Ahoj, při startu systému mi vyskočila hláška v následujícím znění:
"Run DLL
Při spuštění souboru C:\Users\P\AppData\Roaming\Microsoft\dllloader.dll došlo k problému.
Operace nebyla úspěšně dokončena, protože soubor obsahuje virus."
Z uvedené důvodu zasílám log pro kontrolu. Předem díky moc!
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014
Ran by Pavel (administrator) on PAVEL-NB on 19-12-2014 15:55:55
Running from C:\Users\Pavel\Desktop
Loaded Profile: Pavel (Available profiles: Pavel)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Users\Pavel\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Spotify Ltd) C:\Users\Pavel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Dropbox, Inc.) C:\Users\Pavel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Amazon Digital Services, LLC.) C:\Users\Pavel\AppData\Local\Apps\2.0\1GGAWJGN.9EA\C8832Q0M.HQ5\amaz..tion_f2fa081ea2183235_0002.0004_9f25fd1982bf3008\AmazonCloudDrive.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
(Sun Microsystems, Inc.) C:\Users\Pavel\AppData\Local\Apps\2.0\1GGAWJGN.9EA\C8832Q0M.HQ5\amaz..tion_f2fa081ea2183235_0002.0004_9f25fd1982bf3008\LocalServiceJre\bin\AmazonCloudDriveW.exe
(Google Inc.) C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher (2).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2014-01-31] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Run: [Google Update] => C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-03-27] (Google Inc.)
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Run: [SkyDrive] => C:\Users\Pavel\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation)
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Run: [Spotify Web Helper] => C:\Users\Pavel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-10] (Spotify Ltd)
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Policies\system: [DisableChangePassword] 0
AppInit_DLLs: C:\Windows\System32\guard64.dll => C:\Windows\System32\guard64.dll File Not Found
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Cloud Drive.appref-ms ()
Startup: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Pavel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDF
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM -> {56022234-0D83-49BD-8C46-D3E24DA7FB8F} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {56022234-0D83-49BD-8C46-D3E24DA7FB8F} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}
SearchScopes: HKU\S-1-5-21-2521347245-3173715370-2904160513-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\S-1-5-21-2521347245-3173715370-2904160513-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\S-1-5-21-2521347245-3173715370-2904160513-1001 -> {56022234-0D83-49BD-8C46-D3E24DA7FB8F} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKU\S-1-5-21-2521347245-3173715370-2904160513-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-2521347245-3173715370-2904160513-1001 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: No Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: No Name -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> No File
BHO-x32: No Name -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File
Toolbar: HKU\S-1-5-21-2521347245-3173715370-2904160513-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/s ... wflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 78.156.128.37 8.8.8.8
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2521347245-3173715370-2904160513-1001: @acestream.net/acestreamplugin,version=2.2.4-next -> C:\Users\Pavel\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-2521347245-3173715370-2904160513-1001: @acestream.net/acestreamplugin,version=3.0.3 -> C:\Users\Pavel\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-2521347245-3173715370-2904160513-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Pavel\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2521347245-3173715370-2904160513-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Pavel\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-02]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
Chrome:
=======
CHR HomePage: Default -> https://inbox.google.com/u/0/?pli=1
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (HP Product Detection Plugin) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp [2013-02-06]
CHR Extension: (Disk Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-17]
CHR Extension: (TV) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2013-03-22]
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-09-06]
CHR Extension: (Adblock Plus) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-11]
CHR Extension: (Vyhledávání Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-20]
CHR Extension: (Good News) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\deegloljmdbfbjhlimieancmcfombgjj [2013-03-22]
CHR Extension: (Google News) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2013-03-22]
CHR Extension: (Pixlr-o-matic) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj [2013-12-25]
CHR Extension: (Toggl - Productivity Pack) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehdkmhgmlehnbibjhddpfelefhhniecm [2014-06-28]
CHR Extension: (Gmail Offline) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2013-03-22]
CHR Extension: (Kalendář Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2013-03-22]
CHR Extension: (TweetDeck by Twitter) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2013-03-22]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2013-12-11]
CHR Extension: (feedly) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2013-03-15]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2013-05-26]
CHR Extension: (Pixlr Express) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmjpdlmjopaeginhldhiokeidchjid [2013-12-25]
CHR Extension: (Pixlr Editor) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2013-12-25]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-15]
CHR Extension: (Mapy Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2013-03-22]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2013-03-22]
CHR Extension: (Peněženka Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Evernote Web Clipper) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2013-03-22]
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-09-06]
CHR HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Pavel\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2013-11-21]
CHR HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Chrome\Extension: [kfkcangbigakljkjeglcofaomihpejif] - C:\Users\Pavel\AppData\Local\CRE\kfkcangbigakljkjeglcofaomihpejif.crx [Not Found]
CHR HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Pavel\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2013-11-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2014-11-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-19]
CHR HKLM-x32\...\Chrome\Extension: [kfkcangbigakljkjeglcofaomihpejif] - C:\Users\Pavel\AppData\Local\CRE\kfkcangbigakljkjeglcofaomihpejif.crx [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-19] (AVAST Software)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-27] (HP) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2011-06-29] (Realsil Microelectronics Inc.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [359936 2014-03-21] () [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-19] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-19] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-19] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-19] ()
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [133672 2011-09-21] (Broadcom Corporation.)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-09-21] (Broadcom Corporation.)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-10-29] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-11] (Disc Soft Ltd)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-21] (Microsoft Corporation)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-19 15:55 - 2014-12-19 15:57 - 00027975 _____ () C:\Users\Pavel\Desktop\FRST.txt
2014-12-19 15:55 - 2014-12-19 15:56 - 00000000 ____D () C:\FRST
2014-12-19 15:52 - 2014-12-19 15:52 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher (2).exe
2014-12-19 15:51 - 2014-12-19 15:51 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Downloads\Nepotvrzeno 987141.crdownload
2014-12-19 15:50 - 2014-12-19 15:50 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Downloads\Nepotvrzeno 869243.crdownload
2014-12-19 15:40 - 2014-12-19 15:40 - 02121216 _____ (Farbar) C:\Users\Pavel\Desktop\FRST64.exe
2014-12-18 09:22 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 09:22 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-15 21:06 - 2014-12-15 22:25 - 732011144 _____ () C:\Users\Pavel\Downloads\Agent-v-sukni-II.-(Big-Momma's-House-II.).avi
2014-12-15 20:58 - 2014-12-15 22:39 - 00000000 ____D () C:\Users\Pavel\Downloads\Big Mommas House 2 2006 BluRay 720p AC3 x264-3Li
2014-12-14 19:31 - 2014-12-15 11:17 - 00000000 ____D () C:\Users\Pavel\Desktop\podbabska
2014-12-14 19:27 - 2014-12-15 11:18 - 00000000 ____D () C:\Users\Pavel\Desktop\141214
2014-12-14 17:41 - 2014-12-15 11:17 - 00000000 ____D () C:\Users\Pavel\Desktop\K+S
2014-12-13 19:37 - 2014-12-13 19:59 - 00000000 ____D () C:\Users\Pavel\Downloads\Magic in the Moonlight (2014)
2014-12-13 19:34 - 2014-12-13 20:07 - 00000000 ____D () C:\Users\Pavel\Downloads\Magic in the Moonlight (2014) [1080p]
2014-12-12 11:00 - 2014-12-12 11:00 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-12 10:59 - 2014-12-12 10:59 - 00000021 _____ () C:\Users\Pavel\Desktop\sadasd.txt
2014-12-10 07:56 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 07:56 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 07:56 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-10 07:56 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-10 07:56 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-10 07:56 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-10 07:56 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-10 07:56 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-10 07:56 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-10 07:56 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-09 21:32 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-09 21:32 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-09 21:32 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-09 21:32 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-09 21:32 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-09 21:32 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-09 21:32 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-09 21:32 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-09 21:32 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-09 21:32 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-09 21:32 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-09 21:32 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-09 21:32 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-09 21:32 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-09 21:32 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-09 21:32 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-09 21:32 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-09 21:32 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-09 21:32 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-09 21:32 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-09 21:32 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-09 21:32 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-09 21:32 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-09 21:32 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-09 21:32 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-09 21:31 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-09 21:31 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-09 21:31 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-09 21:31 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-09 21:31 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-09 21:31 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-09 21:31 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-09 21:31 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-09 21:31 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-09 21:31 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-09 21:31 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-09 21:31 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-09 21:31 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-09 21:31 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-09 21:31 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-09 21:31 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-09 21:31 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-09 21:31 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-09 21:31 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-09 21:31 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-09 21:31 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-09 21:31 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-09 21:31 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-09 21:31 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-09 21:31 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-09 21:31 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-09 21:31 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-09 21:31 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-09 21:31 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-09 21:31 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-09 21:31 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-09 21:31 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-09 21:31 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-09 21:31 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-09 21:31 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-09 21:31 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-09 21:31 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-09 21:31 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-09 21:31 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-09 21:31 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-09 21:30 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-09 21:30 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-09 21:30 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-09 21:30 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-09 21:30 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-09 21:30 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-09 21:30 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-09 21:30 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-09 21:30 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-09 21:30 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-09 21:30 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-09 21:30 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-09 21:30 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-09 21:30 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 20:53 - 2014-12-09 21:51 - 1014662470 _____ () C:\Users\Pavel\Downloads\Sám-doma-cz-(1990).avi
