Prosím o kontrolu

[antarax]

Dobrý večer vespolek

prosím o kontrolu logu. Avast dneska zahlásil nějaký nález tak jsem jej uložil do truhly, ale pro lepší spaní bych rád věděl jestli je všechno v pořádku log z RSIT je tu:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jirka at 2015-01-15 19:19:54
Microsoft Windows 8
System drive C: has 104 GB (22%) free of 464 GB
Total RAM: 6099 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:19:58, on 15. 1. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17183)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Jirka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts= ... Y5K0TVY5KX
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts= ... Y5K0TVY5KX
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts= ... Y5K0TVY5KX
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts= ... Y5K0TVY5KX
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Jirka\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [TornTv Downloader] C:\Users\Jirka\AppData\Roaming\TornTV.com\Torntv Downloader.exe /c=startup
O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Folding Service #01 (FAH-01) - Stanford University - C:\Program Files (x86)\Folding@Home #01\Folding@Home #02\FAH-Console.exe
O23 - Service: Folding Service #02 (FAH-02) - Stanford University - C:\Program Files (x86)\Folding@Home #01\Folding@Home #02\FAH-Console.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connected Remote Service (HPConnectedRemote) - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MgAssist Service (MgAssistService) - Unknown owner - C:\Program Files (x86)\Mobogenie\MgAssist.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: Torntv Downloader (trntv) - Unknown owner - C:\Users\Jirka\AppData\Roaming\TornTV.com\TornTVSvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: Windows Start Menu Service (WinStartMenuLauncher) - Unknown owner - C:\Program Files\Smart Menu\WinStartMenuLauncher.exe
O23 - Service: WinZiper service (winzipersvc) - Taiwan Shui Mu Chih Ching Technology Limited. - C:\Program Files (x86)\WinZipper\winzipersvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12770 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
"dwm.exe"
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
atieclxx
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files (x86)\WinZipper\winzipersvc.exe"
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
taskhostex.exe
C:\windows\Explorer.EXE
C:\windows\system32\svchost.exe -k apphost
"C:\Program Files\Bonjour\mDNSResponder.exe"
dashost.exe {39b0dac4-3597-4e65-977c5c6be97850fc}
"C:\Program Files (x86)\Folding@Home #01\Folding@Home #02\FAH-Console.exe" -forceasm -local -svcstart
"C:\Program Files (x86)\Folding@Home #01\Folding@Home #02\FAH-Console.exe" -forceasm -local -svcstart
"C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
C:\windows\SysWOW64\PnkBstrA.exe
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
C:\Users\Jirka\AppData\Roaming\TornTV.com\TornTVSvc.exe
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Smart Menu\WinStartMenuLauncher.exe"
"C:\Program Files\IDT\WDM\Beats64.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.delta-homes.com/?type=sc&ts= ... Y5K0TVY5KX
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2920.0.2136403309\286815706" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17,38 --gpu-vendor-id=0x1002 --gpu-device-id=0x677b --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.981.0.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_45/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2920.2.124077566\1627054587" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2920.8.459732920\2005099139" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_45/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2920.9.1806947887\1556971445" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_45/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2920.14.1915379734\837314896" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_45/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2920.18.503337511\1294369715" /prefetch:673131151

"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 548 552 560 65536 556

"C:\Users\Jirka\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\AmiUpdXp.job - C:\Users\Jirka\AppData\Local\19169\a5723.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\HPCeeScheduleForJirka.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForJirka (null)
C:\windows\tasks\Norton Security Scan for Jirka.job - C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-06-19 581824]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-05-11 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-11-11 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-06-19 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-11-11 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2012-09-19 37888]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-09-19 1425408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2014-12-18 3618648]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
"Akamai NetSession Interface"=C:\Users\Jirka\AppData\Local\Akamai\netsession_win.exe [2014-10-29 4673432]
"TornTv Downloader"=C:\Users\Jirka\AppData\Roaming\TornTV.com\Torntv Downloader.exe /c=startup []
"Overwolf"=C:\Program Files (x86)\Overwolf\Overwolf.exe [2015-01-12 40176]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-07-05 642728]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08 111120]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2012-07-02 491120]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-08 3890208]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-12-13 3838800]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Nexon\Combat Arms\CombatArms.exe"="C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms\Engine.exe"="C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Nexon\Combat Arms\CombatArms.exe"="C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms\Engine.exe"="C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-01-14 14:17:10 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-01-14 14:17:10 ----A---- C:\windows\system32\vbscript.dll
2015-01-14 14:16:46 ----A---- C:\windows\SYSWOW64\wuapi.dll
2015-01-14 14:16:46 ----A---- C:\windows\system32\wucltux.dll
2015-01-14 14:16:46 ----A---- C:\windows\system32\wuaueng.dll
2015-01-14 14:16:46 ----A---- C:\windows\system32\wuauclt.exe
2015-01-14 14:16:45 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2015-01-14 14:16:45 ----A---- C:\windows\SYSWOW64\wudriver.dll
2015-01-14 14:16:45 ----A---- C:\windows\SYSWOW64\wuapp.exe
2015-01-14 14:16:45 ----A---- C:\windows\system32\wuwebv.dll
2015-01-14 14:16:45 ----A---- C:\windows\system32\WUSettingsProvider.dll
2015-01-14 14:16:45 ----A---- C:\windows\system32\wudriver.dll
2015-01-14 14:16:45 ----A---- C:\windows\system32\wuapp.exe
2015-01-14 14:16:45 ----A---- C:\windows\system32\wuapi.dll
2015-01-14 14:16:45 ----A---- C:\windows\system32\storewuauth.dll
2015-01-14 14:16:27 ----A---- C:\windows\system32\localspl.dll
2015-01-14 14:16:23 ----A---- C:\windows\system32\services.exe
2015-01-14 14:16:22 ----A---- C:\windows\system32\win32spl.dll
2015-01-14 14:16:20 ----A---- C:\windows\system32\drivers\vhdmp.sys
2015-01-14 14:15:40 ----A---- C:\windows\system32\TSWbPrxy.exe
2015-01-14 14:15:15 ----A---- C:\windows\system32\profsvc.dll
2015-01-14 14:15:12 ----A---- C:\windows\system32\ncsi.dll
2015-01-14 14:15:11 ----A---- C:\windows\SYSWOW64\nlaapi.dll
2015-01-14 14:15:11 ----A---- C:\windows\system32\nlasvc.dll
2015-01-14 14:15:11 ----A---- C:\windows\system32\nlaapi.dll
2015-01-14 14:14:59 ----A---- C:\windows\system32\wer.dll
2015-01-14 14:14:58 ----A---- C:\windows\SYSWOW64\wer.dll
2015-01-14 14:14:58 ----A---- C:\windows\SYSWOW64\Faultrep.dll
2015-01-14 14:14:58 ----A---- C:\windows\system32\WerFaultSecure.exe
2015-01-14 14:14:58 ----A---- C:\windows\system32\Faultrep.dll
2015-01-14 14:14:57 ----A---- C:\windows\SYSWOW64\WerFaultSecure.exe
2015-01-14 14:14:57 ----A---- C:\windows\system32\EncDump.dll
2015-01-14 14:14:57 ----A---- C:\windows\system32\audiosrv.dll
2015-01-14 14:14:31 ----A---- C:\windows\system32\drivers\mrxdav.sys
2015-01-14 14:14:29 ----A---- C:\windows\system32\ntoskrnl.exe
2015-01-09 17:37:42 ----A---- C:\windows\SYSWOW64\D3DX9_39.dll
2015-01-09 17:37:42 ----A---- C:\windows\SYSWOW64\d3dx10_39.dll
2015-01-09 17:37:42 ----A---- C:\windows\SYSWOW64\D3DCompiler_39.dll
2015-01-08 20:55:37 ----D---- C:\Users\Jirka\AppData\Roaming\Carbon
2014-12-31 17:07:02 ----A---- C:\windows\system32\drivers\droidcamvideo.sys
2014-12-31 17:07:00 ----D---- C:\Program Files (x86)\DroidCam
2014-12-31 17:07:00 ----A---- C:\windows\system32\drivers\droidcam.sys
2014-12-25 12:03:55 ----N---- C:\windows\system32\HPDiscoPMB011.dll
2014-12-25 12:03:40 ----D---- C:\Program Files (x86)\HP
2014-12-25 12:03:38 ----D---- C:\Program Files\HP
2014-12-25 09:56:22 ----D---- C:\ProgramData\HP
2014-12-24 11:12:38 ----D---- C:\Users\Jirka\AppData\Roaming\WinZipper
2014-12-24 11:12:38 ----D---- C:\Program Files (x86)\WinZipper
2014-12-23 19:07:19 ----D---- C:\Program Files\NTCore
2014-12-23 18:04:44 ----D---- C:\Program Files\Attomey
2014-12-17 08:36:45 ----A---- C:\windows\system32\AutoUpdate.exe
2014-12-17 08:36:44 ----A---- C:\windows\system32\NotificationUI.exe

