Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

preventivka

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
reptoid
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 16 kvě 2015 20:34

preventivka

#1 Příspěvek od reptoid »

Zdravím, jen bych rád viděl názor znalců, jestli tam mám nějaký bordel nebo ne. Díky :)

Logfile of random's system information tool 1.10 (written by random/random)
Run by User at 2015-05-16 21:44:10
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 197 GB (21%) free of 954 GB
Total RAM: 8175 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:44:48, on 16.5.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17801)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\OLYMPUS\OLYMPUS Master\Monitor.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\INTELLINET\Common\INTELLINET_UI.exe
C:\Program Files (x86)\D-Link\DWA-131 revA\wirelesscm.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\PROGRA~2\Raptr\raptr.exe
C:\PROGRA~2\Raptr\raptr_im.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Gyazo\GyStation.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\User.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: (no name) - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - (no file)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (file missing)
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\BingExt.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (file missing)
O2 - BHO: SmartBar Helper Object - {FD36FEBE-DBA1-4597-9DD1-B13794B92F68} - (no file)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\BingExt.dll" (file missing)
O3 - Toolbar: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
O3 - Toolbar: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
O3 - Toolbar: (no name) - {0CFBE80D-5608-4309-A0F5-3B1414833432} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
O4 - HKCU\..\Run: [Google Update] "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files (x86)\OLYMPUS\OLYMPUS Master\Monitor.exe
O4 - HKCU\..\Run: [SteelSeries Engine] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
O4 - HKCU\..\Run: [FixMyRegistry] C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as
O4 - HKCU\..\RunOnce: [Software Removal Tool] "C:\Users\User\AppData\Local\Temp\59EB.exe" --post-reboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: INTELLINET Wireless Utility.lnk = C:\Program Files (x86)\INTELLINET\Common\INTELLINET_UI.exe
O4 - Global Startup: Wireless Connection Manager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (file missing)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\safeips.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\safeips.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\safeips.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\safeips.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\safeips.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Sentinel Local License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files (x86)\INTELLINET\Common\RaRegistry.exe
O23 - Service: Ralink Registry Writer 64 (RalinkRegistryWriter64) - Ralink Technology, Corp. - C:\Program Files (x86)\INTELLINET\Common\RaRegistry64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Razer Wizard Service (RzWizardService) - Razer Inc. - C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
O23 - Service: SafeIPS - SafeIP - C:\Program Files (x86)\SafeIP\SafeIPs.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WlanWpsSvc - Unknown owner - C:\Program Files (x86)\D-Link\DWA-131 revA\WlanWpsSvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15104 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 22984160
\??\C:\Windows\system32\conhost.exe "-42705111811469654211450610335252699370-527257353-267955713179335011408959699
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\hasplms.exe -run
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\INTELLINET\Common\RaRegistry.exe"
"C:\Program Files (x86)\INTELLINET\Common\RaRegistry64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\wbem\wmiprvse.exe
WLIDSvcM.exe 2200
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
ngservice.exe pipeserver
"LogonUI.exe" /flags:0x1
atieclxx
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\OLYMPUS\OLYMPUS Master\Monitor.exe"
"C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe"
"C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe"
"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
"C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
HydraDM64.exe -h:196670 "Maximalizovat na celou plochu" "Maximalizovat k rohům okna" "Obnovit pracovní plochu"
"C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe" /ot /as
"C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\INTELLINET\Common\INTELLINET_UI.exe" -s
"C:\Program Files (x86)\D-Link\DWA-131 revA\wirelesscm.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\PROGRA~2\Raptr\raptr.exe" --log_to_file --from_stub --startup
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\unsecapp.exe -Embedding
raptr_im.exe
"C:\Program Files (x86)\Raptr\raptr_ep64.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"C:\Program Files (x86)\Gyazo\GyStation.exe" /start_resident
taskeng.exe {8DD10349-9AC9-4BB1-9141-81CCE0F95AC9}
"C:\Program Files (x86)\Steam\steam.exe" "steam://rungameid/730"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\User\AppData\Local\Steam\htmlcache" -steampid 6588 -buildid 1428965940 -steamid "0" --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --enable-direct-write
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Play -Embedding

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-accelerated-video-decode --disable-delegated-renderer --disable-gpu-compositing --disable-threaded-compositing --enable-pinch --enable-software-compositing --no-sandbox --enable-direct-write --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-accelerated-compositing --disable-gpu-compositing --channel="6276.27.149055345\668051789" /prefetch:673131151
"C:\Windows\system32\wuauclt.exe"
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5264.0.885419998\741653949" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,19,42 --gpu-vendor-id=0x1002 --gpu-device-id=0x673e --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=14.301.1001.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A2_SuggestFeatureAblation/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Control/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=5264 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="5264.2.1990845067\1446090494" /prefetch:673131151
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A2_SuggestFeatureAblation/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Control/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=5264 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="5264.3.1948992881\1085481847" /prefetch:673131151
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A2_SuggestFeatureAblation/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Control/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=5264 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="5264.4.627074227\2063991940" /prefetch:673131151
"C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A2_SuggestFeatureAblation/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Control/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/*SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_69/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_15/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=5264 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="5264.81.1790421768\278100450" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe59_ Global\UsGthrCtrlFltPipeMssGthrPipe59 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\User\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3717432927-1355506929-3792285562-1000Core.job - C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3717432927-1355506929-3792285562-1000UA.job - C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\RegCure Pro.job - C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe -scan

=========Mozilla firefox=========

ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yz9mdw4k.default

prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/?clid=22668"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.4.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32]
"Description"=
"Path"=C:\Windows\SysWOW64\npdeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll


C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yz9mdw4k.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yz9mdw4k.default\searchplugins\
babylon.xml
browsemngr.xml
seznam-avast.xml
smartbar.xml
sweetim.xml
yandex.ru-102952.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program [2009-10-06 96]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program [2009-10-06 96]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program [2009-10-06 96]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program [2009-10-06 96]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program [2009-10-06 96]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program [2009-10-06 96]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program [2009-10-06 96]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program [2009-10-06 96]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program [2009-10-06 96]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program [2009-10-06 96]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program [2009-10-06 96]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program [2009-10-06 96]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program [2009-10-06 96]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD36FEBE-DBA1-4597-9DD1-B13794B92F68}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program [2009-10-06 96]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program [2009-10-06 96]
{EEE6C35B-6118-11DC-9C72-001320C79847}
{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
{0CFBE80D-5608-4309-A0F5-3B1414833432}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program [2009-10-06 96]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program [2009-10-06 96]
"AdobeAAMUpdater-1.0"=C:\Program [2009-10-06 96]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
"Steam"=C:\Program [2009-10-06 96]
"OM_Monitor"=C:\Program [2009-10-06 96]
"SteelSeries Engine"=C:\Program [2009-10-06 96]
"AdobeBridge"= []
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program [2009-10-06 96]
"HydraVisionDesktopManager"=C:\Program [2009-10-06 96]
"swg"=C:\Program [2009-10-06 96]
"Gyazo"=C:\Program [2009-10-06 96]
"FixMyRegistry"=C:\Program [2009-10-06 96]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Software Removal Tool"=C:\Users\User\AppData\Local\Temp\59EB.exe [2015-05-15 4694856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program [2009-10-06 96]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program [2009-10-06 96]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\User\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\User\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Program [2009-10-06 96]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixMyRegistry]
C:\Program [2009-10-06 96]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program [2009-10-06 96]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program [2009-10-06 96]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Razer Synapse]
C:\Program [2009-10-06 96]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program [2009-10-06 96]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"MDS_Menu"=C:\Program [2009-10-06 96]
"SwitchBoard"=C:\Program [2009-10-06 96]
"seznam-listicka-distribuce"=C:\Program [2009-10-06 96]
""= []
"AvastUI.exe"=C:\Program [2009-10-06 96]
"StartCCC"=C:\Program [2009-10-06 96]
"Raptr"=C:\Program [2009-10-06 96]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
INTELLINET Wireless Utility.lnk - C:\Program Files (x86)\INTELLINET\Common\INTELLINET_UI.exe
Wireless Connection Manager.lnk - C:\Program Files (x86)\D-Link\DWA-131 revA\wirelesscm.exe

C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SafeIPS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-05-16 21:44:10 ----D---- C:\rsit
2015-05-16 21:44:10 ----D---- C:\Program Files\trend micro
2015-05-16 20:03:28 ----D---- C:\ProgramData\NuGet
2015-05-16 20:03:28 ----D---- C:\Program Files (x86)\NuGet
2015-05-16 19:04:29 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 12.0
2015-05-16 18:45:00 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-05-14 03:07:44 ----D---- C:\7207a3c60c4a4acc674c05
2015-05-14 03:04:42 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 03:04:42 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 14:09:16 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-05-13 14:09:16 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-05-13 14:09:16 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-05-13 14:09:16 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-05-13 14:09:16 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-05-13 14:09:16 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-05-13 14:09:15 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-05-13 14:09:15 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-05-13 14:09:15 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-05-13 14:09:15 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-05-13 14:09:15 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-05-13 14:09:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-05-13 14:09:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-05-13 14:09:15 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 14:09:15 ----A---- C:\Windows\system32\iernonce.dll
2015-05-13 14:09:15 ----A---- C:\Windows\system32\ie4uinit.exe
2015-05-13 14:09:14 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-05-13 14:09:14 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-05-13 14:09:14 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-05-13 14:09:14 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-05-13 14:09:14 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-05-13 14:09:14 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-05-13 14:09:14 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-05-13 14:09:14 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-05-13 14:09:14 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-05-13 14:09:14 ----A---- C:\Windows\system32\urlmon.dll
2015-05-13 14:09:14 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 14:09:14 ----A---- C:\Windows\system32\msfeeds.dll
2015-05-13 14:09:14 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 14:09:14 ----A---- C:\Windows\system32\iedkcs32.dll
2015-05-13 14:09:14 ----A---- C:\Windows\system32\dxtrans.dll
2015-05-13 14:09:13 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-05-13 14:09:13 ----A---- C:\Windows\system32\iesetup.dll
2015-05-13 14:09:13 ----A---- C:\Windows\system32\iertutil.dll
2015-05-13 14:09:13 ----A---- C:\Windows\system32\ieapfltr.dll
2015-05-13 14:09:12 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-05-13 14:09:12 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-05-13 14:09:12 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-05-13 14:09:12 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-05-13 14:09:12 ----A---- C:\Windows\system32\vbscript.dll
2015-05-13 14:09:12 ----A---- C:\Windows\system32\jsproxy.dll
2015-05-13 14:09:12 ----A---- C:\Windows\system32\ieUnatt.exe
2015-05-13 14:09:12 ----A---- C:\Windows\system32\ieui.dll
2015-05-13 14:09:12 ----A---- C:\Windows\system32\ieframe.dll
2015-05-13 14:09:12 ----A---- C:\Windows\system32\dxtmsft.dll
2015-05-13 14:09:11 ----A---- C:\Windows\system32\wininet.dll
2015-05-13 14:09:11 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-05-13 14:09:11 ----A---- C:\Windows\system32\mshtmled.dll
2015-05-13 14:09:11 ----A---- C:\Windows\system32\jscript9diag.dll
2015-05-13 14:09:11 ----A---- C:\Windows\system32\jscript9.dll
2015-05-13 14:09:11 ----A---- C:\Windows\system32\jscript.dll
2015-05-13 14:09:10 ----A---- C:\Windows\system32\msrating.dll
2015-05-13 14:09:10 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-05-13 14:09:10 ----A---- C:\Windows\system32\mshtml.dll
2015-05-13 14:08:49 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-05-13 14:08:49 ----A---- C:\Windows\SYSWOW64\certcli.dll
2015-05-13 14:08:49 ----A---- C:\Windows\system32\schannel.dll
2015-05-13 14:08:49 ----A---- C:\Windows\system32\certcli.dll
2015-05-13 14:04:10 ----A---- C:\Windows\system32\services.exe
2015-05-13 14:03:54 ----A---- C:\Windows\system32\UtcResources.dll
2015-05-13 14:03:54 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-05-13 14:03:54 ----A---- C:\Windows\system32\diagtrack.dll
2015-05-13 14:03:53 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-05-13 14:03:53 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-05-13 14:03:53 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-05-13 14:03:53 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-05-13 14:03:53 ----A---- C:\Windows\system32\tdh.dll
2015-05-13 14:03:53 ----A---- C:\Windows\system32\ntdll.dll
2015-05-13 14:03:53 ----A---- C:\Windows\system32\msv1_0.dll
2015-05-13 14:03:53 ----A---- C:\Windows\system32\lsasrv.dll
2015-05-13 14:03:53 ----A---- C:\Windows\system32\kernel32.dll
2015-05-13 14:03:53 ----A---- C:\Windows\system32\advapi32.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 14:03:52 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 14:03:52 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-05-13 14:03:52 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-05-13 14:03:52 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2015-05-13 14:03:52 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-05-13 14:03:52 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-05-13 14:03:52 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-05-13 14:03:52 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-05-13 14:03:52 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-05-13 14:03:52 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-05-13 14:03:52 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-05-13 14:03:52 ----A---- C:\Windows\SYSWOW64\relog.exe
2015-05-13 14:03:52 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-05-13 14:03:52 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-05-13 14:03:52 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-05-13 14:03:52 ----A---- C:\Windows\SYSWOW64\logman.exe
2015-05-13 14:03:52 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-05-13 14:03:52 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-05-13 14:03:52 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-05-13 14:03:52 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-05-13 14:03:52 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2015-05-13 14:03:52 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-05-13 14:03:52 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-05-13 14:03:52 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-05-13 14:03:52 ----A---- C:\Windows\system32\wow64win.dll
2015-05-13 14:03:52 ----A---- C:\Windows\system32\wow64cpu.dll
2015-05-13 14:03:52 ----A---- C:\Windows\system32\wow64.dll
2015-05-13 14:03:52 ----A---- C:\Windows\system32\winsrv.dll
2015-05-13 14:03:52 ----A---- C:\Windows\system32\wdigest.dll
2015-05-13 14:03:52 ----A---- C:\Windows\system32\typeperf.exe
2015-05-13 14:03:52 ----A---- C:\Windows\system32\TSpkg.dll
2015-05-13 14:03:52 ----A---- C:\Windows\system32\tracerpt.exe
2015-05-13 14:03:52 ----A---- C:\Windows\system32\sspisrv.dll
2015-05-13 14:03:52 ----A---- C:\Windows\system32\sspicli.dll
2015-05-13 14:03:52 ----A---- C:\Windows\system32\srcore.dll
2015-05-13 14:03:52 ----A---- C:\Windows\system32\srclient.dll
2015-05-13 14:03:52 ----A---- C:\Windows\system32\smss.exe
2015-05-13 14:03:52 ----A---- C:\Windows\system32\sechost.dll
2015-05-13 14:03:52 ----A---- C:\Windows\system32\secur32.dll
2015-05-13 14:03:52 ----A---- C:\Windows\system32\rstrui.exe
2015-05-13 14:03:52 ----A---- C:\Windows\system32\relog.exe
2015-05-13 14:03:52 ----A---- C:\Windows\system32\ntvdm64.dll
2015-05-13 14:03:52 ----A---- C:\Windows\system32\ncrypt.dll
2015-05-13 14:03:52 ----A---- C:\Windows\system32\lsass.exe
2015-05-13 14:03:52 ----A---- C:\Windows\system32\logman.exe
2015-05-13 14:03:52 ----A---- C:\Windows\system32\KernelBase.dll
2015-05-13 14:03:52 ----A---- C:\Windows\system32\kerberos.dll
2015-05-13 14:03:52 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-05-13 14:03:52 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-05-13 14:03:52 ----A---- C:\Windows\system32\diskperf.exe
2015-05-13 14:03:52 ----A---- C:\Windows\system32\csrsrv.dll
2015-05-13 14:03:52 ----A---- C:\Windows\system32\credssp.dll
2015-05-13 14:03:52 ----A---- C:\Windows\system32\conhost.exe
2015-05-13 14:03:52 ----A---- C:\Windows\system32\auditpol.exe
2015-05-13 14:03:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 14:03:51 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 14:03:51 ----A---- C:\Windows\SYSWOW64\user.exe
2015-05-13 14:03:51 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-05-13 14:03:51 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-05-13 14:03:51 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-05-13 14:03:51 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-05-13 14:03:51 ----A---- C:\Windows\system32\msobjs.dll
2015-05-13 14:03:51 ----A---- C:\Windows\system32\msaudite.dll
2015-05-13 14:03:51 ----A---- C:\Windows\system32\apisetschema.dll
2015-05-13 14:03:51 ----A---- C:\Windows\system32\adtschema.dll
2015-05-13 14:03:37 ----A---- C:\Windows\system32\FntCache.dll
2015-05-13 14:03:37 ----A---- C:\Windows\system32\DWrite.dll
2015-05-13 14:03:36 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-05-13 14:03:36 ----A---- C:\Windows\system32\win32k.sys
2015-05-13 14:03:33 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-05-13 14:03:33 ----A---- C:\Windows\system32\jnwmon.dll
2015-05-13 14:03:33 ----A---- C:\Windows\system32\InkEd.dll
2015-05-13 14:03:32 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2015-05-13 14:03:32 ----A---- C:\Windows\system32\wpdshext.dll
2015-05-13 14:03:30 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2015-05-13 14:03:29 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2015-05-13 14:03:29 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2015-05-13 14:03:29 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2015-05-13 14:03:29 ----A---- C:\Windows\system32\shimeng.dll
2015-05-13 14:03:29 ----A---- C:\Windows\system32\sdbinst.exe
2015-05-13 14:03:29 ----A---- C:\Windows\system32\poqexec.exe
2015-05-13 14:03:29 ----A---- C:\Windows\system32\apphelp.dll
2015-05-13 14:03:29 ----A---- C:\Windows\system32\aelupsvc.dll
2015-05-03 18:17:01 ----D---- C:\Program Files\Axantum
2015-04-22 22:26:12 ----D---- C:\Windows\SYSWOW64\vbox
2015-04-22 22:26:12 ----D---- C:\Windows\system32\vbox
2015-04-22 13:36:16 ----A---- C:\Windows\system32\aswBoot.exe
2015-04-22 13:35:46 ----A---- C:\Windows\avastSS.scr

