Preventivka - zpomalený počítač

Zpráva

kubik0963 · #1 Příspěvek od **kubik0963** » 14 úno 2015 19:26

Logfile of random's system information tool 1.10 (written by random/random)
Run by Tomáš at 2015-02-14 19:24:02
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 25 GB (5%) free of 477 GB
Total RAM: 3909 MB (23% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:24:06, on 14.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\OpenVPN\bin\openvpn-gui-1.0.3.exe
C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
C:\Users\Tomáš\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files (x86)\Companion Suite Pro LL2\MFFSUM.exe
C:\Program Files (x86)\Companion Suite Pro LL2\MFPrintServer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Program Files\trend micro\Tomáš.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [vmware-tray.exe] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [MFFSum_Pro_LL2] "C:\Program Files (x86)\Companion Suite Pro LL2\MFFSUM.exe"
O4 - HKLM\..\Run: [MFPrintServer_Pro_LL2] "C:\Program Files (x86)\Companion Suite Pro LL2\MFPrintServer.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Tomáš\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Tomáš\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O4 - Global Startup: HD Writer.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{305F30A8-8D3B-4A45-8FDE-0802603399FB}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{CEFF93F9-EFAE-4F9A-8319-9C7C61C5E27F}: NameServer = 93.153.117.1 93.153.117.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{D3664C03-4D80-4209-9EFB-AD19790E8AE4}: NameServer =
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Session Launcher Service (FUSServices) - Unknown owner - C:\Windows\SysWOW64\FUSServices.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: metasploitPostgreSQL - PostgreSQL Global Development Group - C:\metasploit\postgresql\bin\pg_ctl.exe
O23 - Service: Metasploit Pro Service (metasploitProSvc) - http://www.ruby-lang.org/ - C:\metasploit\ruby\bin\ruby.exe
O23 - Service: Metasploit Thin Service (metasploitThin) - http://www.ruby-lang.org/ - C:\metasploit\ruby\bin\ruby.exe
O23 - Service: Metasploit Worker (metasploitWorker) - http://www.ruby-lang.org/ - C:\metasploit\ruby\bin\ruby.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Overwolf Updater Service (OverwolfUpdaterService) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe

--
End of file - 17672 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE" "C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe"
C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe"
"LFOXRPOW.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\Windows\SysWOW64\FUSServices.exe
"C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\metasploit\postgresql\bin\pg_ctl.exe" runservice -N "metasploitPostgreSQL" -D "C:/metasploit/postgresql/data"
C:\metasploit\ruby\bin\ruby.exe -C "C:\metasploit\apps\pro\engine" prosvc_service.rb -E production
"C:\metasploit\postgresql\bin\postgres.exe" -D "C:/metasploit/postgresql/data"
\??\C:\Windows\system32\conhost.exe "-108361417612296837002121999623509060646112623922114520873682058364414948279902
"C:/metasploit/postgresql/bin/postgres.exe" "--forklog" "1260" "1256"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkboot" "1292" "-x4"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkboot" "1296" "-x3"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkboot" "1292" "-x5"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkavlauncher" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkcol" "1292"
C:\metasploit\ruby\bin\ruby.exe -C "C:\metasploit\apps\pro\ui" thin_service.rb
C:\metasploit\ruby\bin\ruby.exe -C "C:\metasploit\apps\pro\ui" worker_service.rb
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWOW64\vmnat.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe"
C:\Windows\SysWOW64\svchost.exe -k MbnExt
WLIDSvcM.exe 836
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\vmnetdhcp.exe
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe" -u "C:\ProgramData\VMware\hostd\config.xml"
taskeng.exe {1A86D568-740B-46F1-BFB9-0A21136FC3C6}
"C:\Program Files (x86)\OpenVPN\bin\openvpn-gui-1.0.3.exe" --config_dir "C:\Users\Tomáš\AppData\Roaming\OpenVPN" --allow_proxy 0 --allow_password 0 --log_dir C:\Users\TOM~1\AppData\Local\Temp
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\TortoiseSVN\bin\TSVNCache.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe"
"C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
szndesktop.exe default start
"C:\Users\Tomáš\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
\??\C:\Windows\system32\conhost.exe "159806650638536292311358839384262970781895581745-1063543021-288969517-1943883032
"C:\Program Files (x86)\BlueStacks\HD-Agent.exe"
"C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
"C:\Program Files (x86)\Companion Suite Pro LL2\MFFSUM.exe"
"C:\Program Files (x86)\Companion Suite Pro LL2\MFPrintServer.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
cmd.exe /c "C:\metasploit\apps\pro\engine\arch-lib\win32\nginx\bin\nginxr7.exe" -c C:\metasploit\apps\pro\nginx\conf\nginx.conf
\??\C:\Windows\system32\conhost.exe "-2122735969-307818467-1828763291-1887737545-2015703884-1546114618-72214487685634834
C:\metasploit\apps\pro\engine\arch-lib\win32\nginx\bin\nginxr7.exe -c C:\metasploit\apps\pro\nginx\conf\nginx.conf
C:\metasploit\apps\pro\engine\arch-lib\win32\nginx\bin\nginxr7.exe -c C:\metasploit\apps\pro\nginx\conf\nginx.conf
\??\C:\Windows\system32\conhost.exe "-6880883511997656841-1909607471-1436094381-106365547073558334-242509315-89605639
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1292"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "156"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "156"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "156"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "156"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "156"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "156"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "156"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "156"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "156"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "156"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "156"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "156"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "156"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "156"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "156"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "156"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "156"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "156"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1516"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1520"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1520"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1520"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1520"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1520"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1520"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1520"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1520"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1520"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1520"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1520"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1520"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1520"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "260"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1296"
"taskhost.exe"
"C:\Program Files (x86)\Windows Live\Mail\wlmail.exe"
"C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe" -Embedding
"C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE" /dde
C:\Windows\system32\wbem\wmiprvse.exe

"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=7812.148cba00.1309329357 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 7812 "\\.\pipe\gecko-crash-server-pipe.7812" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe" --proxy-stub-channel=Flash9772.5BDE6220.23209 --host-broker-channel=Flash9772.5BDE6220.15039 --host-pid=9772 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe" --channel=9268.0022F3C4.1799923858 --proxy-stub-channel=Flash9772.5BDE6220.23209 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll" --host-npapi-version=27 --type=renderer
C:\Windows\system32\cmd.exe /c if exist "C:\Users\TOM~1\AppData\Local\Temp\ztmp\tmp5594.bat" del "C:\Users\TOM~1\AppData\Local\Temp\ztmp\tmp5594.bat"
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Program Files\TortoiseSVN\bin\TSVNCache.exe"
"C:\Users\Tomáš\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\yi4ops5i.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@live.heroesandgenerals.com/npretox]
"Description"=Heroes & Generals downloader
"Path"=C:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nexon.net/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonUS\NGM\npNxGameUS.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll

C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\yi4ops5i.default\extensions\
cs@dictionaries.addons.mozilla.org
en-US@dictionaries.addons.mozilla.org
jid1-4P0kohSJxU1qGg@jetpack
tilt@mozilla.com
{e001c731-5e37-4538-a5cb-8168736a2360}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\yi4ops5i.default\searchplugins\
hledejcenycz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-21 551848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-01-16 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-11-12 886480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-21 212904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2014-10-14 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-21 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-02-20 51872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-16 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL [2014-11-12 710864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2014-11-12 1729744]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-21 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{25A3A431-30BB-47C8-AD6A-E1063801134F} - PDF Architect Toolbar - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2013-04-08 654384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"=C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [2013-10-25 7138816]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-10-25 12343400]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-02-20 1020576]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2012-02-20 800416]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-30 172016]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-30 399856]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-30 442352]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-10-14 557768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Tomáš\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Tomáš\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"T-Mobile CManager"=C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [2013-10-31 2166552]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-01-20 7404312]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"NBAgent"=C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-03-26 1234216]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-01-27 5227112]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"BlueStacks Agent"=C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2014-01-20 811792]
"SSBkgdUpdate"=C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"PaperPort PTD"=C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [2007-11-13 29984]
"IndexSearch"=C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [2007-11-13 46368]
"vmware-tray.exe"=C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [2014-06-12 112856]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2015-01-07 2694320]
"MFFSum_Pro_LL2"=C:\Program Files (x86)\Companion Suite Pro LL2\MFFSUM.exe [2010-01-08 24576]
"MFPrintServer_Pro_LL2"=C:\Program Files (x86)\Companion Suite Pro LL2\MFPrintServer.exe [2010-01-08 73728]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HD Writer.lnk - C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Odeslat do OneNote.lnk - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-10-31 442880]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.XFR1"=xfcodec64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-02-14 19:04:00 ----D---- C:\Program Files\CCleaner
2015-02-14 18:52:10 ----D---- C:\Program Files\trend micro
2015-02-14 18:52:08 ----D---- C:\rsit
2015-02-11 18:03:13 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-02-11 18:03:12 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-11 18:03:12 ----A---- C:\Windows\system32\jscript9.dll
2015-02-11 18:03:11 ----A---- C:\Windows\system32\jscript9diag.dll
2015-02-11 01:41:26 ----A---- C:\Windows\system32\generaltel.dll
2015-02-11 01:41:25 ----A---- C:\Windows\system32\invagent.dll
2015-02-11 01:41:25 ----A---- C:\Windows\system32\appraiser.dll
2015-02-11 01:41:25 ----A---- C:\Windows\system32\aeinv.dll
2015-02-11 01:41:24 ----A---- C:\Windows\system32\devinv.dll
2015-02-11 01:41:24 ----A---- C:\Windows\system32\aitstatic.exe
2015-02-11 01:41:22 ----A---- C:\Windows\system32\aepdu.dll
2015-02-11 01:41:21 ----A---- C:\Windows\system32\aepic.dll
2015-02-11 01:41:10 ----A---- C:\Windows\system32\schannel.dll
2015-02-11 01:41:09 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-11 01:41:07 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-02-11 01:41:05 ----A---- C:\Windows\system32\kerberos.dll
2015-02-11 01:41:03 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-02-11 01:41:02 ----A---- C:\Windows\system32\msv1_0.dll
2015-02-11 01:41:01 ----A---- C:\Windows\system32\wdigest.dll
2015-02-11 01:41:00 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-02-11 01:41:00 ----A---- C:\Windows\system32\TSpkg.dll
2015-02-11 01:41:00 ----A---- C:\Windows\system32\ncrypt.dll
2015-02-11 01:40:58 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-02-11 01:40:57 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-02-11 01:40:56 ----A---- C:\Windows\system32\credssp.dll
2015-02-11 01:40:55 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-02-11 01:40:33 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-02-11 01:40:33 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-02-11 01:40:32 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-02-11 01:40:32 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-02-11 01:40:32 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-02-11 01:40:31 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-11 01:40:29 ----A---- C:\Windows\system32\iernonce.dll
2015-02-11 01:40:29 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-11 01:40:28 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-11 01:40:28 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-11 01:40:27 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-02-11 01:40:26 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-11 01:40:26 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-02-11 01:40:26 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 01:40:25 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-11 01:40:23 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-02-11 01:40:23 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-11 01:40:22 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-11 01:40:21 ----A---- C:\Windows\system32\urlmon.dll
2015-02-11 01:40:20 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-11 01:40:19 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-02-11 01:40:19 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-02-11 01:40:19 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 01:40:17 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-11 01:40:17 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 01:40:16 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-02-11 01:40:16 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-11 01:40:16 ----A---- C:\Windows\system32\dxtrans.dll
2015-02-11 01:40:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-11 01:40:14 ----A---- C:\Windows\system32\iesetup.dll
2015-02-11 01:40:14 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-11 01:40:12 ----A---- C:\Windows\system32\iertutil.dll
2015-02-11 01:40:11 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-02-11 01:40:10 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-11 01:40:09 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-11 01:40:09 ----A---- C:\Windows\system32\jsproxy.dll
2015-02-11 01:40:09 ----A---- C:\Windows\system32\ieUnatt.exe
2015-02-11 01:40:08 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-02-11 01:40:06 ----A---- C:\Windows\system32\ieui.dll
2015-02-11 01:40:06 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-11 01:40:05 ----A---- C:\Windows\system32\ieframe.dll
2015-02-11 01:40:03 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-02-11 01:40:03 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-11 01:40:01 ----A---- C:\Windows\system32\vbscript.dll
2015-02-11 01:40:00 ----A---- C:\Windows\system32\wininet.dll
2015-02-11 01:39:58 ----A---- C:\Windows\system32\msrating.dll
2015-02-11 01:39:58 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-11 01:39:55 ----A---- C:\Windows\system32\mshtml.dll
2015-02-11 01:39:36 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-11 01:39:35 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-11 01:39:25 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-11 01:39:25 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-11 01:39:24 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-02-11 01:39:24 ----A---- C:\Windows\system32\adtschema.dll
2015-02-11 01:39:23 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-02-11 01:39:21 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-11 01:39:17 ----A---- C:\Windows\system32\sspicli.dll
2015-02-11 01:39:17 ----A---- C:\Windows\system32\auditpol.exe
2015-02-11 01:39:16 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-02-11 01:39:16 ----A---- C:\Windows\system32\lsass.exe
2015-02-11 01:39:13 ----A---- C:\Windows\system32\sspisrv.dll
2015-02-11 01:39:13 ----A---- C:\Windows\system32\secur32.dll
2015-02-11 01:39:12 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-02-11 01:39:12 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-02-11 01:39:10 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-02-11 01:39:09 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-02-11 01:39:09 ----A---- C:\Windows\system32\msobjs.dll
2015-02-11 01:39:09 ----A---- C:\Windows\system32\msaudite.dll
2015-02-11 01:38:47 ----A---- C:\Windows\system32\crypt32.dll
2015-02-11 01:38:46 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-02-11 01:38:40 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-11 01:38:40 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-11 01:38:05 ----A---- C:\Windows\system32\scesrv.dll
2015-02-11 01:38:04 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-11 01:37:56 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-11 01:37:50 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-02-11 01:37:49 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-02-11 01:37:45 ----A---- C:\Windows\system32\srcore.dll
2015-02-11 01:37:45 ----A---- C:\Windows\system32\rstrui.exe
2015-02-11 01:37:43 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-02-11 01:37:43 ----A---- C:\Windows\system32\srclient.dll
2015-02-11 01:36:57 ----A---- C:\Windows\system32\win32k.sys
2015-02-05 04:08:24 ----D---- C:\ProgramData\{CC71B1CB-A2E4-4CF7-8EDB-A0E290BA1604}
2015-02-04 13:57:00 ----A---- C:\Windows\system32\aswBoot.exe
2015-02-02 14:12:44 ----HD---- C:\ProgramData\kprologs
2015-02-02 14:12:44 ----A---- C:\Windows\SYSWOW64\windows.ini
2015-01-30 21:28:08 ----D---- C:\Program Files (x86)\Nmap
2015-01-30 19:08:12 ----D---- C:\Windows\SYSWOW64\vbox
2015-01-30 19:08:12 ----D---- C:\Windows\system32\vbox
2015-01-30 17:47:35 ----D---- C:\metasploit
2015-01-30 16:42:34 ----D---- C:\Program Files\WinPcap
2015-01-30 11:31:55 ----D---- C:\rotmg
2015-01-29 20:40:18 ----D---- C:\zaloha
2015-01-27 06:53:31 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-01-26 14:30:05 ----A---- C:\Windows\system32\drivers\VBoxDrv.sys
2015-01-26 14:30:02 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2015-01-25 22:07:08 ----D---- C:\Windows\system32\appraiser
2015-01-25 18:19:19 ----A---- C:\Windows\SYSWOW64\mf.dll
2015-01-25 18:19:18 ----A---- C:\Windows\system32\mf.dll
2015-01-25 18:01:30 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-25 18:01:30 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-25 18:01:30 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-25 18:00:37 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-25 18:00:35 ----A---- C:\Windows\system32\termsrv.dll
2015-01-25 18:00:25 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2015-01-25 18:00:25 ----A---- C:\Windows\system32\IMJP10K.DLL
2015-01-25 18:00:10 ----A---- C:\Windows\system32\drivers\tdx.sys
2015-01-25 18:00:07 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-25 18:00:03 ----A---- C:\Windows\system32\msxml3.dll
2015-01-25 18:00:02 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-01-25 18:00:02 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-01-25 18:00:02 ----A---- C:\Windows\system32\msxml3r.dll
2015-01-25 18:00:00 ----A---- C:\Windows\system32\profsvc.dll
2015-01-25 17:59:45 ----A---- C:\Windows\system32\charmap.exe
2015-01-25 17:59:44 ----A---- C:\Windows\SYSWOW64\charmap.exe
2015-01-25 17:59:38 ----A---- C:\Windows\system32\rdpcorets.dll
2015-01-25 17:59:37 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-01-25 17:59:23 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2015-01-25 17:59:23 ----A---- C:\Windows\system32\WsmSvc.dll
2015-01-25 17:59:22 ----A---- C:\Windows\system32\WsmWmiPl.dll
2015-01-25 17:59:22 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2015-01-25 17:59:22 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2015-01-25 17:59:21 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2015-01-25 17:59:21 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2015-01-25 17:59:21 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2015-01-25 17:59:21 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2015-01-25 17:59:21 ----A---- C:\Windows\system32\WsmAuto.dll
2015-01-25 17:58:10 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2015-01-25 17:58:10 ----A---- C:\Windows\system32\pku2u.dll
2015-01-25 17:57:35 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-01-25 17:57:35 ----A---- C:\Windows\system32\tzres.dll
2015-01-25 17:57:11 ----A---- C:\Windows\SYSWOW64\packager.dll
2015-01-25 17:57:11 ----A---- C:\Windows\system32\packager.dll
2015-01-25 17:56:56 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2015-01-25 17:56:56 ----A---- C:\Windows\system32\audiosrv.dll
2015-01-25 17:56:56 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-01-25 17:56:56 ----A---- C:\Windows\system32\AudioEng.dll
2015-01-25 17:56:55 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2015-01-25 17:56:55 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2015-01-25 17:56:55 ----A---- C:\Windows\system32\EncDump.dll
2015-01-25 17:56:55 ----A---- C:\Windows\system32\AudioSes.dll
2015-01-25 17:55:08 ----A---- C:\Windows\system32\msi.dll
2015-01-25 17:55:06 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-01-25 15:47:19 ----D---- C:\Program Files\7-Zip
2015-01-25 15:41:18 ----A---- C:\Windows\system32\FUSServices.exe
2015-01-25 15:41:03 ----D---- C:\ProgramData\Companion Suite Pro LL2
2015-01-25 15:40:06 ----D---- C:\Program Files (x86)\Companion Suite Pro LL2
2015-01-22 14:10:27 ----A---- C:\Windows\system32\javaws.exe
2015-01-22 14:09:59 ----A---- C:\Windows\system32\javaw.exe
2015-01-22 14:09:59 ----A---- C:\Windows\system32\java.exe
2015-01-21 21:07:14 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2015-01-21 18:41:59 ----A---- C:\Windows\SYSWOW64\wbhelp2.dll
2015-01-21 18:41:58 ----A---- C:\Windows\SYSWOW64\unicows.dll
2015-01-21 18:41:58 ----A---- C:\Windows\SYSWOW64\anim.dll
2015-01-21 13:27:39 ----D---- C:\ProgramData\Unity
2015-01-21 13:15:59 ----D---- C:\Program Files (x86)\Unity
2015-01-21 12:44:07 ----D---- C:\ProgramData\E439D6AC9D9100E68A3B2EC78E40C5A0
2015-01-21 12:42:35 ----D---- C:\ProgramData\gamemaker_studio
2015-01-21 12:39:33 ----D---- C:\Users\Tomáš\AppData\Roaming\GameMaker-Studio
2015-01-21 12:39:18 ----D---- C:\Program Files (x86)\Enterbrain
2015-01-19 19:49:10 ----D---- C:\Unreal Engine 4.3.0 Compiled
2015-01-17 13:42:57 ----D---- C:\Krnov
2015-01-16 13:47:51 ----A---- C:\Windows\avastSS.scr