======List of files/folders modified in the last 1 month======

2015-01-15 19:19:57 ----D---- C:\Program Files\trend micro
2015-01-15 19:00:00 ----D---- C:\windows\system32\sru
2015-01-15 16:42:33 ----D---- C:\windows\Temp
2015-01-15 16:41:39 ----D---- C:\windows\Prefetch
2015-01-15 14:23:34 ----A---- C:\windows\SYSWOW64\log.txt
2015-01-15 12:59:08 ----D---- C:\ProgramData\WindowsMangerProtect
2015-01-15 12:59:07 ----D---- C:\ProgramData\pRRicechop
2015-01-15 12:54:52 ----D---- C:\ProgramData\IePluginServices
2015-01-15 12:35:50 ----D---- C:\Program Files (x86)\SupTab
2015-01-15 08:41:09 ----D---- C:\windows\rescache
2015-01-15 08:05:51 ----D---- C:\windows\system32\config
2015-01-15 08:05:48 ----D---- C:\windows\WinSxS
2015-01-15 08:03:42 ----RD---- C:\windows\System32
2015-01-15 08:03:42 ----D---- C:\windows\SysWOW64
2015-01-15 08:03:41 ----D---- C:\windows\system32\cs-CZ
2015-01-15 08:03:34 ----D---- C:\windows\system32\Drivers
2015-01-15 08:03:32 ----D---- C:\windows\system32\DriverStore
2015-01-15 08:03:32 ----D---- C:\windows\Inf
2015-01-15 08:03:24 ----D---- C:\windows\system32\MRT
2015-01-15 07:57:08 ----A---- C:\windows\system32\MRT.exe
2015-01-14 18:07:47 ----D---- C:\windows\CbsTemp
2015-01-14 18:04:57 ----D---- C:\windows\Microsoft.NET
2015-01-14 15:34:10 ----D---- C:\Program Files (x86)\Overwolf
2015-01-14 14:14:10 ----D---- C:\windows\system32\catroot2
2015-01-14 14:07:33 ----D---- C:\windows
2015-01-13 16:38:50 ----SHD---- C:\System Volume Information
2015-01-12 15:54:01 ----D---- C:\windows\Tasks
2015-01-12 15:54:01 ----D---- C:\windows\system32\Tasks
2015-01-12 15:53:01 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-10 18:18:37 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-01-09 17:37:40 ----D---- C:\windows\Logs
2015-01-09 17:37:36 ----SHD---- C:\windows\Installer
2015-01-08 22:01:03 ----D---- C:\Program Files (x86)\Steam
2015-01-06 00:28:00 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2014-12-31 17:31:36 ----D---- C:\ProgramData
2014-12-31 17:07:23 ----D---- C:\windows\AUInstallAgent
2014-12-31 17:07:00 ----RD---- C:\Program Files (x86)
2014-12-27 21:24:00 ----D---- C:\Program Files (x86)\GameforgeLive
2014-12-27 11:51:41 ----RSD---- C:\windows\assembly
2014-12-25 12:04:23 ----D---- C:\windows\system32\catroot
2014-12-25 12:03:40 ----D---- C:\windows\twain_32
2014-12-25 12:03:38 ----RD---- C:\Program Files
2014-12-25 11:48:57 ----HD---- C:\Program Files\WindowsApps
2014-12-25 09:47:45 ----D---- C:\ProgramData\Origin
2014-12-25 09:47:07 ----D---- C:\Program Files (x86)\Origin
2014-12-22 23:50:14 ----D---- C:\Users\Jirka\AppData\Roaming\uTorrent
2014-12-22 23:50:07 ----D---- C:\Games
2014-12-22 17:08:06 ----D---- C:\windows\SYSWOW64\drivers

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2014-06-19 65776]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2014-06-19 208416]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2014-06-19 93568]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2014-06-19 1039096]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2014-06-19 423240]
R1 CLVirtualDrive;CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 dtsoftbus01;@oem16.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\windows\System32\drivers\dtsoftbus01.sys [2013-03-30 283200]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-12-14 487216]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2014-06-19 79184]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2014-06-19 85328]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2012-07-05 10267648]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2012-07-05 368128]
R3 AtiHDAudioService;@oem8.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW86.sys [2012-07-03 98472]
R3 DroidCam;@oem27.inf,%DroidCam.SvcDesc%;DroidCam Virtual Audio; C:\windows\system32\DRIVERS\droidcam.sys [2014-12-31 32568]
R3 DroidCamVideo;@oem26.inf,%DroidCamVideo.DeviceDesc%;DroidCam Source 3; C:\windows\system32\DRIVERS\droidcamvideo.sys [2014-12-31 229176]
R3 hamachi;LogMeIn Hamachi Virtual Miniport); C:\windows\system32\DRIVERS\Hamdrv.sys [2014-12-13 45112]
R3 MEIx64;@oem6.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\System32\drivers\HECIx64.sys [2012-07-18 62784]
R3 RTL8168;@oem9.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2012-06-21 683664]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2012-09-19 540160]
S2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2014-06-19 29208]
S3 BthEnum;@tdibth.inf,%BthEnum.DisplayName%;Služba Bluetooth Enumerator; C:\windows\system32\DRIVERS\BthEnum.sys [2013-01-09 51712]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2013-03-01 1175040]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2013-01-09 74752]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dg_ssudbus;@oem12.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 dot4;@oem14.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\windows\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem15.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\windows\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem14.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\windows\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 e1iexpress;@net1ic64.inf,%E1IExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2012-06-02 333824]
S3 EagleX64;EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys []
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2012-06-02 10627744]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2013-03-01 156672]
S3 ssudmdm;@oem19.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\windows\System32\drivers\usbscan.sys [2013-07-01 43008]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2012-07-05 239616]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-06-19 50344]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 FAH-01;Folding Service #01; C:\Program Files (x86)\Folding@Home #01\Folding@Home #02\FAH-Console.exe [2008-06-30 253952]
R2 FAH-02;Folding Service #02; C:\Program Files (x86)\Folding@Home #01\Folding@Home #02\FAH-Console.exe [2008-06-30 253952]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-12-13 2530640]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2014-02-28 9216]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-08-15 85504]
R2 HPConnectedRemote;HP Connected Remote Service; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [2012-08-29 35232]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-18 128896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-12-02 417552]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2014-07-29 76152]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-09-19 321536]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-09-12 5071712]
R2 trntv;Torntv Downloader; C:\Users\Jirka\AppData\Roaming\TornTV.com\TornTVSvc.exe [2014-08-19 10240]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-08 116648]
S2 MgAssistService;MgAssist Service; C:\Program Files (x86)\Mobogenie\MgAssist.exe []
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-12 51648]
S3 EasyAntiCheat;EasyAntiCheat; C:\windows\syswow64\EasyAntiCheat.exe [2014-12-11 182304]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-08 116648]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-12-18 1903472]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 OverwolfUpdater;Overwolf Updater Windows SCM; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-01-12 998640]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-11-18 833728]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\windows\system32\svchost.exe [2012-09-20 29696]

-----------------EOF-----------------

[vyosek]

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[antarax]

AdwCleaner:

# AdwCleaner v4.107 - Report created 15/01/2015 at 21:08:32
# Updated 07/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 8 (64 bits)
# Username : Jirka - PC-OBYVAK
# Running from : C:\Users\Jirka\Desktop\adwcleaner_4.107.exe
# Option : Scan

***** [ Services ] *****

Service Found : MgAssistService
Service Found : winzipersvc
Service Found : trntv

***** [ Files / Folders ] *****

File Found : C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx
File Found : C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
File Found : C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
File Found : C:\windows\System32\drivers\nethfdrv.sys
Folder Found : C:\Program Files (x86)\pRRicechop
Folder Found : C:\Program Files (x86)\SupTab
Folder Found : C:\Program Files (x86)\WinZipper
Folder Found : C:\ProgramData\7444af4f595a4800
Folder Found : C:\ProgramData\IePluginServices
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Folder Found : C:\ProgramData\pRRicechop
Folder Found : C:\ProgramData\WindowsMangerProtect
Folder Found : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mdpnicfgbooljgncoaiijcbieoeihjga
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpnicfgbooljgncoaiijcbieoeihjga
Folder Found : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Administrator\AppData\Local\torch
Folder Found : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mdpnicfgbooljgncoaiijcbieoeihjga
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpnicfgbooljgncoaiijcbieoeihjga
Folder Found : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Guest\AppData\Local\torch
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mdpnicfgbooljgncoaiijcbieoeihjga
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpnicfgbooljgncoaiijcbieoeihjga
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Found : C:\Users\Jirka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mdpnicfgbooljgncoaiijcbieoeihjga
Folder Found : C:\Users\Jirka\AppData\Local\CrashRpt
Folder Found : C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmabjcmofdemkaaekcmpocognlfonepb
Folder Found : C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh
Folder Found : C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Folder Found : C:\Users\Jirka\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Jirka\AppData\Local\torch
Folder Found : C:\Users\Jirka\AppData\LocalLow\iWebar
Folder Found : C:\Users\Jirka\AppData\LocalLow\Object Browser
Folder Found : C:\Users\Jirka\AppData\LocalLow\Sense
Folder Found : C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Found : C:\Users\Jirka\AppData\Roaming\TornTV.com
Folder Found : C:\Users\Jirka\AppData\Roaming\WinZipper
Folder Found : C:\Users\Public\Documents\ShopperPro

***** [ Scheduled Tasks ] *****

Task Found : AmiUpdXp
Task Found : ShopperPro
Task Found : ShopperProJSUpd
Task Found : SPDriver

***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - "C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://www.delta-homes.com/?type=sc&ts=1419415 ... Y5K0TVY5KX
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\AppDataLow\Software\Object Browser
Key Found : HKCU\Software\AppDataLow\Software\Sense
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKCU\Software\RegisteredApplicationsEx
Key Found : HKCU\Software\ShopperPro
Key Found : HKCU\Software\SupHpUISoft
Key Found : HKCU\Software\TornTv Downloader
Key Found : [x64] HKCU\Software\1ClickDownload
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKCU\Software\RegisteredApplicationsEx
Key Found : [x64] HKCU\Software\ShopperPro
Key Found : [x64] HKCU\Software\SupHpUISoft
Key Found : [x64] HKCU\Software\TornTv Downloader
Key Found : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Found : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Found : HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
Key Found : HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
Key Found : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Found : HKLM\SOFTWARE\delta-homesSoftware
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Key Found : HKLM\SOFTWARE\hdcode
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Key Found : HKLM\SOFTWARE\mystartsearchSoftware
Key Found : HKLM\SOFTWARE\Sense
Key Found : HKLM\SOFTWARE\ShopperPro
Key Found : HKLM\SOFTWARE\SupDp
Key Found : HKLM\SOFTWARE\SupTab
Key Found : HKLM\SOFTWARE\supWindowsMangerProtect
Key Found : HKLM\SOFTWARE\supWPM
Key Found : HKLM\SOFTWARE\V9
Key Found : HKLM\SOFTWARE\winzipersvc
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Torntv Downloader]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.17183