======List of files/folders modified in the last 1 month======

2015-05-16 21:44:23 ----D---- C:\Windows\Prefetch
2015-05-16 21:44:14 ----D---- C:\Windows\Temp
2015-05-16 21:44:10 ----D---- C:\Program Files
2015-05-16 21:43:34 ----D---- C:\Users\User\AppData\Roaming\vlc
2015-05-16 20:41:16 ----D---- C:\Windows\system32\config
2015-05-16 20:26:20 ----SHD---- C:\Windows\Installer
2015-05-16 20:26:20 ----SHD---- C:\Config.Msi
2015-05-16 20:25:59 ----SD---- C:\Users\User\AppData\Roaming\Microsoft
2015-05-16 20:25:59 ----SD---- C:\ProgramData\Microsoft
2015-05-16 20:25:54 ----RSD---- C:\Windows\assembly
2015-05-16 20:25:54 ----D---- C:\Windows\Microsoft.NET
2015-05-16 20:25:38 ----D---- C:\ProgramData\Package Cache
2015-05-16 20:24:36 ----D---- C:\Windows\SysWOW64
2015-05-16 20:24:13 ----D---- C:\Windows\System32
2015-05-16 20:24:09 ----D---- C:\Program Files\Microsoft SQL Server
2015-05-16 20:20:58 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2015-05-16 20:17:22 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 11.0
2015-05-16 20:13:39 ----D---- C:\Users\User\AppData\Roaming\.minecraft
2015-05-16 20:08:22 ----D---- C:\Program Files (x86)\Microsoft SDKs
2015-05-16 20:08:06 ----D---- C:\Program Files\IIS Express
2015-05-16 20:08:06 ----D---- C:\Program Files (x86)\IIS Express
2015-05-16 20:03:28 ----RD---- C:\Program Files (x86)
2015-05-16 20:03:28 ----HD---- C:\ProgramData
2015-05-16 20:03:01 ----D---- C:\Windows\winsxs
2015-05-16 19:50:00 ----D---- C:\Program Files (x86)\Microsoft.NET
2015-05-16 19:41:34 ----D---- C:\Program Files (x86)\Common Files
2015-05-16 19:35:49 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-05-16 19:27:53 ----D---- C:\Program Files (x86)\Windows Kits
2015-05-16 19:19:44 ----D---- C:\Program Files (x86)\Microsoft Help Viewer
2015-05-16 19:19:41 ----D---- C:\Program Files (x86)\MSBuild
2015-05-16 19:00:38 ----D---- C:\Users\User\AppData\Roaming\Raptr
2015-05-16 18:44:53 ----SHD---- C:\System Volume Information
2015-05-16 16:44:29 ----D---- C:\Program Files (x86)\Steam
2015-05-15 21:34:06 ----D---- C:\Windows\Tasks
2015-05-15 07:01:25 ----D---- C:\Windows\system32\Tasks
2015-05-15 06:55:45 ----D---- C:\Program Files (x86)\Gyazo
2015-05-14 16:08:48 ----D---- C:\Windows\system32\DriverStore
2015-05-14 05:43:04 ----D---- C:\Windows\rescache
2015-05-14 04:37:06 ----D---- C:\Windows\inf
2015-05-14 04:37:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-05-14 04:28:52 ----D---- C:\Program Files\Microsoft Silverlight
2015-05-14 04:28:51 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 04:26:57 ----D---- C:\Windows\SYSWOW64\en-US
2015-05-14 04:26:57 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-05-14 04:26:57 ----D---- C:\Windows\system32\en-US
2015-05-14 04:26:57 ----D---- C:\Windows\system32\cs-CZ
2015-05-14 04:26:57 ----D---- C:\Program Files\Internet Explorer
2015-05-14 04:26:56 ----D---- C:\Program Files (x86)\Internet Explorer
2015-05-14 04:26:55 ----D---- C:\Windows\system32\drivers
2015-05-14 04:26:55 ----D---- C:\Windows\system32\AdvancedInstallers
2015-05-14 04:26:55 ----D---- C:\Windows\AppPatch
2015-05-14 04:26:55 ----D---- C:\Program Files\Windows Journal
2015-05-14 04:26:53 ----D---- C:\Windows\system32\drivers\UMDF
2015-05-14 04:09:04 ----D---- C:\ProgramData\Microsoft Help
2015-05-13 14:02:43 ----D---- C:\Windows\system32\catroot2
2015-05-10 16:03:42 ----D---- C:\Users\User\AppData\Roaming\Audacity
2015-05-06 13:20:35 ----D---- C:\Program Files (x86)\Raptr
2015-05-05 21:33:51 ----D---- C:\Users\User\AppData\Roaming\TS3Client
2015-04-24 14:28:53 ----D---- C:\Windows\AppCompat
2015-04-22 13:36:13 ----D---- C:\Windows
2015-04-18 16:48:41 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-18 16:48:36 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2015-04-17 21:32:23 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-04-22 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-04-22 272248]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-04-22 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-04-22 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-04-22 442264]
R1 HssDRV6;Hotspot Shield Routing Driver 6; C:\Windows\system32\DRIVERS\hssdrv6.sys [2014-05-17 44744]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2011-11-22 78208]
R2 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys [2012-06-28 139592]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-04-22 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-04-22 89944]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-04-22 137288]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2011-09-28 321536]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program [2009-10-06 96]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-09-16 16750080]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-09-15 576000]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2014-06-21 94720]
R3 busenum;SteelBusSvc; C:\Windows\system32\DRIVERS\SteelBus64.sys [2011-09-16 106496]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2011-01-26 39808]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2011-01-26 64256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-01-04 2697448]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-09-21 56344]
R3 netr28x;INTELLINET 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2009-10-06 737792]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-12-24 412264]
R3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2014-05-17 42184]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%; C:\Windows\system32\DRIVERS\RTL8192su.sys [2009-08-20 664576]
S3 rzendpt;rzendpt; C:\Windows\system32\DRIVERS\rzendpt.sys [2014-05-19 39080]
S3 rzmpos;rzmpos; C:\Windows\system32\DRIVERS\rzmpos.sys [2014-05-19 34984]
S3 rzudd;Razer Mouse Driver; C:\Windows\system32\DRIVERS\rzudd.sys [2014-05-19 155816]
S3 SAlphamHid;SteelHIDSvc; C:\Windows\system32\DRIVERS\SAlpham64.sys [2011-09-16 34944]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2012-04-06 38632]
S3 tapSF0901;Spotflux Virtual Network Device Driver; C:\Windows\system32\DRIVERS\tapSF0901.sys [2014-04-05 39104]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-09-16 239616]
R2 avast! Antivirus;Avast Antivirus; C:\Program [2009-10-06 96]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program [2009-10-06 96]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program [2009-10-06 96]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 hasplms;Sentinel Local License Manager; C:\Windows\system32\hasplms.exe [2012-06-28 4941768]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-05-31 76888]
R2 RalinkRegistryWriter;Ralink Registry Writer; C:\Program [2009-10-06 96]
R2 RalinkRegistryWriter64;Ralink Registry Writer 64; C:\Program [2009-10-06 96]
R2 SQLWriter;SQL Server VSS Writer; C:\Program [2009-10-06 96]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program [2009-10-06 96]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program [2009-10-06 96]
R3 NMIndexingService;NMIndexingService; C:\Program [2009-10-06 96]
S2 BBSvc;BingBar Service; C:\Program [2009-10-06 96]
S2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\Program [2009-10-06 96]
S2 gupdate;Služba Google Update (gupdate); C:\Program [2009-10-06 96]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program [2009-10-06 96]
S2 RzWizardService;Razer Wizard Service; C:\Program [2009-10-06 96]
S2 SkypeUpdate;Skype Updater; C:\Program [2009-10-06 96]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program [2009-10-06 96]
S2 WlanWpsSvc;WlanWpsSvc; C:\Program [2009-10-06 96]
S3 Adobe LM Service;Adobe LM Service; C:\Program [2009-10-06 96]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-18 268464]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 BBUpdate;BBUpdate; C:\Program [2009-10-06 96]
S3 fsssvc;Windows Live Family Safety Service; C:\Program [2009-10-06 96]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program [2009-10-06 96]
S3 gusvc;Google Software Updater; C:\Program [2009-10-06 96]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-04-21 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program [2009-10-06 96]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program [2009-10-06 96]
S3 ose;Office Source Engine; C:\Program [2009-10-06 96]
S3 SafeIPS;SafeIPS; C:\Program [2009-10-06 96]
S3 Steam Client Service;Steam Client Service; C:\Program [2009-10-06 96]
S3 SwitchBoard;Adobe SwitchBoard; C:\Program [2009-10-06 96]
S3 VsEtwService120;Visual Studio ETW Event Collection Service; C:\Program [2009-10-06 96]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-03 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program [2009-10-06 96]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: preventivka

#2 Příspěvek od vyosek »

Zdravim :)

:arrow: Mate tam bordel a ne jeden

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Po spusteni probehne stazeni databaze
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
:arrow: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do okna vlozte skript nize

  • Kód: Vybrat vše

    autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
  • Nasledne kliknete na Run Script
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
reptoid
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 16 kvě 2015 20:34

Re: preventivka

#3 Příspěvek od reptoid »

Tady je log z AdwCleaneru

# AdwCleaner v4.204 - Log vytvořen 16/05/2015 v 22:04:53
# Aktualizováno 12/05/2015 by Xplode
# Databáze : 2015-05-12.2 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : User - USER-PC
# Spuštěno z : C:\Users\User\Desktop\adwcleaner_4.204.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\~Browser Manager
Složka Smazáno : C:\ProgramData\Ask
Složka Smazáno : C:\ProgramData\Babylon
Složka Smazáno : C:\ProgramData\Conduit
Složka Smazáno : C:\ProgramData\ParetoLogic
Složka Smazáno : C:\ProgramData\Premium
Složka Smazáno : C:\ProgramData\RegClean
Složka Smazáno : C:\ProgramData\Tarma Installer
Složka Smazáno : C:\ProgramData\Tbccint
Složka Smazáno : C:\Program Files (x86)\ChatZum Toolbar
Složka Smazáno : C:\Program Files (x86)\Conduit
Složka Smazáno : C:\Program Files (x86)\SmartTweak
Složka Smazáno : C:\Program Files (x86)\Tbccint
Složka Smazáno : C:\Program Files (x86)\SqueakyChocolate
Složka Smazáno : C:\Users\User\AppData\Local\Temp\mt_ffx
Složka Smazáno : C:\Users\User\AppData\Local\apn
Složka Smazáno : C:\Users\User\AppData\Local\Conduit
Složka Smazáno : C:\Users\User\AppData\Local\Tbccint
Složka Smazáno : C:\Users\User\AppData\Local\torch
Složka Smazáno : C:\Users\User\AppData\LocalLow\Conduit
Složka Smazáno : C:\Users\User\AppData\LocalLow\SweetIM
Složka Smazáno : C:\Users\User\AppData\LocalLow\Tbccint
Složka Smazáno : C:\Users\User\AppData\LocalLow\Toolbar4
Složka Smazáno : C:\Users\User\AppData\Roaming\Babylon
Složka Smazáno : C:\Users\User\AppData\Roaming\DriverCure
Složka Smazáno : C:\Users\User\AppData\Roaming\OpenCandy
Složka Smazáno : C:\Users\User\AppData\Roaming\ParetoLogic
Složka Smazáno : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
Složka Smazáno : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
Složka Smazáno : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Složka Smazáno : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yz9mdw4k.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Soubor Smazáno : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mpcknfcdcgpffjddjeceioobdelceffo_0.localstorage
Soubor Smazáno : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nkcpopggjcjkiicpenikeogioednjeac_0.localstorage
Soubor Smazáno : C:\Users\User\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_nkcpopggjcjkiicpenikeogioednjeac_0.localstorage
Soubor Smazáno : C:\END
Soubor Smazáno : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yz9mdw4k.default\bprotector_extensions.sqlite
Soubor Smazáno : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yz9mdw4k.default\bprotector_prefs.js
Soubor Smazáno : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yz9mdw4k.default\invalidprefs.js
Soubor Smazáno : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yz9mdw4k.default\searchplugins\Babylon.xml
Soubor Smazáno : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yz9mdw4k.default\searchplugins\browsemngr.xml
Soubor Smazáno : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yz9mdw4k.default\searchplugins\smartbar.xml
Soubor Smazáno : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yz9mdw4k.default\searchplugins\SweetIm.xml
Soubor Smazáno : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yz9mdw4k.default\user.js
Soubor Smazáno : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Soubor Smazáno : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\bprotector web data