2014-12-09 20:17 - 2014-12-09 20:31 - 00000000 ____D () C:\Users\Pavel\Downloads\Home Alone (1990) [1080p]
2014-12-09 20:17 - 2014-12-09 20:17 - 00017554 _____ () C:\Users\Pavel\Downloads\[kickass.so]home.alone.1990.1080p.brrip.x264.yify.torrent
2014-11-30 10:41 - 2014-11-30 10:41 - 00065422 _____ () C:\Users\Pavel\Downloads\549_1991_Sb.txt
2014-11-29 16:50 - 2014-11-29 16:54 - 63331933 _____ () C:\Users\Pavel\Downloads\PrednaskaDueDiligenceHladky.wma
2014-11-26 21:59 - 2014-11-26 21:59 - 00000000 ____D () C:\Users\Pavel\Downloads\The-Fappening-Hack-Videos-and-Pictures-Collection-1+2-2014
2014-11-26 20:27 - 2014-11-26 21:46 - 1408873212 _____ () C:\Users\Pavel\Downloads\The-Fappening-Hack-Videos-and-Pictures-Collection-1+2-2014.zip
2014-11-24 19:23 - 2014-11-24 19:23 - 00000000 ____D () C:\Users\Pavel\Downloads\The Monuments Men (2014) [1080p]
2014-11-24 17:52 - 2014-11-24 17:52 - 00012730 _____ () C:\Users\Pavel\Downloads\[kickass.so]nfl.wk.12.11.23.2014.cardinal.at.seahawks.condensed.1280x720.phr0sty.mkv.torrent
2014-11-23 18:10 - 2014-11-23 18:11 - 10207225 _____ () C:\Users\Pavel\Downloads\CENTAPHARM.zip
2014-11-23 18:10 - 2014-11-23 18:10 - 00012701 _____ () C:\Users\Pavel\Downloads\CENTAPHARM summary.xlsx
2014-11-22 22:57 - 2014-11-22 22:57 - 00000010 _____ () C:\Users\Pavel\Desktop\vajkovsky katastr.txt
2014-11-22 22:49 - 2014-11-24 18:05 - 00000000 ____D () C:\Users\Pavel\Downloads\The Hunger Games Catching Fire (2013)
2014-11-22 20:43 - 2014-11-22 20:48 - 00000000 ____D () C:\Users\Pavel\Downloads\Ed Wood (1994)
2014-11-22 20:42 - 2014-11-22 23:07 - 00000000 ____D () C:\Users\Pavel\Downloads\From Hell (2001) [1080p]
2014-11-22 20:36 - 2014-11-22 20:36 - 00000931 _____ () C:\Users\Pavel\Desktop\µTorrent.lnk
2014-11-22 20:36 - 2014-11-22 20:36 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2014-11-22 20:35 - 2014-11-22 20:35 - 01939048 _____ (emc) C:\Users\Pavel\Downloads\uTorrent221.exe
2014-11-22 12:22 - 2014-11-22 12:22 - 02421760 _____ (ATLAS consulting spol. s r.o.) C:\Users\Pavel\Downloads\DataAsistentCDX6ACD.exe
2014-11-22 11:42 - 2014-11-22 11:42 - 00187392 _____ () C:\Users\Pavel\Downloads\aktualni-program-hdo-ke-stazeni.xls
2014-11-19 22:27 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 22:27 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 22:27 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 22:27 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-19 22:09 - 2014-12-19 15:27 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-11-19 22:09 - 2014-12-19 15:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-11-19 22:09 - 2014-12-18 21:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-11-19 22:08 - 2014-11-19 22:08 - 13087456 _____ (Microsoft Corporation) C:\Users\Pavel\Downloads\Silverlight_x64 (5).exe
2014-11-19 22:06 - 2014-11-19 22:05 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-19 22:05 - 2014-11-19 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-19 22:05 - 2014-11-19 22:05 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-19 22:03 - 2014-11-19 22:03 - 00638888 _____ (Oracle Corporation) C:\Users\Pavel\Downloads\chromeinstall-8u25 (2).exe
2014-11-19 21:25 - 2014-11-19 21:18 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-11-19 21:25 - 2014-11-19 21:18 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-11-19 21:15 - 2014-11-19 21:15 - 00638888 _____ (Oracle Corporation) C:\Users\Pavel\Downloads\chromeinstall-8u25 (1).exe
2014-11-19 21:15 - 2014-11-19 21:15 - 00000000 __SHD () C:\Users\Pavel\AppData\Local\EmieUserList
2014-11-19 21:15 - 2014-11-19 21:15 - 00000000 __SHD () C:\Users\Pavel\AppData\Local\EmieSiteList
2014-11-19 21:15 - 2014-11-19 21:15 - 00000000 __SHD () C:\Users\Pavel\AppData\Local\EmieBrowserModeList
2014-11-19 21:12 - 2014-11-19 21:12 - 00638888 _____ (Oracle Corporation) C:\Users\Pavel\Downloads\chromeinstall-8u25.exe
2014-11-19 21:09 - 2014-11-19 21:09 - 13087456 _____ (Microsoft Corporation) C:\Users\Pavel\Downloads\Silverlight_x64 (4).exe
2014-11-19 20:57 - 2014-11-19 20:57 - 00003556 _____ () C:\Windows\PFRO.log
2014-11-19 20:55 - 2014-11-19 20:55 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-19 20:55 - 2014-11-19 20:55 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-19 20:48 - 2014-12-19 15:28 - 00000672 _____ () C:\Windows\setupact.log
2014-11-19 20:48 - 2014-11-19 20:48 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-19 20:34 - 2014-11-19 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-11-19 20:30 - 2014-11-19 20:30 - 00003142 _____ () C:\Windows\System32\Tasks\{A569E054-A7D4-47FC-A8AB-0B3577FB0FD3}
2014-11-19 04:26 - 2014-11-19 04:26 - 01614504 _____ (Microsoft Corporation) C:\Windows\system32\FM20.DLL
2014-11-19 01:08 - 2014-11-19 01:09 - 00000000 ____D () C:\Users\Pavel\Desktop\fontana
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-19 15:57 - 2013-02-02 12:55 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-12-19 15:50 - 2013-04-16 09:58 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-19 15:39 - 2012-02-04 03:29 - 01600481 _____ () C:\Windows\WindowsUpdate.log
2014-12-19 15:35 - 2009-07-14 05:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-19 15:35 - 2009-07-14 05:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-19 15:31 - 2012-10-16 13:45 - 00000000 ___RD () C:\Users\Pavel\Dropbox
2014-12-19 15:30 - 2013-12-30 16:51 - 00000000 ___RD () C:\Users\Pavel\SkyDrive
2014-12-19 15:30 - 2012-10-16 13:42 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Dropbox
2014-12-19 15:30 - 2012-09-06 16:36 - 00000000 ____D () C:\Users\Pavel\AppData\Local\Deployment
2014-12-19 15:29 - 2014-11-02 08:53 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-19 15:29 - 2012-11-21 12:28 - 00000000 ___RD () C:\Users\Pavel\Disk Google
2014-12-19 15:28 - 2013-10-09 09:40 - 00000216 _____ () C:\Windows\Tasks\AutoKMS.job
2014-12-19 15:28 - 2013-04-11 19:40 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-19 15:28 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-18 21:33 - 2013-03-27 14:29 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2521347245-3173715370-2904160513-1001UA.job
2014-12-18 13:38 - 2013-03-29 10:31 - 00003322 _____ () C:\Windows\wininit.ini
2014-12-18 13:38 - 2012-10-16 13:42 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-18 12:59 - 2013-12-13 19:58 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\uTorrent
2014-12-18 12:43 - 2013-04-28 15:58 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\.ACEStream
2014-12-18 12:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-18 10:40 - 2013-10-09 09:40 - 00000216 _____ () C:\Windows\Tasks\AutoKMSDaily.job
2014-12-18 10:15 - 2012-09-06 15:47 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-12-18 10:14 - 2012-12-06 11:23 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-12-18 09:21 - 2013-03-27 14:29 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2521347245-3173715370-2904160513-1001Core.job
2014-12-17 18:27 - 2013-03-24 16:32 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Adobe
2014-12-16 10:59 - 2013-09-23 15:09 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForPavel.job
2014-12-16 10:58 - 2013-09-23 15:09 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForPavel
2014-12-15 17:19 - 2014-11-16 13:13 - 00000000 ____D () C:\Users\Pavel\Documents\Soubory aplikace Outlook
2014-12-15 14:48 - 2013-03-24 16:38 - 00000000 ____D () C:\Users\Pavel\AppData\Local\Adobe
2014-12-14 22:28 - 2013-04-28 15:58 - 00000000 ___HD () C:\_acestream_cache_
2014-12-14 19:17 - 2011-11-12 01:56 - 00669116 _____ () C:\Windows\system32\perfh005.dat
2014-12-14 19:17 - 2011-11-12 01:56 - 00141744 _____ () C:\Windows\system32\perfc005.dat
2014-12-14 19:17 - 2009-07-14 06:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-14 12:24 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 19:50 - 2013-04-16 09:58 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-13 19:50 - 2013-04-16 09:58 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-13 19:50 - 2011-11-11 17:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-12 11:14 - 2014-01-29 08:43 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-12 11:00 - 2014-05-12 07:14 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-12 11:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-12 11:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 21:58 - 2013-08-15 11:38 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 08:03 - 2012-12-16 16:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 08:03 - 2012-09-05 19:28 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-29 10:35 - 2013-11-24 12:04 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\HpUpdate
2014-11-27 21:40 - 2012-09-05 20:33 - 00000000 ____D () C:\Users\Pavel\AppData\Local\CrashDumps
2014-11-23 21:57 - 2014-08-10 10:35 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Spotify
2014-11-22 20:55 - 2014-11-02 08:52 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-22 14:04 - 2014-08-10 10:36 - 00000000 ____D () C:\Users\Pavel\AppData\Local\Spotify
2014-11-22 13:30 - 2014-03-09 12:01 - 00000000 ____D () C:\Program Files\Codexis
2014-11-22 13:30 - 2014-03-08 13:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CODEXIS 6 ACADEMIA
2014-11-19 21:59 - 2012-09-05 19:12 - 00140216 _____ () C:\Users\Pavel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-19 21:54 - 2009-07-14 05:45 - 05093776 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-19 21:24 - 2012-09-22 19:37 - 00000000 ____D () C:\Users\Pavel\Documents\Youcam
2014-11-19 21:18 - 2014-11-01 21:08 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-19 21:13 - 2013-10-18 19:52 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-19 20:55 - 2014-11-02 08:52 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-11-19 20:55 - 2014-11-02 08:52 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-19 20:55 - 2014-11-02 08:52 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-11-19 20:55 - 2014-11-02 08:52 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-19 20:55 - 2014-11-02 08:52 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2014-11-19 20:55 - 2014-11-02 08:52 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-19 20:55 - 2014-11-02 08:52 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-19 20:43 - 2014-08-14 18:50 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Spotydl
2014-11-19 20:37 - 2012-10-06 17:02 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\TeamViewer
2014-11-19 20:34 - 2012-09-06 19:31 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-19 20:32 - 2014-06-17 16:05 - 00000000 ____D () C:\Users\Pavel\Documents\Stahování
2014-11-19 19:58 - 2013-09-29 16:31 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\vlc
Some content of TEMP:
====================
C:\Users\Pavel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpztonsg.dll
C:\Users\Pavel\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Pavel\AppData\Local\Temp\_unps.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2521347245-3173715370-2904160513-1001Core.job => C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2521347245-3173715370-2904160513-1001UA.job => C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForPavel.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Pavel\Desktop" je 27592 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive
C:\Windows\SysWOW64\rundll32.exe "C:\Users\Pavel\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SCX3200_Scan2Pc
C:\Windows\Twain_32\Samsung\SCX3200\Scan2pc.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefault
C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper
"C:\Users\Pavel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent
"C:\Program Files (x86)\Winamp\winampa.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pavel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk
C:\PROGRA~2\Evernote\Evernote\EVERNO~2.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pavel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Serviio.lnk
C:\PROGRA~1\Serviio\bin\SERVII~2.EXE
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\FlashGet Network\\FlashGet 3\\FlashGet3.exe"="C:\\Program Files (x86)\\FlashGet Network\\FlashGet 3\\FlashGet3.exe:*:Enabled:Flashget3"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu - dllloader.dll virus
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Prosím o kontrolu logu - dllloader.dll virus
- Přílohy
-
- Addition.rar
- (7.99 KiB) Staženo 39 x
Re: Prosím o kontrolu logu - dllloader.dll virus
Zdravim 
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Po spusteni probehne stazeni databaze
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; resethosts; emptyclsid; IEdefaults; FFdefaults; CHRdefaults; emptyIEcache; emptyFFcache; emptyCHRcache; emptyalltemp; emptyflash; emptyjava; emptyrecycle.bin;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu - dllloader.dll virus
Díky moc, přikládám oba logy:
# AdwCleaner v4.105 - Report created 19/12/2014 at 17:04:33
# Updated 08/12/2014 by Xplode
# Database : 2014-12-16.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Pavel - PAVEL-NB
# Running from : C:\Users\Pavel\Desktop\adwcleaner_4.105.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\AdTrustMedia
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Users\Pavel\AppData\Local\Conduit