======List of files/folders modified in the last 1 month======

2015-02-14 19:24:04 ----D---- C:\Windows\Temp
2015-02-14 19:22:56 ----D---- C:\Windows\Panther
2015-02-14 19:22:56 ----D---- C:\Windows\ModemLogs
2015-02-14 19:22:56 ----D---- C:\Windows\inf
2015-02-14 19:22:55 ----D---- C:\Windows\Logs
2015-02-14 19:22:54 ----D---- C:\Windows\debug
2015-02-14 19:22:54 ----AD---- C:\Windows
2015-02-14 19:04:17 ----D---- C:\Windows\system32\Tasks
2015-02-14 19:04:00 ----D---- C:\Program Files
2015-02-14 18:48:11 ----D---- C:\Unified_Android_ToolKit
2015-02-14 17:40:21 ----D---- C:\Users\Tomáš\AppData\Roaming\uTorrent
2015-02-14 17:40:16 ----D---- C:\Users\Tomáš\AppData\Roaming\vlc
2015-02-14 17:28:27 ----SHD---- C:\System Volume Information
2015-02-14 12:39:33 ----D---- C:\Windows\Microsoft.NET
2015-02-14 12:39:25 ----RSD---- C:\Windows\assembly
2015-02-14 11:31:40 ----D---- C:\Windows\Prefetch
2015-02-14 11:28:26 ----D---- C:\Users\Tomáš\AppData\Roaming\Seznam.cz
2015-02-14 11:22:19 ----D---- C:\ProgramData\VMware
2015-02-14 11:16:31 ----D---- C:\Windows\system32\config
2015-02-14 07:09:08 ----SHD---- C:\Windows\Installer
2015-02-14 07:09:07 ----HD---- C:\Config.Msi
2015-02-13 19:44:11 ----D---- C:\Windows\System32
2015-02-13 19:44:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-12 21:30:02 ----D---- C:\Windows\rescache
2015-02-12 04:18:48 ----D---- C:\Windows\winsxs
2015-02-12 04:18:31 ----D---- C:\Windows\SYSWOW64\en-US
2015-02-12 04:18:29 ----D---- C:\Windows\SysWOW64
2015-02-12 04:18:29 ----D---- C:\Windows\system32\en-US
2015-02-11 03:32:06 ----SD---- C:\Windows\system32\CompatTel
2015-02-11 03:32:06 ----D---- C:\Windows\system32\cs-CZ
2015-02-11 03:32:06 ----D---- C:\Program Files\Internet Explorer
2015-02-11 03:32:05 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-02-11 03:32:05 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-11 03:32:03 ----D---- C:\Windows\system32\drivers
2015-02-11 03:13:31 ----D---- C:\Windows\system32\MRT
2015-02-11 03:02:54 ----A---- C:\Windows\system32\MRT.exe
2015-02-11 01:34:54 ----D---- C:\Windows\system32\catroot2
2015-02-08 08:35:26 ----D---- C:\Windows\system32\FxsTmp
2015-02-07 20:20:22 ----RD---- C:\Program Files (x86)
2015-02-07 20:20:09 ----D---- C:\Windows\Tasks
2015-02-06 14:48:45 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-02-05 04:08:24 ----HD---- C:\ProgramData
2015-02-04 13:59:05 ----D---- C:\Windows\system32\DriverStore
2015-02-02 15:16:37 ----D---- C:\Users\Tomáš\AppData\Roaming\QuickScan
2015-02-02 15:05:13 ----SD---- C:\Users\Tomáš\AppData\Roaming\Microsoft
2015-01-30 18:57:28 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-30 18:56:47 ----D---- C:\Windows\system32\catroot
2015-01-30 18:09:37 ----D---- C:\Windows\system32\NDF
2015-01-30 09:13:44 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-01-26 15:41:13 ----D---- C:\Users\Tomáš\AppData\Roaming\VMware
2015-01-26 14:30:05 ----DC---- C:\Windows\system32\DRVSTORE
2015-01-25 22:07:08 ----SD---- C:\ProgramData\Microsoft
2015-01-25 22:07:08 ----D---- C:\Windows\AppCompat
2015-01-25 22:07:04 ----D---- C:\Windows\PolicyDefinitions
2015-01-25 16:27:26 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-01-25 16:05:12 ----D---- C:\Windows\Cursors
2015-01-25 16:00:32 ----D---- C:\ProgramData\Nero
2015-01-25 16:00:31 ----D---- C:\Program Files (x86)\Nero
2015-01-24 11:07:11 ----D---- C:\Users\Tomáš\AppData\Roaming\.minecraft
2015-01-23 21:39:09 ----D---- C:\Games
2015-01-23 21:34:03 ----D---- C:\ProgramData\Ecrion
2015-01-23 21:16:03 ----D---- C:\Program Files (x86)\Google
2015-01-23 14:07:03 ----D---- C:\Program Files (x86)\Diablo III
2015-01-23 14:05:44 ----D---- C:\Program Files (x86)\Battle.net
2015-01-21 21:05:57 ----D---- C:\Program Files\Java
2015-01-21 20:43:22 ----D---- C:\ProgramData\Oracle
2015-01-21 20:39:38 ----D---- C:\Program Files (x86)\Common Files
2015-01-21 20:38:27 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2015-01-21 20:38:22 ----A---- C:\Windows\SYSWOW64\javaws.exe
2015-01-21 20:38:22 ----A---- C:\Windows\SYSWOW64\javaw.exe
2015-01-21 20:38:21 ----A---- C:\Windows\SYSWOW64\java.exe
2015-01-21 20:38:00 ----D---- C:\Program Files (x86)\Java
2015-01-21 13:35:06 ----D---- C:\Users\Tomáš\AppData\Roaming\Unity
2015-01-21 13:27:44 ----D---- C:\Users\Tomáš\AppData\Roaming\Apple Computer
2015-01-16 17:42:04 ----D---- C:\Filmy

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-01-16 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-01-16 267632]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-10-04 55952]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-11-26 386680]
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2013-10-08 85584]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-01-16 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-01-16 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-01-16 436624]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2014-11-24 916024]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2014-11-24 128080]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-01-16 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-01-16 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-01-16 116728]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2014-01-20 115472]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2014-02-27 54464]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2014-06-12 46160]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2014-06-12 31448]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2014-06-12 64728]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2012-02-20 36000]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service; C:\Windows\system32\DRIVERS\b57xdbd.sys [2011-11-04 68648]
R3 b57xdmp;Broadcom xD Picture vstorp client drv; C:\Windows\system32\DRIVERS\b57xdmp.sys [2011-11-04 19496]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2013-10-25 22592]
R3 bScsiMSa;bScsiMSa; C:\Windows\system32\DRIVERS\bScsiMSa.sys [2011-09-02 51752]
R3 bScsiSDa;bScsiSDa; C:\Windows\system32\DRIVERS\bScsiSDa.sys [2012-06-01 83576]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2012-02-20 339616]
R3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2012-02-20 110752]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2012-02-20 30368]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2012-02-20 167584]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2012-02-20 68256]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2012-02-20 280992]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2012-02-20 550560]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-11-26 283064]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-04-23 90112]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-10-31 5363200]
R3 iKeyEnum;Rainbow iKey Enumerator; C:\Windows\system32\DRIVERS\ikeyenum.sys [2010-07-15 16160]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-10-25 4730344]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-11-06 342528]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2012-01-18 435240]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2010-11-08 30720]
R3 TS_ARN5416;[CommView] Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\ts_athrx.sys [2014-02-14 3543752]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-11-24 141440]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2014-11-24 156360]
R3 vmkbd2;VMware kbd2; \??\C:\Windows\system32\drivers\VMkbd.sys [2014-06-12 33496]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2014-06-10 303616]
S2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2014-06-10 35328]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-02-15 3538432]
S3 BcmVWL;Broadcom Virtual Wireless; C:\Windows\system32\DRIVERS\bcmvwl64.sys [2013-10-25 21568]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-12-26 108856]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 13952]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-04-23 104448]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-04-23 30720]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2012-04-23 238080]
S3 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2014-08-19 36600]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RnbToken;Rainbow iKey Token Service; C:\Windows\system32\DRIVERS\rnbtoken.sys [2010-07-15 24352]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-12-26 206136]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2014-06-12 20560]
S4 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-01-16 271752]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe [2015-01-07 710320]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-08-28 43336]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-02-20 106144]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-01-16 50344]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2014-01-20 385808]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-11-12 2449592]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
R2 FUSServices;Session Launcher Service; C:\Windows\SysWOW64\FUSServices.exe [2010-01-08 10752]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2014-08-22 9216]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 MbnExt;Mobile Broadband Extension Service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 metasploitPostgreSQL;metasploitPostgreSQL; C:\metasploit\postgresql\bin\pg_ctl.exe [2015-01-28 76800]
R2 metasploitProSvc;Metasploit Pro Service; C:\metasploit\ruby\bin\ruby.exe [2015-01-28 70239]
R2 metasploitThin;Metasploit Thin Service; C:\metasploit\ruby\bin\ruby.exe [2015-01-28 70239]
R2 metasploitWorker;Metasploit Worker; C:\metasploit\ruby\bin\ruby.exe [2015-01-28 70239]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2014-07-15 786256]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2009-07-24 189728]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [2014-06-12 86744]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2014-06-12 359128]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2014-02-27 906432]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2014-06-12 437976]
R2 VMwareHostd;VMware Workstation Server; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2014-06-12 14407384]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2014-01-20 402192]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-16 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-01-16 4012248]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-30 279024]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2014-11-26 182304]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-16 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-27 114800]
S3 OpenVPNService;OpenVPN Service; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [2010-11-08 36352]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-12-23 1903472]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-10-03 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2013-10-03 5132888]
S3 OverwolfUpdaterService;Overwolf Updater Service; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2014-03-05 99616]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-01-23 834752]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2013-11-06 758224]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

Předem díky, Socha.

#2 Příspěvek od **altrok** » 15 úno 2015 03:48

Zdravim

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Clean
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

kubik0963 · #3 Příspěvek od **kubik0963** » 15 úno 2015 08:45

Log zde

# AdwCleaner v4.110 - Logfile created 15/02/2015 at 08:32:50
# Updated 05/02/2015 by Xplode
# Database : 2015-02-14.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Tomáš - TOMÁŠ-PC
# Running from : C:\Users\Tomáš\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****

Service Deleted : FUSServices

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\ytd video downloader
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Users\Tomáš\AppData\Local\SearchProtect
Folder Deleted : C:\Users\Tomáš\AppData\Local\Hola
Folder Deleted : C:\Users\Tomáš\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\Tomáš\AppData\Roaming\pdfforge
[!] Folder Deleted : C:\Users\Tomáš\Documents\hosts
Folder Deleted : C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\ve42f0zw.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Deleted : C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\yi4ops5i.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Deleted : C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Folder Deleted : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
File Deleted : C:\END
File Deleted : C:\Windows\SysWOW64\FUSServices.exe
File Deleted : C:\Windows\System32\FUSServices.exe

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17631

-\\ Mozilla Firefox v35.0.1 (x86 cs)

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [2949 bytes] - [15/02/2015 08:28:01]
AdwCleaner[S0].txt - [2891 bytes] - [15/02/2015 08:32:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2950 bytes] ##########

#4 Příspěvek od **altrok** » 15 úno 2015 11:43

Pokus nepouzivate, odinstalujte Seznam Software - postak, listicka - byvaji do PC nainstalovany jako tzv. adware

Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

kubik0963 · #5 Příspěvek od **kubik0963** » 15 úno 2015 21:15

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-02-2015
Ran by Tomáš (administrator) on TOMÁŠ-PC on 15-02-2015 21:09:40
Running from C:\Users\Tomáš\Desktop
Loaded Profiles: Tomáš (Available profiles: Tomáš & Kuba)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\System32\LFOXRPOW.EXE
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Panasonic Corporation) C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
() C:\Program Files (x86)\Companion Suite Pro LL2\MFFSUM.exe
() C:\Program Files (x86)\Companion Suite Pro LL2\MFPrintServer.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\pg_ctl.exe
(http://www.ruby-lang.org/) C:\metasploit\ruby\bin\ruby.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(http://www.ruby-lang.org/) C:\metasploit\ruby\bin\ruby.exe
(http://www.ruby-lang.org/) C:\metasploit\ruby\bin\ruby.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
() C:\metasploit\apps\pro\engine\arch-lib\win32\nginx\bin\nginxr7.exe
() C:\metasploit\apps\pro\engine\arch-lib\win32\nginx\bin\nginxr7.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
() C:\Unified_Android_ToolKit\adb-toolkit.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\metasploit\postgresql\bin\postgres.exe
(forum.viry.cz) C:\Users\Tomáš\Desktop\FRST-OlderVersion\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [7138816 2013-10-25] (Broadcom Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2013-10-25] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1020576 2012-02-20] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2012-02-20] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1234216 2010-03-26] (Nero AG)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [811792 2014-01-20] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2007-11-13] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2007-11-13] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [112856 2014-06-12] (VMware, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-01-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [MFFSum_Pro_LL2] => C:\Program Files (x86)\Companion Suite Pro LL2\MFFSUM.exe [24576 2010-01-08] ()
HKLM-x32\...\Run: [MFPrintServer_Pro_LL2] => C:\Program Files (x86)\Companion Suite Pro LL2\MFPrintServer.exe [73728 2010-01-08] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2675692793-2371205202-190846484-1000\...\Run: [T-Mobile CManager] => C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [2166552 2013-10-31] (Gemfor s.r.o.)
HKU\S-1-5-21-2675692793-2371205202-190846484-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2675692793-2371205202-190846484-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-2675692793-2371205202-190846484-1000\...\RunOnce: [SeznamInstall-uninstall:973afe06a00dfbf884a1d18f279f3084] => C:\Users\TOM~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2015-02-15] () <===== ATTENTION
HKU\S-1-5-21-2675692793-2371205202-190846484-1000\...\MountPoints2: {07445c1d-b8e6-11e3-8562-b8763f711be2} - F:\Autorun.exe
HKU\S-1-5-21-2675692793-2371205202-190846484-1000\...\MountPoints2: {114f4ca3-bbb9-11e3-a249-b8763f711be2} - E:\Autorun.exe
HKU\S-1-5-21-2675692793-2371205202-190846484-1000\...\MountPoints2: {74e1c8bf-bb2c-11e3-b414-b8763f711be2} - F:\Autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HD Writer.lnk
ShortcutTarget: HD Writer.lnk -> C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe (Panasonic Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2675692793-2371205202-190846484-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2675692793-2371205202-190846484-1000 -> {2FBC95DE-4E88-4C34-9637-4FEA212E1651} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13169
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{305F30A8-8D3B-4A45-8FDE-0802603399FB}: [NameServer]
Tcpip\..\Interfaces\{CEFF93F9-EFAE-4F9A-8319-9C7C61C5E27F}: [NameServer] 93.153.117.1 93.153.117.33
Tcpip\..\Interfaces\{D3664C03-4D80-4209-9EFB-AD19790E8AE4}: [NameServer]