***** [ Naplánované úlohy ] *****

Úloha Smazáno : Browser Manager
Úloha Smazáno : Your File Updater

***** [ Zástupci ] *****


***** [ Registry ] *****

Hodnota Smazáno : HKCU\Software\Mozilla\Firefox\Extensions [{B64982B1-D112-42B5-B1E4-D3867C4533F8}]
Hodnota Smazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}]
Hodnota Smazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{d9284e50-81fc-11da-a72b-0800200c9a66}]
Hodnota Smazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}]
Klíč Smazáno : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\flcjcajklmlbpmgckpcmnampagbhhmcp
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Hodnota Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [FixMyRegistry]
Klíč Smazáno : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Klíč Smazáno : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\b
Klíč Smazáno : HKLM\SOFTWARE\Classes\escort.escortIEPane
Klíč Smazáno : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\PCProxy.DataContainer
Klíč Smazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\STC.FBServiceAPPEventsSink
Klíč Smazáno : HKLM\SOFTWARE\Classes\STC.FBServiceAPPEventsSink.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\STC.OptionMenu
Klíč Smazáno : HKLM\SOFTWARE\Classes\STC.OptionMenu.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\STC.Protocol
Klíč Smazáno : HKLM\SOFTWARE\Classes\STC.Protocol.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\STC.VisualBookmark
Klíč Smazáno : HKLM\SOFTWARE\Classes\STC.VisualBookmark.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\STC.WebObject
Klíč Smazáno : HKLM\SOFTWARE\Classes\STC.WebObject.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\STCHelper.BHOHelper
Klíč Smazáno : HKLM\SOFTWARE\Classes\STCHelper.BHOHelper.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\STCHelper.FBServiceAPP
Klíč Smazáno : HKLM\SOFTWARE\Classes\STCHelper.FBServiceAPP.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\STCHelper.Protocol
Klíč Smazáno : HKLM\SOFTWARE\Classes\STCHelper.Protocol.1
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\FixMyRegistry.exe
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
Klíč Smazáno : HKCU\Software\5b538fd8b568e810
Klíč Smazáno : HKLM\SOFTWARE\5b538fd8b568e810
Klíč Smazáno : HKLM\SOFTWARE\Classes\Toolbar.CT1561552
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{82A5CE4D-AF0C-45B6-8AF8-75625BE6A08D}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{B2B7E0CD-E169-43B3-A233-E129610EE314}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{0DEC13F0-5C8C-4147-8329-6CDFAD9755B7}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5E97F0FA-3B44-4634-A87E-8B0D5CFD6365}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{74137531-80F7-406F-9543-7D11385FA8C8}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{951F5841-FD1E-4F1D-8607-67B174DBD753}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{D1CCB0CC-DA45-4797-93D3-DEE7A13F8177}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{DCE24E28-D8EF-49BE-BC01-A1DD3B58FCE3}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E4F7F1A5-490E-4884-A9E3-CBD6A25749E1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F62A4AF9-58B4-4FEC-89CC-D717A547D8E8}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{ED0D2C81-7DB5-4599-B7C0-1033418B5672}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{4E8E0178-00EF-413D-9324-E7B3E31572E3}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{A1A533A8-E106-422B-AE29-D0025269AF83}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{B1759D04-0EF9-472A-B5C3-C774997B5321}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{ED721A76-8160-4DA0-A18E-7FD7C4574774}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80ED3EBC-CC05-4336-ABCC-295798855718}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0CFBE80D-5608-4309-A0F5-3B1414833432}]
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{1BB22D38-A411-4B13-A746-C2A4F4EC7344}]
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{1BB22D38-A411-4B13-A746-C2A4F4EC7344}]
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{ED0D2C81-7DB5-4599-B7C0-1033418B5672}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{A0207057-3461-4F7F-B689-D016B7A03964}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{A75ACCCD-3CC9-4865-8BE3-F523FDA2164F}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\yandex.ru-102951
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{62B3C31B-7772-4D23-B711-D4B8864E25A1}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C8161C83-48A7-4EFB-BCFA-362CB7C50D4D}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKCU\Software\{ADFA33FD-16F5-4355-8504-DF4D664CFE83}
Klíč Smazáno : HKCU\Software\1ClickDownload
Klíč Smazáno : HKCU\Software\BabylonToolbar
Klíč Smazáno : HKCU\Software\ChatZum Toolbar
Klíč Smazáno : HKCU\Software\Conduit
Klíč Smazáno : HKCU\Software\DataMngr
Klíč Smazáno : HKCU\Software\ParetoLogic
Klíč Smazáno : HKCU\Software\Popajar
Klíč Smazáno : HKCU\Software\powerpack
Klíč Smazáno : HKCU\Software\smarttweak
Klíč Smazáno : HKCU\Software\SmileysWeLove
Klíč Smazáno : HKCU\Software\Softonic
Klíč Smazáno : HKCU\Software\SweetIM
Klíč Smazáno : HKCU\Software\torch
Klíč Smazáno : HKCU\Software\YourFileDownloader
Klíč Smazáno : HKCU\Software\AppDataLow\Software\BackgroundContainer
Klíč Smazáno : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Klíč Smazáno : HKCU\Software\AppDataLow\Software\TbccintSearchScopes
Klíč Smazáno : HKLM\SOFTWARE\Babylon
Klíč Smazáno : HKLM\SOFTWARE\BabylonToolbar
Klíč Smazáno : HKLM\SOFTWARE\ChatZum Toolbar
Klíč Smazáno : HKLM\SOFTWARE\Conduit
Klíč Smazáno : HKLM\SOFTWARE\DataMngr
Klíč Smazáno : HKLM\SOFTWARE\ParetoLogic
Klíč Smazáno : HKLM\SOFTWARE\SweetIM
Klíč Smazáno : HKLM\SOFTWARE\torch
Klíč Smazáno : HKLM\SOFTWARE\YourFileDownloader
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c3e85ee9-5892-4142-b537-bceb3dac4c3d}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17801


-\\ Mozilla Firefox v31.0 (x86 cs)

[yz9mdw4k.default\prefs.js] - Řádek Smazáno : user_pref("CT3220468.isPerformedSmartBarTransition", "true");
[yz9mdw4k.default\prefs.js] - Řádek Smazáno : user_pref("CT3220468.smartbar.CTID", "CT3220468");
[yz9mdw4k.default\prefs.js] - Řádek Smazáno : user_pref("CT3220468.smartbar.Uninstall", "0");
[yz9mdw4k.default\prefs.js] - Řádek Smazáno : user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 ");
[yz9mdw4k.default\prefs.js] - Řádek Smazáno : user_pref("extensions.BabylonToolbar_i.newTab", true);
[yz9mdw4k.default\prefs.js] - Řádek Smazáno : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.delta-search.com/?affID=119776&tt=1 ... 1f1fd941b4");
[yz9mdw4k.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.admin", false);
[yz9mdw4k.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.aflt", "orgnl");
[yz9mdw4k.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.appId", "{C5E5951A-4ADD-4402-8A8E-EF97DCB9D8EC}");
[yz9mdw4k.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.autoRvrt", "false");
[yz9mdw4k.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.dfltLng", "");
[yz9mdw4k.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.excTlbr", false);
[yz9mdw4k.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.id", "0ea11d4a00000000000000ff3e84b84c");
[yz9mdw4k.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.instlDay", "16410");
[yz9mdw4k.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.instlRef", "");
[yz9mdw4k.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.newTab", false);
[yz9mdw4k.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.prdct", "smartbar");
[yz9mdw4k.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.prtnrId", "bechiro");
[yz9mdw4k.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.rvrt", "false");
[yz9mdw4k.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.smplGrp", "mm");
[yz9mdw4k.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.tlbrId", "smartbar");
[yz9mdw4k.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.tlbrSrchUrl", "hxxp://search.creativetoolbars.com/results?src=tb&id=smartbar&g=&q=");
[yz9mdw4k.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.vrsn", "1.8.8.12");
[yz9mdw4k.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.vrsnTs", "1.8.8.1210:13:07");
[yz9mdw4k.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.vrsni", "1.8.8.12");
[yz9mdw4k.default\prefs.js] - Řádek Smazáno : user_pref("smartbar.machineId", "S61ZMCAUGDIBORY6RKXVVJIYYQHFTN8Z1OCFSV9W3FE+/FSOMG+KOR/C3P6927PR/UHSH4TA3W4TMEIUHR5X0W");

-\\ Google Chrome v

[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : dhkplhfnhceodhffomolpfigojocbpcb
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : ejpbbhjlbipncjklfjjaedaieimbmdda
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : eooncjejnppfjjklapaamhcdmjbilmde
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : flcjcajklmlbpmgckpcmnampagbhhmcp
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : jcdgjdiieiljkfkdcloehkohchhpekkn
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : mpcknfcdcgpffjddjeceioobdelceffo

-\\ Chromium v


-\\ Comodo Dragon v


*************************

AdwCleaner[R0].txt - [29447 bytů] - [16/05/2015 22:03:44]
AdwCleaner[S0].txt - [27665 bytů] - [16/05/2015 22:04:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [27724 bytů] ##########
Nahoru
reptoid
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 16 kvě 2015 20:34

Re: preventivka

#4 Příspěvek od reptoid »

A tady je log ze Zoeku


Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by User on so 16.05.2015 at 22:13:56,32.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

16.5.2015 22:17:54 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\Electronic Arts deleted successfully
C:\PROGRA~2\Empire Interactive deleted successfully
C:\PROGRA~2\GNU deleted successfully
C:\PROGRA~2\GRETECH deleted successfully
C:\PROGRA~2\JoWooD Entertainment AG deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\Prototype deleted successfully
C:\PROGRA~2\COMMON~1\Apple deleted successfully
C:\Program Files\Sony deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\Razer deleted successfully
C:\Users\User\AppData\Roaming\Hotspot Shield deleted successfully
C:\Users\User\AppData\Roaming\Opera deleted successfully
C:\Users\User\AppData\Roaming\Publish Providers deleted successfully
C:\Users\User\AppData\Roaming\Recordpad deleted successfully
C:\Users\User\AppData\Roaming\Solveig Multimedia deleted successfully
C:\Users\User\AppData\Roaming\update_tc deleted successfully
C:\Users\User\AppData\Roaming\Windows Live Writer deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\CrashDumps deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\CrashDumps deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Internet Explorer\SearchScopes\{423E745B-B688-46b4-91D0-19EFFD8FB980} deleted successfully
HKEY_USERS\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_USERS\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_USERS\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FDDE16B-836F-4806-AB1F-1455CBEFF289} deleted successfully
HKEY_USERS\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9FDDE16B-836F-4806-AB1F-1455CBEFF289} deleted successfully
HKEY_USERS\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully
HKEY_USERS\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully
HKEY_USERS\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_USERS\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_USERS\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_USERS\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{9FDDE16B-836F-4806-AB1F-1455CBEFF289} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD36FEBE-DBA1-4597-9DD1-B13794B92F68} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yz9mdw4k.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/?clid=22668");
user_pref("browser.search.defaulturl", "http://search.seznam.cz/?sourceid=quick ... earchTerms}&");
user_pref("browser.search.defaultengine", "Seznam");
user_pref("browser.search.defaultenginename", "Seznam");
user_pref("browser.search.selectedEngine", "Seznam");
user_pref("browser.search.order.1", "Seznam");
user_pref("keyword.URL", "http://search.seznam.cz/?sourceid=quick ... earchTerms}&");
user_pref("browser.search.useDBForOrder", false);

Added to C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yz9mdw4k.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yz9mdw4k.default

user.js not found
---- Lines CT3220468 removed from prefs.js ----
user_pref("CT3220468.addressBarTakeOverEnabledInHidden", "true");
user_pref("CT3220468.autoDisableScopes", -1);
user_pref("CT3220468.BT_Stats.enc", "eyJsYXN0X2xvZyI6MTM2Nzg2NTg1OCwidXVpZCI6OTM4MTY3NTQxMTk5NDg2LCJzZXFfaWQiOjE3LCJzc2IiOjEzNTk5MDAxMzB9");
user_pref("CT3220468.cb_experience_000.enc", "Mg==");
user_pref("CT3220468.cb_firstuse0100.enc", "MQ==");
user_pref("CT3220468.cb_user_id_000.enc", "Q0I5NTg3NzE3ODM3NDRfMTM2MDUwMTg5OTgwMF9GaXJlZm94");
user_pref("CT3220468.cbcountry_001.enc", "Q1o=");
user_pref("CT3220468.cbfirsttime.enc", "U3VuIEZlYiAwMyAyMDEzIDE1OjAyOjA3IEdNVCswMTAw");
user_pref("CT3220468.CBOpenMAMSettings.enc", "MA==");
user_pref("CT3220468.countryCode", "CZ");
user_pref("CT3220468.defaultSearch", "false");
user_pref("CT3220468.enableAlerts", "always");
user_pref("CT3220468.enableFix404ByUser", "FALSE");
user_pref("CT3220468.enableSearchFromAddressBar", "false");
user_pref("CT3220468.FirstTime", "true");
user_pref("CT3220468.firstTimeDialogOpened", "true");
user_pref("CT3220468.FirstTimeFF3", "true");
user_pref("CT3220468.fixPageNotFoundError", "true");
user_pref("CT3220468.fixPageNotFoundErrorByUser", "true");
user_pref("CT3220468.fixPageNotFoundErrorInHidden", "true");
user_pref("CT3220468.fixUrls", true);
user_pref("CT3220468.fullUserID", "UN19649023609503494.UP.20130721171436");
user_pref("CT3220468.homepageuserchanged", true);
user_pref("CT3220468.http___www_socialgrowthtechnologies_com_couponbuddy_v001.APP_WIN_FEATURES.enc", "b3BlbnBvc2l0aW9uPW9mZnNldDo1MDs1MCxzYXZlbG9jYXRp
user_pref("CT3220468.InstallDate", "29/1/2013 20:24:49");
user_pref("CT3220468.installType", "xpe");
user_pref("CT3220468.isFirstTimeToolbarLoading", "false");
user_pref("CT3220468.isCheckedStartAsHidden", true);
user_pref("CT3220468.isNewTabEnabled", false);
user_pref("CT3220468.lastVersion", "10.20.0.513");
user_pref("CT3220468.LoginRevertSettingsEnabled", true);
user_pref("CT3220468.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2
user_pref("CT3220468.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
user_pref("CT3220468.mam_gk_appState_CouponBuddy.enc", "b24=");
user_pref("CT3220468.mam_gk_appState_PriceGong.enc", "b24=");
user_pref("CT3220468.mam_gk_appStateReportTime.enc", "MTM2Nzg2NTg2NDk0NQ==");
user_pref("CT3220468.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlByaWNlR29uZyIsImNyaXRlcmlhcyI6W3siY3JpdGVyaWFJZCI6IjIyNWQ0NGRmLTAwZ
user_pref("CT3220468.mam_gk_currentVersion.enc", "MS40LjQuNg==");
user_pref("CT3220468.mam_gk_first_time.enc", "MQ==");
user_pref("CT3220468.mam_gk_lastLoginTime.enc", "MTM2NzkzNTkzMDkxOA==");
user_pref("CT3220468.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOn
user_pref("CT3220468.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
user_pref("CT3220468.mam_gk_settings1.4.3.1.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNjFfLTEiLCJpc1Rlc3QiOmZhbHN
user_pref("CT3220468.mam_gk_settings1.4.3.2.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNjFfLTEiLCJpc1Rlc3QiOmZhbHN
user_pref("CT3220468.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMjE1Xy0xIiwiaXNUZXN0IjpmYWx
user_pref("CT3220468.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
user_pref("CT3220468.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
user_pref("CT3220468.mam_gk_user_apps_selection.enc", "AA==");
user_pref("CT3220468.mam_gk_userId.enc", "AA==");
user_pref("CT3220468.migrateAppsAndComponents", true);
user_pref("CT3220468.openThankYouPage", "true");
user_pref("CT3220468.openUninstallPage", "false");
user_pref("CT3220468.PG_ENABLE", "dHJ1ZQ==");
user_pref("CT3220468.PG_ENABLE.enc", "dHJ1ZQ==");
user_pref("CT3220468.price-gong.isManagedApp", "true");
user_pref("CT3220468.revertSettingsEnabled", "true");
user_pref("CT3220468.RevertSettingsEnabled", true);
user_pref("CT3220468.search.searchAppId", "129813684258939747");
user_pref("CT3220468.search.searchCount", "0");
user_pref("CT3220468.searchInNewTabEnabled", "false");
user_pref("CT3220468.searchInNewTabEnabledByUser", "false");
user_pref("CT3220468.searchInNewTabEnabledInHidden", "true");
user_pref("CT3220468.searchSuggestEnabledByUser", "false");
user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1388132529341");
user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1387752679667");
user_pref("CT3220468.serviceLayer_services_Configuration_lastUpdate", "1388059373946");
user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1387752679602");
user_pref("CT3220468.serviceLayer_services_location_lastUpdate", "1367865978583");
user_pref("CT3220468.serviceLayer_services_login_10.13.40.15_lastUpdate", "1366745883107");
user_pref("CT3220468.serviceLayer_services_login_10.15.0.562_lastUpdate", "1367865978259");
user_pref("CT3220468.serviceLayer_services_login_10.16.4.519_lastUpdate", "1375448487408");
user_pref("CT3220468.serviceLayer_services_login_10.16.70.505_lastUpdate", "1382199506139");
user_pref("CT3220468.serviceLayer_services_login_10.20.0.513_lastUpdate", "1388132529292");
user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1387752679648");
user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1388059373910");
user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1388059373906");
user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1388059373762");
user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1388132529788");
user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1388059374032");
user_pref("CT3220468.serviceLayer_services_userApps_lastUpdate", "1366745763708");
user_pref("CT3220468.settingsINI", true);
user_pref("CT3220468.shouldFirstTimeDialog", "false");
user_pref("CT3220468.showToolbarPermission", "false");
user_pref("CT3220468.startPage", "false");
user_pref("CT3220468.toolbarBornServerTime", "3-2-2013");
user_pref("CT3220468.toolbarCurrentServerTime", "27-12-2013");
user_pref("CT3220468.toolbarDisabled", "true");
user_pref("CT3220468.toolbarLoginClientTime", "Fri Apr 26 2013 20:45:01 GMT+0200");
user_pref("CT3220468.url_history0001.enc", "aHR0cDovL3d3dy5uZXRmaXJlLmN6L2ZvcnVtLz92YXN0aHRtbGFjdGlvbj12aWV3dG9waWMmdD02ODI5LjE6OjpjbGlja2hhbmRsZXI6Oj
user_pref("CT3220468.UserID", "UN19649023609503494");
---- Lines CT1561552 removed from prefs.js ----
user_pref("CT1561552.dum", "2");
user_pref("CT1561552.FF19Solved", "true");
user_pref("CT1561552.fullUserID", "UN30446658563187351.IN.20140702100716");
user_pref("CT1561552.installDate", "02/07/2014 10:07:36");
user_pref("CT1561552.installerVersion", "1.11.0.11");
user_pref("CT1561552.installSessionId", "-1");
user_pref("CT1561552.installSp", "FALSE");
user_pref("CT1561552.searchRevert", "false");
user_pref("CT1561552.searchUninstallUserMode", "1");
user_pref("CT1561552.searchUserMode", "1");
user_pref("CT1561552.toolbarInstallDate", "02-07-2014 10:07:19");
user_pref("CT1561552.UserID", "UN30446658563187351");
user_pref("CT1561552.versionFromInstaller", "10.33.0.5");
user_pref("CT1561552.xpeMode", "1");
---- FireFox user.js and prefs.js backups ----