Folder Deleted : C:\Users\Pavel\AppData\Local\genienext
Folder Deleted : C:\Users\Pavel\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Pavel\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\Pavel\AppData\Local\AdTrustMedia
Folder Deleted : C:\Users\Pavel\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Pavel\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Pavel\Documents\Mobogenie
File Deleted : C:\Users\Pavel\daemonprocess.txt
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Key Deleted : HKCU\Software\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp
Key Deleted : HKCU\Software\Google\Chrome\Extensions\kfkcangbigakljkjeglcofaomihpejif
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kfkcangbigakljkjeglcofaomihpejif
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\wscontb
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\Conduit
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Google Chrome v
[C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
-\\ Chromium v
[C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
*************************
AdwCleaner[R0].txt - [3139 octets] - [19/12/2014 16:59:01]
AdwCleaner[S0].txt - [3124 octets] - [19/12/2014 17:04:33]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3184 octets] ##########
___________________________
Zoek.exe v5.0.0.0 Updated 19-December-2014
Tool run by Pavel on p 19.12.2014 at 17:12:55,26.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Pavel\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
19.12.2014 17:19:18 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\WinRAR deleted successfully
C:\Program Files\Common Files\McAfee deleted successfully
C:\PROGRA~3\Avid deleted successfully
C:\Users\Pavel\AppData\Roaming\FlashgetSetup deleted successfully
C:\Users\Pavel\AppData\Roaming\Media Player Classic deleted successfully
C:\Users\Pavel\AppData\Roaming\TP deleted successfully
C:\Users\Pavel\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\Pavel\AppData\Local\cache deleted successfully
C:\Users\Pavel\AppData\Local\GHISLER deleted successfully
C:\Users\Pavel\AppData\Local\PACE Anti-Piracy deleted successfully
C:\Users\Pavel\AppData\Local\WarThunder deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Internet Explorer\SearchScopes\{56022234-0D83-49BD-8C46-D3E24DA7FB8F} deleted successfully
HKEY_USERS\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully
HKEY_USERS\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully
HKEY_USERS\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928} deleted successfully
HKEY_USERS\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928} deleted successfully
HKEY_USERS\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_USERS\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_USERS\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfully
HKEY_USERS\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully
HKEY_USERS\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully
HKEY_USERS\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Classes\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA609D72-8482-4076-8991-8CDAE5B93BCB} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Batch Command(s) Run By Tool======================
C:\Windows\system32\appdata deleted
==== Deleting Files \ Folders ======================
C:\Windows\syswow64\appdata deleted
C:\Users\Pavel\.android deleted
C:\PROGRA~2\PhotoshopPortable deleted
C:\PROGRA~2\SopCast deleted
C:\install.exe deleted
C:\Users\Pavel\AppData\Local\CRE deleted
C:\Windows\wininit.ini deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\SysWow64\AI_RecycleBin deleted
"C:\Users\Pavel\AppData\Roaming\aspi\fav.hst" deleted
"C:\Users\Pavel\AppData\Roaming\aspi\mru.hst" deleted
"C:\Users\Pavel\AppData\Roaming\aspi" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [19.11.2014 20:55]
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[19.11.2014 20:55]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]
HP Product Detection Plugin - Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp
Google News - Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc
Pixlr-o-matic - Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj
Toggl - Productivity Pack - Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehdkmhgmlehnbibjhddpfelefhhniecm
TweetDeck by Twitter - Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl
LastPass - Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd
feedly - Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob
Pixlr Express - Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmjpdlmjopaeginhldhiokeidchjid
Pixlr Editor - Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk
Google Drive App Launcher - Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
==== Chromium Fix ======================
C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.legalservices.cz_0.localstorage deleted successfully
C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.legalservices.cz_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.bing.com?pc=HPNTDF"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.bing.com?pc=HPNTDF"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{61984A22-6197-4933-98F5-5CB7D91FAE67} Google Url="http://www.google.com/search?q={searchT ... f8&oe=utf8"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Goo Url="http://www.google.com/search?q={sear"
==== Reset Google Chrome ======================
C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Pavel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\desktop.ini will be deleted at reboot
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini will be deleted at reboot
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=1363 folders=214 372993161 bytes)
==== Empty Temp Folders ======================
C:\Users\Administrator\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Pavel\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Pavel\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\desktop.ini" not found
"C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini" not found
"C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
==== EOF on p 19.12.2014 at 18:33:34,50 ======================
# AdwCleaner v4.105 - Report created 19/12/2014 at 17:04:33
# Updated 08/12/2014 by Xplode
# Database : 2014-12-16.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Pavel - PAVEL-NB
# Running from : C:\Users\Pavel\Desktop\adwcleaner_4.105.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\AdTrustMedia
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Users\Pavel\AppData\Local\Conduit
Folder Deleted : C:\Users\Pavel\AppData\Local\genienext
Folder Deleted : C:\Users\Pavel\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Pavel\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\Pavel\AppData\Local\AdTrustMedia
Folder Deleted : C:\Users\Pavel\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Pavel\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Pavel\Documents\Mobogenie
File Deleted : C:\Users\Pavel\daemonprocess.txt
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Key Deleted : HKCU\Software\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp
Key Deleted : HKCU\Software\Google\Chrome\Extensions\kfkcangbigakljkjeglcofaomihpejif
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kfkcangbigakljkjeglcofaomihpejif
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\wscontb
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\Conduit
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Google Chrome v
[C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
-\\ Chromium v
[C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
*************************
AdwCleaner[R0].txt - [3139 octets] - [19/12/2014 16:59:01]
AdwCleaner[S0].txt - [3124 octets] - [19/12/2014 17:04:33]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3184 octets] ##########
___________________________
Zoek.exe v5.0.0.0 Updated 19-December-2014
Tool run by Pavel on p 19.12.2014 at 17:12:55,26.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Pavel\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
19.12.2014 17:19:18 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\WinRAR deleted successfully
C:\Program Files\Common Files\McAfee deleted successfully
C:\PROGRA~3\Avid deleted successfully
C:\Users\Pavel\AppData\Roaming\FlashgetSetup deleted successfully
C:\Users\Pavel\AppData\Roaming\Media Player Classic deleted successfully
C:\Users\Pavel\AppData\Roaming\TP deleted successfully
C:\Users\Pavel\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\Pavel\AppData\Local\cache deleted successfully
C:\Users\Pavel\AppData\Local\GHISLER deleted successfully
C:\Users\Pavel\AppData\Local\PACE Anti-Piracy deleted successfully
C:\Users\Pavel\AppData\Local\WarThunder deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Internet Explorer\SearchScopes\{56022234-0D83-49BD-8C46-D3E24DA7FB8F} deleted successfully
HKEY_USERS\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully
HKEY_USERS\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully
HKEY_USERS\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928} deleted successfully
HKEY_USERS\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928} deleted successfully
HKEY_USERS\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_USERS\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_USERS\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfully
HKEY_USERS\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully
HKEY_USERS\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully
HKEY_USERS\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Classes\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA609D72-8482-4076-8991-8CDAE5B93BCB} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Batch Command(s) Run By Tool======================
C:\Windows\system32\appdata deleted
==== Deleting Files \ Folders ======================
C:\Windows\syswow64\appdata deleted
C:\Users\Pavel\.android deleted
C:\PROGRA~2\PhotoshopPortable deleted
C:\PROGRA~2\SopCast deleted
C:\install.exe deleted
C:\Users\Pavel\AppData\Local\CRE deleted
C:\Windows\wininit.ini deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\SysWow64\AI_RecycleBin deleted
"C:\Users\Pavel\AppData\Roaming\aspi\fav.hst" deleted
"C:\Users\Pavel\AppData\Roaming\aspi\mru.hst" deleted
"C:\Users\Pavel\AppData\Roaming\aspi" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [19.11.2014 20:55]
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[19.11.2014 20:55]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]
HP Product Detection Plugin - Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp
Google News - Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc
Pixlr-o-matic - Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj
Toggl - Productivity Pack - Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehdkmhgmlehnbibjhddpfelefhhniecm
TweetDeck by Twitter - Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl
LastPass - Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd
feedly - Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob
Pixlr Express - Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmjpdlmjopaeginhldhiokeidchjid
Pixlr Editor - Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk
Google Drive App Launcher - Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
==== Chromium Fix ======================
C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.legalservices.cz_0.localstorage deleted successfully
C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.legalservices.cz_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.bing.com?pc=HPNTDF"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.bing.com?pc=HPNTDF"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{61984A22-6197-4933-98F5-5CB7D91FAE67} Google Url="http://www.google.com/search?q={searchT ... f8&oe=utf8"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Goo Url="http://www.google.com/search?q={sear"
==== Reset Google Chrome ======================
C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Application Data\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Pavel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\desktop.ini will be deleted at reboot
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini will be deleted at reboot
C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=1363 folders=214 372993161 bytes)
==== Empty Temp Folders ======================
C:\Users\Administrator\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Pavel\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Pavel\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\desktop.ini" not found
"C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini" not found
"C:\Users\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
==== EOF on p 19.12.2014 at 18:33:34,50 ======================
Re: Prosím o kontrolu logu - dllloader.dll virus
Poprosim o novy log z FRST
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu - dllloader.dll virus
Přikládám, díky
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014
Ran by Pavel (administrator) on PAVEL-NB on 19-12-2014 21:59:36
Running from C:\Users\Pavel\Desktop
Loaded Profile: Pavel (Available profiles: Pavel)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Users\Pavel\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Spotify Ltd) C:\Users\Pavel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Amazon Digital Services, LLC.) C:\Users\Pavel\AppData\Local\Apps\2.0\1GGAWJGN.9EA\C8832Q0M.HQ5\amaz..tion_f2fa081ea2183235_0002.0004_9f25fd1982bf3008\AmazonCloudDrive.exe
(Dropbox, Inc.) C:\Users\Pavel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Sun Microsystems, Inc.) C:\Users\Pavel\AppData\Local\Apps\2.0\1GGAWJGN.9EA\C8832Q0M.HQ5\amaz..tion_f2fa081ea2183235_0002.0004_9f25fd1982bf3008\LocalServiceJre\bin\AmazonCloudDriveW.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher (1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2014-01-31] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Run: [Google Update] => C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-03-27] (Google Inc.)