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.delta-homes.com/?type=hp&ts=1419415 ... Y5K0TVY5KX
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.delta-homes.com/web/?type=ds&ts=1419415882&from=wpm12233&uid=HitachiXHDS721050CLA660_JP1570FR0TVY5K0TVY5KX&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.delta-homes.com/?type=hp&ts=1419415 ... Y5K0TVY5KX
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.delta-homes.com/web/?type=ds&ts=1419415882&from=wpm12233&uid=HitachiXHDS721050CLA660_JP1570FR0TVY5K0TVY5KX&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.delta-homes.com/?type=hp&ts=1419415 ... Y5K0TVY5KX
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.delta-homes.com/?type=hp&ts=1419415 ... Y5K0TVY5KX
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.delta-homes.com/?type=hp&ts=1419415 ... Y5K0TVY5KX
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.delta-homes.com/?type=hp&ts=1419415 ... Y5K0TVY5KX
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}

-\\ Mozilla Firefox v


-\\ Google Chrome v39.0.2171.99


-\\ Chromium v


-\\ Comodo Dragon v


*************************

AdwCleaner[R0].txt - [8047 octets] - [23/02/2014 16:14:44]
AdwCleaner[R1].txt - [8107 octets] - [23/02/2014 17:55:49]
AdwCleaner[R2].txt - [10587 octets] - [15/01/2015 21:08:32]
AdwCleaner[S0].txt - [6493 octets] - [23/02/2014 17:56:16]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [10708 octets] ##########


Zoek

Zoek.exe v5.0.0.0 Updated 15-01-2015
Tool run by Jirka on źt 15. 01. 2015 at 21:11:51,67.
Microsoft Windows 8 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jirka\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

15. 1. 2015 21:15:48 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\Pando Networks deleted successfully
C:\PROGRA~2\Rolimno deleted successfully
C:\PROGRA~2\Seznam.cz deleted successfully
C:\PROGRA~2\Snail Games USA deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\Turbine deleted successfully
C:\Users\Jirka\AppData\Roaming\ImperiaOnline deleted successfully
C:\Users\Jirka\AppData\Local\Adobe deleted successfully
C:\Users\Jirka\AppData\Local\cache deleted successfully
C:\Users\Jirka\AppData\Local\WMTools Downloaded Files deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{129D8627-8E60-469B-8B3E-218B8750ADD9} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1434C8C2-A812-49C4-BF45-93A08AD018} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1695145F-C471-485F-9D2C-56F6C6A3931F} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{19E25DDA-8EB3-4555-843C-A12B1C3EF893} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1BB183C4-6802-439B-BBB4-B62A7F27D8B0} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1CFF067-63AF-452C-847B-C455278F0D0} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1D164739-FC06-41DA-B523-FE67DB7F29CE} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1D6C73D2-D236-4AC5-988E-37F25C2E6AD} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1EE2E5B0-3A26-4FF1-A17C-DB1E2E16172} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F616936-AC40-45B8-A9C0-48A6152871D} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1FD4A012-9202-4AF0-8765-14C8C6C4928} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2213D71A-8A06-4A01-9C57-EB6D3BBB9ACE} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{223E3AD6-6747-4115-91E3-E0BBBD0E13} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22CE12D8-3567-4812-8019-A0E920BA34D6} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2640C518-7EC3-4E52-88B-F2A38DFF7B43} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29E22506-BFF3-455B-ACA8-E41E43D3BC3A} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2A032081-BAE4-4842-86B9-E25888F060EE} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2A79E7BF-6E2B-4524-9BAB-E6E3E906750} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B052AB2-2C69-4A19-84F4-7EE649F756FA} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2CD972D-8D1-45EB-BDD3-48EAAB7FE740} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30F4AE13-17EC-415B-B88-FF2CF995C94} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{322bd015-36d4-4d48-8adf-9483522683f1} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{328E1FDA-40B3-4067-B841-90BB5C1F9A1D} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{339EF165-E0A-4596-86F8-AA28BC7A17B6} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{369B625D-2258-4427-A5B0-9026BFEC5A4F} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36F47CD8-879A-40C8-8838-13A582845FDB} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3959876-6410-4DAF-A6F3-252A3D42E9A3} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B70A11B-49CD-40F9-8BA1-49F4C888E49C} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3c47ec0c-e636-4e9b-a34e-f24fcabeefd7} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C4F050D-1B8F-43F7-932A-B340BC6F50E5} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D170D42-941F-46B1-8599-F51127E4E3} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D45D55A-86CF-413C-B744-2DF5B53A297C} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E4631E5-6865-4FA1-B3DC-A5D179BCF26} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3FB509FD-E64C-42E7-ACB9-B7965A915D9C} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4139917C-8112-4955-925E-D8617BC472} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{43006456-E24-4295-80E2-F7917313958} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{448ADD27-B453-4AB7-8E12-C011B9E879C} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4560B70C-9CFA-4820-98AF-5A671EC2E31F} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{46615EF5-A57C-4AF1-89FD-E97537B414F} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4707665A-FA7D-4BB6-B5A5-77C16151DD11} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{474CC28-FDAF-4869-85A6-AAFDBDCB81C} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{48E2DA25-5A0D-4397-BA40-A035C73C5D3} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49708DC9-8073-4E5C-BCBA-7973DB58EDEB} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4ADC9E51-6590-4AD4-846B-E6C5ED62FF6E} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4CCA35CA-762F-4E4C-B7D1-7A36882D2FC4} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{50FE3098-860F-45E9-809-3585D5499EF5} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{516FA34B-684A-48AD-99AB-80395567EBE7} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{53DF7A33-2FE7-40B2-8635-3C8830795C84} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{54A9D66E-F9E7-489F-8EBD-B76DA972893} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56D30AB4-1166-456F-8145-FD133937A6F7} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57FF847B-EFB0-4CB0-BB75-E319DB40A5A0} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5876D35D-9FB7-4E73-85D3-D418B84FA94D} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A24D8EB-C1B6-44E0-A074-39608FE93BD} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5AC444B-21E6-4C2A-ADB6-CEDE1F3C3BD} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5CA0ADC2-23FC-437A-A4A9-8474B9194138} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E158FBB-CA2F-47C8-B09E-36F9B0E79B7} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5EDEF86B-385-49CC-9D6-DA4227CC4A4} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5F3D8871-AD94-4503-9CE3-E991247C3AC} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6041CAB0-B998-4DC4-9FEB-6993A5A06B3} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61A899A5-6F19-4E7A-9A1A-54EFE5C281} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6342F6F4-AA4C-4991-8228-21F6AC23DD9} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{673688E6-5539-4FB4-AB74-DDA65E9238BF} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{69998305-FB95-42F8-9614-19111A4DDB8} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6B34B872-240E-44BE-AA96-51E117F8BABD} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F85571B-61DC-4609-B314-AF5A90119847} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6FEE7FB8-D862-44FF-AFB0-91DB633D1629} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70657014-39E-42E5-9738-6A7CD299D1F1} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{708F4EFD-F86A-4DE6-8258-88F8A827AFEC} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70908897-39B9-4E35-A0F2-A71DFFB2125} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7163838E-28A3-44F0-B62D-5E4ACCEF219} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C8BDC7-70FF-4013-B152-675BF3D45D1} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78CBA8F8-6E4C-43DC-B671-2F1D7BA1B34D} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7bbf042a-a70b-4e5f-9f45-a96f22c40dca} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7BDDF15C-F843-4E5A-8EDF-53A11B14829A} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D6EF636-EA18-4DD5-83C6-834FC9A316E8} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E73B8A6-6A88-4384-89B0-BCED601DB65C} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FCB57ED-2238-4B47-9DE0-E94BFA578C4C} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82CAF6C2-3AB-43C2-96CA-D931C7787E} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85D5ED1E-7112-4505-A21B-783933B28250} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{885CA840-EFDC-4F27-A6E4-5541CF41A6E8} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88610304-ED1C-4324-A95A-AA9D77A3F5D5} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{892EAF4A-3620-45FA-B748-887B78F391C8} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8BC39D27-C873-47C5-9255-1D25B98DC3} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D177D49-5AEB-407D-9E63-957A58DC74B0} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D4BF57B-3D69-43B6-B9A4-E747963911} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{90DC8EA1-94B1-4D1A-AEAB-FE97395A29B2} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91351243-8011-4D7D-A567-80FC763CF75B} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{918B9976-2-40D8-8590-3AC2D6315739} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9241635-578F-4785-998A-3F17E18A40A3} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9405B05B-6EC-458C-9383-378E76DF4D2F} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{949D3006-5BDB-4705-96B6-A58FB28CBE5E} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{957DD998-E347-42E5-A898-9A39E2E7CE12} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{962220E0-5530-41D2-9ADA-CAC1A79124DB} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96BA90D5-21F7-46F2-B2AC-8EC8AADF6E45} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9a04d610-46ab-4c1b-be07-b962f8065880} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9ACB8038-38BC-4F4A-8852-81D3C3D84FB5} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9DFCD97B-9FE7-40D0-A186-94F3287F85} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A11654B3-C4FB-4E16-A615-4B257884142} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7DDF3CB-5F48-4A0C-9FE2-7E4D6CA8FE9E} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A9C1DF18-A656-43CA-9849-755539BF45DF} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A9C74018-3891-4512-85CA-A62D5FCA669E} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA410E8B-A7BD-4A67-ABC8-D39CD552AD4E} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE269393-2785-4997-A1FE-8A446DFC61CE} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AEEF71FC-1846-48C2-8BCB-BA64DD7DBD4E} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFAD95C0-8F0F-4671-A04-155626297E3A} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B0499CB8-EC72-41F7-B496-B8145668274} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B1291B9E-E24A-4804-A5BC-92409BA672C5} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B14BC83C-4B05-46CF-A9B0-EB1FD89663} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5B6D374-31F1-48B4-BBC-2B9A71E696} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6FDC3D1-2194-484E-B933-734AD1338C7B} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7438E75-48AA-4E20-BF10-281A962873D0} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B765C9B9-C8BC-42C7-A961-E8DD2A53C77E} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B88379B2-CCA6-4D00-8E6-EF8C70B32542} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B90EEC75-7479-4701-8FF4-959038336A45} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B9B2C0B7-E8EE-4467-A11E-52C1DB505F2C} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BA464B8C-1957-4B3B-AC31-B4F9CBBA6232} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE027E55-C80A-44FD-91C6-A639FCAA7516} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE0522D3-E9C6-461A-ACCE-15E509BC0AC} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFB62D96-B196-42DF-A89C-70439374F4F} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C234933C-CE24-486A-8151-6D8168DAC7} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C33B17C7-5829-4987-818E-96E86365A9F} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c33e0157-aaeb-4071-b313-2452a01fd9fa} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3A2AE2B-3C11-4FF4-A80-3761A29B7CF} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C68DB4EC-4564-4D9D-9BEA-FABFBFFD23D} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8860FBE-16E9-4DF3-9780-E7B4955AE341} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC432234-937B-431E-8AD9-C97B4279E98D} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD98FFE3-4774-4BC3-AFA4-4F70A7E9AF8} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CEDB8019-3140-4723-974D-9DEC42A6238D} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D003577B-CFAC-4D3D-93A-DBB782C57C6} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D121658E-181D-4F4A-B232-98F28AE3C6} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2AB867B-C938-4FCC-8974-4F22B391F60} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3D269AE-41D1-41B2-BB3D-46D098D258FF} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D41D6A2A-3C4D-4D0E-AA59-459F2D6C34EF} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D488CAA9-707B-4116-B311-E1019D5E447} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D529E9CB-E199-4273-A259-801CA836E7BF} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5A5AC47-D8F9-4B4B-AE1E-77396B16F99} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D79FC9F2-102F-4A02-A6C7-C882C77F4624} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA0C14DD-CC2D-4021-9483-3D38F9C82A2B} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBC169C9-31B8-4E1A-A751-D52FAB8FD6F8} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBC48891-F5C6-463F-84EE-87AA51A4F568} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB78CED-A714-4BA6-B64C-75DDA313E1B} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DE500400-6652-49FA-A78A-2D876C6C4BEE} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DFB2C042-8C4-4A93-A8FE-144C93A1C0DC} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0416E54-A166-4F9B-A1C0-62CCEAA37867} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0C755EF-FD21-4A2A-A933-6F93F89CB66E} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E1CE2E46-FE11-4342-951E-40E1902815D1} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E43748A-9B38-4E26-A021-868E1A70D88D} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E59FEB6E-FA2F-42E4-AEA-B81841751458} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7A0A383-6C85-48E7-8948-33B7D5B99166} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E8FE36EB-B0DC-46AE-8B28-838692EB936} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EBFE81DA-7389-4770-88A5-8465E4C83322} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ECFC0CF6-BA4C-471B-9934-E2B3F58A4BEF} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDDDEFA2-D9D2-4BF5-9124-8CBB312892AE} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDEE0D5-C4B9-43F1-8B5D-785AC074F3E7} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE57DEC2-F984-4F00-B93C-22E53B4441BD} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EFFD450A-F3A2-4ABF-AB7D-2D6496F6EE40} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F0AFAE3F-9262-4457-81B4-2838D0EA27} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F43BC8AC-21D7-4F22-8E96-544C9F2C93C} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F54D8647-D095-4718-8015-F6B52F90DE1B} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F572237D-9747-49E2-8842-3A8D1118B796} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7FF92E5-A8BC-4A6D-9178-375EB31519E} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F8C3E449-81F-4240-B6B2-F2133E75718} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9D67754-7CE7-4792-AEAE-B9A74983828} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBA73BC-3C86-4CFA-B21A-F83CF55435A7} deleted successfully
HKEY_USERS\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBD557CF-8C65-4A75-A7BA-6FF2309A6DF2} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{322bd015-36d4-4d48-8adf-9483522683f1} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3c47ec0c-e636-4e9b-a34e-f24fcabeefd7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7bbf042a-a70b-4e5f-9f45-a96f22c40dca} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9a04d610-46ab-4c1b-be07-b962f8065880} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c33e0157-aaeb-4071-b313-2452a01fd9fa} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\winzipersvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winzipersvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MgAssistService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\trntv deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