prefs_16.05.2015_2238_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\Electronic Arts not found
C:\PROGRA~2\Empire Interactive not found
C:\PROGRA~2\GNU not found
C:\PROGRA~2\GRETECH not found
C:\PROGRA~2\JoWooD Entertainment AG not found
C:\PROGRA~2\Prototype not found
C:\Users\User\AppData\Roaming\Bechiro S.L deleted
C:\install.exe deleted
C:\Users\User\AppData\Roaming\bitlord_log.txt deleted
C:\Users\User\AppData\Roaming\trace_FilterInstaller.1.txt deleted
C:\Users\User\AppData\Roaming\trace_FilterInstaller.txt deleted
C:\Users\User\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt deleted
C:\Users\User\AppData\Roaming\BitLord deleted
C:\Users\User\AppData\Roaming\Splashtop deleted
C:\Users\User\AppData\Roaming\GetRightToGo deleted
C:\Users\User\ISSetup.dll deleted
C:\PROGRA~3\Splashtop deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted
C:\Windows\Tasks\RegCure Pro.job deleted
C:\windows\SysNative\Tasks\RegCure Pro deleted
C:\windows\SysNative\tasks\YourFile Update deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\SysWow64\AI_RecycleBin deleted
C:\Users\User\Documents\Add-in Express deleted
C:\Users\User\Documents\BitLord deleted
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yz9mdw4k.default\SweetPacksToolbarData deleted
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yz9mdw4k.default\jetpack deleted
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yz9mdw4k.default\CT1561552 deleted
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yz9mdw4k.default\CT3220468 deleted
C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} deleted
C:\Users\User\setup.exe deleted
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yz9mdw4k.default\smartbar deleted
"C:\Windows\Installer\393460.msi" deleted
"C:\PROGRA~2\BitLord 2" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yz9mdw4k.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [22.04.2015 13:36]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Hotspot Shield Extension - %AppDir%\browser\extensions\afproxy@anchorfree.com
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yz9mdw4k.default
DCB0BCEF594E2C410793C4A823C318F3 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll - Shockwave for Director / Shockwave for Director
1C27D3E29218B6EADDB87A6B335637E3 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 6.0.320.5
09B4E13D25623D879D35286E2D29FF13 - C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System


==== Deleted Firefox Extensions ======================

C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com deleted

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aaaaoiagmlcohkmjodefppbmpjdiocmh - C:\Users\User\AppData\Local\APN\GoogleCRXs\aaaaoiagmlcohkmjodefppbmpjdiocmh_7.14.1.0.crx[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[22.04.2015 13:35]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14.07.2014 18:22]

Bookmark Manager - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Avast Online Security - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

==== Chromium Startpages ======================

C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.cz/",
"startup_urls": [ "https://www.seznam.cz/?clid=22668" ]


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/?clid=22668"
"Search Page"="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
"Start Page"="https://www.seznam.cz/?clid=22668"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
"Start Page"="https://www.seznam.cz/?clid=22668"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\y]
@="http://yandex.ru/yandsearch?win=89&clid=1946583&text=%s"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0176EF3A-F315-451F-BF7B-01A49946959B} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_13415"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{13BBCCD1-55EC-43EF-ACD2-4863339E5EE8} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_13415"
{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} Seznam Url="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
{1B9E797E-A38A-4AEA-AAF6-2C28C0BF05CE} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_13415"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... FA_csCZ456"
{6D92FDD2-C505-4133-B072-F16C6EB71C6E} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415"
{7FB760A1-91A7-4053-A734-D68E2D4C785E} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13415"
{838A6F48-5245-4196-AB95-069C58048561} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_13415"
{977B6067-FA0A-4BE5-B4D3-2BD1A8B2D53F} Bing Url="http://www.bing.com/search?FORM=NP24DF& ... -SearchBox"
{AF2952A3-48CB-4D49-8F30-CD7521A26C43} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13415"
{C0B571E8-20E2-44A5-B7FB-ADC95765B193} Seznam Url="http://search.seznam.cz/?q={searchTerms ... arch_13415"
{E28490C1-9B00-4fa8-A85D-28CF79677631} Google Url="http://www.google.com/cse?cx=partner-pu ... earchTerms}"
{ED4F2783-3944-4378-890B-7798180510E7} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_13415"

==== Reset Google Chrome ======================

C:\Users\User\AppData\Local\Chromium\User Data\Default\Preferences was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences_20130915102947.backup was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\User\AppData\Local\Nichrome\User Data\Default\Preferences was reset successfully
C:\Users\User\AppData\Local\Xpom\User Data\Default\Preferences was reset successfully
C:\Users\User\AppData\Local\Chromium\User Data\Default\Web Data was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data_20130915102947.backup was reset successfully
C:\Users\User\AppData\Local\Nichrome\User Data\Default\Web Data was reset successfully
C:\Users\User\AppData\Local\Xpom\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\65F8E9A2B13CBBD4FB2EF0E48C913255 deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{300DB161-2EAE-E41A-0910-E7E10160A82B} deleted successfully
HKEY_CURRENT_USER\Software\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaaoiagmlcohkmjodefppbmpjdiocmh deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\smartbar deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\65F8E9A2B13CBBD4FB2EF0E48C913255 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixMyRegistry deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Razer Synapse deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\User\AppData\Local\Mozilla\Firefox\Profiles\yz9mdw4k.default\Cache will be emptied at reboot

==== Empty Chrome Cache ======================

C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=575 folders=527 1935816732 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\User\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\User\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\4tv.cz" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\affil.trikator.cz" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\cdn.livestream.com" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\cdn.playwire.com" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\cdncache-a.akamaihd.net" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\cdncache1-a.akamaihd.net" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\crazyfarmer.l3.cdn.bigpoint.net" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\doma.nova.cz" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\edu.glogster.com" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\files.adform.net" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\gc001.geewa.com" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\geewa-a.akamaihd.net" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\go.eu.bbelements.com" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\img.playa-games.com" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\img5.uloz.to" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\localhost" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\media.novinky.cz" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\nahnoji.cz" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\ordinace.nova.cz" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\player.vid4u.org" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\s0.2mdn.net" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\sorisomail.com" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\static.en.softonic.com" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\vanocni.datart.cz" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\video.begun.ru" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\vidii.hardsextube.com" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\voyo.nova.cz" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\www.callofduty.com" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\www.cz.n-mobile.net" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\www.foxdns.com" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\www.herna.biz" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\www.novinky.cz" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\www.performax.cz" not found
"C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M83KNVTH\www.sky138.com" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on so 16.05.2015 at 22:47:32,71 ======================
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: preventivka

#5 Příspěvek od vyosek »

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=30&t=133101
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
reptoid
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 16 kvě 2015 20:34

Re: preventivka

#6 Příspěvek od reptoid »

Snad jsem to podle návodu udělal správně.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02
Ran by User (administrator) on USER-PC on 16-05-2015 23:59:17
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available profiles: User)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\INTELLINET\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\INTELLINET\Common\RaRegistry64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(OLYMPUS IMAGING CORP.) C:\Program Files (x86)\OLYMPUS\OLYMPUS Master\Monitor.exe
() C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(INTELLINET NETWORK SOLUTIONS) C:\Program Files (x86)\INTELLINET\Common\INTELLINET_UI.exe
(D-Link Corp.) C:\Program Files (x86)\D-Link\DWA-131 revA\wirelesscm.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11772520 2011-01-04] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe [223104 2011-08-30] (CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-05-05] (Raptr, Inc)
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-20] (Google Inc.)
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888384 2015-05-15] (Valve Corporation)
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Run: [OM_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Master\Monitor.exe [57344 2005-07-19] (OLYMPUS IMAGING CORP.)
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [231424 2012-04-05] ()
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-09-20] (Nero AG)
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-07-28] (AMD)
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-11-03] (Google Inc.)
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2015-04-30] (Nota Inc.)
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\MountPoints2: {5b85258f-9e8c-11e1-a6da-50e54936b78b} - E:\ZTE_Handset_USB_Driver.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\INTELLINET Wireless Utility.lnk [2011-11-02]
ShortcutTarget: INTELLINET Wireless Utility.lnk -> C:\Program Files (x86)\INTELLINET\Common\INTELLINET_UI.exe (INTELLINET NETWORK SOLUTIONS)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Connection Manager.lnk [2013-02-21]
ShortcutTarget: Wireless Connection Manager.lnk -> C:\Program Files (x86)\D-Link\DWA-131 revA\wirelesscm.exe (D-Link Corp.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2012-06-17]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-22] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3717432927-1355506929-3792285562-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3717432927-1355506929-3792285562-1000 -> {0176EF3A-F315-451F-BF7B-01A49946959B} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKU\S-1-5-21-3717432927-1355506929-3792285562-1000 -> {13BBCCD1-55EC-43EF-ACD2-4863339E5EE8} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKU\S-1-5-21-3717432927-1355506929-3792285562-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-3717432927-1355506929-3792285562-1000 -> {1B9E797E-A38A-4AEA-AAF6-2C28C0BF05CE} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKU\S-1-5-21-3717432927-1355506929-3792285562-1000 -> {6D92FDD2-C505-4133-B072-F16C6EB71C6E} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
SearchScopes: HKU\S-1-5-21-3717432927-1355506929-3792285562-1000 -> {7FB760A1-91A7-4053-A734-D68E2D4C785E} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\S-1-5-21-3717432927-1355506929-3792285562-1000 -> {838A6F48-5245-4196-AB95-069C58048561} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKU\S-1-5-21-3717432927-1355506929-3792285562-1000 -> {AF2952A3-48CB-4D49-8F30-CD7521A26C43} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\S-1-5-21-3717432927-1355506929-3792285562-1000 -> {C0B571E8-20E2-44A5-B7FB-ADC95765B193} URL = http://search.seznam.cz/?q={searchTerms ... arch_13415
SearchScopes: HKU\S-1-5-21-3717432927-1355506929-3792285562-1000 -> {E28490C1-9B00-4fa8-A85D-28CF79677631} URL = http://www.google.com/cse?cx=partner-pu ... earchTerms}
SearchScopes: HKU\S-1-5-21-3717432927-1355506929-3792285562-1000 -> {ED4F2783-3944-4378-890B-7798180510E7} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-22] (Avast Software s.r.o.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-02] (Google Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-22] (Avast Software s.r.o.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-02] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-02] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-02] (Google Inc.)
Toolbar: HKU\S-1-5-21-3717432927-1355506929-3792285562-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-02] (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.88.1 217.170.96.24 217.170.96.2