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Run: [SkyDrive] => C:\Users\Pavel\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation)
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Run: [Spotify Web Helper] => C:\Users\Pavel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-10] (Spotify Ltd)
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Policies\system: [DisableChangePassword] 0
AppInit_DLLs: C:\Windows\System32\guard64.dll => C:\Windows\System32\guard64.dll File Not Found
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Cloud Drive.appref-ms ()
Startup: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Pavel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2521347245-3173715370-2904160513-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2521347245-3173715370-2904160513-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/s ... wflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 78.156.128.37 8.8.8.8
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2521347245-3173715370-2904160513-1001: @acestream.net/acestreamplugin,version=2.2.4-next -> C:\Users\Pavel\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-2521347245-3173715370-2904160513-1001: @acestream.net/acestreamplugin,version=3.0.3 -> C:\Users\Pavel\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-2521347245-3173715370-2904160513-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Pavel\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2521347245-3173715370-2904160513-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Pavel\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-02]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
Chrome:
=======
CHR HomePage: Default -> https://inbox.google.com/u/0/?pli=1
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-19]
CHR Extension: (HP Product Detection Plugin) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp [2013-02-06]
CHR Extension: (Dokumenty Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-19]
CHR Extension: (Disk Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-17]
CHR Extension: (TV) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2013-03-22]
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-09-06]
CHR Extension: (Adblock Plus) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-11]
CHR Extension: (Vyhledávání Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-20]
CHR Extension: (Good News) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\deegloljmdbfbjhlimieancmcfombgjj [2013-03-22]
CHR Extension: (Google News) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2013-03-22]
CHR Extension: (Pixlr-o-matic) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj [2013-12-25]
CHR Extension: (Toggl - Productivity Pack) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehdkmhgmlehnbibjhddpfelefhhniecm [2014-06-28]
CHR Extension: (Gmail Offline) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2013-03-22]
CHR Extension: (Kalendář Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2013-03-22]
CHR Extension: (Tabulky Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-19]
CHR Extension: (TweetDeck by Twitter) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2013-03-22]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2013-12-11]
CHR Extension: (feedly) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2013-03-15]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2013-05-26]
CHR Extension: (Pixlr Express) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmjpdlmjopaeginhldhiokeidchjid [2013-12-25]
CHR Extension: (Pixlr Editor) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2013-12-25]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-15]
CHR Extension: (Mapy Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2013-03-22]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2013-03-22]
CHR Extension: (Peněženka Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Evernote Web Clipper) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2013-03-22]
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-09-06]
CHR HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-19]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-19] (AVAST Software)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-27] (HP) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2011-06-29] (Realsil Microelectronics Inc.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [359936 2014-03-21] () [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-19] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-19] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-19] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-19] ()
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [133672 2011-09-21] (Broadcom Corporation.)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-09-21] (Broadcom Corporation.)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-10-29] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-11] (Disc Soft Ltd)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-21] (Microsoft Corporation)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-19 21:58 - 2014-12-19 21:59 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher (1).exe
2014-12-19 18:31 - 2014-12-19 17:12 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-19 17:18 - 2014-12-19 18:33 - 00033782 _____ () C:\Users\Pavel\Desktop\zoek-results.log
2014-12-19 17:12 - 2014-12-19 18:24 - 00000000 ____D () C:\zoek_backup
2014-12-19 17:09 - 2014-12-19 17:09 - 00003280 _____ () C:\Users\Pavel\Desktop\AdwCleaner[S0].txt
2014-12-19 16:58 - 2014-12-19 17:04 - 00000000 ____D () C:\AdwCleaner
2014-12-19 16:57 - 2014-12-19 16:57 - 01295360 _____ () C:\Users\Pavel\Desktop\zoek.exe
2014-12-19 16:54 - 2014-12-19 16:55 - 02166272 _____ () C:\Users\Pavel\Desktop\adwcleaner_4.105.exe
2014-12-19 16:42 - 2014-12-19 20:14 - 00000000 ____D () C:\Users\Pavel\Downloads\Looper (2012)
2014-12-19 16:24 - 2014-12-19 16:24 - 00008179 _____ () C:\Users\Pavel\Desktop\Addition.rar
2014-12-19 15:55 - 2014-12-19 22:01 - 00022936 _____ () C:\Users\Pavel\Desktop\FRST.txt
2014-12-19 15:55 - 2014-12-19 21:59 - 00000000 ____D () C:\FRST
2014-12-19 15:40 - 2014-12-19 15:40 - 02121216 _____ (Farbar) C:\Users\Pavel\Desktop\FRST64.exe
2014-12-18 09:22 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 09:22 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-15 21:06 - 2014-12-15 22:25 - 732011144 _____ () C:\Users\Pavel\Downloads\Agent-v-sukni-II.-(Big-Momma's-House-II.).avi
2014-12-15 20:58 - 2014-12-15 22:39 - 00000000 ____D () C:\Users\Pavel\Downloads\Big Mommas House 2 2006 BluRay 720p AC3 x264-3Li
2014-12-14 19:31 - 2014-12-15 11:17 - 00000000 ____D () C:\Users\Pavel\Desktop\podbabska
2014-12-14 19:27 - 2014-12-15 11:18 - 00000000 ____D () C:\Users\Pavel\Desktop\141214
2014-12-14 17:41 - 2014-12-15 11:17 - 00000000 ____D () C:\Users\Pavel\Desktop\K+S
2014-12-13 19:37 - 2014-12-13 19:59 - 00000000 ____D () C:\Users\Pavel\Downloads\Magic in the Moonlight (2014)
2014-12-13 19:34 - 2014-12-13 20:07 - 00000000 ____D () C:\Users\Pavel\Downloads\Magic in the Moonlight (2014) [1080p]
2014-12-12 11:00 - 2014-12-12 11:00 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-12 10:59 - 2014-12-12 10:59 - 00000021 _____ () C:\Users\Pavel\Desktop\sadasd.txt
2014-12-10 07:56 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 07:56 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 07:56 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-10 07:56 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-10 07:56 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-10 07:56 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-10 07:56 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-10 07:56 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-10 07:56 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-10 07:56 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-09 21:32 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-09 21:32 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-09 21:32 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-09 21:32 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-09 21:32 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-09 21:32 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-09 21:32 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-09 21:32 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-09 21:32 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-09 21:32 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-09 21:32 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-09 21:32 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-09 21:32 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-09 21:32 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-09 21:32 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-09 21:32 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-09 21:32 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-09 21:32 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-09 21:32 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-09 21:32 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-09 21:32 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-09 21:32 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-09 21:32 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-09 21:32 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-09 21:32 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-09 21:31 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-09 21:31 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-09 21:31 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-09 21:31 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-09 21:31 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-09 21:31 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-09 21:31 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-09 21:31 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-09 21:31 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-09 21:31 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-09 21:31 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-09 21:31 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-09 21:31 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-09 21:31 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-09 21:31 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-09 21:31 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-09 21:31 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-09 21:31 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-09 21:31 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-09 21:31 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-09 21:31 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-09 21:31 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-09 21:31 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-09 21:31 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-09 21:31 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-09 21:31 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-09 21:31 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-09 21:31 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-09 21:31 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-09 21:31 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-09 21:31 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-09 21:31 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-09 21:31 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-09 21:31 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-09 21:31 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-09 21:31 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-09 21:31 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-09 21:31 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-09 21:31 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-09 21:31 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-09 21:30 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-09 21:30 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-09 21:30 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-09 21:30 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-09 21:30 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-09 21:30 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-09 21:30 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-09 21:30 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-09 21:30 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-09 21:30 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-09 21:30 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-09 21:30 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-09 21:30 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-09 21:30 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 20:53 - 2014-12-09 21:51 - 1014662470 _____ () C:\Users\Pavel\Downloads\Sám-doma-cz-(1990).avi
2014-12-09 20:17 - 2014-12-09 20:31 - 00000000 ____D () C:\Users\Pavel\Downloads\Home Alone (1990) [1080p]