Added to C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
@="C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe"

==== Deleting Files \ Folders ======================

C:\PROGRA~2\pRRicechop deleted
C:\ProgramData\pRRicechop deleted
C:\Users\Jirka\AppData\LocalLow\{A2D11161-3F18-BECD-B844-1B961D886177} deleted
C:\Users\Jirka\AppData\Local\Packages\windows_ie_ac_001\AC\{A2D11161-3F18-BECD-B844-1B961D886177} deleted
C:\Users\Jirka\AppData\Local\19169 deleted
C:\PROGRA~3\GreenBay App deleted
C:\Users\Jirka\.android deleted
C:\PROGRA~2\Connected Music powered by Universal Music Group deleted
C:\PROGRA~2\SupTab deleted
C:\PROGRA~2\COMMON~1\Config deleted
C:\Users\Jirka\AppData\Roaming\TornTV.com deleted
C:\Users\Jirka\AppData\Roaming\WinZipper deleted
C:\PROGRA~3\IePluginServices deleted
C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\WindowsMangerProtect deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Jirka\AppData\Local\Installer deleted
C:\Users\Jirka\AppData\Local\CrashRpt deleted
C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx deleted
C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper deleted
C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com deleted
C:\Users\Public\Documents\ShopperPro deleted
C:\Users\Jirka\AppData\LocalLow\iWebar deleted
C:\Users\Jirka\AppData\LocalLow\Object Browser deleted
C:\windows\tasks\AmiUpdXp.job deleted
C:\windows\SysNative\tasks\AmiUpdXp deleted
C:\windows\SysNative\Tasks\SPDriver deleted
C:\windows\SysNative\tasks\ShopperPro deleted
C:\windows\SysNative\tasks\ShopperProJSUpd deleted
C:\windows\SysNative\drivers\nethfdrv.sys deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\windows\Syswow64\SETD94F.tmp deleted
C:\windows\SysWow64\AI_RecycleBin deleted
"C:\ProgramData\droidcam-settings" deleted
"C:\PROGRA~3\7444af4f595a4800\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}.20140720181632" deleted
"C:\PROGRA~3\7444af4f595a4800\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}.20140720181643" deleted
"C:\PROGRA~2\WinZipper\eshellctx64.dll" deleted
"C:\PROGRA~3\7444af4f595a4800" deleted
"C:\PROGRA~2\WinZipper" not deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ExtDir: C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- Torntv 3 - %ExtDir%\trtv3@trtv.com.xpi

==== Firefox Plugins ======================


==== Deleted Firefox Extensions ======================

C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\trtv3@trtv.com.xpi deleted

==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Administrator\AppData\Local\Torch deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Administrator\AppData\Local\Chromatic Browser deleted
Fake profile C:\Users\Guest\AppData\Local\Torch deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Guest\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Guest\AppData\Local\Chromatic Browser deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Torch deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser deleted
Fake profile C:\Users\Jirka\AppData\Local\Torch deleted
Fake profile C:\Users\Jirka\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Jirka\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Jirka\AppData\Local\Chromatic Browser deleted

==== Chromium Look ======================

Google Chrome Version: 39.0.2171.99 (Up to date, latest Stable version: 39.0.2171.99)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fhhkecgfjgooimebgoohgglnmfagcfpp - C:\Program Files (x86)\Rolimno\fhhkecgfjgooimebgoohgglnmfagcfpp.crx[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[19. 06. 2014 17:10]
noajmlkipclmeolfcnflkjhijkigpfjh - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx[]
pelmeidfhdlhlbjimpabfcbnnojbboma - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx[]

Allin1Convert - Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmabjcmofdemkaaekcmpocognlfonepb
Security Protection - Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh

==== Chromium Fix ======================

C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully
C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal deleted successfully
C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma deleted successfully
C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh deleted successfully
C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_noajmlkipclmeolfcnflkjhijkigpfjh_0.localstorage deleted successfully
C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmabjcmofdemkaaekcmpocognlfonepb deleted successfully
C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kmabjcmofdemkaaekcmpocognlfonepb_0.localstorage deleted successfully
C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kmabjcmofdemkaaekcmpocognlfonepb_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.delta-homes.com/?type=hp&ts= ... Y5K0TVY5KX"
"Search Page"="http://search.delta-homes.com/web/?type ... earchTerms}"
"Default_Page_URL"="http://www.delta-homes.com/?type=hp&ts= ... Y5K0TVY5KX"
"Default_Search_URL"="http://search.delta-homes.com/web/?type ... earchTerms}"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.delta-homes.com/?type=hp&ts= ... Y5K0TVY5KX"
"Search Page"="http://www.mystartsearch.com/web/?type= ... earchTerms}"
"Default_Page_URL"="http://www.delta-homes.com/?type=hp&ts= ... Y5K0TVY5KX"
"Default_Search_URL"="http://www.mystartsearch.com/web/?type= ... earchTerms}"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.delta-homes.com/?type=hp&ts= ... Y5K0TVY5KX"
"Search Page"="http://www.mystartsearch.com/web/?type= ... earchTerms}"
"Default_Page_URL"="http://www.delta-homes.com/?type=hp&ts= ... Y5K0TVY5KX"
"Default_Search_URL"="http://www.mystartsearch.com/web/?type= ... earchTerms}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} Seznam Url="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
{F3FAE48F-E9C3-4005-B30B-553493FD9351} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_12454"