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yz9mdw4k.default
FF Homepage: about:home
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-18] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-10-04] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-18] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_32 -> C:\Windows\SysWOW64\npdeployJava1.dll [2012-05-07] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-09-09] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3717432927-1355506929-3792285562-1000: @tools.google.com/Google Update;version=3 -> C:\Users\User\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-3717432927-1355506929-3792285562-1000: @tools.google.com/Google Update;version=9 -> C:\Users\User\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-3717432927-1355506929-3792285562-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3717432927-1355506929-3792285562-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-09-09] (Pando Networks)
FF Plugin HKU\S-1-5-21-3717432927-1355506929-3792285562-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-08-07] ()
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yz9mdw4k.default\searchplugins\seznam-avast.xml [2014-09-15]
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yz9mdw4k.default\searchplugins\yandex.ru-102952.xml [2013-09-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-07-19]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-16]
CHR Extension: (Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-16]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-16]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-16]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-16]
CHR Extension: (Google Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-16]
CHR Extension: (Bookmark Manager) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-16]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-16]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-16]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-22]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
StartMenuInternet: Google Chrome - C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-06-09] (Adobe Systems) [File not signed]
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-22] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-04-22] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-04-27] (Microsoft Corporation)
S2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242912 2014-09-11] (Foxit Software Inc.)
R2 hasplms; C:\Windows\system32\hasplms.exe [4941768 2012-06-28] (SafeNet Inc.)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-09-20] (Nero AG)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-05-31] ()
R2 RalinkRegistryWriter; C:\Program Files (x86)\INTELLINET\Common\RaRegistry.exe [185632 2009-12-17] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\INTELLINET\Common\RaRegistry64.exe [212256 2009-12-17] (Ralink Technology, Corp.)
S2 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [367616 2014-05-20] (Razer Inc.) [File not signed]
S3 SafeIPS; C:\Program Files (x86)\SafeIP\SafeIPs.exe [3793408 2013-01-02] (SafeIP) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 WlanWpsSvc; C:\Program Files (x86)\D-Link\DWA-131 revA\WlanWpsSvc.exe [167936 2008-06-26] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-22] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-22] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-22] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-22] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-22] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-22] ()
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2014-05-19] (Razer Inc)
S3 rzmpos; C:\Windows\System32\DRIVERS\rzmpos.sys [34984 2014-05-19] (Razer Inc)
S3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [34944 2011-09-16] (SteelSeries Corporation)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2014-04-05] (Spotflux, Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-22] (Avast Software)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-16 23:59 - 2015-05-16 23:59 - 00023423 _____ () C:\Users\User\Desktop\FRST.txt
2015-05-16 23:58 - 2015-05-16 23:59 - 00000000 ____D () C:\FRST
2015-05-16 23:57 - 2015-05-16 23:57 - 00112640 _____ (forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe
2015-05-16 23:48 - 2015-05-16 23:48 - 02107392 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2015-05-16 22:44 - 2015-05-16 22:13 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-05-16 22:43 - 2015-05-16 22:43 - 00000081 _____ () C:\folders.txt
2015-05-16 22:16 - 2015-05-16 22:47 - 00034758 _____ () C:\zoek-results.log
2015-05-16 22:13 - 2015-05-16 22:46 - 00000000 ____D () C:\zoek_backup
2015-05-16 22:12 - 2015-05-16 22:12 - 01308672 _____ () C:\Users\User\Desktop\zoek.exe
2015-05-16 22:03 - 2015-05-16 22:05 - 00000000 ____D () C:\AdwCleaner
2015-05-16 22:00 - 2015-05-16 22:01 - 02209792 _____ () C:\Users\User\Desktop\adwcleaner_4.204.exe
2015-05-16 21:44 - 2015-05-16 21:44 - 00000000 ____D () C:\rsit
2015-05-16 21:44 - 2015-05-16 21:44 - 00000000 ____D () C:\Program Files\trend micro
2015-05-16 21:43 - 2015-05-16 21:43 - 01222144 _____ () C:\Users\User\Desktop\RSITx64.exe
2015-05-16 20:26 - 2015-05-16 20:29 - 00000000 ____D () C:\Users\User\Documents\Visual Studio 2013
2015-05-16 20:03 - 2015-05-16 20:03 - 00000000 ____D () C:\ProgramData\NuGet
2015-05-16 20:03 - 2015-05-16 20:03 - 00000000 ____D () C:\Program Files (x86)\NuGet
2015-05-16 19:24 - 2015-05-16 19:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-05-16 19:09 - 2015-05-16 19:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
2015-05-16 19:04 - 2015-05-16 20:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 12.0
2015-05-16 18:33 - 2015-05-16 18:33 - 01183904 _____ (Microsoft Corporation) C:\Users\User\Desktop\wdexpress_full.exe
2015-05-16 18:30 - 2015-05-16 18:32 - 36368232 _____ (Microsoft Corporation) C:\Users\User\Desktop\wdexpress_langpack.exe
2015-05-14 03:07 - 2015-05-14 04:08 - 00000000 ____D () C:\7207a3c60c4a4acc674c05
2015-05-14 03:04 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 03:04 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 14:09 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 14:09 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 14:09 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 14:09 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 14:09 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 14:09 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 14:09 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 14:09 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 14:09 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 14:09 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 14:09 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 14:09 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 14:09 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 14:09 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 14:09 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 14:09 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 14:09 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 14:09 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 14:09 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 14:09 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 14:09 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 14:09 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 14:09 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 14:09 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 14:09 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 14:09 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 14:09 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 14:09 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 14:09 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 14:09 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 14:09 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 14:09 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 14:09 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 14:09 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 14:09 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 14:09 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 14:09 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 14:09 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 14:09 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 14:09 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 14:09 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 14:09 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 14:09 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 14:09 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 14:09 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 14:09 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 14:09 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 14:09 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 14:09 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 14:09 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 14:09 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 14:09 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 14:09 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 14:09 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 14:09 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 14:09 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 14:09 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 14:09 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 14:09 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 14:09 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 14:08 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 14:08 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 14:08 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 14:08 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 14:04 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 14:03 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 14:03 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 14:03 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 14:03 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 14:03 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 14:03 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 14:03 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 14:03 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 14:03 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 14:03 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 14:03 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 14:03 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 14:03 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 14:03 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 14:03 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 14:03 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 14:03 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 14:03 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 14:03 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 14:03 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 14:03 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 14:03 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 14:03 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 14:03 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 14:03 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 14:03 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 14:03 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 14:03 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 14:03 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 14:03 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 14:03 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 14:03 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 14:03 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 14:03 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 14:03 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 14:03 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 14:03 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 14:03 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 14:03 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 14:03 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 14:03 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 14:03 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 14:03 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 14:03 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 14:03 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 14:03 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 14:03 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 14:03 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 14:03 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 14:03 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 14:03 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 14:03 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 14:03 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 14:03 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 14:03 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 14:03 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 14:03 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 14:03 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 14:03 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 14:03 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 14:03 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 14:03 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 14:03 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 14:03 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 14:03 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 14:03 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 14:03 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 14:03 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 14:03 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 14:03 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 14:03 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 14:03 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 14:03 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 14:03 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 14:03 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 14:03 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 14:03 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 14:03 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 14:03 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 14:03 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 14:03 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 14:03 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 14:03 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 14:03 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 14:03 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 14:03 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 14:03 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 14:03 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 14:03 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 14:03 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 14:03 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 14:03 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-06 14:51 - 2015-05-06 14:51 - 00000222 _____ () C:\Users\User\Desktop\Wolfenstein The Old Blood.url
2015-05-03 18:17 - 2015-05-03 18:17 - 00000000 ____D () C:\Program Files\Axantum
2015-05-03 18:16 - 2015-05-03 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Axantum AxCrypt
2015-04-22 22:26 - 2015-04-22 22:28 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-04-22 22:26 - 2015-04-22 22:28 - 00000000 ____D () C:\Windows\system32\vbox
2015-04-22 13:36 - 2015-04-22 13:35 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-22 13:35 - 2015-04-22 13:35 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-16 23:46 - 2012-07-31 20:03 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-16 23:39 - 2011-11-02 17:42 - 00000958 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3717432927-1355506929-3792285562-1000UA.job
2015-05-16 23:01 - 2011-11-03 00:21 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-16 22:57 - 2009-07-14 06:45 - 00029136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-16 22:57 - 2009-07-14 06:45 - 00029136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-16 22:53 - 2011-11-02 19:11 - 01563553 _____ () C:\Windows\WindowsUpdate.log
2015-05-16 22:51 - 2014-07-20 12:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\Raptr
2015-05-16 22:50 - 2012-08-26 17:04 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2015-05-16 22:50 - 2011-11-02 17:51 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-16 22:49 - 2012-05-02 17:13 - 00000294 _____ () C:\test.log
2015-05-16 22:47 - 2011-11-03 00:21 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-16 22:46 - 2014-10-19 10:37 - 00076900 _____ () C:\Windows\PFRO.log
2015-05-16 22:46 - 2014-10-19 10:37 - 00010720 _____ () C:\Windows\setupact.log
2015-05-16 22:46 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-16 21:43 - 2013-06-14 20:25 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2015-05-16 21:39 - 2011-11-02 17:42 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3717432927-1355506929-3792285562-1000Core.job
2015-05-16 20:24 - 2013-03-27 17:35 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2015-05-16 20:20 - 2013-03-27 17:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-05-16 20:17 - 2013-03-27 17:17 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.0
2015-05-16 20:13 - 2014-10-04 13:19 - 00000000 ____D () C:\Users\User\AppData\Roaming\.minecraft
2015-05-16 20:08 - 2013-03-27 17:59 - 00000000 ____D () C:\Program Files\IIS Express
2015-05-16 20:08 - 2013-03-27 17:59 - 00000000 ____D () C:\Program Files (x86)\IIS Express
2015-05-16 20:08 - 2013-03-27 17:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2015-05-16 19:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-05-16 19:27 - 2013-03-27 17:54 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2015-05-16 19:19 - 2013-03-27 17:46 - 00000000 ____D () C:\Program Files (x86)\Microsoft Help Viewer
2015-05-16 19:19 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-05-16 10:04 - 2012-05-13 13:34 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2015-05-15 21:34 - 2011-11-02 17:42 - 00003930 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3717432927-1355506929-3792285562-1000UA
2015-05-15 21:34 - 2011-11-02 17:42 - 00003534 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3717432927-1355506929-3792285562-1000Core
2015-05-15 06:57 - 2014-08-16 18:38 - 00003740 _____ () C:\Windows\System32\Tasks\GyazoUpdateTaskMachine
2015-05-15 06:56 - 2011-11-03 00:21 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 06:56 - 2011-11-03 00:21 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-15 06:55 - 2014-08-16 18:38 - 00000986 _____ () C:\Users\Public\Desktop\Gyazo.lnk
2015-05-15 06:55 - 2014-08-16 18:38 - 00000986 _____ () C:\Users\Public\Desktop\Gyazo GIF.lnk
2015-05-15 06:55 - 2014-08-16 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2015-05-15 06:55 - 2014-08-16 18:38 - 00000000 ____D () C:\Program Files (x86)\Gyazo
2015-05-14 21:32 - 2011-11-02 17:44 - 00002362 _____ () C:\Users\User\Desktop\Google Chrome.lnk
2015-05-14 05:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-05-14 04:37 - 2011-04-12 10:34 - 00672136 _____ () C:\Windows\system32\perfh005.dat
2015-05-14 04:37 - 2011-04-12 10:34 - 00142732 _____ () C:\Windows\system32\perfc005.dat
2015-05-14 04:37 - 2009-07-14 07:13 - 01593150 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-14 04:29 - 2009-07-14 06:45 - 05012000 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-14 04:28 - 2012-05-13 20:55 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-14 04:28 - 2012-05-13 20:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 04:26 - 2011-04-12 10:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-14 04:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-14 04:09 - 2011-11-03 14:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-14 03:04 - 2012-05-13 20:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-12 15:59 - 2013-07-19 10:37 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-10 16:03 - 2012-05-16 17:05 - 00000000 ____D () C:\Users\User\AppData\Roaming\Audacity
2015-05-06 13:20 - 2014-07-20 12:28 - 00000000 ____D () C:\Program Files (x86)\Raptr
2015-05-05 21:33 - 2012-03-19 19:48 - 00000000 ____D () C:\Users\User\AppData\Roaming\TS3Client
2015-05-03 18:16 - 2014-12-31 18:15 - 00000000 ____D () C:\Users\User\Desktop\challenge
2015-04-24 14:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-22 13:35 - 2014-09-14 15:22 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-04-22 13:35 - 2014-09-14 15:22 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-22 13:35 - 2013-07-19 10:37 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-22 13:35 - 2013-07-19 10:37 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-22 13:35 - 2013-07-19 10:37 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-22 13:35 - 2013-07-19 10:37 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-04-22 13:35 - 2013-07-19 10:37 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-22 13:35 - 2013-07-19 10:37 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-18 16:48 - 2015-01-26 15:46 - 18178736 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-04-18 16:48 - 2012-07-31 20:03 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-18 16:48 - 2012-07-31 20:03 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-18 16:48 - 2011-11-03 00:21 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-17 21:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-16 08:26 - 2014-12-11 15:13 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 08:26 - 2014-04-30 23:48 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 08:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-16 08:08 - 2011-11-20 15:44 - 01567864 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-16 08:02 - 2012-12-05 16:53 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-16 08:02 - 2011-11-26 20:45 - 00000000 ____D () C:\ProgramData\Skype

==================== Files in the root of some directories =======

2012-06-25 20:25 - 2012-06-27 13:21 - 0000132 _____ () C:\Users\User\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
2012-06-27 13:22 - 2015-02-26 17:37 - 0000132 _____ () C:\Users\User\AppData\Roaming\Adobe PNG Format CS6 Prefs
2013-01-13 16:42 - 2013-02-02 18:14 - 0703117 _____ () C:\Users\User\AppData\Roaming\technic-launcher.jar
2013-01-13 16:42 - 2013-01-13 16:42 - 0582227 _____ () C:\Users\User\AppData\Roaming\technic-launcher.jar.bak
2011-11-03 16:47 - 2014-02-05 17:19 - 0001057 _____ () C:\Users\User\AppData\Roaming\vso_ts_preview.xml
2012-02-28 22:53 - 2013-09-17 22:17 - 0000600 _____ () C:\Users\User\AppData\Roaming\winscp.rnd
2012-01-21 21:56 - 2013-06-05 10:51 - 0015360 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-14 03:33




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:931.41 GB) (Free:189.66 GB) NTFS

Available physical RAM: 5380.14 MB
Total physical RAM: 8175.37 MB
Percentage of memory in use: 34%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E7EE092B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3717432927-1355506929-3792285562-1000Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3717432927-1355506929-3792285562-1000UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\User\Desktop" je 2140 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager
"C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager
"C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\User\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\User\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr
"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Nahoru
reptoid
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 16 kvě 2015 20:34

Re: preventivka

#7 Příspěvek od reptoid »

Ještě sem pro jistotu přidám to Addition.txt.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-05-2015 02
Ran by User at 2015-05-16 23:59:58
Running from C:\Users\User\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3717432927-1355506929-3792285562-500 - Administrator - Disabled)
Guest (S-1-5-21-3717432927-1355506929-3792285562-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3717432927-1355506929-3792285562-1002 - Limited - Enabled)
User (S-1-5-21-3717432927-1355506929-3792285562-1000 - Administrator - Enabled) => C:\Users\User