FireFox:
========
FF ProfilePath: C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\yi4ops5i.default
FF Homepage: hxxp://www.seznam.cz/
FF NetworkProxy: "ftp_port", 18000
FF NetworkProxy: "http_port", 18000
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "socks_port", 18000
FF NetworkProxy: "ssl_port", 18000
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll (Reto-Moto ApS)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-2675692793-2371205202-190846484-1000: @eximion.com/KalydoPlayer -> C:\Users\Tomáš\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll (Eximion B.V.)
FF Plugin HKU\S-1-5-21-2675692793-2371205202-190846484-1000: @hola.org/vlc,version=1.6.654 -> C:\Users\Tomáš\AppData\Local\Hola\firefox\app\vlc ()
FF Plugin HKU\S-1-5-21-2675692793-2371205202-190846484-1000: @thrixxx.com/WebLaunch -> C:\Program Files (x86)\thriXXX\WebLaunch\Binaries\npWebLaunch.dll No File
FF Plugin HKU\S-1-5-21-2675692793-2371205202-190846484-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tomáš\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2675692793-2371205202-190846484-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\yi4ops5i.default\searchplugins\hledejcenycz.xml
FF Extension: Český slovník pro kontrolu pravopisu - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\yi4ops5i.default\Extensions\cs@dictionaries.addons.mozilla.org [2014-11-10]
FF Extension: United States English Spellchecker - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\yi4ops5i.default\Extensions\en-US@dictionaries.addons.mozilla.org [2014-12-28]
FF Extension: Hola Better Internet - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\yi4ops5i.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2015-01-30]
FF Extension: Tilt - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\yi4ops5i.default\Extensions\tilt@mozilla.com [2014-07-11]
FF Extension: Bitdefender QuickScan - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\yi4ops5i.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2014-10-04]
FF Extension: Cryptocat - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\yi4ops5i.default\Extensions\cryptocat@crypto.cat.xpi [2014-07-25]
FF Extension: MEGA - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\yi4ops5i.default\Extensions\firefox@mega.co.nz.xpi [2014-01-04]
FF Extension: Free Memory - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\yi4ops5i.default\Extensions\jid1-n85lxPv1NAWVTQ@jetpack.xpi [2015-02-07]
FF Extension: Czech (CZ) Language Pack - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\yi4ops5i.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2014-07-11]
FF Extension: Tab for a Cause - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\yi4ops5i.default\Extensions\tabforacause@tabforacause.org.xpi [2015-02-07]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\yi4ops5i.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2015-02-07]
FF Extension: Adblock Plus - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\yi4ops5i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-19]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-25]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-12-12]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-03-22]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKU\S-1-5-21-2675692793-2371205202-190846484-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-02]
CHR Extension: (Disk Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-02]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-07-05]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-07-31]
CHR Extension: (YouTube) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-02]
CHR Extension: (Vyhledávání Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-02]
CHR Extension: (Avast Online Security) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-06-03]
CHR Extension: (Peněženka Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-02]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-06-21]
CHR Extension: (Gmail) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe [710320 2015-01-07] (Adobe Systems Incorporated)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2012-02-20] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-16] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-16] (Avast Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-01-20] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-01-20] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [182304 2014-11-26] (EasyAntiCheat Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 MbnExt; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\MbnExt.dll [417128 2013-12-02] (Gemfor s.r.o.)
R2 metasploitPostgreSQL; C:\metasploit\postgresql\bin\pg_ctl.exe [76800 2015-01-28] (PostgreSQL Global Development Group) [File not signed]
R2 metasploitProSvc; C:\metasploit\ruby\bin\ruby.exe [70239 2015-01-28] (http://www.ruby-lang.org/) [File not signed]
R2 metasploitThin; C:\metasploit\ruby\bin\ruby.exe [70239 2015-01-28] (http://www.ruby-lang.org/) [File not signed]
R2 metasploitWorker; C:\metasploit\ruby\bin\ruby.exe [70239 2015-01-28] (http://www.ruby-lang.org/) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [36352 2010-11-08] () [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-23] (Electronic Arts)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [99616 2014-03-05] (Overwolf LTD)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14407384 2014-06-12] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5824512 2013-10-25] (Broadcom Corporation) [File not signed]
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe [72864 2012-02-19] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-16] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-16] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-16] ()
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2014-06-10] () [File not signed]
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [115472 2014-01-20] (BlueStack Systems)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-26] (Disc Soft Ltd)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [238080 2012-04-23] (Huawei Technologies Co., Ltd.)
R3 iKeyEnum; C:\Windows\System32\DRIVERS\ikeyenum.sys [16160 2010-07-15] (SafeNet, Inc.)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2014-06-10] () [File not signed]
S3 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-08-19] (Riverbed Technology, Inc.)
S3 RnbToken; C:\Windows\System32\DRIVERS\rnbtoken.sys [24352 2010-07-15] (SafeNet, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-11-26] (Duplex Secure Ltd.)
S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 TS_ARN5416; C:\Windows\System32\DRIVERS\ts_athrx.sys [3543752 2014-02-14] (TamoSoft)
U4 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-16] (Avast Software)
R3 vmkbd2; C:\Windows\system32\drivers\VMkbd.sys [33496 2014-06-12] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
U3 am7ru01i; C:\Windows\System32\Drivers\am7ru01i.sys [0 ] (Broadcom Corporation) <==== ATTENTION (zero size file/folder)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-15 21:09 - 2015-02-15 21:10 - 00043635 _____ () C:\Users\Tomáš\Desktop\FRST.txt
2015-02-15 21:09 - 2015-02-15 21:09 - 00000000 ____D () C:\Users\Tomáš\Desktop\FRST-OlderVersion
2015-02-15 21:03 - 2015-02-15 21:09 - 00000000 ____D () C:\FRST
2015-02-15 16:39 - 2015-02-15 16:39 - 00000000 __SHD () C:\Users\Tomáš\AppData\Local\EmieBrowserModeList
2015-02-15 16:20 - 2015-02-15 21:09 - 02085888 _____ (Farbar) C:\Users\Tomáš\Desktop\FRST64.exe
2015-02-15 15:49 - 2015-02-15 15:50 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{13967E95-42A9-4A0B-A9A5-1CDA1516E039}
2015-02-15 08:38 - 2015-02-15 08:38 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\Hola
2015-02-15 08:35 - 2015-02-15 08:35 - 00000000 ___RD () C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-02-15 08:27 - 2015-02-15 08:33 - 00000000 ____D () C:\AdwCleaner
2015-02-15 08:26 - 2015-02-15 08:26 - 02112512 _____ () C:\Users\Tomáš\Desktop\AdwCleaner.exe
2015-02-15 08:18 - 2015-02-15 16:23 - 00000168 _____ () C:\Windows\setupact.log
2015-02-15 08:18 - 2015-02-15 08:34 - 00001126 _____ () C:\Windows\PFRO.log
2015-02-15 08:18 - 2015-02-15 08:18 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-14 19:07 - 2015-02-14 19:07 - 00024330 _____ () C:\Users\Tomáš\Documents\cc_20150214_190742.reg
2015-02-14 19:06 - 2015-02-14 19:07 - 00362232 _____ () C:\Users\Tomáš\Documents\cc_20150214_190649.reg
2015-02-14 19:04 - 2015-02-14 19:04 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-02-14 19:04 - 2015-02-14 19:04 - 00000782 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-02-14 19:04 - 2015-02-14 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-02-14 19:04 - 2015-02-14 19:04 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-14 19:03 - 2015-02-14 19:03 - 05325208 _____ (Piriform Ltd) C:\Users\Tomáš\Downloads\ccsetup502.exe
2015-02-14 19:03 - 2015-02-14 19:03 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{DA9CC86A-36AA-4D31-B432-6B7D6A81CC99}
2015-02-14 18:52 - 2015-02-14 19:24 - 00000000 ____D () C:\Program Files\trend micro
2015-02-14 18:52 - 2015-02-14 18:53 - 00000000 ____D () C:\rsit
2015-02-14 18:51 - 2015-02-14 18:51 - 01222144 _____ () C:\Users\Tomáš\Downloads\RSITx64.exe
2015-02-14 11:31 - 2015-02-14 11:31 - 03353450 _____ () C:\Users\Tomáš\Downloads\video-483934-h264_high.mp4
2015-02-14 07:03 - 2015-02-14 07:03 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{E3A338E9-E231-41EB-8A69-A517275E1A2A}
2015-02-13 14:42 - 2015-02-13 14:43 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{B0AF58C5-4A90-438B-A61D-51473A8713B3}
2015-02-12 17:13 - 2015-02-12 17:14 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{BF0FB5A8-C067-4230-97AD-B97F14205862}
2015-02-11 21:03 - 2015-02-11 21:04 - 00000000 ____D () C:\Users\Tomáš\Documents\Životopis mamka
2015-02-11 18:03 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-11 18:03 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-11 18:03 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-11 18:03 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 16:38 - 2015-02-11 16:39 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{3F60B03A-3F40-4248-994C-E13E7CCB1366}
2015-02-11 04:38 - 2015-02-11 04:38 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{10B20EA2-C7DD-4F8A-984B-E6DDE3ADBFE5}
2015-02-11 01:41 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 01:41 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 01:41 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 01:41 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 01:41 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 01:41 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 01:41 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 01:41 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 01:41 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 01:41 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 01:41 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 01:41 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 01:41 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 01:41 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 01:41 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 01:41 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 01:41 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 01:41 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 01:40 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 01:40 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 01:40 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 01:40 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 01:40 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 01:40 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 01:40 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 01:40 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 01:40 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 01:40 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 01:40 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 01:40 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 01:40 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 01:40 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 01:40 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 01:40 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 01:40 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 01:40 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 01:40 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 01:40 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 01:40 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 01:40 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 01:40 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 01:40 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 01:40 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 01:40 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 01:40 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 01:40 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 01:40 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 01:40 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 01:40 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 01:40 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 01:40 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 01:40 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 01:40 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 01:40 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 01:40 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 01:40 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 01:40 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 01:40 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 01:40 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 01:40 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 01:40 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 01:40 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 01:40 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 01:40 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 01:40 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 01:40 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 01:40 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 01:40 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 01:40 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 01:40 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 01:40 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 01:39 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 01:39 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 01:39 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 01:39 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 01:39 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 01:39 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 01:39 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 01:39 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 01:39 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 01:39 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 01:39 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 01:39 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 01:39 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 01:39 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 01:39 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 01:39 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 01:39 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 01:39 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 01:39 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 01:39 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 01:39 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 01:39 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 01:39 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 01:38 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 01:38 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 01:38 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 01:38 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 01:38 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 01:38 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 01:37 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 01:37 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 01:37 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 01:37 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 01:37 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 01:37 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 01:37 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 01:36 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-10 14:55 - 2015-02-10 14:56 - 00000000 ____D () C:\Users\Tomáš\Documents\Kaňak
2015-02-10 14:39 - 2015-02-10 14:39 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{E6A4E8C6-B5EC-43ED-906C-CFFE2B8F7C05}
2015-02-09 17:02 - 2015-02-09 17:02 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{8E970CBE-1221-4585-BFF2-745075A2CC9A}
2015-02-08 10:59 - 2015-02-08 10:59 - 17811112 _____ (The Git Development Community ) C:\Users\Tomáš\Downloads\Git-1.9.5-preview20141217.exe
2015-02-08 08:56 - 2015-02-08 08:56 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{CCE07D7C-5561-43E5-B5B1-70F310F2EB99}
2015-02-07 20:24 - 2015-02-07 20:24 - 00080896 _____ () C:\Users\Tomáš\Documents\SeraSiporax 35 g.zdl
2015-02-07 20:17 - 2015-02-07 20:18 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{C825BAD4-D1B4-452F-9CE3-CE8C0157D2B5}
2015-02-07 06:33 - 2015-02-07 06:33 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{89079D5E-A56B-47E7-806E-6ED8FC97F185}
2015-02-06 13:21 - 2015-02-06 13:21 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{A5B1A404-FA5C-4FCF-9D0A-6959F6382518}
2015-02-05 16:00 - 2015-02-05 16:00 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{2487CBA0-3434-4D00-8E52-E1B00C9D7721}
2015-02-05 04:32 - 2015-02-05 04:32 - 00000247 _____ () C:\Windows\system32\2015-02-05-03-32-16.068-aswFe.exe-3840.log
2015-02-05 04:32 - 2015-02-05 04:32 - 00000197 _____ () C:\Windows\system32\2015-02-05-03-32-05.027-AvastVBoxSVC.exe-7508.log
2015-02-05 04:08 - 2015-02-05 04:08 - 00000000 ____D () C:\ProgramData\{CC71B1CB-A2E4-4CF7-8EDB-A0E290BA1604}
2015-02-05 03:58 - 2015-02-05 03:59 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{A21D42EF-8F06-42DB-8371-C9384F234712}
2015-02-04 13:58 - 2015-02-04 13:58 - 00001924 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-02-04 13:57 - 2015-01-16 13:47 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-02-04 13:51 - 2015-02-04 13:52 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{612AF98C-2588-4D8D-BBE9-E9DA1A9D8B85}
2015-02-03 16:08 - 2015-02-03 16:08 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{FA85C84F-CCF1-4ECB-8269-6E6BB1A4BEDE}
2015-02-03 04:07 - 2015-02-03 04:07 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{76664645-C8F3-48A8-AF7D-594B23FDF51D}
2015-02-02 18:48 - 2015-02-02 18:48 - 00001291 _____ () C:\Users\Tomáš\Desktop\BeamNG Techdemo.lnk
2015-02-02 18:48 - 2015-02-02 18:48 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BeamNG-Techdemo-0.3
2015-02-02 18:47 - 2015-02-02 18:47 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\BeamNG
2015-02-02 14:23 - 2015-02-02 14:23 - 00000014 _____ () C:\Users\Tomáš\Downloads\minecraft.txt
2015-02-02 14:12 - 2015-02-02 14:12 - 00000046 _____ () C:\Windows\SysWOW64\windows.ini
2015-02-02 13:50 - 2015-02-02 13:50 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{F971A970-ADB3-44AC-90A4-6AB300929EC7}
2015-02-01 17:35 - 2015-02-01 17:35 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{A5A52664-34F3-4473-BBFB-542BA2432770}
2015-02-01 08:07 - 2015-02-01 08:07 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\Doctor Entertainment AB
2015-02-01 04:46 - 2015-02-01 04:46 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{52FD69FE-0600-4CE6-A8A2-86E76AD99DA2}
2015-01-31 12:05 - 2015-01-31 12:05 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{AF4271B0-6F24-492E-BE6B-DA05E07E1E3E}
2015-01-30 21:55 - 2015-01-30 21:55 - 01080608 _____ (Unity Technologies ApS) C:\Users\Kuba\Downloads\UnityWebPlayer.exe
2015-01-30 21:55 - 2015-01-30 21:55 - 00000000 ____D () C:\Users\Kuba\AppData\Local\Unity
2015-01-30 21:28 - 2015-01-30 21:29 - 00000000 ____D () C:\Program Files (x86)\Nmap
2015-01-30 21:25 - 2015-01-30 21:26 - 27111830 _____ (Insecure.org) C:\Users\Kuba\Downloads\nmap-6.47-setup.exe
2015-01-30 20:52 - 2015-01-30 20:52 - 00000000 ____D () C:\Users\Kuba\AppData\Local\CrashDumps
2015-01-30 20:45 - 2015-01-30 20:46 - 00000000 ____D () C:\Users\Kuba\.msf4
2015-01-30 20:21 - 2015-01-30 20:21 - 00000247 _____ () C:\Windows\system32\2015-01-30-19-21-27.015-aswFe.exe-5124.log
2015-01-30 20:21 - 2015-01-30 20:21 - 00000197 _____ () C:\Windows\system32\2015-01-30-19-21-10.079-AvastVBoxSVC.exe-6248.log
2015-01-30 19:11 - 2015-01-30 19:11 - 00000000 ___RD () C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-01-30 19:08 - 2015-01-30 19:08 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-01-30 19:08 - 2015-01-30 19:08 - 00000000 ____D () C:\Windows\system32\vbox
2015-01-30 18:01 - 2015-01-30 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metasploit
2015-01-30 17:47 - 2015-01-30 18:06 - 00000000 ____D () C:\metasploit
2015-01-30 17:42 - 2015-01-30 20:30 - 00000000 ____D () C:\Users\Kuba\AppData\Local\Adobe
2015-01-30 16:42 - 2015-01-30 21:28 - 00000000 ____D () C:\Program Files\WinPcap
2015-01-30 16:35 - 2015-01-30 16:35 - 226193800 _____ (Rapid7) C:\Users\Tomáš\Downloads\metasploit-latest-windows-installer.exe