==== Reset Google Chrome ======================

C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Jirka\Desktop\Assassin's Creed II – zástupce.lnk -
C:\Users\Jirka\Desktop\Assassin's Creed Revelations (MP).lnk - C:\Program Files (x86)\R.G. Mechanics\Assassin's Creed Revelations\ACRMP.exe
C:\Users\Jirka\Desktop\Assassin's Creed Revelations (SP).lnk - C:\Program Files (x86)\R.G. Mechanics\Assassin's Creed Revelations\ACRSP.exe
C:\Users\Jirka\Desktop\Assassin's Creed – zástupce.lnk -
C:\Users\Jirka\Desktop\Attomey – zástupce.lnk -
C:\Users\Jirka\Desktop\Battle.net.lnk - C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe
C:\Users\Jirka\Desktop\CINEMA 4D 64 Bit – zástupce.lnk -
C:\Users\Jirka\Desktop\DroidCamApp.lnk - C:\Program Files (x86)\DroidCam\DroidCamApp.exe
C:\Users\Jirka\Desktop\Minecraft.lnk - C:\Users\Jirka\AppData\Roaming\.minecraft\minecraft launcher\Minecraft Launcher.exe
C:\Users\Jirka\Desktop\MK LOL.lnk - C:\Program Files (x86)\MKJogo\MKLOL\Bin\MKIM.exe
C:\Users\Jirka\Desktop\Projekty o konci světa – zástupce.lnk -
C:\Users\Jirka\Desktop\Skyrim (SKSE).lnk - C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\skse_loader.exe
C:\Users\Jirka\Desktop\Tento počítač (2).lnk -
C:\Users\Jirka\Desktop\The Binding of Isaac Rebirth.lnk - C:\Games\The Binding of Isaac Rebirth\isaac-ng.exe
C:\Users\Jirka\Desktop\Vegas Pro 11.0.lnk - C:\Program Files (x86)\Sony\Vegas Pro 11.0\vegas110.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Assassin's Creed Brotherhood.lnk - C:\Program Files (x86)\Assassin's Creed Brotherhood\ACBSP.exe
C:\Users\Public\Desktop\avast Free Antivirus.lnk -
C:\Users\Public\Desktop\Battlefield 3.lnk - C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\Combat Arms EU.lnk - C:\Nexon\Combat Arms EU\CombatArms.exe
C:\Users\Public\Desktop\Connected Music powered by Universal Music Group.lnk - C:\Program Files (x86)\Connected Music powered by Universal Music Group\Connected Music powered by Universal Music Group.exe
C:\Users\Public\Desktop\Connected Remote.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteMgmtUI.exe
C:\Users\Public\Desktop\DAEMON Tools Lite.lnk - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Users\Public\Desktop\Elsword.lnk - C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe "C:\Program Files (x86)\GameforgeLive\Games\GBR_eng\Elsword\Elsword.exe" -start Elsword
C:\Users\Public\Desktop\Fraps.lnk - C:\Fraps\fraps.exe
C:\Users\Public\Desktop\Gameforge Live.lnk - C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&t ... Y5K0TVY5KX
C:\Users\Public\Desktop\Heroes of the Storm.lnk - C:\Program Files (x86)\Heroes of the Storm\Heroes of the Storm.exe
C:\Users\Public\Desktop\HP Deskjet 3520 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 3520 series\Bin\HP Deskjet 3520 series.exe -Start UDCDevicePage
C:\Users\Public\Desktop\Laroxion Metin 2014.lnk - C:\Program Files (x86)\LaRoXionMT2\LaRoXion.exe
C:\Users\Public\Desktop\League of Legends.lnk - C:\Riot Games\League of Legends\lol.launcher.exe
C:\Users\Public\Desktop\Nexus Mod Manager.lnk - C:\Program Files\Nexus Mod Manager\NexusClient.exe
C:\Users\Public\Desktop\Origin.lnk - C:\Program Files (x86)\Origin\Origin.exe
C:\Users\Public\Desktop\Overwolf.lnk - C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe
C:\Users\Public\Desktop\Papers, Please.lnk - C:\GOG Games\Papers, Please\PapersPlease.exe
C:\Users\Public\Desktop\Smite.lnk - C:\Program Files (x86)\Hi-Rez Studios\HiRezLauncherUI.exe game=300 product=17
C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk - C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
C:\Users\Public\Desktop\World of Tanks.lnk - C:\Games\World_of_Tanks\WOTLauncher.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam\DroidCam Client.lnk - C:\Program Files (x86)\DroidCam\DroidCamApp.exe
C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam\Uninstall.lnk - C:\Program Files (x86)\DroidCam\Uninstall.exe
C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf\Overwolf.lnk - C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe
C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Binding of Isaac Rebirth 1.0\Cat-A-Cat GAMES.lnk - C:\Games\The Binding of Isaac Rebirth\d.url
C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Binding of Isaac Rebirth 1.0\The Binding of Isaac Rebirth.lnk - C:\Games\The Binding of Isaac Rebirth\isaac-ng.exe
C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Binding of Isaac Rebirth 1.0\Uninstall.lnk - C:\Games\The Binding of Isaac Rebirth\Uninstall.exe
C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe
C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast Free Antivirus.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elsword\Elsword.lnk - C:\KOGGAMES\Elsword\elsword.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elsword\Uninstall Elsword.lnk - C:\KOGGAMES\Elsword\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Explorer Suite\CFF Explorer.lnk - C:\Program Files\NTCore\Explorer Suite\CFF Explorer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Explorer Suite\Scripts.lnk - C:\windows\explorer.exe C:\Program Files\NTCore\Explorer Suite\Scripts
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Explorer Suite\Signature Explorer.lnk - C:\Program Files\NTCore\Explorer Suite\Signature Explorer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Explorer Suite\Task Explorer (32-bit).lnk - C:\Program Files\NTCore\Explorer Suite\Task Explorer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Explorer Suite\Task Explorer (64-bit).lnk - C:\Program Files\NTCore\Explorer Suite\Task Explorer-x64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Explorer Suite\SDK\CFF Explorer Scripting Language.pdf.lnk - C:\Program Files\NTCore\Explorer Suite\SDK\CFF Explorer Scripting Language.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Explorer Suite\SDK\How-To CFF Extension.lnk - C:\Program Files\NTCore\Explorer Suite\SDK\How-To CFF Extension.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Explorer Suite\SDK\Signatures Technical Details.lnk - C:\Program Files\NTCore\Explorer Suite\SDK\Signatures Technical Details.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Explorer Suite\SDK\VS Extensions Wizard.lnk - C:\Program Files\NTCore\Explorer Suite\SDK\ExSuiteExtWiz.msi
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Explorer Suite\Tools\Driver List.lnk - C:\Program Files\NTCore\Explorer Suite\Tools\DriverList.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Explorer Suite\Tools\PE Detective.lnk - C:\Program Files\NTCore\Explorer Suite\PE Detective.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live\Elsword.lnk - C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe "C:\Program Files (x86)\GameforgeLive\Games\GBR_eng\Elsword\Elsword.exe" -start Elsword
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live\Gameforge Live.lnk - C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live\Odinstalovat aplikaci Gameforge Live.lnk - C:\Program Files (x86)\GameforgeLive\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&t ... Y5K0TVY5KX
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm\Heroes of the Storm.lnk - C:\Program Files (x86)\Heroes of the Storm\Heroes of the Storm.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Deskjet 3520 series\HP Deskjet 3520 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 3520 series\Bin\HP Deskjet 3520 series.exe -Start UDCDevicePage
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends\League of Legends.lnk - C:\Riot Games\League of Legends\lol.launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk - C:\windows\SysWOW64\msiexec.exe /i {8B4E75B8-6788-481D-B8D5-143EF17DC06A} REMOVE=ALL
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan\Norton Security Scan.LNK - C:\Program Files (x86)\Norton Security Scan\Engine\4.1.0.28\Nss.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin Error Reporter.lnk - C:\Program Files (x86)\Origin\OriginER.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics\Assassin's Creed Revelations\Play Assassin's Creed Revelations (MP).lnk - C:\Program Files (x86)\R.G. Mechanics\Assassin's Creed Revelations\ACRMP.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics\Assassin's Creed Revelations\Play Assassin's Creed Revelations (PR).lnk - C:\Program Files (x86)\R.G. Mechanics\Assassin's Creed Revelations\ACRPR.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics\Assassin's Creed Revelations\Play Assassin's Creed Revelations (SP).lnk - C:\Program Files (x86)\R.G. Mechanics\Assassin's Creed Revelations\ACRSP.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics\Assassin's Creed Revelations\Uninstall Assassin's Creed Revelations.lnk - C:\Users\Jirka\AppData\Roaming\Assassin's Creed Revelations\Uninstall\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shards of War\Odinstalovat aplikaci Shards of War.lnk - C:\Program Files (x86)\Shards of War\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shards of War\Shards of War.lnk - C:\Program Files (x86)\Shards of War\ShardsOfWarLauncher.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Jirka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk - C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
C:\Users\Jirka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.delta-homes.com/?type=sc&ts= ... Y5K0TVY5KX
C:\Users\Jirka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&t ... Y5K0TVY5KX
C:\Users\Jirka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Jirka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Jirka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b15f30ab853b7d31\Diablo III.lnk - C:\Program Files (x86)\Diablo III\Diablo III Launcher.exe
C:\Users\Jirka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Battle.net.lnk - C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe
C:\Users\Jirka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Libraries
C:\Users\Jirka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.delta-homes.com/?type=sc&ts= ... Y5K0TVY5KX
C:\Users\Jirka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&t ... Y5K0TVY5KX

==== shortcuts After Repair ======================

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Jirka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Jirka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Jirka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Jirka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\07b14e0e-cbcc-49d4-88ac-9aa538254d33 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fhhkecgfjgooimebgoohgglnmfagcfpp deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FDB962F0-B5B8-9460-D12F-7966E97BAA43} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jirka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jirka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=656 folders=317 50673659 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\hedev\AppData\Local\temp emptied successfully
C:\Users\Jirka\AppData\Local\temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\Jirka\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~2\WinZipper" not found

==== EOF on źt 15. 01. 2015 at 21:36:42,87 ======================

[vyosek]

Spustte znovu AdwCleaner

• Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[antarax]

# AdwCleaner v4.107 - Report created 16/01/2015 at 19:13:54
# Updated 07/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 8 (64 bits)
# Username : Jirka - PC-OBYVAK
# Running from : C:\Users\Jirka\Desktop\adwcleaner_4.107.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Jirka\AppData\LocalLow\Sense
Folder Deleted : C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh

***** [ Scheduled Tasks ] *****

Task Deleted : ShopperPro
Task Deleted : ShopperProJSUpd
Task Deleted : SPDriver

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Torntv Downloader]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Key Deleted : HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
Key Deleted : HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
Key Deleted : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\ShopperPro
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\TornTv Downloader
Key Deleted : HKCU\Software\AppDataLow\Software\Object Browser
Key Deleted : HKCU\Software\AppDataLow\Software\Sense
Key Deleted : HKLM\SOFTWARE\delta-homesSoftware
Key Deleted : HKLM\SOFTWARE\hdcode
Key Deleted : HKLM\SOFTWARE\Sense
Key Deleted : HKLM\SOFTWARE\ShopperPro
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\supWPM
Key Deleted : HKLM\SOFTWARE\V9
Key Deleted : HKLM\SOFTWARE\winzipersvc
Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.17183


-\\ Mozilla Firefox v


-\\ Google Chrome v39.0.2171.99


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [8047 octets] - [23/02/2014 16:14:44]
AdwCleaner[R1].txt - [8107 octets] - [23/02/2014 17:55:49]
AdwCleaner[R2].txt - [10857 octets] - [15/01/2015 21:08:32]
AdwCleaner[R3].txt - [3954 octets] - [16/01/2015 19:11:53]
AdwCleaner[S0].txt - [6493 octets] - [23/02/2014 17:56:16]
AdwCleaner[S1].txt - [3818 octets] - [16/01/2015 19:13:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3878 octets] ##########

[vyosek]

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=30&t=133101

[antarax]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-01-2015 01
Ran by Jirka (administrator) on PC-OBYVAK on 17-01-2015 18:11:57
Running from C:\Users\Jirka\Desktop
Loaded Profiles: Jirka (Available profiles: Jirka)
Platform: Windows 8 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Stanford University) C:\Program Files (x86)\Folding@Home #01\Folding@Home #02\FAH-Console.exe
(Microsoft Corporation) C:\windows\System32\dasHost.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
() C:\windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
() C:\Program Files\Smart Menu\WinStartMenuLauncher.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AMD) C:\windows\System32\atieclxx.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Jirka\Desktop\FRSTLauncher (2).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-09-19] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-09-19] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-07-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-08] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\a804540e-8ba1-4358-a0f4-f1458e4e187c.exe [183232 2015-01-17] (AVAST Software)
HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3618648 2014-12-18] (Electronic Arts)
HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Jirka\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [40176 2015-01-12] (Overwolf LTD)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3708454727-2438114274-1006808024-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3708454727-2438114274-1006808024-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-3708454727-2438114274-1006808024-1001 -> {F3FAE48F-E9C3-4005-B30B-553493FD9351} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3708454727-2438114274-1006808024-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jirka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3708454727-2438114274-1006808024-1001: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF Plugin HKU\S-1-5-21-3708454727-2438114274-1006808024-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-15]

Chrome:
=======
CHR HomePage: Default -> https://www.google.cz/webhp?sourceid=ch ... 2&ie=UTF-8
CHR StartupUrls: Default -> "https://www.google.cz/webhp?tab=ww&ei=2 ... d=0CAkQ1S4"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-15]
CHR Extension: (Dokumenty Google) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-15]
CHR Extension: (Disk Google) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-15]
CHR Extension: (YouTube) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-15]
CHR Extension: (Vyhledávání Google) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-15]
CHR Extension: (Tabulky Google) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-15]
CHR Extension: (Peněženka Google) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-22]
CHR Extension: (Security Protection) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh [2015-01-16]
CHR Extension: (Gmail) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-19] (AVAST Software)
S3 EasyAntiCheat; C:\windows\SysWOW64\EasyAntiCheat.exe [182304 2014-12-11] (EasyAntiCheat Ltd)
R2 FAH-01; C:\Program Files (x86)\Folding@Home #01\Folding@Home #02\FAH-Console.exe [253952 2008-06-30] (Stanford University) [File not signed]
S2 FAH-02; C:\Program Files (x86)\Folding@Home #01\Folding@Home #02\FAH-Console.exe [253952 2008-06-30] (Stanford University) [File not signed]
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [85504 2012-08-15] (Hewlett-Packard Company) [File not signed]
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-18] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [998640 2015-01-12] (Overwolf LTD)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76152 2014-07-29] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-09-19] (IDT, Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16032 2014-09-22] (Microsoft Corporation)
R2 WinStartMenuLauncher; C:\Program Files\Smart Menu\WinStartMenuLauncher.exe [249432 2014-06-23] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-17] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-17] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-17] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-17] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-03] (Advanced Micro Devices)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 DroidCam; C:\Windows\system32\DRIVERS\droidcam.sys [32568 2014-12-31] (Dev47Apps)
R3 DroidCamVideo; C:\Windows\system32\DRIVERS\droidcamvideo.sys [229176 2014-12-31] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-03-30] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-14] (Symantec Corporation)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45112 2014-12-13] (LogMeIn Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
S3 X6va027; \??\C:\windows\SysWOW64\Drivers\X6va027 [X]
S3 X6va028; \??\C:\windows\SysWOW64\Drivers\X6va028 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-17 18:11 - 2015-01-17 18:12 - 00017478 _____ () C:\Users\Jirka\Desktop\FRST.txt
2015-01-17 18:11 - 2015-01-17 18:11 - 00112640 _____ (forum.viry.cz) C:\Users\Jirka\Desktop\FRSTLauncher (2).exe
2015-01-17 18:11 - 2015-01-17 18:11 - 00000000 ____D () C:\FRST
2015-01-17 18:10 - 2015-01-17 18:10 - 00001966 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-17 18:09 - 2015-01-17 18:09 - 00364512 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2015-01-17 18:09 - 2015-01-17 18:09 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2015-01-17 18:06 - 2015-01-17 18:06 - 00112640 _____ (forum.viry.cz) C:\Users\Jirka\Downloads\Nepotvrzeno 457598.crdownload
2015-01-17 18:06 - 2015-01-17 18:06 - 00112640 _____ (forum.viry.cz) C:\Users\Jirka\Downloads\Nepotvrzeno 226694.crdownload
2015-01-17 18:04 - 2015-01-17 18:04 - 02125824 _____ (Farbar) C:\Users\Jirka\Desktop\FRST64.exe
2015-01-15 21:33 - 2015-01-15 21:11 - 00024064 _____ () C:\windows\zoek-delete.exe
2015-01-15 21:15 - 2015-01-15 21:36 - 00063835 _____ () C:\zoek-results.log
2015-01-15 21:11 - 2015-01-15 21:31 - 00000000 ____D () C:\zoek_backup
2015-01-15 21:07 - 2015-01-15 21:07 - 02191360 _____ () C:\Users\Jirka\Desktop\adwcleaner_4.107.exe
2015-01-15 21:07 - 2015-01-15 21:07 - 01295360 _____ () C:\Users\Jirka\Desktop\zoek.exe
2015-01-15 19:19 - 2015-01-15 19:19 - 01222144 _____ () C:\Users\Jirka\Downloads\RSITx64.exe
2015-01-14 14:17 - 2014-11-27 03:40 - 00600576 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-01-14 14:17 - 2014-11-27 02:28 - 00523264 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-01-14 14:16 - 2014-11-15 07:06 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-01-14 14:16 - 2014-11-15 06:13 - 03286016 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-01-14 14:16 - 2014-11-15 06:13 - 01623552 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-01-14 14:16 - 2014-11-15 06:13 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-01-14 14:16 - 2014-11-15 06:13 - 00253440 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2015-01-14 14:16 - 2014-11-15 06:13 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-01-14 14:16 - 2014-11-15 06:13 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-01-14 14:16 - 2014-11-15 06:13 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-01-14 14:16 - 2014-11-15 06:12 - 00176640 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2015-01-14 14:16 - 2014-11-15 04:54 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-01-14 14:16 - 2014-11-15 04:53 - 00630272 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-01-14 14:16 - 2014-11-15 04:53 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-01-14 14:16 - 2014-11-15 04:53 - 00086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-01-14 14:16 - 2014-11-05 07:40 - 00733184 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2015-01-14 14:16 - 2014-11-05 07:39 - 01024512 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2015-01-14 14:16 - 2014-11-01 07:28 - 00417280 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2015-01-14 14:16 - 2014-10-29 15:21 - 00499008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
2015-01-14 14:16 - 2014-10-27 23:10 - 00390841 _____ () C:\windows\system32\ApnDatabase.xml
2015-01-14 14:15 - 2014-12-19 07:48 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2015-01-14 14:15 - 2014-12-11 07:51 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-01-14 14:15 - 2014-12-06 08:52 - 00384000 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2015-01-14 14:15 - 2014-12-06 08:52 - 00357376 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2015-01-14 14:15 - 2014-12-06 08:52 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll
2015-01-14 14:15 - 2014-12-06 07:09 - 00055296 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2015-01-14 14:14 - 2014-12-19 05:35 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2015-01-14 14:14 - 2014-12-11 08:35 - 06973248 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-01-14 14:14 - 2014-12-06 08:53 - 00458240 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2015-01-14 14:14 - 2014-12-06 08:53 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\WerFaultSecure.exe
2015-01-14 14:14 - 2014-12-06 08:51 - 00370688 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2015-01-14 14:14 - 2014-12-06 08:51 - 00267264 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-01-14 14:14 - 2014-12-06 08:50 - 00783872 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2015-01-14 14:14 - 2014-12-06 07:10 - 00355840 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2015-01-14 14:14 - 2014-12-06 07:10 - 00023552 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFaultSecure.exe
2015-01-14 14:14 - 2014-12-06 07:09 - 00332800 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2015-01-09 17:37 - 2015-01-09 17:37 - 00001613 _____ () C:\Users\Public\Desktop\League of Legends.lnk
2015-01-09 17:37 - 2015-01-09 17:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2015-01-09 17:37 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_39.dll
2015-01-09 17:37 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_39.dll
2015-01-09 17:37 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_39.dll
2015-01-09 17:27 - 2015-01-09 17:27 - 30993712 _____ (Riot Games) C:\Users\Jirka\Downloads\LeagueofLegends_EUNE_Installer_9_15_2014.exe
2015-01-08 20:55 - 2015-01-08 20:55 - 00000000 ____D () C:\Users\Jirka\AppData\Roaming\Carbon
2015-01-08 20:47 - 2015-01-08 20:47 - 00000222 _____ () C:\Users\Jirka\Desktop\AirMech.url
2015-01-08 06:46 - 2015-01-08 06:46 - 00174592 _____ () C:\Users\Jirka\Desktop\Vítr.ppt
2015-01-07 18:24 - 2015-01-07 18:24 - 02461696 _____ () C:\Users\Jirka\Desktop\Větrné elektrárny – výhody a nevýhody+ historie.ppt
2015-01-02 14:31 - 2015-01-02 14:31 - 00002836 _____ () C:\Users\Jirka\Desktop\Můj film.wlmp
2014-12-31 17:07 - 2014-12-31 17:07 - 00229176 _____ (Windows (R) Win 7 DDK provider) C:\windows\system32\Drivers\droidcamvideo.sys
2014-12-31 17:07 - 2014-12-31 17:07 - 00032568 _____ (Dev47Apps) C:\windows\system32\Drivers\droidcam.sys
2014-12-31 17:07 - 2014-12-31 17:07 - 00001028 _____ () C:\Users\Jirka\Desktop\DroidCamApp.lnk
2014-12-31 17:07 - 2014-12-31 17:07 - 00000000 ____D () C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam
2014-12-31 17:07 - 2014-12-31 17:07 - 00000000 ____D () C:\Program Files (x86)\DroidCam
2014-12-31 17:06 - 2014-12-31 17:06 - 01096884 _____ () C:\Users\Jirka\Downloads\DroidCam.4.1.zip
2014-12-27 21:24 - 2014-12-28 20:54 - 00000000 ____D () C:\Users\Jirka\Downloads\Gameforge Live
2014-12-25 17:42 - 2014-12-25 17:42 - 02256384 _____ () C:\Users\Jirka\Downloads\Prezentace_k_vyuce_vetrnych_elektraren.ppt
2014-12-25 12:23 - 2014-12-31 17:07 - 00002388 _____ () C:\windows\setupact.log
2014-12-25 12:23 - 2014-12-25 12:23 - 00000000 _____ () C:\windows\setuperr.log
2014-12-25 12:10 - 2014-12-25 12:10 - 00000000 ____D () C:\Users\Jirka\AppData\Local\HP
2014-12-25 12:03 - 2014-12-25 12:03 - 00002214 _____ () C:\Users\Public\Desktop\HP Deskjet 3520 series.lnk
2014-12-25 12:03 - 2014-12-25 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-12-25 12:03 - 2014-12-25 12:03 - 00000000 ____D () C:\Program Files\HP
2014-12-25 12:03 - 2014-12-25 12:03 - 00000000 ____D () C:\Program Files (x86)\HP
2014-12-25 12:03 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\windows\system32\HPDiscoPMB011.dll
2014-12-25 09:56 - 2014-12-25 12:03 - 00000000 ____D () C:\ProgramData\HP
2014-12-24 16:16 - 2014-12-24 16:16 - 00004264 _____ () C:\Users\Jirka\Downloads\photoeditor.xpi
2014-12-23 19:07 - 2014-12-23 19:07 - 03613174 _____ ( ) C:\Users\Jirka\Downloads\ExplorerSuite.exe
2014-12-23 19:07 - 2014-12-23 19:07 - 00000000 ____D () C:\Users\Public\Documents\Explorer Suite Signatures
2014-12-23 19:07 - 2014-12-23 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Explorer Suite
2014-12-23 19:07 - 2014-12-23 19:07 - 00000000 ____D () C:\Program Files\NTCore
2014-12-23 18:57 - 2014-12-23 18:57 - 00001464 _____ () C:\Users\Jirka\Desktop\Attomey – zástupce.lnk
2014-12-23 18:04 - 2014-12-23 18:04 - 00000000 ____D () C:\Program Files\Attomey
2014-12-23 14:22 - 2014-12-23 14:28 - 966764556 _____ () C:\Users\Jirka\Downloads\Attomey.rar
2014-12-22 23:53 - 2014-12-22 23:53 - 00000000 ____D () C:\Users\Jirka\AppData\Local\SKIDROW
2014-12-22 23:50 - 2014-12-22 23:50 - 00001744 _____ () C:\Users\Jirka\Desktop\The Binding of Isaac Rebirth.lnk
2014-12-22 23:50 - 2014-12-22 23:50 - 00000000 ____D () C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Binding of Isaac Rebirth 1.0
2014-12-22 23:12 - 2014-12-22 23:14 - 323433169 _____ (Games on Cat-A-Cat.Net ) C:\Users\Jirka\Downloads\The Binding of Isaac Rebirth.exe
2014-12-21 19:11 - 2014-12-21 19:11 - 79295208 _____ () C:\Users\Jirka\Downloads\Wangorn.rar.crdownload
2014-12-20 09:41 - 2014-12-20 09:41 - 00009666 _____ () C:\Users\Jirka\Downloads\prilohy_6027.zip
2014-12-20 09:41 - 2014-12-20 09:41 - 00000258 _____ () C:\Users\Jirka\Downloads\_Certification_.htm