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe After Effects 7.0 (HKLM-x32\...\Adobe After Effects 7.0) (Version: 7.0.0.244 - Adobe Systems, Inc.)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.249 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Reader 6.0.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7646-A00000000001}) (Version: 006.000.001 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version: - )
Assassin's Creed (HKLM-x32\...\Steam App 15100) (Version: - Ubisoft Montreal)
Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version: - Ubisoft Montreal)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version: - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.2.2218 - AVAST Software)
AxCrypt 1.7.2867.0 (HKLM\...\{C8118019-96B5-42FB-9A45-5D82D1CB62EE}) (Version: 1.7.2867.0 - Axantum Software AB)
Balíček ovladače systému Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version: - WB Games Montreal)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Bing Bar (HKLM-x32\...\{A9739666-2235-42F8-85D6-9B4005DC7951}) (Version: 7.1.382.0 - Microsoft Corporation)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Call of Duty(R) - World at War(TM) (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision)
Call of Duty(R) - World at War(TM) (x32 Version: 1.0 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty: Advanced Warfare - Multiplayer (HKLM-x32\...\Steam App 209660) (Version: - Sledgehammer Games)
Call of Duty: Advanced Warfare (HKLM-x32\...\Steam App 209650) (Version: - Sledgehammer Games)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version: - Treyarch)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version: - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version: - )
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 3 - Dedicated Server (HKLM-x32\...\Steam App 42750) (Version: - Infinity Ward - Sledgehammer Games)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version: - Infinity Ward - Sledgehammer Games)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version: - Infinity Ward)
Camtasia Studio 7 (HKLM-x32\...\{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}) (Version: 7.1.1 - TechSmith Corporation)
Camtasia Studio 8 (HKLM-x32\...\{E4754261-F0CD-4262-8372-1A92DDCC6103}) (Version: 8.0.1.897 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
ConvertXtoDVD 4.1.19.365 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.365 - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
D-Link DWA-131 Wireless N Nano USB Adapter (HKLM-x32\...\{D9198056-A296-4583-A790-C0E73694CFE8}) (Version: - D-Link)
DOOM 3: BFG Edition (HKLM-x32\...\Steam App 208200) (Version: - )
Easy GIF Animator 6.0 (HKLM-x32\...\Easy GIF Animator_is1) (Version: Easy GIF Animator 6.0 - Karlis Blumentals)
Entity Framework 6.1.1 Tools for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.95 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.95 - Etron Technology) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 2.1.32.905 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.3.916 - Foxit Software Inc.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry)
Google Chrome (HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Gothic III (HKLM-x32\...\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}) (Version: 1.0.0 - JoWooD Productions Software AG)
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
GTA:SanAndreas_CZ (HKLM-x32\...\GTA:SanAndreas_CZ) (Version: - )
Gyazo 2.4 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive)
HydraVision (x32 Version: 4.2.210.0 - Advanced Micro Devices, Inc.) Hidden
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version: - Dark Byte)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
INTELLINET Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.5.0 - INTELLINET)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech)
Max Payne (HKLM-x32\...\{BF4EFBD3-57F1-4C4F-9484-6FCC18F735A7}) (Version: 1.00.000 - )
Max Payne (HKLM-x32\...\Steam App 12140) (Version: - Remedy Entertainment)
Max Payne 2: The Fall of Max Payne (HKLM-x32\...\Steam App 12150) (Version: - Remedy Entertainment)
Max Payne 3 (HKLM-x32\...\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}) (Version: 1.0.0.0 - Rockstar Games)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{8C06D6DB-A391-4686-B050-99CC522A7843}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{4AEB505C-95E1-4964-9B64-8D27F3186D30}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU with Update 4 (HKLM-x32\...\{b8a9dbc1-1fd4-4103-a83b-a2896f193ea0}) (Version: 12.0.31101.0 - Microsoft Corporation)
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{CDF307AF-A3DF-4D5D-8EEC-9430ECAE5972}) (Version: 1.6.4 - MINECRAFTinstall.net)
Mozilla Firefox 31.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 cs)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Need for Speed™ Most Wanted (HKLM-x32\...\{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}) (Version: - )
Nero 8 (HKLM-x32\...\{6F8A555E-F2E1-415D-AD8A-67C0A7671029}) (Version: 8.10.27 - Nero AG)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Olympus ib (HKLM-x32\...\InstallShield_{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}) (Version: 1.6.3731 - OLYMPUS IMAGING CORP.)
Olympus ib (x32 Version: 1.6.3731 - OLYMPUS IMAGING CORP.) Hidden
OLYMPUS Master (HKLM-x32\...\InstallShield_{BA820A24-704B-428D-9904-71A10DAC1372}) (Version: 1.31.2000 - OLYMPUS IMAGING CORP.)
OLYMPUS Master (x32 Version: 1.31.2000 - OLYMPUS IMAGING CORP.) Hidden
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version: - 3909)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
Raptr (HKLM-x32\...\Raptr) (Version: - )
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.36.1224.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6282 - Realtek Semiconductor Corp.)
Return to Castle Wolfenstein (HKLM-x32\...\Return to Castle Wolfenstein) (Version: 1.0 - Activision, Inc.)
Return to Castle Wolfenstein CZ (HKLM-x32\...\Return to Castle Wolfenstein CZ) (Version: - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version: - Cellar Door Games)
SafeIP (HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\SAFEIP_is1) (Version: - SafeIP)
Seznam Software (HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\SeznamInstall) (Version: - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spelunky (HKLM-x32\...\Steam App 239350) (Version: - )
Splashtop Connect for Firefox (HKLM-x32\...\{45D49CA7-D7D8-4659-B35A-EBD98C30AF28}) (Version: 1.1.8.4 - Splashtop Inc.)
Splashtop Connect IE (HKLM-x32\...\{418D77E2-7B60-48F8-B016-30A32699EE74}) (Version: 1.1.10.4 - Splashtop Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.2.927.31327 - SteelSeries)
StepMania 3.9 (remove only) (HKLM-x32\...\StepMania) (Version: - )
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - Team Meat)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.11.1 - TeamSpeak Systems GmbH)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - )
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version: - CD Projekt RED)
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
Unity Web Player (HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.4 - Ubisoft)
Valiant Hearts: The Great War™ / Soldats Inconnus : Mémoires de la Grande Guerre™ (HKLM-x32\...\Steam App 260230) (Version: - Ubisoft Montpellier)
VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden
Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Warcraft III) (Version: - )
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Movie Maker (HKLM\...\Windows Movie Maker) (Version: 6.0.6002.18005 - Microsoft Corporation)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Wolfenstein: The New Order (HKLM-x32\...\Steam App 201810) (Version: - Machine Games)
Wolfenstein: The Old Blood (HKLM-x32\...\Steam App 350080) (Version: - MachineGames)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_CZ_is1) (Version: 5.0.5000.16 - ZONER software)
Zoner GIF Animator 5 (HKLM-x32\...\{2EE90F26-20B3-4423-81DE-E57E5D2E4FEF}) (Version: 5.0.3000.2 - ZONER software)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3717432927-1355506929-3792285562-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3717432927-1355506929-3792285562-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3717432927-1355506929-3792285562-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3717432927-1355506929-3792285562-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3717432927-1355506929-3792285562-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3717432927-1355506929-3792285562-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)

==================== Restore Points =========================

26-04-2015 19:00:11 Windows Zálohování
28-04-2015 16:08:09 Windows Update
03-05-2015 18:16:17 Installed AxCrypt 1.7.2867.0
03-05-2015 19:00:04 Windows Zálohování
05-05-2015 13:25:47 Windows Update
09-05-2015 10:11:44 Windows Update
09-05-2015 14:36:09 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
09-05-2015 14:37:04 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
10-05-2015 19:00:09 Windows Zálohování
12-05-2015 16:06:01 Windows Update
14-05-2015 03:01:15 Windows Update
15-05-2015 03:00:25 Windows Update
15-05-2015 07:00:46 Software Removal Tool
16-05-2015 18:34:05 Microsoft Visual Studio Express 2013 for Windows Desktop - ENU with Update 4
16-05-2015 18:44:47 Microsoft Visual Studio Express 2013 for Windows Desktop - ENU with Update 4
16-05-2015 22:16:55 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-05-16 22:19 - 00000841 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {038A5C01-9FCD-4250-879C-0047E11F3170} - System32\Tasks\{077C5B63-F812-4F1F-BCB2-C6D29361AED9} => C:\Program Files (x86)\Origin\Origin.exe [2014-05-29] (Electronic Arts)
Task: {0DDF346E-392B-4132-B2E9-7B167750AA15} - System32\Tasks\{35FE2F6E-843E-4C9C-89AB-4F90DBA58049} => pcalua.exe -a C:\Users\User\Desktop\forge-1.7.10-10.13.0.1180-installer-win.exe -d C:\Users\User\Desktop
Task: {127FB774-C705-436F-BF44-E2261BE9E7B0} - System32\Tasks\{14B80C4B-E687-4705-A1EE-F68F1B1442D7} => C:\Program Files (x86)\Origin\Origin.exe [2014-05-29] (Electronic Arts)
Task: {15506722-30F8-4258-B17A-59A6A131298E} - System32\Tasks\{850B9DCE-9CBA-4BF5-B7EA-C2FE52C29896} => C:\Users\User\Desktop\Xpadder.exe
Task: {1D8D9CE9-F149-4AFA-93CD-F64DB3316A23} - System32\Tasks\{F860DC56-76DC-4BE1-A1AD-17734B0970AC} => C:\Program Files (x86)\Origin\Origin.exe [2014-05-29] (Electronic Arts)
Task: {2238E84B-92BB-42AF-99D5-0288928B00BE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {23B1CA41-277C-4021-A0BD-641A9044E25B} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {26123E2D-DE60-4D80-878E-16527D41BDE6} - System32\Tasks\{C2DB8A87-3363-4DE9-BF72-A0265B1FE529} => pcalua.exe -a C:\Windows\unvise32qt.exe -c C:\Windows\system32\QuickTime\Uninstall.log
Task: {29E5B856-8601-416C-92E4-432A54C5EB47} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {2C03EBA3-9415-4EC5-B1A1-06F4EF863635} - System32\Tasks\{A392BB1E-FE50-4D79-886D-CBBD9E7B7F78} => C:\Program Files (x86)\Origin\Origin.exe [2014-05-29] (Electronic Arts)
Task: {3005B430-BF5C-47E5-BA56-C93241CE07E7} - System32\Tasks\{E47E5026-A40B-4BA2-8010-B704A5C60082} => C:\Program Files (x86)\Sony\Vegas Pro 11.0\vegas110.exe
Task: {3346836B-E045-482C-AEDF-1EDE2A55C8C8} - System32\Tasks\{E9D1F23F-38C9-4B58-8A73-21087F1CD6D7} => pcalua.exe -a "C:\Program Files (x86)\Webteh\BSplayer\uninstall.exe"
Task: {3454E15A-0075-4193-A522-023C67BBA327} - System32\Tasks\{7B1BC3DF-A698-4794-BD29-940565DB710C} => pcalua.exe -a C:\Users\User\Downloads\sa-mp-0.3b-R2-install.exe -d C:\Users\User\Downloads
Task: {38CE2D15-F1DB-4879-AEFD-4C89A5F62AFA} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {3C8EE9E0-2FD8-42DE-BBA7-B79CAC5E5AAC} - System32\Tasks\{9450F4CD-0957-4DC0-8CE5-F2989BFB7B20} => pcalua.exe -a D:\Install.exe -d D:\
Task: {4BCF4A90-F82A-4288-A908-DE2E6BAA6B9A} - System32\Tasks\{49CBA0D6-E247-4E83-9ACD-B4D386782121} => C:\Program Files (x86)\Sony\Vegas Pro 11.0\vegas110.exe
Task: {61A96B81-E3A1-4170-BEC3-15D67993600D} - System32\Tasks\{677ADF87-2C34-4CB4-838C-6C8139155D2F} => C:\Program Files (x86)\Origin\Origin.exe [2014-05-29] (Electronic Arts)
Task: {63357187-9E26-473C-99C3-DFB57F5BBEDD} - System32\Tasks\{9CFA8E4B-B18D-4383-B404-EBC8FEEB5E71} => pcalua.exe -a C:\Users\User\Downloads\After_Effects_7_0_Tryout\Setup.exe -d C:\Users\User\Downloads\After_Effects_7_0_Tryout
Task: {7096390F-4C22-43D4-8C96-5344A5BB1CB1} - System32\Tasks\{0C56FA42-937C-4F98-86CA-19896AEE4458} => C:\Program Files (x86)\Origin\Origin.exe [2014-05-29] (Electronic Arts)
Task: {73DAC076-EE36-4A08-98AA-F13012B19996} - System32\Tasks\{C1779F47-F3BD-4191-8544-1742DA34080D} => C:\Program Files (x86)\Origin\Origin.exe [2014-05-29] (Electronic Arts)
Task: {74258350-E15F-4EAF-A10F-52B3F01E0DA2} - System32\Tasks\{6E3874DC-63EB-4364-BF80-1D8400FB732F} => pcalua.exe -a D:\maxpayne2_czv101.exe -d D:\
Task: {778F675C-D82C-44A9-A512-63C17CFE2C36} - System32\Tasks\AdobeAAMUpdater-1.0-User-PC-User => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {8335238D-F37D-4181-A582-744D66B18C99} - System32\Tasks\{D3DE6356-5A7A-45DA-BFA6-BEE4BD7B9167} => pcalua.exe -a C:\Users\User\Desktop\adobegg\CS7\Setup.exe -d C:\Users\User\Desktop\adobegg\CS7
Task: {83DE7A72-25D7-4BD6-B2A2-A2F31D9C0902} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {8853D56F-03D7-4F2D-8242-3AAF953854EA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {8974697A-ED45-4C25-BF83-C6EFD3D40389} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3717432927-1355506929-3792285562-1000Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {93FE778A-911A-400E-B9D3-83C80DE83703} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {A088AB75-5DC6-4248-80A9-4E17F06AE222} - System32\Tasks\{283E6CD2-4C81-484B-A916-9425627D3133} => pcalua.exe -a D:\Launch.exe -d D:\
Task: {B3CC3843-604E-48C8-A9FB-B6D6B906CA0A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {B7D6B6F9-8C36-4BA5-94DC-B8AA61FBAD8E} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2015-04-30] ()
Task: {B8E873C3-8BC1-48D3-B681-152C6B4E49D6} - System32\Tasks\{432D7A61-A37A-4658-90A6-0E06836317D0} => C:\Program Files (x86)\Origin\Origin.exe [2014-05-29] (Electronic Arts)
Task: {C276474C-9F53-4980-B11D-70BBD4D6B597} - System32\Tasks\{A5833BC4-A06F-4826-B222-E48E936FF3FA} => pcalua.exe -a "C:\Users\User\Desktop\2003 - Meteora\Počeštění hry PROTOTYPE krok 1.exe" -d "C:\Users\User\Desktop\2003 - Meteora"
Task: {C286FB27-1B14-4B56-BB76-C98C6DC2A88F} - System32\Tasks\{99B1CA03-6D14-4AEC-9927-12EA775030E1} => C:\Program Files (x86)\Origin\Origin.exe [2014-05-29] (Electronic Arts)
Task: {C2B587E9-7556-4E11-9186-243A7310DB02} - System32\Tasks\{B8024FD4-C1F3-4745-8736-23AB763B0A5C} => pcalua.exe -a D:\ddr.exe -d D:\
Task: {C490C11C-04F5-4948-8379-1E87703A9EEB} - System32\Tasks\{F76496F6-B9A8-41E5-99C4-2AFF40B696AD} => C:\Program Files (x86)\Origin\Origin.exe [2014-05-29] (Electronic Arts)
Task: {C5A7C4FB-4EAE-4B42-B214-82367E39DB46} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-22] (Avast Software s.r.o.)
Task: {C8314D7F-BB03-44C7-AA76-2BB8C139EAD3} - System32\Tasks\{93538E41-9AED-4503-9368-1081F7EEF678} => pcalua.exe -a "C:\Users\User\Desktop\X-Ray Mod Installer\X-Ray Mod Installer.exe" -d "C:\Users\User\Desktop\X-Ray Mod Installer"
Task: {C96E77BB-A3B0-40C6-9FA3-43342101C5D7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3717432927-1355506929-3792285562-1000UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {CB1C27C5-BD88-45DF-8989-C4CA2E4919EC} - System32\Tasks\{ACAA4AE1-41E7-4F6B-9233-64EBEBE5E831} => C:\Program Files (x86)\Sony\Vegas Pro 11.0\vegas110.exe
Task: {D28ECEC7-2AE0-4951-AF62-3A9A618346D4} - System32\Tasks\{6722BC8B-8F1C-4A01-8C04-377D961FC2FF} => C:\Program Files (x86)\Origin\Origin.exe [2014-05-29] (Electronic Arts)
Task: {DA056D94-D3B2-4D21-846A-EA55E627947A} - System32\Tasks\{D9A86B9E-1724-4E70-A463-183694E998D4} => pcalua.exe -a C:\Users\User\Downloads\jre-6u29-windows-i586-s.exe -d C:\Users\User\Downloads
Task: {DA5624CA-22F2-430A-BD3C-268CC8E022BD} - System32\Tasks\{E7FEBF3B-092A-4E9E-BE42-0C75435B434E} => C:\Program Files (x86)\Steam\Steam.exe [2015-05-15] (Valve Corporation)
Task: {DD7C67DE-552D-481A-9A8C-D7DC624FAA72} - \YourFile Update No Task File <==== ATTENTION
Task: {EB7416D1-23B2-4276-A8DB-840249022DC0} - System32\Tasks\{7ACB8711-9424-484B-898C-4BFA9B20E162} => pcalua.exe -a C:\Users\User\Desktop\gta_iv_cestina_02.exe -d C:\Users\User\Desktop
Task: {F196FE11-0503-4BBD-85F8-8F4C947A5DD7} - System32\Tasks\{E9523A75-9049-4E48-8054-CB0CB6CCE656} => C:\Program Files (x86)\Sony\Vegas Pro 11.0\vegas110.exe
Task: {F51B691F-F0C9-4210-9056-5867C11EA5E0} - System32\Tasks\{5202F0E4-8F48-4302-B221-876877362BEC} => pcalua.exe -a D:\autorun.exe -d D:\
Task: {F93B4961-379E-43C2-AD2F-02978CE5868D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-18] (Adobe Systems Incorporated)
Task: {FA990A2E-345E-4CEC-8DB9-63DB522DD2AF} - System32\Tasks\{0BF75F82-E3A5-4A4C-A400-927E99F7343C} => C:\Program Files (x86)\Origin\Origin.exe [2014-05-29] (Electronic Arts)
Task: {FBCF6C60-08B8-4D91-95D2-2BA65BC7225B} - System32\Tasks\{C24921AC-6B77-4148-84FE-BA2FBF8B614C} => C:\Program Files (x86)\Origin\Origin.exe [2014-05-29] (Electronic Arts)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3717432927-1355506929-3792285562-1000Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3717432927-1355506929-3792285562-1000UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2011-11-10 19:26 - 2010-05-14 00:48 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll
2011-11-10 19:27 - 2010-05-14 00:48 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2013-01-02 18:18 - 2014-05-31 21:42 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-11-03 11:07 - 2011-05-28 23:05 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2012-04-05 11:11 - 2012-04-05 11:11 - 00231424 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
2012-04-05 11:11 - 2012-04-05 11:11 - 00540672 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2012-04-05 11:11 - 2012-04-05 11:11 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2015-05-16 22:49 - 2015-05-16 22:49 - 00089915 _____ () C:\Users\User\AppData\Local\Temp\3d0a1899-e862-43d1-b9db-9650cceb2a80\CliSecureRT64.dll
2012-04-05 11:11 - 2012-04-05 11:11 - 07436800 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2012-04-05 11:11 - 2012-04-05 11:11 - 00229888 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2012-04-05 11:11 - 2012-04-05 11:11 - 00138240 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2012-04-05 11:11 - 2012-04-05 11:11 - 00135680 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Logger.dll
2011-09-30 19:23 - 2011-09-30 19:23 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2012-04-05 11:11 - 2012-04-05 11:11 - 00147968 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2010-04-18 12:32 - 2010-04-18 12:32 - 01102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2012-04-05 11:11 - 2012-04-05 11:11 - 00346624 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2012-04-05 11:11 - 2012-04-05 11:11 - 00168960 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2012-04-05 11:11 - 2012-04-05 11:11 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2015-04-22 13:35 - 2015-04-22 13:35 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-22 13:35 - 2015-04-22 13:35 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-16 20:06 - 2015-05-16 20:06 - 02929664 _____ () C:\Program Files\AVAST Software\Avast\defs\15051601\algo.dll
2011-07-28 18:11 - 2011-07-28 18:11 - 00090112 _____ () C:\Program Files (x86)\ATI Technologies\HydraVision\HydraCsy.dll
2011-11-02 23:50 - 2009-10-06 10:35 - 00901120 _____ () C:\Program Files (x86)\INTELLINET\Common\RaWLAPI.dll
2013-02-21 17:38 - 2009-08-06 17:15 - 00376832 _____ () C:\Program Files (x86)\D-Link\DWA-131 revA\WlanDll.dll
2015-04-22 13:35 - 2015-04-22 13:35 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2014-08-14 02:37 - 2014-08-14 02:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-14 02:37 - 2014-08-14 02:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2013-11-21 02:05 - 2013-11-21 02:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 02:56 - 2014-06-18 02:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2015-05-14 21:32 - 2015-05-05 06:06 - 01252680 _____ () C:\Users\User\AppData\Local\Google\Chrome\Application\42.0.2311.152\libglesv2.dll
2015-05-14 21:32 - 2015-05-05 06:06 - 00080712 _____ () C:\Users\User\AppData\Local\Google\Chrome\Application\42.0.2311.152\libegl.dll
2015-05-14 21:32 - 2015-05-05 06:06 - 14982472 _____ () C:\Users\User\AppData\Local\Google\Chrome\Application\42.0.2311.152\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SafeIPS => ""="service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.88.1 - 217.170.96.24