2015-01-30 15:49 - 2015-01-30 15:49 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{16C5AC69-E0E3-4438-A34B-6175EDFEB069}
2015-01-30 11:41 - 2015-01-30 11:41 - 11226288 _____ (Adobe Systems, Inc.) C:\Users\Tomáš\Downloads\flashplayer_16_sa.exe
2015-01-30 11:39 - 2015-01-30 11:39 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\Geckofx
2015-01-30 11:31 - 2015-01-30 11:46 - 00000000 ____D () C:\rotmg
2015-01-30 03:48 - 2015-01-30 03:48 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{659B15F0-BD66-4049-AA6C-CAE53995D225}
2015-01-29 20:40 - 2015-01-29 20:41 - 00000000 ____D () C:\zaloha
2015-01-29 16:13 - 2015-01-29 16:13 - 00119600 _____ (Microsoft Corporation) C:\Users\Tomáš\Downloads\Windows-KB841290-x86-ENU.exe
2015-01-29 06:02 - 2015-01-29 06:02 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{13EBF460-3944-4ABC-A547-5C81846A7637}
2015-01-28 11:16 - 2015-01-28 11:16 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{26347EA8-C2E9-4DD8-B308-69DB608903EA}
2015-01-27 18:07 - 2015-01-27 18:07 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\Apps\CAcert Root Certificates
2015-01-27 17:08 - 2015-01-30 11:40 - 00000000 ____D () C:\Users\Tomáš\Desktop\facebook-android-sdk-3.22.0
2015-01-27 10:40 - 2015-01-27 10:41 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{59DCCFD1-5F42-4F2A-AB18-FA055B7BFA2C}
2015-01-27 06:53 - 2015-01-27 06:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 14:30 - 2015-01-26 14:30 - 00001036 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2015-01-26 14:30 - 2015-01-26 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-01-26 14:30 - 2014-11-24 12:07 - 00916024 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-01-26 14:30 - 2014-11-24 12:07 - 00128080 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-01-26 14:24 - 2015-01-26 14:25 - 110587080 _____ (Oracle Corporation) C:\Users\Tomáš\Downloads\VirtualBox-4.3.20-96997-Win.exe
2015-01-26 14:09 - 2015-01-26 14:09 - 00000000 ___RD () C:\Users\Tomáš\Documents\Notes
2015-01-25 22:07 - 2015-02-11 03:32 - 00000000 ____D () C:\Windows\system32\appraiser
2015-01-25 18:19 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-01-25 18:19 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-01-25 18:01 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-25 18:01 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-25 18:01 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-25 18:00 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-25 18:00 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-25 18:00 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-25 18:00 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-01-25 18:00 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-01-25 18:00 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-01-25 18:00 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-01-25 18:00 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-01-25 18:00 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-01-25 18:00 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-01-25 18:00 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-01-25 17:59 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-01-25 17:59 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-01-25 17:59 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-01-25 17:59 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-01-25 17:59 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-01-25 17:59 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-01-25 17:59 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-01-25 17:59 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-01-25 17:59 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-01-25 17:59 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-01-25 17:59 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-01-25 17:59 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-01-25 17:59 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-01-25 17:59 - 2014-05-08 10:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-01-25 17:58 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-01-25 17:58 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-01-25 17:57 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-01-25 17:57 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-01-25 17:57 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-01-25 17:57 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-01-25 17:56 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-25 17:56 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-25 17:56 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-25 17:56 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-25 17:56 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-25 17:56 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-25 17:56 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-25 17:56 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-25 17:55 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-01-25 17:55 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-01-25 16:05 - 2015-01-25 16:05 - 00000000 ____D () C:\Windows\System32\Tasks\Nero
2015-01-25 16:03 - 2015-01-25 16:03 - 00002109 _____ () C:\Users\Public\Desktop\Nero MediaHome.lnk
2015-01-25 15:47 - 2015-01-25 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-01-25 15:47 - 2015-01-25 15:47 - 00000000 ____D () C:\Program Files\7-Zip
2015-01-25 15:46 - 2015-01-25 15:46 - 00000000 ____D () C:\Users\Public\LFxV2
2015-01-25 15:41 - 2015-01-25 15:46 - 00000000 ____D () C:\ProgramData\Companion Suite Pro LL2
2015-01-25 15:41 - 2015-01-25 15:41 - 00000966 _____ () C:\Users\Public\Desktop\Companion Pro LL2 - Monitor.lnk
2015-01-25 15:41 - 2015-01-25 15:41 - 00000956 _____ () C:\Users\Public\Desktop\Companion Pro LL2 - Director.lnk
2015-01-25 15:41 - 2015-01-25 15:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Companion Suite
2015-01-25 15:40 - 2015-01-25 15:45 - 00000000 ____D () C:\Program Files (x86)\Companion Suite Pro LL2
2015-01-25 15:01 - 2015-01-25 15:01 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{E80C3C72-7D24-4F46-81C0-AEA0C272D303}
2015-01-24 13:04 - 2015-01-24 13:04 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{BBCE969F-9E40-45CA-9663-93B019D15DB5}
2015-01-23 14:13 - 2015-01-23 14:14 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{1223C3C2-7C49-41DB-84BC-9EEEB2F919A1}
2015-01-22 16:10 - 2015-01-22 16:10 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{C5BE8A98-CCA4-408D-AC27-D5E07D92F3FF}
2015-01-22 14:10 - 2015-01-21 21:06 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-01-22 14:09 - 2015-01-21 21:06 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-01-22 14:09 - 2015-01-21 21:06 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-01-22 13:52 - 2015-01-22 13:52 - 31036840 _____ (Oracle Corporation) C:\Users\Tomáš\Downloads\jre-7u75-windows-x64.exe
2015-01-22 04:36 - 2015-01-22 04:37 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{9A4A21B2-E6FA-4F2C-9921-1507B7D04E36}
2015-01-21 21:35 - 2015-01-21 21:35 - 00064825 _____ () C:\Users\Tomáš\Downloads\jopt-simple-4.8.jar
2015-01-21 21:28 - 2015-01-21 21:28 - 00884935 _____ () C:\Users\Tomáš\Downloads\OptiFine_1.8.0_HD_U_C1.jar
2015-01-21 21:21 - 2015-01-21 21:21 - 00885354 _____ () C:\Users\Tomáš\Downloads\OptiFine_1.8.0_HD_U_C2.jar
2015-01-21 21:18 - 2015-01-21 21:18 - 00888180 _____ () C:\Users\Tomáš\Downloads\OptiFine_1.8.1_HD_U_C3.jar
2015-01-21 21:18 - 2015-01-21 21:18 - 00888156 _____ () C:\Users\Tomáš\Downloads\OptiFine_1.8.1_HD_U_C2.jar
2015-01-21 21:15 - 2015-01-21 21:15 - 02182804 _____ (Mojang ) C:\Users\Tomáš\Downloads\Terramining_Launcher_v5.5.0.exe
2015-01-21 21:13 - 2015-01-21 21:13 - 01228577 _____ (Mojang ) C:\Users\Tomáš\Downloads\Terramining_Launcher_v1.3.exe
2015-01-21 21:07 - 2015-01-21 21:06 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-01-21 21:04 - 2015-01-21 21:05 - 93427112 _____ (Oracle Corporation) C:\Users\Tomáš\Downloads\jre-8u31-windows-x64.exe
2015-01-21 20:13 - 2015-01-21 20:13 - 00890199 _____ () C:\Users\Tomáš\Downloads\OptiFine_1.8.1_HD_U_C4.jar
2015-01-21 18:41 - 2009-05-13 19:35 - 00258352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unicows.dll
2015-01-21 18:41 - 2009-05-13 19:35 - 00050688 _____ (Stardock.Net, Inc) C:\Windows\SysWOW64\wbhelp2.dll
2015-01-21 18:41 - 2009-05-13 19:35 - 00028160 _____ (Neil Banfield) C:\Windows\SysWOW64\anim.dll
2015-01-21 16:35 - 2015-01-21 16:36 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{42C22458-7AA8-41AE-80D3-A18A4D5B745D}
2015-01-21 15:16 - 2015-01-21 15:16 - 00000000 ____D () C:\Users\Tomáš\.ica
2015-01-21 13:31 - 2015-01-21 14:47 - 00000000 ____D () C:\Users\Tomáš\Documents\New Unity Project
2015-01-21 13:27 - 2015-01-21 13:32 - 00000000 ____D () C:\ProgramData\Unity
2015-01-21 13:24 - 2015-01-21 13:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
2015-01-21 13:24 - 2015-01-21 13:24 - 00000000 ____D () C:\Users\Public\Documents\Unity Projects
2015-01-21 13:15 - 2015-01-21 13:26 - 00000000 ____D () C:\Program Files (x86)\Unity
2015-01-21 12:45 - 2015-01-21 12:45 - 00000000 ____D () C:\Users\Tomáš\Documents\RPGVXAce
2015-01-21 12:44 - 2015-01-21 12:44 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\GameMakerPlayer
2015-01-21 12:44 - 2015-01-21 12:44 - 00000000 ____D () C:\ProgramData\E439D6AC9D9100E68A3B2EC78E40C5A0
2015-01-21 12:43 - 2015-01-21 12:43 - 00000000 ____D () C:\Users\Tomáš\Documents\GameMaker
2015-01-21 12:42 - 2015-01-21 12:44 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\gamemaker_studio
2015-01-21 12:42 - 2015-01-21 12:42 - 00000000 ____D () C:\ProgramData\gamemaker_studio
2015-01-21 12:40 - 2015-01-21 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker VX Ace
2015-01-21 12:39 - 2015-01-21 12:42 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\GameMaker-Studio
2015-01-21 12:39 - 2015-01-21 12:39 - 00000000 ____D () C:\Program Files (x86)\Enterbrain
2015-01-21 12:38 - 2015-01-21 12:38 - 00000000 ____D () C:\Users\Tomáš\GameMaker-Studio 1.4
2015-01-21 12:38 - 2015-01-21 12:38 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameMaker-Studio 1.4
2015-01-21 12:31 - 2015-01-21 12:31 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\YoYo_Games_Ltd
2015-01-21 12:29 - 2015-01-21 12:40 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\GameMaker-Studio
2015-01-21 12:29 - 2015-01-21 12:39 - 00000000 ____D () C:\Users\Tomáš\GameMakerPlayer
2015-01-21 12:29 - 2015-01-21 12:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameMaker Player
2015-01-21 12:26 - 2015-01-21 12:30 - 233344840 _____ (Enterbrain ) C:\Users\Tomáš\Downloads\RPGVXAce_Multi.exe
2015-01-21 04:34 - 2015-01-21 04:34 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{5B5B1AAB-95D6-4CF2-9CFB-97E8B300A913}
2015-01-21 04:33 - 2015-01-21 04:34 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{F421E44B-8407-4537-8B4B-FF7870258228}
2015-01-20 15:10 - 2015-02-08 08:37 - 00230400 ___SH () C:\Users\Tomáš\Documents\Thumbs.db
2015-01-20 15:04 - 2015-01-20 15:04 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{0804D73D-53EC-4F9C-B12A-D70B67F7AC6D}
2015-01-19 20:36 - 2015-01-19 20:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Engine
2015-01-19 19:49 - 2015-01-19 19:55 - 00000000 ____D () C:\Unreal Engine 4.3.0 Compiled
2015-01-19 13:56 - 2015-01-19 13:56 - 00100122 _____ () C:\Users\Tomáš\Downloads\Red_Faction_Armageddon_XBOX360-MARVEL.torrent
2015-01-19 13:51 - 2015-01-19 13:51 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{B67CCF0E-3DCF-42D4-852F-3036D6DD8BD7}
2015-01-18 20:15 - 2015-01-18 20:16 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{7F46543C-49BC-4D2D-8CCE-EDC6054292B1}
2015-01-18 16:54 - 2015-01-18 16:55 - 00000000 ____D () C:\Users\Tomáš\Documents\Práce Brno
2015-01-18 08:15 - 2015-01-18 08:15 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{A3C466CD-A864-4831-AEFF-627B94305C86}
2015-01-17 16:03 - 2015-01-17 16:03 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{F064165D-445B-4D42-9AC7-CDCCD8A404B6}
2015-01-17 13:42 - 2015-01-17 13:42 - 00000000 ____D () C:\Krnov
2015-01-17 04:03 - 2015-01-17 04:03 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{8C7C4618-ACE5-46DE-A3F7-53237DAEB30D}
2015-01-16 14:24 - 2015-01-16 14:24 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\{2B362AC6-F83F-45C0-823D-04EE7252CFE4}
2015-01-16 13:47 - 2015-01-16 13:47 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-15 20:25 - 2014-02-16 12:17 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-15 20:25 - 2014-02-16 12:17 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-15 20:14 - 2014-08-28 21:04 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-15 19:29 - 2013-10-25 16:56 - 01835138 _____ () C:\Windows\WindowsUpdate.log
2015-02-15 16:19 - 2014-01-09 17:59 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\Seznam.cz
2015-02-15 15:49 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-15 15:48 - 2009-07-14 06:08 - 00032596 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-15 09:14 - 2014-12-28 15:54 - 00000000 ____D () C:\Unified_Android_ToolKit
2015-02-15 09:14 - 2013-11-03 19:45 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\vlc
2015-02-15 09:05 - 2014-11-28 14:54 - 00004972 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Tomáš-PC-Tomáš Tomáš-PC
2015-02-15 08:49 - 2009-07-14 05:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-15 08:49 - 2009-07-14 05:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-15 08:42 - 2013-10-26 10:50 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\Adobe
2015-02-15 08:40 - 2014-06-08 09:20 - 00000000 ____D () C:\ProgramData\VMware
2015-02-15 08:22 - 2014-04-14 20:01 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\TSVNCache
2015-02-14 23:21 - 2013-11-15 21:42 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\uTorrent
2015-02-14 19:22 - 2014-01-02 16:06 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\CrashDumps
2015-02-14 19:22 - 2013-10-25 17:53 - 00000000 ____D () C:\Windows\Panther
2015-02-14 15:35 - 2013-11-09 19:07 - 00000000 ____D () C:\Users\Tomáš\Documents\Eshop Akvaristika FM
2015-02-14 11:24 - 2013-11-25 21:30 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-13 19:44 - 2011-04-12 09:34 - 00671838 _____ () C:\Windows\system32\perfh005.dat
2015-02-13 19:44 - 2011-04-12 09:34 - 00142992 _____ () C:\Windows\system32\perfc005.dat
2015-02-13 19:44 - 2009-07-14 06:13 - 01592896 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-12 21:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-12 21:21 - 2014-01-19 16:45 - 00000000 ____D () C:\Users\Tomáš\Documents\Foto Metylovice
2015-02-11 03:36 - 2009-07-14 05:45 - 00359256 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 03:32 - 2014-05-07 13:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 03:13 - 2014-01-01 12:57 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 03:02 - 2014-01-01 12:57 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-09 16:01 - 2014-01-11 10:33 - 00072192 _____ () C:\Users\Tomáš\Documents\Sera Flora 200 g.zdl
2015-02-08 08:35 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-02-07 20:20 - 2014-02-16 12:17 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-07 20:20 - 2014-02-16 12:17 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-06 14:48 - 2014-08-28 21:04 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-06 14:48 - 2014-08-28 21:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-06 14:48 - 2014-08-28 21:04 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-05 18:00 - 2014-07-17 19:45 - 00000000 ____D () C:\Users\Tomáš\Documents\pomocný soubor tisk
2015-02-05 18:00 - 2014-05-12 15:26 - 00000000 ____D () C:\Users\Tomáš\Documents\Platba eshop
2015-02-02 17:31 - 2013-12-16 17:58 - 00000000 ____D () C:\Users\Tomáš\Documents\Bluetooth Folder
2015-02-02 15:55 - 2013-11-05 19:53 - 00137728 _____ () C:\Users\Tomáš\Documents\Sera vipan 100 g.zdl
2015-02-02 15:16 - 2014-10-04 21:09 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\QuickScan
2015-02-01 09:47 - 2013-11-15 21:50 - 00000000 ____D () C:\Users\Tomáš\Downloads\After Earth 2013 R6SCR 720P MP3 MURDER
2015-02-01 08:09 - 2013-10-31 17:40 - 00000000 ____D () C:\Users\Tomáš\Documents\Visual Studio 2008
2015-01-30 22:04 - 2014-09-27 08:57 - 00000000 ____D () C:\Users\Kuba\AppData\Local\TSVNCache
2015-01-30 20:45 - 2014-02-23 08:42 - 00000000 ____D () C:\Users\Kuba
2015-01-30 20:30 - 2014-02-23 08:42 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\Adobe
2015-01-30 19:16 - 2014-02-23 08:43 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\Seznam.cz
2015-01-30 18:57 - 2013-10-25 19:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-30 18:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-30 17:46 - 2013-10-25 17:03 - 00000000 ____D () C:\Users\Tomáš
2015-01-30 09:13 - 2013-10-26 07:40 - 01568546 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-29 20:53 - 2014-01-11 22:30 - 00000000 ____D () C:\Users\Tomáš\.VirtualBox
2015-01-29 15:26 - 2014-01-11 22:34 - 00000000 ____D () C:\Users\Tomáš\VirtualBox VMs
2015-01-29 15:23 - 2014-06-09 14:18 - 00000000 ____D () C:\Users\Tomáš\Documents\Virtual Machines
2015-01-26 15:52 - 2014-06-08 21:18 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\VMware
2015-01-26 15:41 - 2014-06-08 21:18 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\VMware
2015-01-25 22:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-25 22:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2015-01-25 16:27 - 2014-10-11 11:23 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-01-25 16:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Cursors
2015-01-25 16:03 - 2013-11-09 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-01-25 16:00 - 2013-11-09 17:27 - 00000000 ____D () C:\ProgramData\Nero
2015-01-25 16:00 - 2013-11-09 17:26 - 00000000 ____D () C:\Program Files (x86)\Nero
2015-01-25 15:46 - 2014-04-11 20:45 - 10344035 _____ () C:\Windows\MFInstallScheduler.htm
2015-01-25 15:46 - 2014-04-11 20:45 - 00013564 _____ () C:\Windows\MFCustomInstall_dll.htm
2015-01-25 15:37 - 2014-04-11 20:12 - 00021509 _____ () C:\Windows\Launcher.htm
2015-01-24 11:07 - 2013-12-07 21:01 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\.minecraft
2015-01-23 21:39 - 2014-06-22 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-01-23 21:39 - 2014-03-01 07:52 - 00000000 ____D () C:\Users\Tomáš\Documents\my games
2015-01-23 21:39 - 2013-12-15 19:38 - 00000000 ____D () C:\Games
2015-01-23 21:38 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-23 21:34 - 2014-12-29 13:53 - 00000000 ____D () C:\ProgramData\Ecrion
2015-01-23 21:27 - 2014-07-28 10:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2015-01-23 21:16 - 2014-02-16 12:17 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-23 14:16 - 2014-03-10 21:37 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\Battle.net
2015-01-23 14:07 - 2014-03-14 16:59 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2015-01-23 14:05 - 2014-03-09 12:46 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-01-23 13:18 - 2014-09-07 15:11 - 00000000 ____D () C:\Users\Tomáš\Documents\Brno
2015-01-23 13:18 - 2014-08-22 21:22 - 00000000 ____D () C:\Users\Tomáš\Documents\Hudba1
2015-01-23 13:18 - 2014-08-14 18:06 - 00000000 ____D () C:\Users\Tomáš\Documents\555
2015-01-23 13:18 - 2014-08-01 21:11 - 00000000 ____D () C:\Users\Tomáš\Documents\meme
2015-01-23 13:18 - 2014-07-17 15:57 - 00000000 ____D () C:\Users\Tomáš\Documents\Refinance úvěru
2015-01-23 13:18 - 2014-02-10 21:02 - 00000000 ____D () C:\Users\Tomáš\Documents\Videoklipy
2015-01-23 13:18 - 2013-12-16 17:16 - 00000000 ____D () C:\Users\Tomáš\Documents\Moje naskenované obrázky
2015-01-23 13:18 - 2013-10-27 15:50 - 00000000 ____D () C:\Users\Tomáš\Documents\Foto pozadí
2015-01-21 21:05 - 2014-07-19 18:55 - 00000000 ____D () C:\Program Files\Java
2015-01-21 20:43 - 2013-12-07 11:26 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-21 20:38 - 2014-12-27 16:59 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-01-21 20:38 - 2014-12-27 16:59 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-01-21 20:38 - 2014-12-27 16:59 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-01-21 20:38 - 2014-12-27 16:59 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-21 20:38 - 2014-12-27 16:58 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-21 13:35 - 2013-10-27 18:45 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\Unity
2015-01-21 13:27 - 2014-10-11 11:24 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\Apple Computer
2015-01-21 13:27 - 2014-10-11 11:24 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\Apple Computer
2015-01-21 13:27 - 2013-10-27 18:45 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\Unity
2015-01-19 17:50 - 2014-05-29 19:26 - 00000000 ____D () C:\Users\Tomáš\Documents\ScanTo
2015-01-17 13:03 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-01-16 17:42 - 2014-01-24 17:59 - 00000000 ____D () C:\Filmy
2015-01-16 13:48 - 2013-11-25 21:29 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-01-16 13:47 - 2014-06-01 09:44 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-01-16 13:47 - 2014-01-20 15:15 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2015-01-16 13:47 - 2013-11-25 21:29 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-01-16 13:47 - 2013-11-25 21:29 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-01-16 13:47 - 2013-11-25 21:29 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-01-16 13:47 - 2013-11-25 21:29 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-01-16 13:47 - 2013-11-25 21:29 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys

