:\Users\budikt\AppData\Local\temp\dlm6595.tmp\ttofferbullet.png => Moved successfully.
Could not move "C:\Users\budikt\AppData\Local\temp" directory. => Scheduled to move on reboot.
C:\ProgramData\TEMP => ":1CE11B51" ADS removed successfully.
C:\ProgramData\TEMP => ":8CE646EE" ADS removed successfully.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-11-10 21:27:41)<=
C:\Users\budikt\AppData\Local\temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\budikt\AppData\Local\temp => Moved successfully.
==== End of Fixlog ====
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu NT
Smazáno, PC by již měl být čistý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu NT
OK. Díky moc.
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu NT
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?