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: cz.seznam.software.autoupdate => "C:\Users\User\AppData\Roaming\Seznam.cz\szninstall.exe" -c
MSCONFIG\startupreg: cz.seznam.software.szndesktop => "C:\Users\User\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{33185393-30AC-4A87-99B2-1F79AF5AD4A4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BB711536-D45A-4317-8764-F003478ECDBC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{D4479E3B-0ABE-4830-8048-64191C6423E8}C:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe] => (Block) C:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe
FirewallRules: [UDP Query User{F014469C-3735-4B65-B02C-067BF3C5B409}C:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe] => (Block) C:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe
FirewallRules: [{B2E6D6BE-2FB5-4B40-94D7-9B7D697EC179}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaWmp.exe
FirewallRules: [{22DC528F-B14E-4174-AEA5-F139A35A6801}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaWmp.exe
FirewallRules: [{38679AA6-DBDF-4238-87FF-5DA0178EB24E}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe
FirewallRules: [{AD7C4634-176C-4100-BE3C-5DEDCA7C22A7}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe
FirewallRules: [{22092969-7D32-4A1A-A4D0-F1E27FD21CE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{7009940B-AF98-4C85-B35B-F5F69A309E04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{0A059389-CC00-401D-92F4-934DE4B2D3B7}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{4054536D-AA94-4A42-9E25-D833017F4A3C}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{966D0347-C6D5-4427-8F43-CEB52F1AE233}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{41CBC849-24F3-4669-896B-82E60EA644EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{339E55C1-EB12-4BD6-AFB1-685AB26AADF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe
FirewallRules: [{9F22899C-2CA4-4A46-8B05-34F9DE36ACD1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe
FirewallRules: [TCP Query User{8E3E484F-F285-46B6-9D56-3B697231AF02}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{377074C3-D7C9-46A0-B3E8-73F5C77D554D}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [{4A9D70ED-53E4-4852-9660-EB91567A0800}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaWmp.exe
FirewallRules: [{566B4A39-7694-40E9-99A2-403404EE7A5F}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaWmp.exe
FirewallRules: [{D5EED1F5-B432-4468-84C8-58D80D1D0F41}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe
FirewallRules: [{F13116BE-6627-46CC-8BF6-3BC5BABC198B}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe
FirewallRules: [{BFAAA0F1-6DCF-4DD7-A328-26EF98C92563}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CA59F237-6E12-4123-A34D-49163F0A370C}] => (Allow) LPort=2869
FirewallRules: [{01DCEDEB-14C4-4999-AB76-D5975E3039C8}] => (Allow) LPort=1900
FirewallRules: [{C4D25E79-4AD2-403D-A5FE-177DDE74022B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{A7934405-97AD-4A3E-88E6-0829E7739AD4}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [TCP Query User{25E7F351-9785-4C76-AC2E-229727E8D511}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{C8134F32-C0FD-4AD0-976F-A181754B3DF5}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{52433C4D-1881-4508-ABEC-6AA718DE52F0}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{89F6A5B5-2C48-4316-A3A2-1D1A5A0F376C}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{4AF095C4-013D-465E-A34B-BF84BBFE5A7A}] => (Allow) C:\Program Files (x86)\Rockstar Games\Max Payne 3\PlayMaxPayne3.exe
FirewallRules: [{E2B22B8F-BFF8-4181-8166-4197B773F886}] => (Allow) C:\Program Files (x86)\Rockstar Games\Max Payne 3\PlayMaxPayne3.exe
FirewallRules: [TCP Query User{CB35772E-C927-46C7-A3EC-D28C3CD8361F}C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe] => (Allow) C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe
FirewallRules: [UDP Query User{F99C16C6-12C4-49A7-98A0-32B15DDAB68B}C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe] => (Allow) C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe
FirewallRules: [{8D9AB13A-127F-469A-B268-F904E3708AED}] => (Block) C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe
FirewallRules: [{60D39D12-6F2E-4684-A2C0-C9E1D75B1A35}] => (Block) C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe
FirewallRules: [{18D12A69-4B30-41C2-9D7A-AE9C79271E09}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{3DA1438F-D922-4AC1-B3DE-2C075BA0D0F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [TCP Query User{F3C1248A-A561-4F0D-8FA8-D9114EC250D3}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{B5AF8AAB-60EE-44D1-B26F-70A3A340C521}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{2734DBDD-BF13-47EF-8E8B-C9063F91B6BD}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{9C1A83DA-A637-4912-AF14-3F91E77F79A0}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{718FABF9-D55F-4957-9E48-F7CEECA29508}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\amnesia the dark descent\Launcher.exe
FirewallRules: [{FA5A753A-F2D4-4233-8437-AE036A69C6E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\amnesia the dark descent\Launcher.exe
FirewallRules: [{10BC0909-F8E3-41B8-8490-281B59A1ACE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the binding of isaac\Isaac.exe
FirewallRules: [{076F5480-0B2C-40EE-BE46-0BA8D5F52B76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the binding of isaac\Isaac.exe
FirewallRules: [TCP Query User{E1AA40A1-6F76-4137-A572-06F9BC820568}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{682CAC9D-CCF2-4213-A09A-A971E60FF259}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{EB9B7643-CDCF-4F80-9151-6287D4891223}] => (Block) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{4D7DC249-0564-46F9-901B-57773B7114D4}] => (Block) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{82558860-1581-4B0E-A968-41E620ABC352}] => (Allow) C:\Windows\system32\hasplms.exe
FirewallRules: [{7D9FBA54-2D2A-416E-95CC-27A1F5FF9784}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{748B1BE8-187C-4B98-A3E8-2C52A20C56C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{523A9766-6A99-4EC4-9BCD-33BAED33749D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [TCP Query User{3DDADCE6-1539-4A0A-80BB-5992F882BDDF}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{C16031AD-BE72-452D-98ED-336164D6EDF3}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [{4ECC199C-0C58-437F-AA9B-5A75ED6BFF24}] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [{5C2410DD-312E-4C21-98CA-DA5D7A64E8A7}] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{7AD52377-DFC8-46E0-9B98-DE66AC0AC45A}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{4DAD42AE-7ABC-4EE7-A1BA-95AABC4CEC19}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [{03C0B89E-ADB0-4C23-8149-6B83B0D7B449}] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [{C240D282-E4E4-4A4A-BC42-65D2C1D3C5BB}] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [{34733A0D-BEF9-4809-8753-C9AEFA542F91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DOOM 3 BFG Edition\Doom3BFG.exe
FirewallRules: [{43F2697C-E66A-4143-870D-7E62888AF991}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DOOM 3 BFG Edition\Doom3BFG.exe
FirewallRules: [{ED9060B7-726F-4B39-A1AF-015B2F68C430}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{8240994B-6634-4BC3-A8A0-3682D402766C}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{E81C08C4-3A8C-4AD0-8B87-FB323CCB4D8F}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{39288104-D9D4-467A-A755-56EDE5A8A37D}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{C7062BC6-5528-45CB-98D5-2BA151B7097A}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{58C9CACC-13CC-4568-A08D-022AA15FDF81}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{DE6C03CD-5B92-4DC7-A84C-63B020666ACA}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{0DEC972B-4488-41A6-862D-9D44F3CE0FF5}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [TCP Query User{656CCDBE-DD05-4018-8B76-4AC7697BB010}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{5B6B5397-89CC-467A-BAB5-C26C36B46A56}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [{6024E65C-FE10-4D12-89E8-1F16030C836C}] => (Block) C:\program files\java\jre7\bin\java.exe
FirewallRules: [{42433B03-E5CD-468E-A9F0-127914BC3320}] => (Block) C:\program files\java\jre7\bin\java.exe
FirewallRules: [{1C7D83A3-34A0-47E7-9F6D-72A405F94BA7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4C7C3811-4A83-465E-8F22-0A8DFE5CB165}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F969D7FF-B791-46AF-907D-85784BA1E1AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mafia ii\pc\Mafia2.exe
FirewallRules: [{F13D6019-0931-4016-A568-CE786BBB5003}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mafia ii\pc\Mafia2.exe
FirewallRules: [{9BA75208-2376-48DF-9E08-9908365ABF65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{51F2F839-9966-49CD-BF1A-0163CDCE9C9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{F310B773-DF1C-46AE-ABB5-B71BABB5D646}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe
FirewallRules: [{5D22B9A6-05CF-4724-9DEB-CB4C7F1E33B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe
FirewallRules: [{673DE7E6-BD76-42C7-B5D8-BEA86F9CE24B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{217A8BF8-7090-4662-9EE4-D13142C684D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{7A6EDAF8-D115-4284-A946-85FAA2D3527F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{2D236A7B-3816-419B-B46A-DA80BBC87B95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{FFFCCAAE-E77C-4354-BEA1-7E9A55F30D40}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{DB2D529F-70D5-4D79-95BA-FB9D73E767DF}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{71BB24C6-C628-4F6C-873E-8C886EC481B5}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{A79E03F0-4B22-4C93-9697-683F6578EE75}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{A32A0AFC-86B4-4761-BC80-55EF80B74655}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{CA58ABEC-9D3F-4966-B480-AAD959A5A91D}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{4703936B-C586-4611-9708-3205F889A49F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{957EA07B-F8B5-4751-BB93-945B45998A15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{FC824FBD-CF42-425E-9686-6B60345CED35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hitman Absolution\HMA.exe
FirewallRules: [{DA409352-58B6-40B4-B80F-B85A8AE9E20B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hitman Absolution\HMA.exe
FirewallRules: [{47C25EA2-E6BD-4BD1-8F27-C225C46F714B}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{E74B4148-B0C2-4B9F-A842-42B3C01C9D96}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{3BC2AC64-8C1B-4382-A4C1-401EBDCBCBA9}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{C740CB34-45FE-4B16-96E3-C760B5628610}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{CC5A0018-F511-4C97-B251-8013FFC31E65}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{50B7D2B9-C0EC-41CD-BEBC-66FAD4DB8485}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{E5165C71-B575-44EA-975A-7EEE672C4A2F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{42B5EE55-F15B-4357-B0D5-DF70B3FCE657}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{F14703F4-DDE0-4890-8F18-0F1E60482BD4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{F484FA19-E4AD-446E-9464-23BD5F2D6F7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{58889942-9C10-455C-BF47-570DADC8EEB0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{921FD339-4551-4AB7-B083-0FF9C22C5811}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{8D1EF7F3-A2EC-4FD2-AE8D-3394F23A80F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{0C1A212B-E315-4772-AEEF-29F61785B9C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{4DE0D645-8004-4C8A-BC4E-F2B9EE3D2170}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{3361F7A8-58DF-40B5-812B-DB6D8E3A94E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{B62B28D1-5B20-4C6A-B26A-CBFD86BE6784}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{D4D98C3F-D271-4058-BFE9-475D5B0212BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{09DA9440-1B1A-465A-9F15-05A2982B8DDA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{D48353CC-B15E-4D2B-85AC-0C03B93EC0F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{F7C21943-5355-4CC5-8CD3-1518E63F4F4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{C8858D05-CCA5-4389-868D-71534735D5A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{CDC4FE9E-ADA2-457F-925B-5A784F0ACCA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{306BEA7B-E424-468C-A388-8993DE4934E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{D90106EB-7AA1-47B4-AE27-51041CA5B87C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{2D278D2E-E7CB-4C43-9F55-99B71E75A7A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{CC47F02C-A3E7-4826-952B-DB9B69F1BDF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{404CEE61-9259-4688-84CD-531FA9A8A15B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{CB942202-51C0-41AB-B62D-1F048B6CAEDB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{93F22C04-983C-4603-8535-521EEF2C9295}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{91949A77-9117-439F-B046-E9E2803B9ED7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{5A590015-138B-4E45-8EF6-435F4446D815}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{5184A9D5-5FCC-4144-8A79-606F28B2954B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{96F11366-D8CF-44BD-8F5F-380082CD4A9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{A1AC8393-13E9-4E83-B136-73B8DF646A46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{24C630D8-1BEA-40E4-A6BE-7260CF5BD5EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{EE9AADD4-250A-4154-BBD0-98FF140BC5A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{AA8EE64E-76A4-4217-96D7-70A2512CB877}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{458AD67C-8C91-48C5-93BF-566844F5CF76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{1FDE01E9-7031-4F1D-BF65-4D79E6BFFFA9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{8BCEEA76-D357-490C-B129-4228B706B1C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{08E3F9BE-14CE-4F45-9094-BBBC5F17F338}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{D5F79D39-3459-4C30-9D78-40F6B341CA9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{C2BCF844-E2EF-4ADF-B78E-B321EB169570}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{D495674C-498F-462B-9F76-D72816337E2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{54B4254B-B71D-4E1E-AA1C-D512401CCAC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{67C55AB0-0925-422D-B86B-BC2FA9FD9B53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{3C7B2C5C-AEB2-4734-A25D-A8DD3575D249}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F1A5F324-E07E-4028-9284-BA4E4AF70CD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{0CC6B618-716A-4E15-A943-BAA7C9BFC907}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BEC1D5F5-5372-44C2-955A-63FE1045841C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5F457614-4231-486D-96ED-5EB618747F11}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{19225504-485C-47FE-B3F3-F7D27F7F32A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{DBFFCA24-19EC-4189-9539-D2E9430A158F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{456FF69C-1F55-41FA-A89F-206537EC5238}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B7CC471D-AADF-4097-A2AF-8953CE3A5543}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spelunky\Spelunky.exe
FirewallRules: [{F7B63514-B3B5-40C6-8AFE-6A07714D40AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spelunky\Spelunky.exe
FirewallRules: [{BC60B273-E94A-4B86-B771-0220525EA1B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{80A39EDD-2191-4D7A-B339-BAA4F513B606}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{33804512-34DF-4BDC-BAAE-9FED620331CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{B4C1ED27-413B-4CE5-8016-456BFB69D142}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{CCCF6A7E-1982-4DDF-8FF7-F4262314AFB9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B5FB7C40-0C7D-4126-BF7E-62ABFEA7B2F2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CCF7AEBA-7816-4194-971F-B81ED143B9E7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FE04019E-5CE4-4DDF-A1E6-0168FE869308}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FEEBBDD7-033E-4F7C-9DE8-2718B4EF9197}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{EC13F0B0-49C4-4630-B56B-50413EAEE553}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{47CABB11-0779-42B3-945C-118804176DC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{827DD7C8-A085-4D85-B204-E8027AACB773}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{1AE6EEED-9A50-4D38-AB11-059F8C3B86B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{6174EE91-189D-4CB2-8EF4-394C1E2FBB73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{1C3FBFD8-A28C-4E7C-B2D2-CD68BF557882}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{00F8D81F-FB6B-4A31-A005-FFE8E1C7BF6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{645DF2C8-ECDD-41EC-9547-966E8BF237EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{7642D117-63C0-4FC1-B711-5EE27F9DA8BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{2F4E5E7C-F517-4BF7-836E-27E58B2E4D81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty black ops\BlackOps.exe
FirewallRules: [{2CD8FEBF-2203-4E05-87D6-F6D3B165032B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty black ops\BlackOps.exe
FirewallRules: [{B9052288-A89B-4FAF-BB31-BA3698286E88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Max Payne 2 The Fall of Max Payne\maxpayne2.exe
FirewallRules: [{45526980-6371-4E4F-9915-6B1AD145572D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Max Payne 2 The Fall of Max Payne\maxpayne2.exe
FirewallRules: [{F609108B-EC1A-423B-A7FF-0D3A04BC1947}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Max Payne\maxpayne.exe
FirewallRules: [{316C5426-0755-492B-9E5E-BA94D11ED938}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Max Payne\maxpayne.exe
FirewallRules: [{6DB81345-2661-4225-A9DD-F41E1B9D2782}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe
FirewallRules: [{7EF6E5ED-A363-44BF-A2B6-40976166AB43}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe
FirewallRules: [{02A50D29-7BBA-4C75-B128-BCA8E88B5FD5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{3BB444E6-DB17-40ED-8DC9-9FA7A2E8E21E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [TCP Query User{6F9FB866-6EAF-423A-8DF5-46F36B8B15B5}C:\program files (x86)\return to castle wolfenstein\wolfmp.exe] => (Block) C:\program files (x86)\return to castle wolfenstein\wolfmp.exe
FirewallRules: [UDP Query User{1E8314E1-CE66-4E47-887B-B1269A1D505C}C:\program files (x86)\return to castle wolfenstein\wolfmp.exe] => (Block) C:\program files (x86)\return to castle wolfenstein\wolfmp.exe
FirewallRules: [{C5B584CC-B242-49FA-838E-17D680644609}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{CF676B6F-EFBF-46C3-94A2-BAC923DB76E3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{DBCFF36F-BC95-4FF7-B0B9-CDBFE184B331}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{EB5BDEE6-4F96-4091-89D3-71F43E459DEF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{4B2574EF-5B64-4738-9499-B96D0A540A02}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{93B20325-9D60-40E6-B3F0-3A4533B9C5FB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{A67848CF-6120-4D1E-94E5-8979034EE912}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{F79508C7-3998-40A7-AD9F-8EEEA47687E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{E79AF42D-55A9-4CE2-A8C0-A76483C1B5F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe
FirewallRules: [{0C708E74-1622-490E-A222-365C0D74B3C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe
FirewallRules: [{BE055F96-CBE3-4DEB-ABC1-7700C42BF0FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Valiant Hearts\Valiant Hearts.exe
FirewallRules: [{FF5ED409-86BE-4F5A-9908-0FE04E0AF13A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Valiant Hearts\Valiant Hearts.exe
FirewallRules: [{B8F07298-F532-4364-ACAD-47328997D7D4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{56FF115E-2CC9-49B0-9BB7-8F22CEFB30F5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CCC2EEAE-93E4-4B72-A5B2-E95C72777E91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{D93DD97E-92E9-4A04-A31B-30B100147DFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{2BD6289F-8E28-4CBB-ADC1-DA3B122C95BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{49D9235E-B37C-4A5B-91B4-8F8E947D1761}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{0FA0186D-BF69-4B18-906D-33B6C02D2EEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{7A9B1016-872A-4A41-9D84-8ECBED189E26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{61ED9613-4E53-4E52-B3A2-89DB6F34FDBE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PapersPlease\PapersPlease.exe
FirewallRules: [{3D1FF2F3-CC4B-4AE6-9CF8-30FD33E0656D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PapersPlease\PapersPlease.exe
FirewallRules: [{AEBE218E-81FA-4C48-BBEF-AC17FC48B4C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{4C7DBDE6-BFAC-4D46-A908-F4EC2EDAC1BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{57B134CC-CB53-44CA-A162-84D5DF91C2F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Advanced Warfare\s1_sp64_ship.exe
FirewallRules: [{497BD035-3636-4920-A298-D27E8D1BAF0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Advanced Warfare\s1_sp64_ship.exe
FirewallRules: [{70451B62-EDD5-483D-B716-91B76927F708}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe
FirewallRules: [{B2F15F87-606F-46FE-AAC0-D07A875512B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe
FirewallRules: [{1EEE6A08-81B3-47D8-9DE9-BCF6B873E037}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\amnesia the dark descent\Amnesia.exe
FirewallRules: [{A0D7CA9C-7022-4B14-B9C1-0DF9BA8C3577}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\amnesia the dark descent\Amnesia.exe
FirewallRules: [{CCF60940-2D16-4C67-9B63-CECEA9314DB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\amnesia the dark descent\Launcher.exe
FirewallRules: [{08BD1DD7-D789-40BD-99AD-2D69CFF8B66F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\amnesia the dark descent\Launcher.exe
FirewallRules: [{0FB6E477-9319-45CE-8852-B3521AF2E9D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{FB21FBA0-8DB9-458C-AF38-ED00680FBC82}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{4BC645E3-320B-47D6-A7F6-8A48D98BC35E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{7D13D940-ED16-4C21-9EA0-217A9608F19A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{369AA16A-096A-42A3-BF0F-DB3F42F26EF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{56074280-B0E9-44A5-B587-E41BECC0CDDC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{B8B1C05B-2B81-4A65-9585-32E673EB36CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{6B0C6E56-558A-4DD1-A1DD-F3B2A7BD63AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{75F00803-C4DA-4873-A32B-00D7841DA5CD}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{F3A426F5-7B65-4C32-9408-F4C78CA40D53}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{196BB890-3919-44F8-B13E-0DC4DC65C489}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the binding of isaac\Isaac.exe
FirewallRules: [{464B8370-1B18-45A1-A79D-DE66ADD66ABC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the binding of isaac\Isaac.exe
FirewallRules: [{2C50E711-AEE2-401A-88C8-1A2B85BB8359}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{F76E0847-8C28-4C4F-A3E1-AF0DCF529A83}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{F764EAC4-938B-4CF9-AE6B-0C09E01DE9B9}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{A4D33F2C-7E66-405D-9CA7-F49E90E026F8}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{EE481AA4-67D3-4E58-B5E0-7270FA284C9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe
FirewallRules: [{A1653A48-2B2D-420F-8472-4DBAB51162C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe
FirewallRules: [{B879E193-40E6-4EB5-B6DE-E94B94B3A696}] => (Allow) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{9F50103E-3A0B-45D8-B03D-05918414974C}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\WDExpress.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/16/2015 10:49:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MOM.exe, verze: 4.5.0.0, časové razítko: 0x51891507
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18839, časové razítko: 0x553e8c17
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000001aaad
ID chybujícího procesu: 0x8f4
Čas spuštění chybující aplikace: 0xMOM.exe0
Cesta k chybující aplikaci: MOM.exe1
Cesta k chybujícímu modulu: MOM.exe2
ID zprávy: MOM.exe3