==================== Files in the root of some directories =======

2013-12-20 18:59 - 2014-01-29 21:28 - 0000005 _____ () C:\Program Files\trl.trl
2015-01-09 20:57 - 2015-01-09 21:42 - 0000034 _____ () C:\Users\Tomáš\AppData\Roaming\AdobeWLCMCache.dat
2013-12-22 09:34 - 2013-12-22 09:34 - 0099384 _____ () C:\Users\Tomáš\AppData\Roaming\inst.exe
2013-12-22 09:34 - 2013-12-22 09:34 - 0007859 _____ () C:\Users\Tomáš\AppData\Roaming\pcouffin.cat
2013-12-22 09:34 - 2013-12-22 09:34 - 0001167 _____ () C:\Users\Tomáš\AppData\Roaming\pcouffin.inf
2013-12-22 09:34 - 2013-12-22 09:34 - 0000055 _____ () C:\Users\Tomáš\AppData\Roaming\pcouffin.log
2013-12-22 09:34 - 2013-12-22 09:34 - 0082816 _____ (VSO Software) C:\Users\Tomáš\AppData\Roaming\pcouffin.sys
2013-10-25 18:32 - 2013-12-16 17:54 - 0008158 _____ () C:\Users\Tomáš\AppData\Local\HWVendorDetection.log
2014-06-12 07:40 - 2014-06-12 08:29 - 0000600 _____ () C:\Users\Tomáš\AppData\Local\PUTTY.RND
2014-11-09 10:16 - 2014-11-09 10:16 - 0007849 _____ () C:\Users\Tomáš\AppData\Local\recently-used.xbel
2014-11-14 21:59 - 2014-09-15 21:59 - 0000032 ____R () C:\ProgramData\hash.dat
2013-10-29 16:30 - 2013-12-12 19:32 - 0008391 _____ () C:\ProgramData\hpzinstall.log
2014-11-30 08:28 - 2014-11-30 08:28 - 0000124 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2014-12-24 11:44 - 2014-12-24 11:44 - 0000468 _____ () C:\ProgramData\Místní disk (C) – zástupce.lnk

Files to move or delete:
====================
C:\Users\TOM~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
C:\ProgramData\hash.dat

Some content of TEMP:
====================
C:\Users\Kuba\AppData\Local\Temp\UnityWebPlayer7804054133699325739.exe
C:\Users\Tomáš\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.654.exe
C:\Users\Tomáš\AppData\Local\Temp\Quarantine.exe
C:\Users\Tomáš\AppData\Local\Temp\sqlite3.dll
C:\Users\Tomáš\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Tom��\Desktop" je 81 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#6 Příspěvek od **altrok** » 15 úno 2015 21:45

Vypnete trvale Windows Defender - http://windows.microsoft.com/cs-cz/wind ... =windows-7

Otestujte na virustotal.com C:\Users\Tomáš\AppData\Roaming\inst.exe - pokud uz byl soubor otestovany, zvolte Reanalyse. Do pristiho prispevku dejte link (odkaz) s vysledky analyzy.