2014-12-09 20:17 - 2014-12-09 20:17 - 00017554 _____ () C:\Users\Pavel\Downloads\[kickass.so]home.alone.1990.1080p.brrip.x264.yify.torrent
2014-11-30 10:41 - 2014-11-30 10:41 - 00065422 _____ () C:\Users\Pavel\Downloads\549_1991_Sb.txt
2014-11-29 16:50 - 2014-11-29 16:54 - 63331933 _____ () C:\Users\Pavel\Downloads\PrednaskaDueDiligenceHladky.wma
2014-11-26 21:59 - 2014-11-26 21:59 - 00000000 ____D () C:\Users\Pavel\Downloads\The-Fappening-Hack-Videos-and-Pictures-Collection-1+2-2014
2014-11-26 20:27 - 2014-11-26 21:46 - 1408873212 _____ () C:\Users\Pavel\Downloads\The-Fappening-Hack-Videos-and-Pictures-Collection-1+2-2014.zip
2014-11-24 19:23 - 2014-11-24 19:23 - 00000000 ____D () C:\Users\Pavel\Downloads\The Monuments Men (2014) [1080p]
2014-11-24 17:52 - 2014-11-24 17:52 - 00012730 _____ () C:\Users\Pavel\Downloads\[kickass.so]nfl.wk.12.11.23.2014.cardinal.at.seahawks.condensed.1280x720.phr0sty.mkv.torrent
2014-11-23 18:10 - 2014-11-23 18:11 - 10207225 _____ () C:\Users\Pavel\Downloads\CENTAPHARM.zip
2014-11-23 18:10 - 2014-11-23 18:10 - 00012701 _____ () C:\Users\Pavel\Downloads\CENTAPHARM summary.xlsx
2014-11-22 22:57 - 2014-11-22 22:57 - 00000010 _____ () C:\Users\Pavel\Desktop\vajkovsky katastr.txt
2014-11-22 22:49 - 2014-11-24 18:05 - 00000000 ____D () C:\Users\Pavel\Downloads\The Hunger Games Catching Fire (2013)
2014-11-22 20:43 - 2014-11-22 20:48 - 00000000 ____D () C:\Users\Pavel\Downloads\Ed Wood (1994)
2014-11-22 20:42 - 2014-11-22 23:07 - 00000000 ____D () C:\Users\Pavel\Downloads\From Hell (2001) [1080p]
2014-11-22 20:36 - 2014-11-22 20:36 - 00000931 _____ () C:\Users\Pavel\Desktop\µTorrent.lnk
2014-11-22 20:36 - 2014-11-22 20:36 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2014-11-22 20:35 - 2014-11-22 20:35 - 01939048 _____ (emc) C:\Users\Pavel\Downloads\uTorrent221.exe
2014-11-22 12:22 - 2014-11-22 12:22 - 02421760 _____ (ATLAS consulting spol. s r.o.) C:\Users\Pavel\Downloads\DataAsistentCDX6ACD.exe
2014-11-22 11:42 - 2014-11-22 11:42 - 00187392 _____ () C:\Users\Pavel\Downloads\aktualni-program-hdo-ke-stazeni.xls
2014-11-19 22:27 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 22:27 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 22:27 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 22:27 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-19 22:09 - 2014-12-19 15:27 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-11-19 22:09 - 2014-12-19 15:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-11-19 22:09 - 2014-12-18 21:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-11-19 22:08 - 2014-11-19 22:08 - 13087456 _____ (Microsoft Corporation) C:\Users\Pavel\Downloads\Silverlight_x64 (5).exe
2014-11-19 22:06 - 2014-11-19 22:05 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-19 22:05 - 2014-11-19 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-19 22:05 - 2014-11-19 22:05 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-19 22:03 - 2014-11-19 22:03 - 00638888 _____ (Oracle Corporation) C:\Users\Pavel\Downloads\chromeinstall-8u25 (2).exe
2014-11-19 21:25 - 2014-11-19 21:18 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-11-19 21:25 - 2014-11-19 21:18 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-11-19 21:15 - 2014-11-19 21:15 - 00638888 _____ (Oracle Corporation) C:\Users\Pavel\Downloads\chromeinstall-8u25 (1).exe
2014-11-19 21:15 - 2014-11-19 21:15 - 00000000 __SHD () C:\Users\Pavel\AppData\Local\EmieUserList
2014-11-19 21:15 - 2014-11-19 21:15 - 00000000 __SHD () C:\Users\Pavel\AppData\Local\EmieSiteList
2014-11-19 21:15 - 2014-11-19 21:15 - 00000000 __SHD () C:\Users\Pavel\AppData\Local\EmieBrowserModeList
2014-11-19 21:12 - 2014-11-19 21:12 - 00638888 _____ (Oracle Corporation) C:\Users\Pavel\Downloads\chromeinstall-8u25.exe
2014-11-19 21:09 - 2014-11-19 21:09 - 13087456 _____ (Microsoft Corporation) C:\Users\Pavel\Downloads\Silverlight_x64 (4).exe
2014-11-19 20:57 - 2014-12-19 18:32 - 00004206 _____ () C:\Windows\PFRO.log
2014-11-19 20:55 - 2014-11-19 20:55 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-19 20:55 - 2014-11-19 20:55 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-19 20:48 - 2014-12-19 18:32 - 00000784 _____ () C:\Windows\setupact.log
2014-11-19 20:48 - 2014-11-19 20:48 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-19 20:34 - 2014-11-19 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-11-19 20:30 - 2014-11-19 20:30 - 00003142 _____ () C:\Windows\System32\Tasks\{A569E054-A7D4-47FC-A8AB-0B3577FB0FD3}
2014-11-19 04:26 - 2014-11-19 04:26 - 01614504 _____ (Microsoft Corporation) C:\Windows\system32\FM20.DLL
2014-11-19 01:08 - 2014-11-19 01:09 - 00000000 ____D () C:\Users\Pavel\Desktop\fontana
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-19 22:02 - 2013-02-02 12:55 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-12-19 21:52 - 2012-02-04 03:29 - 01614702 _____ () C:\Windows\WindowsUpdate.log
2014-12-19 21:50 - 2013-04-16 09:58 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-19 21:34 - 2012-09-06 16:36 - 00000000 ____D () C:\Users\Pavel\AppData\Local\Deployment
2014-12-19 21:07 - 2013-03-27 14:29 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2521347245-3173715370-2904160513-1001UA.job
2014-12-19 18:41 - 2009-07-14 05:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-19 18:41 - 2009-07-14 05:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-19 18:35 - 2012-10-16 13:45 - 00000000 ___RD () C:\Users\Pavel\Dropbox
2014-12-19 18:35 - 2012-10-16 13:42 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Dropbox
2014-12-19 18:34 - 2013-12-30 16:51 - 00000000 ___RD () C:\Users\Pavel\SkyDrive
2014-12-19 18:34 - 2012-11-21 12:28 - 00000000 ___RD () C:\Users\Pavel\Disk Google
2014-12-19 18:32 - 2013-10-09 09:40 - 00000216 _____ () C:\Windows\Tasks\AutoKMS.job
2014-12-19 18:32 - 2013-04-11 19:40 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-19 18:32 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-19 18:21 - 2012-09-05 19:05 - 00000000 ____D () C:\Users\Pavel
2014-12-19 16:56 - 2013-12-13 19:58 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\uTorrent
2014-12-19 15:29 - 2014-11-02 08:53 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-18 13:38 - 2012-10-16 13:42 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-18 12:43 - 2013-04-28 15:58 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\.ACEStream
2014-12-18 12:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-18 10:40 - 2013-10-09 09:40 - 00000216 _____ () C:\Windows\Tasks\AutoKMSDaily.job
2014-12-18 10:15 - 2012-09-06 15:47 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-12-18 10:14 - 2012-12-06 11:23 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-12-18 09:21 - 2013-03-27 14:29 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2521347245-3173715370-2904160513-1001Core.job
2014-12-17 18:27 - 2013-03-24 16:32 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Adobe
2014-12-16 10:59 - 2013-09-23 15:09 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForPavel.job
2014-12-16 10:58 - 2013-09-23 15:09 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForPavel
2014-12-15 17:19 - 2014-11-16 13:13 - 00000000 ____D () C:\Users\Pavel\Documents\Soubory aplikace Outlook
2014-12-15 14:48 - 2013-03-24 16:38 - 00000000 ____D () C:\Users\Pavel\AppData\Local\Adobe
2014-12-14 22:28 - 2013-04-28 15:58 - 00000000 ___HD () C:\_acestream_cache_
2014-12-14 19:17 - 2011-11-12 01:56 - 00669116 _____ () C:\Windows\system32\perfh005.dat
2014-12-14 19:17 - 2011-11-12 01:56 - 00141744 _____ () C:\Windows\system32\perfc005.dat
2014-12-14 19:17 - 2009-07-14 06:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-14 12:24 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 19:50 - 2013-04-16 09:58 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-13 19:50 - 2013-04-16 09:58 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-13 19:50 - 2011-11-11 17:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-12 11:14 - 2014-01-29 08:43 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-12 11:00 - 2014-05-12 07:14 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-12 11:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-12 11:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 21:58 - 2013-08-15 11:38 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 08:03 - 2012-12-16 16:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 08:03 - 2012-09-05 19:28 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-29 10:35 - 2013-11-24 12:04 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\HpUpdate
2014-11-27 21:40 - 2012-09-05 20:33 - 00000000 ____D () C:\Users\Pavel\AppData\Local\CrashDumps
2014-11-23 21:57 - 2014-08-10 10:35 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Spotify
2014-11-22 20:55 - 2014-11-02 08:52 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-22 14:04 - 2014-08-10 10:36 - 00000000 ____D () C:\Users\Pavel\AppData\Local\Spotify
2014-11-22 13:30 - 2014-03-09 12:01 - 00000000 ____D () C:\Program Files\Codexis
2014-11-22 13:30 - 2014-03-08 13:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CODEXIS 6 ACADEMIA
2014-11-19 21:59 - 2012-09-05 19:12 - 00140216 _____ () C:\Users\Pavel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-19 21:54 - 2009-07-14 05:45 - 05093776 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-19 21:24 - 2012-09-22 19:37 - 00000000 ____D () C:\Users\Pavel\Documents\Youcam
2014-11-19 21:18 - 2014-11-01 21:08 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-19 21:13 - 2013-10-18 19:52 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-19 20:55 - 2014-11-02 08:52 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-11-19 20:55 - 2014-11-02 08:52 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-19 20:55 - 2014-11-02 08:52 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-11-19 20:55 - 2014-11-02 08:52 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-19 20:55 - 2014-11-02 08:52 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2014-11-19 20:55 - 2014-11-02 08:52 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-19 20:55 - 2014-11-02 08:52 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-19 20:43 - 2014-08-14 18:50 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Spotydl
2014-11-19 20:37 - 2012-10-06 17:02 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\TeamViewer
2014-11-19 20:34 - 2012-09-06 19:31 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-19 20:32 - 2014-06-17 16:05 - 00000000 ____D () C:\Users\Pavel\Documents\Stahování
2014-11-19 19:58 - 2013-09-29 16:31 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\vlc
Some content of TEMP:
====================
C:\Users\Pavel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmdljju.dll
C:\Users\Pavel\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2521347245-3173715370-2904160513-1001Core.job => C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2521347245-3173715370-2904160513-1001UA.job => C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForPavel.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Pavel\Desktop" je 27596 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive
C:\Windows\SysWOW64\rundll32.exe "C:\Users\Pavel\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SCX3200_Scan2Pc
C:\Windows\Twain_32\Samsung\SCX3200\Scan2pc.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefault
C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper
"C:\Users\Pavel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pavel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk
C:\PROGRA~2\Evernote\Evernote\EVERNO~2.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pavel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Serviio.lnk
C:\PROGRA~1\Serviio\bin\SERVII~2.EXE
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\FlashGet Network\\FlashGet 3\\FlashGet3.exe"="C:\\Program Files (x86)\\FlashGet Network\\FlashGet 3\\FlashGet3.exe:*:Enabled:Flashget3"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014
Ran by Pavel (administrator) on PAVEL-NB on 19-12-2014 21:59:36
Running from C:\Users\Pavel\Desktop
Loaded Profile: Pavel (Available profiles: Pavel)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Users\Pavel\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Spotify Ltd) C:\Users\Pavel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Amazon Digital Services, LLC.) C:\Users\Pavel\AppData\Local\Apps\2.0\1GGAWJGN.9EA\C8832Q0M.HQ5\amaz..tion_f2fa081ea2183235_0002.0004_9f25fd1982bf3008\AmazonCloudDrive.exe
(Dropbox, Inc.) C:\Users\Pavel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Sun Microsystems, Inc.) C:\Users\Pavel\AppData\Local\Apps\2.0\1GGAWJGN.9EA\C8832Q0M.HQ5\amaz..tion_f2fa081ea2183235_0002.0004_9f25fd1982bf3008\LocalServiceJre\bin\AmazonCloudDriveW.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher (1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2014-01-31] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Run: [Google Update] => C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-03-27] (Google Inc.)