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-17 18:10 - 2013-05-15 20:20 - 01050432 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2015-01-17 18:10 - 2013-05-15 20:20 - 00003924 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2015-01-17 18:09 - 2014-06-19 17:11 - 00116728 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys
2015-01-17 18:09 - 2014-06-19 17:11 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2015-01-17 18:09 - 2013-05-15 20:20 - 00436624 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2015-01-17 18:09 - 2013-05-15 20:20 - 00267632 _____ () C:\windows\system32\Drivers\aswVmm.sys
2015-01-17 18:09 - 2013-05-15 20:20 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2015-01-17 18:09 - 2013-05-15 20:20 - 00083280 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2015-01-17 18:09 - 2013-05-15 20:20 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2015-01-17 18:02 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\sru
2015-01-17 17:28 - 2014-04-02 08:05 - 00000980 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-17 17:27 - 2014-11-12 14:15 - 01856979 _____ () C:\windows\WindowsUpdate.log
2015-01-17 17:16 - 2014-04-02 08:05 - 00000976 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-16 19:15 - 2013-11-25 19:22 - 00000000 ____D () C:\Users\Jirka\AppData\Local\LogMeIn Hamachi
2015-01-16 19:14 - 2014-11-13 15:38 - 00009108 _____ () C:\windows\PFRO.log
2015-01-16 19:14 - 2014-07-21 14:32 - 00000352 _____ () C:\windows\Tasks\HPCeeScheduleForJirka.job
2015-01-16 19:14 - 2012-07-26 08:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-01-16 19:14 - 2012-07-26 06:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2015-01-16 19:13 - 2014-02-23 16:12 - 00000000 ____D () C:\AdwCleaner
2015-01-16 19:13 - 2013-03-03 12:41 - 00000971 _____ () C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-16 17:29 - 2013-03-03 12:46 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3708454727-2438114274-1006808024-1001
2015-01-16 15:54 - 2014-07-21 14:32 - 00003166 _____ () C:\windows\System32\Tasks\HPCeeScheduleForJirka
2015-01-16 15:54 - 2013-03-03 12:39 - 00000000 ____D () C:\Users\Jirka
2015-01-15 21:36 - 2014-07-20 17:16 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-01-15 21:36 - 2013-07-12 12:08 - 00000008 __RSH () C:\Users\Jirka\ntuser.pol
2015-01-15 21:31 - 2014-02-22 13:54 - 00002200 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-15 21:30 - 2014-07-20 17:16 - 00000000 ____D () C:\Users\Jirka\AppData\Local\Comodo
2015-01-15 21:30 - 2014-07-20 17:16 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2015-01-15 21:30 - 2014-07-20 17:16 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2015-01-15 21:30 - 2014-07-20 17:16 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2015-01-15 21:30 - 2014-07-20 17:16 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2015-01-15 21:30 - 2014-07-20 17:16 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2015-01-15 21:30 - 2014-07-20 17:16 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2015-01-15 21:30 - 2013-03-03 13:15 - 00000000 ____D () C:\Users\Jirka\AppData\Local\Google
2015-01-15 21:29 - 2012-07-26 09:12 - 00000000 ___HD () C:\windows\system32\GroupPolicy
2015-01-15 21:29 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\SysWOW64\GroupPolicy
2015-01-15 21:07 - 2013-03-04 17:11 - 01048064 ___SH () C:\Users\Jirka\Downloads\Thumbs.db
2015-01-15 19:19 - 2014-02-22 14:08 - 00000000 ____D () C:\Program Files\trend micro
2015-01-15 08:41 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\rescache
2015-01-15 08:03 - 2013-08-16 14:28 - 00000000 ____D () C:\windows\system32\MRT
2015-01-15 07:57 - 2013-03-04 13:17 - 113365784 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-15 07:57 - 2012-07-26 06:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2015-01-14 18:07 - 2012-07-26 08:59 - 00000000 ____D () C:\windows\CbsTemp
2015-01-14 15:34 - 2014-11-29 21:33 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2015-01-12 16:48 - 2013-04-06 13:14 - 01968640 ___SH () C:\Users\Jirka\Desktop\Thumbs.db
2015-01-12 15:53 - 2013-03-04 16:42 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2015-01-12 15:53 - 2013-03-04 16:42 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-11 19:20 - 2014-02-24 19:26 - 00000000 ____D () C:\Users\Jirka\AppData\Local\CrashDumps
2015-01-10 18:18 - 2012-11-12 20:31 - 00710754 _____ () C:\windows\system32\perfh005.dat
2015-01-10 18:18 - 2012-11-12 20:31 - 00162914 _____ () C:\windows\system32\perfc005.dat
2015-01-10 18:18 - 2012-07-26 08:28 - 01713882 _____ () C:\windows\system32\PerfStringBackup.INI
2015-01-10 14:57 - 2014-10-19 10:21 - 00000472 ____H () C:\windows\Tasks\Norton Security Scan for Jirka.job
2015-01-08 22:01 - 2013-12-07 13:43 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-06 00:28 - 2014-12-15 22:56 - 00714176 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-01-06 00:28 - 2014-12-15 22:56 - 00106440 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-31 17:07 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-12-28 13:18 - 2014-02-26 09:57 - 00000000 ____D () C:\Users\Jirka\AppData\Local\Battle.net
2014-12-27 21:25 - 2014-11-26 21:55 - 00001164 _____ () C:\Users\Public\Desktop\Elsword.lnk
2014-12-27 21:25 - 2014-04-26 19:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-12-27 21:24 - 2013-06-14 14:52 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2014-12-25 23:06 - 2014-11-29 21:36 - 00000000 ____D () C:\Users\Jirka\AppData\Local\Purplizer
2014-12-25 12:08 - 2014-11-29 21:29 - 00000000 ____D () C:\Users\Jirka\AppData\Local\Overwolf
2014-12-25 11:49 - 2013-03-03 12:40 - 00000000 ____D () C:\Users\Jirka\AppData\Local\Packages
2014-12-25 09:47 - 2014-05-29 14:20 - 00000000 ____D () C:\ProgramData\Origin
2014-12-25 09:47 - 2014-05-29 14:20 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-12-22 23:53 - 2013-06-12 14:23 - 00000000 ____D () C:\Users\Jirka\Documents\My Games
2014-12-22 23:50 - 2014-10-09 20:38 - 00000000 ____D () C:\Users\Jirka\AppData\Roaming\uTorrent
2014-12-22 23:50 - 2013-06-22 19:03 - 00000000 ____D () C:\Games
2014-12-22 23:11 - 2014-10-27 20:24 - 00000000 ___RD () C:\Users\Jirka\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App