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-01-07] (Adobe Systems Incorporated)
HKU\S-1-5-21-2675692793-2371205202-190846484-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2675692793-2371205202-190846484-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-2675692793-2371205202-190846484-1000\...\RunOnce: [SeznamInstall-uninstall:973afe06a00dfbf884a1d18f279f3084] => C:\Users\TOM~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2015-02-15] () <===== ATTENTION
HKU\S-1-5-21-2675692793-2371205202-190846484-1000\...\MountPoints2: {07445c1d-b8e6-11e3-8562-b8763f711be2} - F:\Autorun.exe
HKU\S-1-5-21-2675692793-2371205202-190846484-1000\...\MountPoints2: {114f4ca3-bbb9-11e3-a249-b8763f711be2} - E:\Autorun.exe
HKU\S-1-5-21-2675692793-2371205202-190846484-1000\...\MountPoints2: {74e1c8bf-bb2c-11e3-b414-b8763f711be2} - F:\Autorun.exe

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2675692793-2371205202-190846484-1000 -> {2FBC95DE-4E88-4C34-9637-4FEA212E1651} URL = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13169
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FF NetworkProxy: "ftp_port", 18000
FF NetworkProxy: "http_port", 18000
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "socks_port", 18000
FF NetworkProxy: "ssl_port", 18000
FF NetworkProxy: "type", 0
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File

2015-02-15 21:09 - 2015-02-15 21:10 - 00043635 _____ () C:\Users\Tomáš\Desktop\FRST.txt
2015-02-15 21:09 - 2015-02-15 21:09 - 00000000 ____D () C:\Users\Tomáš\Desktop\FRST-OlderVersion
2015-02-15 08:27 - 2015-02-15 08:33 - 00000000 ____D () C:\AdwCleaner
2015-02-15 08:26 - 2015-02-15 08:26 - 02112512 _____ () C:\Users\Tomáš\Desktop\AdwCleaner.exe
2015-02-15 08:18 - 2015-02-15 16:23 - 00000168 _____ () C:\Windows\setupact.log
2015-02-15 08:18 - 2015-02-15 08:34 - 00001126 _____ () C:\Windows\PFRO.log
2015-02-15 08:18 - 2015-02-15 08:18 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-14 19:03 - 2015-02-14 19:03 - 05325208 _____ (Piriform Ltd) C:\Users\Tomáš\Downloads\ccsetup502.exe
2015-02-14 18:52 - 2015-02-14 19:24 - 00000000 ____D () C:\Program Files\trend micro
2015-02-14 18:52 - 2015-02-14 18:53 - 00000000 ____D () C:\rsit
2015-02-14 18:51 - 2015-02-14 18:51 - 01222144 _____ () C:\Users\Tomáš\Downloads\RSITx64.exe
2015-01-22 13:52 - 2015-01-22 13:52 - 31036840 _____ (Oracle Corporation) C:\Users\Tomáš\Downloads\jre-7u75-windows-x64.exe
2015-01-21 21:04 - 2015-01-21 21:05 - 93427112 _____ (Oracle Corporation) C:\Users\Tomáš\Downloads\jre-8u31-windows-x64.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
EmptyTemp:
End

kubik0963 · #7 Příspěvek od **kubik0963** » 16 úno 2015 09:39

Virustotal: https://www.virustotal.com/cs/file/124f ... 424075813/

Fixlog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-02-2015
Ran by Tomáš at 2015-02-16 09:07:25 Run:1
Running from C:\Users\Tomáš\Desktop
Loaded Profiles: Tomáš (Available profiles: Tomáš & Kuba)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-01-07] (Adobe Systems Incorporated)
HKU\S-1-5-21-2675692793-2371205202-190846484-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2675692793-2371205202-190846484-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-2675692793-2371205202-190846484-1000\...\RunOnce: [SeznamInstall-uninstall:973afe06a00dfbf884a1d18f279f3084] => C:\Users\TOM~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2015-02-15] () <===== ATTENTION
HKU\S-1-5-21-2675692793-2371205202-190846484-1000\...\MountPoints2: {07445c1d-b8e6-11e3-8562-b8763f711be2} - F:\Autorun.exe
HKU\S-1-5-21-2675692793-2371205202-190846484-1000\...\MountPoints2: {114f4ca3-bbb9-11e3-a249-b8763f711be2} - E:\Autorun.exe
HKU\S-1-5-21-2675692793-2371205202-190846484-1000\...\MountPoints2: {74e1c8bf-bb2c-11e3-b414-b8763f711be2} - F:\Autorun.exe

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2675692793-2371205202-190846484-1000 -> {2FBC95DE-4E88-4C34-9637-4FEA212E1651} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13169
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FF NetworkProxy: "ftp_port", 18000
FF NetworkProxy: "http_port", 18000
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "socks_port", 18000
FF NetworkProxy: "ssl_port", 18000
FF NetworkProxy: "type", 0
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File

2015-02-15 21:09 - 2015-02-15 21:10 - 00043635 _____ () C:\Users\Tomáš\Desktop\FRST.txt
2015-02-15 21:09 - 2015-02-15 21:09 - 00000000 ____D () C:\Users\Tomáš\Desktop\FRST-OlderVersion
2015-02-15 08:27 - 2015-02-15 08:33 - 00000000 ____D () C:\AdwCleaner
2015-02-15 08:26 - 2015-02-15 08:26 - 02112512 _____ () C:\Users\Tomáš\Desktop\AdwCleaner.exe
2015-02-15 08:18 - 2015-02-15 16:23 - 00000168 _____ () C:\Windows\setupact.log
2015-02-15 08:18 - 2015-02-15 08:34 - 00001126 _____ () C:\Windows\PFRO.log
2015-02-15 08:18 - 2015-02-15 08:18 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-14 19:03 - 2015-02-14 19:03 - 05325208 _____ (Piriform Ltd) C:\Users\Tomáš\Downloads\ccsetup502.exe
2015-02-14 18:52 - 2015-02-14 19:24 - 00000000 ____D () C:\Program Files\trend micro
2015-02-14 18:52 - 2015-02-14 18:53 - 00000000 ____D () C:\rsit
2015-02-14 18:51 - 2015-02-14 18:51 - 01222144 _____ () C:\Users\Tomáš\Downloads\RSITx64.exe
2015-01-22 13:52 - 2015-01-22 13:52 - 31036840 _____ (Oracle Corporation) C:\Users\Tomáš\Downloads\jre-7u75-windows-x64.exe
2015-01-21 21:04 - 2015-01-21 21:05 - 93427112 _____ (Oracle Corporation) C:\Users\Tomáš\Downloads\jre-8u31-windows-x64.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SSBkgdUpdate => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Creative Cloud => value deleted successfully.
HKU\S-1-5-21-2675692793-2371205202-190846484-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-2675692793-2371205202-190846484-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
HKU\S-1-5-21-2675692793-2371205202-190846484-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SeznamInstall-uninstall:973afe06a00dfbf884a1d18f279f3084 => Value not found.
"HKU\S-1-5-21-2675692793-2371205202-190846484-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{07445c1d-b8e6-11e3-8562-b8763f711be2}" => Key deleted successfully.
HKCR\CLSID\{07445c1d-b8e6-11e3-8562-b8763f711be2} => Key not found.
"HKU\S-1-5-21-2675692793-2371205202-190846484-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{114f4ca3-bbb9-11e3-a249-b8763f711be2}" => Key deleted successfully.
HKCR\CLSID\{114f4ca3-bbb9-11e3-a249-b8763f711be2} => Key not found.
"HKU\S-1-5-21-2675692793-2371205202-190846484-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{74e1c8bf-bb2c-11e3-b414-b8763f711be2}" => Key deleted successfully.
HKCR\CLSID\{74e1c8bf-bb2c-11e3-b414-b8763f711be2} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-2675692793-2371205202-190846484-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FBC95DE-4E88-4C34-9637-4FEA212E1651}" => Key deleted successfully.
HKCR\CLSID\{2FBC95DE-4E88-4C34-9637-4FEA212E1651} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully.
HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Key not found.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@nexon.net/NxGame" => Key deleted successfully.
"C:\Users\Tomáš\Desktop\FRST.txt" => File/Directory not found.
C:\Users\Tomáš\Desktop\FRST-OlderVersion => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Tomáš\Desktop\AdwCleaner.exe => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\Users\Tomáš\Downloads\ccsetup502.exe => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\rsit => Moved successfully.
C:\Users\Tomáš\Downloads\RSITx64.exe => Moved successfully.
C:\Users\Tomáš\Downloads\jre-7u75-windows-x64.exe => Moved successfully.
C:\Users\Tomáš\Downloads\jre-8u31-windows-x64.exe => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
EmptyTemp: => Removed 1.7 GB temporary data.

The system needed a reboot.

==== End of Fixlog 09:17:43 ====

#8 Příspěvek od **altrok** » 16 úno 2015 12:23

Takze jeste uklidime.

Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
Oznacte jen moznost "Remove disinfection tools"
kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

kubik0963 · #9 Příspěvek od **kubik0963** » 16 úno 2015 12:51

Děkuji a sbohem.

#10 Příspěvek od **altrok** » 16 úno 2015 13:02

Nemate zac, rad jsem pomohl

Mejte se krasne a treba zase nekdy

VIRY.CZ

Preventivka - zpomalený počítač

Preventivka - zpomalený počítač

Re: Preventivka - zpomalený počítač

Re: Preventivka - zpomalený počítač

Re: Preventivka - zpomalený počítač

Re: Preventivka - zpomalený počítač

Re: Preventivka - zpomalený počítač

Re: Preventivka - zpomalený počítač

Re: Preventivka - zpomalený počítač

Re: Preventivka - zpomalený počítač

Re: Preventivka - zpomalený počítač