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Run: [SkyDrive] => C:\Users\Pavel\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation)
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Run: [Spotify Web Helper] => C:\Users\Pavel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-10] (Spotify Ltd)
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Policies\system: [DisableChangePassword] 0
AppInit_DLLs: C:\Windows\System32\guard64.dll => C:\Windows\System32\guard64.dll File Not Found
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Cloud Drive.appref-ms ()
Startup: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Pavel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2521347245-3173715370-2904160513-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2521347245-3173715370-2904160513-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/s ... wflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 78.156.128.37 8.8.8.8
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2521347245-3173715370-2904160513-1001: @acestream.net/acestreamplugin,version=2.2.4-next -> C:\Users\Pavel\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-2521347245-3173715370-2904160513-1001: @acestream.net/acestreamplugin,version=3.0.3 -> C:\Users\Pavel\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-2521347245-3173715370-2904160513-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Pavel\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2521347245-3173715370-2904160513-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Pavel\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-02]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
Chrome:
=======
CHR HomePage: Default -> https://inbox.google.com/u/0/?pli=1
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-19]
CHR Extension: (HP Product Detection Plugin) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp [2013-02-06]
CHR Extension: (Dokumenty Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-19]
CHR Extension: (Disk Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-17]
CHR Extension: (TV) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2013-03-22]
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-09-06]
CHR Extension: (Adblock Plus) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-11]
CHR Extension: (Vyhledávání Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-20]
CHR Extension: (Good News) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\deegloljmdbfbjhlimieancmcfombgjj [2013-03-22]
CHR Extension: (Google News) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2013-03-22]
CHR Extension: (Pixlr-o-matic) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj [2013-12-25]
CHR Extension: (Toggl - Productivity Pack) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehdkmhgmlehnbibjhddpfelefhhniecm [2014-06-28]
CHR Extension: (Gmail Offline) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2013-03-22]
CHR Extension: (Kalendář Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2013-03-22]
CHR Extension: (Tabulky Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-19]
CHR Extension: (TweetDeck by Twitter) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2013-03-22]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2013-12-11]
CHR Extension: (feedly) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2013-03-15]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2013-05-26]
CHR Extension: (Pixlr Express) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmjpdlmjopaeginhldhiokeidchjid [2013-12-25]
CHR Extension: (Pixlr Editor) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2013-12-25]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-15]
CHR Extension: (Mapy Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2013-03-22]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2013-03-22]
CHR Extension: (Peněženka Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Evernote Web Clipper) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2013-03-22]
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-09-06]
CHR HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-19]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-19] (AVAST Software)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-27] (HP) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2011-06-29] (Realsil Microelectronics Inc.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [359936 2014-03-21] () [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-19] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-19] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-19] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-19] ()
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [133672 2011-09-21] (Broadcom Corporation.)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-09-21] (Broadcom Corporation.)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-10-29] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-11] (Disc Soft Ltd)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-21] (Microsoft Corporation)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-19 21:58 - 2014-12-19 21:59 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher (1).exe
2014-12-19 18:31 - 2014-12-19 17:12 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-19 17:18 - 2014-12-19 18:33 - 00033782 _____ () C:\Users\Pavel\Desktop\zoek-results.log
2014-12-19 17:12 - 2014-12-19 18:24 - 00000000 ____D () C:\zoek_backup
2014-12-19 17:09 - 2014-12-19 17:09 - 00003280 _____ () C:\Users\Pavel\Desktop\AdwCleaner[S0].txt
2014-12-19 16:58 - 2014-12-19 17:04 - 00000000 ____D () C:\AdwCleaner
2014-12-19 16:57 - 2014-12-19 16:57 - 01295360 _____ () C:\Users\Pavel\Desktop\zoek.exe
2014-12-19 16:54 - 2014-12-19 16:55 - 02166272 _____ () C:\Users\Pavel\Desktop\adwcleaner_4.105.exe
2014-12-19 16:42 - 2014-12-19 20:14 - 00000000 ____D () C:\Users\Pavel\Downloads\Looper (2012)
2014-12-19 16:24 - 2014-12-19 16:24 - 00008179 _____ () C:\Users\Pavel\Desktop\Addition.rar
2014-12-19 15:55 - 2014-12-19 22:01 - 00022936 _____ () C:\Users\Pavel\Desktop\FRST.txt
2014-12-19 15:55 - 2014-12-19 21:59 - 00000000 ____D () C:\FRST
2014-12-19 15:40 - 2014-12-19 15:40 - 02121216 _____ (Farbar) C:\Users\Pavel\Desktop\FRST64.exe
2014-12-18 09:22 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 09:22 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-15 21:06 - 2014-12-15 22:25 - 732011144 _____ () C:\Users\Pavel\Downloads\Agent-v-sukni-II.-(Big-Momma's-House-II.).avi
2014-12-15 20:58 - 2014-12-15 22:39 - 00000000 ____D () C:\Users\Pavel\Downloads\Big Mommas House 2 2006 BluRay 720p AC3 x264-3Li
2014-12-14 19:31 - 2014-12-15 11:17 - 00000000 ____D () C:\Users\Pavel\Desktop\podbabska
2014-12-14 19:27 - 2014-12-15 11:18 - 00000000 ____D () C:\Users\Pavel\Desktop\141214
2014-12-14 17:41 - 2014-12-15 11:17 - 00000000 ____D () C:\Users\Pavel\Desktop\K+S
2014-12-13 19:37 - 2014-12-13 19:59 - 00000000 ____D () C:\Users\Pavel\Downloads\Magic in the Moonlight (2014)
2014-12-13 19:34 - 2014-12-13 20:07 - 00000000 ____D () C:\Users\Pavel\Downloads\Magic in the Moonlight (2014) [1080p]
2014-12-12 11:00 - 2014-12-12 11:00 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-12 10:59 - 2014-12-12 10:59 - 00000021 _____ () C:\Users\Pavel\Desktop\sadasd.txt
2014-12-10 07:56 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 07:56 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 07:56 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-10 07:56 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-10 07:56 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-10 07:56 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-10 07:56 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-10 07:56 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-10 07:56 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-10 07:56 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-09 21:32 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-09 21:32 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-09 21:32 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-09 21:32 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-09 21:32 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-09 21:32 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-09 21:32 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-09 21:32 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-09 21:32 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-09 21:32 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-09 21:32 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-09 21:32 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-09 21:32 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-09 21:32 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-09 21:32 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-09 21:32 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-09 21:32 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-09 21:32 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-09 21:32 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-09 21:32 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-09 21:32 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-09 21:32 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-09 21:32 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-09 21:32 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-09 21:32 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-09 21:31 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-09 21:31 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-09 21:31 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-09 21:31 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-09 21:31 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-09 21:31 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-09 21:31 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-09 21:31 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-09 21:31 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-09 21:31 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-09 21:31 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-09 21:31 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-09 21:31 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-09 21:31 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-09 21:31 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-09 21:31 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-09 21:31 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-09 21:31 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-09 21:31 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-09 21:31 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-09 21:31 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-09 21:31 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-09 21:31 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-09 21:31 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-09 21:31 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-09 21:31 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-09 21:31 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-09 21:31 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-09 21:31 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-09 21:31 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-09 21:31 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-09 21:31 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-09 21:31 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-09 21:31 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-09 21:31 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-09 21:31 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-09 21:31 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-09 21:31 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-09 21:31 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-09 21:31 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-09 21:30 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-09 21:30 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-09 21:30 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-09 21:30 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-09 21:30 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-09 21:30 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-09 21:30 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-09 21:30 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-09 21:30 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-09 21:30 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-09 21:30 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-09 21:30 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-09 21:30 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-09 21:30 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 20:53 - 2014-12-09 21:51 - 1014662470 _____ () C:\Users\Pavel\Downloads\Sám-doma-cz-(1990).avi
2014-12-09 20:17 - 2014-12-09 20:31 - 00000000 ____D () C:\Users\Pavel\Downloads\Home Alone (1990) [1080p]
2014-12-09 20:17 - 2014-12-09 20:17 - 00017554 _____ () C:\Users\Pavel\Downloads\[kickass.so]home.alone.1990.1080p.brrip.x264.yify.torrent
2014-11-30 10:41 - 2014-11-30 10:41 - 00065422 _____ () C:\Users\Pavel\Downloads\549_1991_Sb.txt
2014-11-29 16:50 - 2014-11-29 16:54 - 63331933 _____ () C:\Users\Pavel\Downloads\PrednaskaDueDiligenceHladky.wma
2014-11-26 21:59 - 2014-11-26 21:59 - 00000000 ____D () C:\Users\Pavel\Downloads\The-Fappening-Hack-Videos-and-Pictures-Collection-1+2-2014
2014-11-26 20:27 - 2014-11-26 21:46 - 1408873212 _____ () C:\Users\Pavel\Downloads\The-Fappening-Hack-Videos-and-Pictures-Collection-1+2-2014.zip
2014-11-24 19:23 - 2014-11-24 19:23 - 00000000 ____D () C:\Users\Pavel\Downloads\The Monuments Men (2014) [1080p]