==================== Files in the root of some directories =======
2013-11-15 17:56 - 2014-10-09 18:50 - 0003584 _____ () C:\Users\Jirka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-03-03 12:42 - 2013-03-03 12:42 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Some content of TEMP:
====================
C:\Users\Jirka\AppData\Local\Temp\Quarantine.exe
C:\Users\Jirka\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-16 17:30




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (OS) (Fixed) (Total:452.79 GB) (Free:100.93 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:11.15 GB) (Free:1.31 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Available physical RAM: 4438.3 MB
Total physical RAM: 6099.35 MB
Percentage of memory in use: 27%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 465.8 GB) (Disk ID: DDC4A6B3)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForJirka.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\Norton Security Scan for Jirka.job => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jirka\Desktop" je 6659 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\\Nexon\\Combat Arms\\CombatArms.exe"="C:\\Nexon\\Combat Arms\\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\\Nexon\\Combat Arms\\Engine.exe"="C:\\Nexon\\Combat Arms\\Engine.exe:*Enabled:Engine.exe"
"C:\\Nexon\\Combat Arms EU\\CombatArms.exe"="C:\\Nexon\\Combat Arms EU\\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\\Nexon\\Combat Arms EU\\Engine.exe"="C:\\Nexon\\Combat Arms EU\\Engine.exe:*Enabled:Engine.exe"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Nexon\\Combat Arms\\CombatArms.exe"="C:\\Nexon\\Combat Arms\\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\\Nexon\\Combat Arms\\Engine.exe"="C:\\Nexon\\Combat Arms\\Engine.exe:*Enabled:Engine.exe"
"C:\\Nexon\\Combat Arms EU\\CombatArms.exe"="C:\\Nexon\\Combat Arms EU\\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\\Nexon\\Combat Arms EU\\Engine.exe"="C:\\Nexon\\Combat Arms EU\\Engine.exe:*Enabled:Engine.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[vyosek]

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
  HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
  HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\a804540e-8ba1-4358-a0f4-f1458e4e187c.exe [183232 2015-01-17] (AVAST Software)
  HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
  HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Jirka\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
  
  HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
  HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
  StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
  SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  
  CHR Extension: (Security Protection) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh [2015-01-16]
  
  S3 catchme; \??\C:\ComboFix\catchme.sys [X]
  S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
  S3 X6va027; \??\C:\windows\SysWOW64\Drivers\X6va027 [X]
  S3 X6va028; \??\C:\windows\SysWOW64\Drivers\X6va028 [X]
  
  2015-01-17 18:11 - 2015-01-17 18:12 - 00017478 _____ () C:\Users\Jirka\Desktop\FRST.txt
  2015-01-17 18:11 - 2015-01-17 18:11 - 00112640 _____ (forum.viry.cz) C:\Users\Jirka\Desktop\FRSTLauncher (2).exe
  2015-01-17 18:06 - 2015-01-17 18:06 - 00112640 _____ (forum.viry.cz) C:\Users\Jirka\Downloads\Nepotvrzeno 457598.crdownload
  2015-01-17 18:06 - 2015-01-17 18:06 - 00112640 _____ (forum.viry.cz) C:\Users\Jirka\Downloads\Nepotvrzeno 226694.crdownload
  2015-01-15 21:33 - 2015-01-15 21:11 - 00024064 _____ () C:\windows\zoek-delete.exe
  2015-01-15 21:15 - 2015-01-15 21:36 - 00063835 _____ () C:\zoek-results.log
  2015-01-15 21:11 - 2015-01-15 21:31 - 00000000 ____D () C:\zoek_backup
  2015-01-15 21:07 - 2015-01-15 21:07 - 02191360 _____ () C:\Users\Jirka\Desktop\adwcleaner_4.107.exe
  2015-01-15 21:07 - 2015-01-15 21:07 - 01295360 _____ () C:\Users\Jirka\Desktop\zoek.exe
  2015-01-15 19:19 - 2015-01-15 19:19 - 01222144 _____ () C:\Users\Jirka\Downloads\RSITx64.exe
  
  Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\windows\Tasks\HPCeeScheduleForJirka.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
  Task: C:\windows\Tasks\Norton Security Scan for Jirka.job => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[antarax]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-01-2015
Ran by Jirka at 2015-01-19 18:38:35 Run:1
Running from C:\Users\Jirka\Desktop
Loaded Profiles: Jirka (Available profiles: Jirka)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\a804540e-8ba1-4358-a0f4-f1458e4e187c.exe [183232 2015-01-17] (AVAST Software)
HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Jirka\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

CHR Extension: (Security Protection) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh [2015-01-16]

S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
S3 X6va027; \??\C:\windows\SysWOW64\Drivers\X6va027 [X]
S3 X6va028; \??\C:\windows\SysWOW64\Drivers\X6va028 [X]

2015-01-17 18:11 - 2015-01-17 18:12 - 00017478 _____ () C:\Users\Jirka\Desktop\FRST.txt
2015-01-17 18:11 - 2015-01-17 18:11 - 00112640 _____ (forum.viry.cz) C:\Users\Jirka\Desktop\FRSTLauncher (2).exe
2015-01-17 18:06 - 2015-01-17 18:06 - 00112640 _____ (forum.viry.cz) C:\Users\Jirka\Downloads\Nepotvrzeno 457598.crdownload
2015-01-17 18:06 - 2015-01-17 18:06 - 00112640 _____ (forum.viry.cz) C:\Users\Jirka\Downloads\Nepotvrzeno 226694.crdownload
2015-01-15 21:33 - 2015-01-15 21:11 - 00024064 _____ () C:\windows\zoek-delete.exe
2015-01-15 21:15 - 2015-01-15 21:36 - 00063835 _____ () C:\zoek-results.log
2015-01-15 21:11 - 2015-01-15 21:31 - 00000000 ____D () C:\zoek_backup
2015-01-15 21:07 - 2015-01-15 21:07 - 02191360 _____ () C:\Users\Jirka\Desktop\adwcleaner_4.107.exe
2015-01-15 21:07 - 2015-01-15 21:07 - 01295360 _____ () C:\Users\Jirka\Desktop\zoek.exe
2015-01-15 19:19 - 2015-01-15 19:19 - 01222144 _____ () C:\Users\Jirka\Downloads\RSITx64.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForJirka.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\Norton Security Scan for Jirka.job => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LogMeIn Hamachi Ui => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\20150107 => Value not found.
HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-3708454727-2438114274-1006808024-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value deleted successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh directory not found.
catchme => Service deleted successfully.
EagleX64 => Service deleted successfully.
X6va027 => Service deleted successfully.
X6va028 => Service deleted successfully.
C:\Users\Jirka\Desktop\FRST.txt => Moved successfully.
"C:\Users\Jirka\Desktop\FRSTLauncher (2).exe" => File/Directory not found.
"C:\Users\Jirka\Downloads\Nepotvrzeno 457598.crdownload" => File/Directory not found.
"C:\Users\Jirka\Downloads\Nepotvrzeno 226694.crdownload" => File/Directory not found.
C:\windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Jirka\Desktop\adwcleaner_4.107.exe => Moved successfully.
C:\Users\Jirka\Desktop\zoek.exe => Moved successfully.
C:\Users\Jirka\Downloads\RSITx64.exe => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\HPCeeScheduleForJirka.job => Moved successfully.
C:\windows\Tasks\Norton Security Scan for Jirka.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 520.9 MB temporary data.


The system needed a reboot.

==== End of Fixlog 18:39:22 ====

[vyosek]

Tak jeste uklidime

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remote disinfection tools
• Kliknete na Run

Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

[Gladiator91]

Díky za pomoc komp uklizen a bez problémů.

[vyosek]

Gladiator91 a antarax = stejna osoba, dva ucty??

[Gladiator91]

Nene antarax je přítelkyně bratr. Registraci udělal sám než sem přišel z práce a zbytek už jsem dělal já, ale zapomněli jsme poděkovat. Bydlí o patro výš tak už sem tam večer nechtěl prudit

[vyosek]

Nemate zac, rad jsem pomohl Zase nekdy


A na zaklade Pravidla o zamykani temat