2014-11-24 17:52 - 2014-11-24 17:52 - 00012730 _____ () C:\Users\Pavel\Downloads\[kickass.so]nfl.wk.12.11.23.2014.cardinal.at.seahawks.condensed.1280x720.phr0sty.mkv.torrent
2014-11-23 18:10 - 2014-11-23 18:11 - 10207225 _____ () C:\Users\Pavel\Downloads\CENTAPHARM.zip
2014-11-23 18:10 - 2014-11-23 18:10 - 00012701 _____ () C:\Users\Pavel\Downloads\CENTAPHARM summary.xlsx
2014-11-22 22:57 - 2014-11-22 22:57 - 00000010 _____ () C:\Users\Pavel\Desktop\vajkovsky katastr.txt
2014-11-22 22:49 - 2014-11-24 18:05 - 00000000 ____D () C:\Users\Pavel\Downloads\The Hunger Games Catching Fire (2013)
2014-11-22 20:43 - 2014-11-22 20:48 - 00000000 ____D () C:\Users\Pavel\Downloads\Ed Wood (1994)
2014-11-22 20:42 - 2014-11-22 23:07 - 00000000 ____D () C:\Users\Pavel\Downloads\From Hell (2001) [1080p]
2014-11-22 20:36 - 2014-11-22 20:36 - 00000931 _____ () C:\Users\Pavel\Desktop\µTorrent.lnk
2014-11-22 20:36 - 2014-11-22 20:36 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2014-11-22 20:35 - 2014-11-22 20:35 - 01939048 _____ (emc) C:\Users\Pavel\Downloads\uTorrent221.exe
2014-11-22 12:22 - 2014-11-22 12:22 - 02421760 _____ (ATLAS consulting spol. s r.o.) C:\Users\Pavel\Downloads\DataAsistentCDX6ACD.exe
2014-11-22 11:42 - 2014-11-22 11:42 - 00187392 _____ () C:\Users\Pavel\Downloads\aktualni-program-hdo-ke-stazeni.xls
2014-11-19 22:27 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 22:27 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 22:27 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 22:27 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-19 22:09 - 2014-12-19 15:27 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-11-19 22:09 - 2014-12-19 15:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-11-19 22:09 - 2014-12-18 21:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-11-19 22:08 - 2014-11-19 22:08 - 13087456 _____ (Microsoft Corporation) C:\Users\Pavel\Downloads\Silverlight_x64 (5).exe
2014-11-19 22:06 - 2014-11-19 22:05 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-19 22:05 - 2014-11-19 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-19 22:05 - 2014-11-19 22:05 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-19 22:03 - 2014-11-19 22:03 - 00638888 _____ (Oracle Corporation) C:\Users\Pavel\Downloads\chromeinstall-8u25 (2).exe
2014-11-19 21:25 - 2014-11-19 21:18 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-11-19 21:25 - 2014-11-19 21:18 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-11-19 21:15 - 2014-11-19 21:15 - 00638888 _____ (Oracle Corporation) C:\Users\Pavel\Downloads\chromeinstall-8u25 (1).exe
2014-11-19 21:15 - 2014-11-19 21:15 - 00000000 __SHD () C:\Users\Pavel\AppData\Local\EmieUserList
2014-11-19 21:15 - 2014-11-19 21:15 - 00000000 __SHD () C:\Users\Pavel\AppData\Local\EmieSiteList
2014-11-19 21:15 - 2014-11-19 21:15 - 00000000 __SHD () C:\Users\Pavel\AppData\Local\EmieBrowserModeList
2014-11-19 21:12 - 2014-11-19 21:12 - 00638888 _____ (Oracle Corporation) C:\Users\Pavel\Downloads\chromeinstall-8u25.exe
2014-11-19 21:09 - 2014-11-19 21:09 - 13087456 _____ (Microsoft Corporation) C:\Users\Pavel\Downloads\Silverlight_x64 (4).exe
2014-11-19 20:57 - 2014-12-19 18:32 - 00004206 _____ () C:\Windows\PFRO.log
2014-11-19 20:55 - 2014-11-19 20:55 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-19 20:55 - 2014-11-19 20:55 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-19 20:48 - 2014-12-19 18:32 - 00000784 _____ () C:\Windows\setupact.log
2014-11-19 20:48 - 2014-11-19 20:48 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-19 20:34 - 2014-11-19 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-11-19 20:30 - 2014-11-19 20:30 - 00003142 _____ () C:\Windows\System32\Tasks\{A569E054-A7D4-47FC-A8AB-0B3577FB0FD3}
2014-11-19 04:26 - 2014-11-19 04:26 - 01614504 _____ (Microsoft Corporation) C:\Windows\system32\FM20.DLL
2014-11-19 01:08 - 2014-11-19 01:09 - 00000000 ____D () C:\Users\Pavel\Desktop\fontana
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-19 22:02 - 2013-02-02 12:55 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-12-19 21:52 - 2012-02-04 03:29 - 01614702 _____ () C:\Windows\WindowsUpdate.log
2014-12-19 21:50 - 2013-04-16 09:58 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-19 21:34 - 2012-09-06 16:36 - 00000000 ____D () C:\Users\Pavel\AppData\Local\Deployment
2014-12-19 21:07 - 2013-03-27 14:29 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2521347245-3173715370-2904160513-1001UA.job
2014-12-19 18:41 - 2009-07-14 05:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-19 18:41 - 2009-07-14 05:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-19 18:35 - 2012-10-16 13:45 - 00000000 ___RD () C:\Users\Pavel\Dropbox
2014-12-19 18:35 - 2012-10-16 13:42 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Dropbox
2014-12-19 18:34 - 2013-12-30 16:51 - 00000000 ___RD () C:\Users\Pavel\SkyDrive
2014-12-19 18:34 - 2012-11-21 12:28 - 00000000 ___RD () C:\Users\Pavel\Disk Google
2014-12-19 18:32 - 2013-10-09 09:40 - 00000216 _____ () C:\Windows\Tasks\AutoKMS.job
2014-12-19 18:32 - 2013-04-11 19:40 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-19 18:32 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-19 18:21 - 2012-09-05 19:05 - 00000000 ____D () C:\Users\Pavel
2014-12-19 16:56 - 2013-12-13 19:58 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\uTorrent
2014-12-19 15:29 - 2014-11-02 08:53 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-18 13:38 - 2012-10-16 13:42 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-18 12:43 - 2013-04-28 15:58 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\.ACEStream
2014-12-18 12:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-18 10:40 - 2013-10-09 09:40 - 00000216 _____ () C:\Windows\Tasks\AutoKMSDaily.job
2014-12-18 10:15 - 2012-09-06 15:47 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-12-18 10:14 - 2012-12-06 11:23 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-12-18 09:21 - 2013-03-27 14:29 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2521347245-3173715370-2904160513-1001Core.job
2014-12-17 18:27 - 2013-03-24 16:32 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Adobe
2014-12-16 10:59 - 2013-09-23 15:09 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForPavel.job
2014-12-16 10:58 - 2013-09-23 15:09 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForPavel
2014-12-15 17:19 - 2014-11-16 13:13 - 00000000 ____D () C:\Users\Pavel\Documents\Soubory aplikace Outlook
2014-12-15 14:48 - 2013-03-24 16:38 - 00000000 ____D () C:\Users\Pavel\AppData\Local\Adobe
2014-12-14 22:28 - 2013-04-28 15:58 - 00000000 ___HD () C:\_acestream_cache_
2014-12-14 19:17 - 2011-11-12 01:56 - 00669116 _____ () C:\Windows\system32\perfh005.dat
2014-12-14 19:17 - 2011-11-12 01:56 - 00141744 _____ () C:\Windows\system32\perfc005.dat
2014-12-14 19:17 - 2009-07-14 06:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-14 12:24 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 19:50 - 2013-04-16 09:58 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-13 19:50 - 2013-04-16 09:58 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-13 19:50 - 2011-11-11 17:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-12 11:14 - 2014-01-29 08:43 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-12 11:00 - 2014-05-12 07:14 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-12 11:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-12 11:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 21:58 - 2013-08-15 11:38 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 08:03 - 2012-12-16 16:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 08:03 - 2012-09-05 19:28 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-29 10:35 - 2013-11-24 12:04 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\HpUpdate
2014-11-27 21:40 - 2012-09-05 20:33 - 00000000 ____D () C:\Users\Pavel\AppData\Local\CrashDumps
2014-11-23 21:57 - 2014-08-10 10:35 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Spotify
2014-11-22 20:55 - 2014-11-02 08:52 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-22 14:04 - 2014-08-10 10:36 - 00000000 ____D () C:\Users\Pavel\AppData\Local\Spotify
2014-11-22 13:30 - 2014-03-09 12:01 - 00000000 ____D () C:\Program Files\Codexis
2014-11-22 13:30 - 2014-03-08 13:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CODEXIS 6 ACADEMIA
2014-11-19 21:59 - 2012-09-05 19:12 - 00140216 _____ () C:\Users\Pavel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-19 21:54 - 2009-07-14 05:45 - 05093776 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-19 21:24 - 2012-09-22 19:37 - 00000000 ____D () C:\Users\Pavel\Documents\Youcam
2014-11-19 21:18 - 2014-11-01 21:08 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-19 21:13 - 2013-10-18 19:52 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-19 20:55 - 2014-11-02 08:52 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-11-19 20:55 - 2014-11-02 08:52 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-19 20:55 - 2014-11-02 08:52 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-11-19 20:55 - 2014-11-02 08:52 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-19 20:55 - 2014-11-02 08:52 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2014-11-19 20:55 - 2014-11-02 08:52 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-19 20:55 - 2014-11-02 08:52 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-19 20:43 - 2014-08-14 18:50 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Spotydl
2014-11-19 20:37 - 2012-10-06 17:02 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\TeamViewer
2014-11-19 20:34 - 2012-09-06 19:31 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-19 20:32 - 2014-06-17 16:05 - 00000000 ____D () C:\Users\Pavel\Documents\Stahování
2014-11-19 19:58 - 2013-09-29 16:31 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\vlc
Some content of TEMP:
====================
C:\Users\Pavel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmdljju.dll
C:\Users\Pavel\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2521347245-3173715370-2904160513-1001Core.job => C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2521347245-3173715370-2904160513-1001UA.job => C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForPavel.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Pavel\Desktop" je 27596 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive
C:\Windows\SysWOW64\rundll32.exe "C:\Users\Pavel\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SCX3200_Scan2Pc
C:\Windows\Twain_32\Samsung\SCX3200\Scan2pc.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefault
C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper
"C:\Users\Pavel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pavel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk
C:\PROGRA~2\Evernote\Evernote\EVERNO~2.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pavel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Serviio.lnk
C:\PROGRA~1\Serviio\bin\SERVII~2.EXE
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\FlashGet Network\\FlashGet 3\\FlashGet3.exe"="C:\\Program Files (x86)\\FlashGet Network\\FlashGet 3\\FlashGet3.exe:*:Enabled:Flashget3"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001
==================== End Of Log ==============================
Re: Prosím o kontrolu logu - dllloader.dll virus
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: HKLM-x32\...\Run: [Adobe ARM] => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard) HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKLM\...\Policies\Explorer: [HideSCAHealth] 1 HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Run: [Google Update] => C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-03-27] (Google Inc.) HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Run: [Spotify Web Helper] => C:\Users\Pavel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-10] (Spotify Ltd) HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Policies\system: [DisableChangePassword] 0 AppInit_DLLs: C:\Windows\System32\guard64.dll => C:\Windows\System32\guard64.dll File Not Found Startup: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Cloud Drive.appref-ms () HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDF SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://cs.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = CHR HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path C:\Windows\AutoKMS C:\Users\Pavel\AppData\Roaming\newnext.me 2014-12-19 21:58 - 2014-12-19 21:59 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher (1).exe 2014-12-19 18:31 - 2014-12-19 17:12 - 00024064 _____ () C:\Windows\zoek-delete.exe 2014-12-19 17:18 - 2014-12-19 18:33 - 00033782 _____ () C:\Users\Pavel\Desktop\zoek-results.log 2014-12-19 17:12 - 2014-12-19 18:24 - 00000000 ____D () C:\zoek_backup 2014-12-19 17:09 - 2014-12-19 17:09 - 00003280 _____ () C:\Users\Pavel\Desktop\AdwCleaner[S0].txt 2014-12-19 16:58 - 2014-12-19 17:04 - 00000000 ____D () C:\AdwCleaner 2014-12-19 16:57 - 2014-12-19 16:57 - 01295360 _____ () C:\Users\Pavel\Desktop\zoek.exe 2014-12-19 16:54 - 2014-12-19 16:55 - 02166272 _____ () C:\Users\Pavel\Desktop\adwcleaner_4.105.exe 2014-12-19 16:24 - 2014-12-19 16:24 - 00008179 _____ () C:\Users\Pavel\Desktop\Addition.rar 2014-12-19 15:55 - 2014-12-19 22:01 - 00022936 _____ () C:\Users\Pavel\Desktop\FRST.txt Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS\AutoKMS.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2521347245-3173715370-2904160513-1001Core.job => C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2521347245-3173715370-2904160513-1001UA.job => C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForPavel.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive" /f Hosts: EmptyTemp: Reboot: End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu - dllloader.dll virus
Díky moc!
Zde:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-12-2014
Ran by Pavel at 2014-12-20 09:58:36 Run:1
Running from C:\Users\Pavel\Desktop
Loaded Profile: Pavel (Available profiles: Pavel)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [Adobe ARM] => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Run: [Google Update] => C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-03-27] (Google Inc.)
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Run: [Spotify Web Helper] => C:\Users\Pavel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-10] (Spotify Ltd)
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Policies\system: [DisableChangePassword] 0
AppInit_DLLs: C:\Windows\System32\guard64.dll => C:\Windows\System32\guard64.dll File Not Found
Startup: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Cloud Drive.appref-ms ()
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
C:\Windows\AutoKMS
C:\Users\Pavel\AppData\Roaming\newnext.me
2014-12-19 21:58 - 2014-12-19 21:59 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher (1).exe
2014-12-19 18:31 - 2014-12-19 17:12 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-19 17:18 - 2014-12-19 18:33 - 00033782 _____ () C:\Users\Pavel\Desktop\zoek-results.log
2014-12-19 17:12 - 2014-12-19 18:24 - 00000000 ____D () C:\zoek_backup
2014-12-19 17:09 - 2014-12-19 17:09 - 00003280 _____ () C:\Users\Pavel\Desktop\AdwCleaner[S0].txt
2014-12-19 16:58 - 2014-12-19 17:04 - 00000000 ____D () C:\AdwCleaner
2014-12-19 16:57 - 2014-12-19 16:57 - 01295360 _____ () C:\Users\Pavel\Desktop\zoek.exe
2014-12-19 16:54 - 2014-12-19 16:55 - 02166272 _____ () C:\Users\Pavel\Desktop\adwcleaner_4.105.exe
2014-12-19 16:24 - 2014-12-19 16:24 - 00008179 _____ () C:\Users\Pavel\Desktop\Addition.rar
2014-12-19 15:55 - 2014-12-19 22:01 - 00022936 _____ () C:\Users\Pavel\Desktop\FRST.txt
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2521347245-3173715370-2904160513-1001Core.job => C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2521347245-3173715370-2904160513-1001UA.job => C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForPavel.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive" /f
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\NCPluginUpdater => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\EnableShellExecuteHooks => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value deleted successfully.
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully.
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Spotify Web Helper => value deleted successfully.
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation => value deleted successfully.
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableChangePassword => value deleted successfully.
"C:\Windows\System32\guard64.dll" => Value Data removed successfully.
C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Cloud Drive.appref-ms => Moved successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value deleted successfully.
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{d43b3890-80c7-4010-a95d-1e77b5924dc3}" => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh" => Key deleted successfully.
C:\Windows\AutoKMS => Moved successfully.
"C:\Users\Pavel\AppData\Roaming\newnext.me" => File/Directory not found.
"C:\Users\Pavel\Desktop\FRSTLauncher (1).exe" => File/Directory not found.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\Users\Pavel\Desktop\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Pavel\Desktop\AdwCleaner[S0].txt => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Pavel\Desktop\zoek.exe => Moved successfully.
C:\Users\Pavel\Desktop\adwcleaner_4.105.exe => Moved successfully.
C:\Users\Pavel\Desktop\Addition.rar => Moved successfully.
C:\Users\Pavel\Desktop\FRST.txt => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\AutoKMS.job => Moved successfully.
C:\Windows\Tasks\AutoKMSDaily.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2521347245-3173715370-2904160513-1001Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2521347245-3173715370-2904160513-1001UA.job => Moved successfully.
C:\Windows\Tasks\HPCeeScheduleForPavel.job => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 406.7 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Zde:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-12-2014
Ran by Pavel at 2014-12-20 09:58:36 Run:1
Running from C:\Users\Pavel\Desktop
Loaded Profile: Pavel (Available profiles: Pavel)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [Adobe ARM] => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Run: [Google Update] => C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-03-27] (Google Inc.)
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Run: [Spotify Web Helper] => C:\Users\Pavel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-10] (Spotify Ltd)
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Policies\system: [DisableChangePassword] 0
AppInit_DLLs: C:\Windows\System32\guard64.dll => C:\Windows\System32\guard64.dll File Not Found
Startup: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Cloud Drive.appref-ms ()
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
C:\Windows\AutoKMS
C:\Users\Pavel\AppData\Roaming\newnext.me
2014-12-19 21:58 - 2014-12-19 21:59 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher (1).exe
2014-12-19 18:31 - 2014-12-19 17:12 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-19 17:18 - 2014-12-19 18:33 - 00033782 _____ () C:\Users\Pavel\Desktop\zoek-results.log
2014-12-19 17:12 - 2014-12-19 18:24 - 00000000 ____D () C:\zoek_backup
2014-12-19 17:09 - 2014-12-19 17:09 - 00003280 _____ () C:\Users\Pavel\Desktop\AdwCleaner[S0].txt
2014-12-19 16:58 - 2014-12-19 17:04 - 00000000 ____D () C:\AdwCleaner
2014-12-19 16:57 - 2014-12-19 16:57 - 01295360 _____ () C:\Users\Pavel\Desktop\zoek.exe
2014-12-19 16:54 - 2014-12-19 16:55 - 02166272 _____ () C:\Users\Pavel\Desktop\adwcleaner_4.105.exe
2014-12-19 16:24 - 2014-12-19 16:24 - 00008179 _____ () C:\Users\Pavel\Desktop\Addition.rar
2014-12-19 15:55 - 2014-12-19 22:01 - 00022936 _____ () C:\Users\Pavel\Desktop\FRST.txt
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2521347245-3173715370-2904160513-1001Core.job => C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2521347245-3173715370-2904160513-1001UA.job => C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForPavel.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive" /f
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\NCPluginUpdater => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\EnableShellExecuteHooks => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value deleted successfully.
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully.
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Spotify Web Helper => value deleted successfully.
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation => value deleted successfully.
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableChangePassword => value deleted successfully.
"C:\Windows\System32\guard64.dll" => Value Data removed successfully.
C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Cloud Drive.appref-ms => Moved successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value deleted successfully.
HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{d43b3890-80c7-4010-a95d-1e77b5924dc3}" => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-2521347245-3173715370-2904160513-1001\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh" => Key deleted successfully.
C:\Windows\AutoKMS => Moved successfully.
"C:\Users\Pavel\AppData\Roaming\newnext.me" => File/Directory not found.
"C:\Users\Pavel\Desktop\FRSTLauncher (1).exe" => File/Directory not found.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\Users\Pavel\Desktop\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Pavel\Desktop\AdwCleaner[S0].txt => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Pavel\Desktop\zoek.exe => Moved successfully.
C:\Users\Pavel\Desktop\adwcleaner_4.105.exe => Moved successfully.
C:\Users\Pavel\Desktop\Addition.rar => Moved successfully.
C:\Users\Pavel\Desktop\FRST.txt => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\AutoKMS.job => Moved successfully.
C:\Windows\Tasks\AutoKMSDaily.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2521347245-3173715370-2904160513-1001Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2521347245-3173715370-2904160513-1001UA.job => Moved successfully.
C:\Windows\Tasks\HPCeeScheduleForPavel.job => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 406.7 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Re: Prosím o kontrolu logu - dllloader.dll virus
Tak jeste uklidime 
DelFix https://toolslib.net/downloads/finish/2/
Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
DelFix https://toolslib.net/downloads/finish/2/
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remote disinfection tools
- Kliknete na Run
Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standardPanel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu - dllloader.dll virus
Vše proběhlo bez problému, hláška uvedená výše zmizela, jiné problémy nepozoruji. Díky moc za Váš čas.
Re: Prosím o kontrolu logu - dllloader.dll virus
Zase nekdy 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?