Error: (05/16/2015 10:49:15 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: MOM.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Reflection.TargetInvocationException
Zásobník:
na System.RuntimeMethodHandle.InvokeMethod(System.Object, System.Object[], System.Signature, Boolean)
na System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(System.Object, System.Object[], System.Object[])
na System.Reflection.RuntimeMethodInfo.Invoke(System.Object, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object[], System.Globalization.CultureInfo)
na System.RuntimeType.InvokeMember(System.String, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object, System.Object[], System.Reflection.ParameterModifier[], System.Globalization.CultureInfo, System.String[])
na ATI.ACE.MOM.EXE.MOM.Main(System.String[])

Error: (05/16/2015 10:47:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/16/2015 10:09:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MOM.exe, verze: 4.5.0.0, časové razítko: 0x51891507
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18839, časové razítko: 0x553e8c17
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000001aaad
ID chybujícího procesu: 0xed8
Čas spuštění chybující aplikace: 0xMOM.exe0
Cesta k chybující aplikaci: MOM.exe1
Cesta k chybujícímu modulu: MOM.exe2
ID zprávy: MOM.exe3

Error: (05/16/2015 10:08:53 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: MOM.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Reflection.TargetInvocationException
Zásobník:
na System.RuntimeMethodHandle.InvokeMethod(System.Object, System.Object[], System.Signature, Boolean)
na System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(System.Object, System.Object[], System.Object[])
na System.Reflection.RuntimeMethodInfo.Invoke(System.Object, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object[], System.Globalization.CultureInfo)
na System.RuntimeType.InvokeMember(System.String, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object, System.Object[], System.Reflection.ParameterModifier[], System.Globalization.CultureInfo, System.String[])
na ATI.ACE.MOM.EXE.MOM.Main(System.String[])

Error: (05/16/2015 10:08:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/16/2015 08:09:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: javaw.exe, verze: 7.0.670.1, časové razítko: 0x53d27f39
Název chybujícího modulu: ltc_game64-96006.dll_unloaded, verze: 0.0.0.0, časové razítko: 0x554414fd
Kód výjimky: 0xc0000005
Posun chyby: 0x000007feeb11533a
ID chybujícího procesu: 0x1b54
Čas spuštění chybující aplikace: 0xjavaw.exe0
Cesta k chybující aplikaci: javaw.exe1
Cesta k chybujícímu modulu: javaw.exe2
ID zprávy: javaw.exe3

Error: (05/14/2015 04:36:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program csgo.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 18cc

Čas spuštění: 01d08e533812d32b

Čas ukončení: 15

Cesta k aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe

ID hlášení:

Error: (05/14/2015 04:35:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program csgo.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 15c4

Čas spuštění: 01d08e531c4c5652

Čas ukončení: 14

Cesta k aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe

ID hlášení:

Error: (05/14/2015 04:36:17 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: System.Design, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80070020


System errors:
=============
Error: (05/16/2015 10:52:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service závisí na službě Intel(R) Management and Security Application Local Management Service, která neuspěla při spuštění v důsledku následující chyby:
%%193

Error: (05/16/2015 10:52:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Intel(R) Management and Security Application Local Management Service neuspěla při spuštění v důsledku následující chyby:
%%193

Error: (05/16/2015 10:50:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Intel(R) Management and Security Application Local Management Service neuspěla při spuštění v důsledku následující chyby:
%%193

Error: (05/16/2015 10:47:16 PM) (Source: hasplms) (EventID: 3) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!

Error: (05/16/2015 10:47:14 PM) (Source: hasplms) (EventID: 3) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!

Error: (05/16/2015 10:47:11 PM) (Source: hasplms) (EventID: 3) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!

Error: (05/16/2015 10:47:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WlanWpsSvc neuspěla při spuštění v důsledku následující chyby:
%%193

Error: (05/16/2015 10:47:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Razer Wizard Service neuspěla při spuštění v důsledku následující chyby:
%%193

Error: (05/16/2015 10:47:09 PM) (Source: hasplms) (EventID: 3) (User: )
Description: ERROR: Sentinel LDK License Manager failed to start in a promptly manner!

Error: (05/16/2015 10:47:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Foxit Cloud Safe Update Service neuspěla při spuštění v důsledku následující chyby:
%%193


Microsoft Office Sessions:
=========================
Error: (04/27/2014 08:57:36 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3620 seconds with 1560 seconds of active time. This session ended with a crash.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz
Percentage of memory in use: 34%
Total physical RAM: 8175.37 MB
Available physical RAM: 5380.14 MB
Total Pagefile: 16348.94 MB
Available Pagefile: 13283.04 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:189.66 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E7EE092B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: preventivka

#8 Příspěvek od vyosek »

:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-20] (Google Inc.)
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888384 2015-05-15] (Valve Corporation)
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Run: [OM_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Master\Monitor.exe [57344 2005-07-19] (OLYMPUS IMAGING CORP.)
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [231424 2012-04-05] ()
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-09-20] (Nero AG)
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-11-03] (Google Inc.)
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2015-04-30] (Nota Inc.)
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\MountPoints2: {5b85258f-9e8c-11e1-a6da-50e54936b78b} - E:\ZTE_Handset_USB_Driver.exe
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2012-06-17]

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)

DisableService: NMIndexingService

S3 gdrv; \??\C:\Windows\gdrv.sys [X]

C:\Program Files (x86)\Skype\Toolbars
2015-05-16 23:59 - 2015-05-16 23:59 - 00023423 _____ () C:\Users\User\Desktop\FRST.txt
2015-05-16 23:57 - 2015-05-16 23:57 - 00112640 _____ (forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe
2015-05-16 22:44 - 2015-05-16 22:13 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-05-16 22:43 - 2015-05-16 22:43 - 00000081 _____ () C:\folders.txt
2015-05-16 22:16 - 2015-05-16 22:47 - 00034758 _____ () C:\zoek-results.log
2015-05-16 22:13 - 2015-05-16 22:46 - 00000000 ____D () C:\zoek_backup
2015-05-16 22:12 - 2015-05-16 22:12 - 01308672 _____ () C:\Users\User\Desktop\zoek.exe
2015-05-16 22:03 - 2015-05-16 22:05 - 00000000 ____D () C:\AdwCleaner
2015-05-16 22:00 - 2015-05-16 22:01 - 02209792 _____ () C:\Users\User\Desktop\adwcleaner_4.204.exe
2015-05-16 21:44 - 2015-05-16 21:44 - 00000000 ____D () C:\rsit
2015-05-16 21:44 - 2015-05-16 21:44 - 00000000 ____D () C:\Program Files\trend micro
2015-05-16 21:43 - 2015-05-16 21:43 - 01222144 _____ () C:\Users\User\Desktop\RSITx64.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3717432927-1355506929-3792285562-1000Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3717432927-1355506929-3792285562-1000UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype

Hosts:
EmptyTemp:
Reboot:
End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
reptoid
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 16 kvě 2015 20:34

Re: preventivka

#9 Příspěvek od reptoid »

Zde je Fixlog.txt.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-05-2015 02
Ran by User at 2015-05-17 08:25:35 Run:1
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available profiles: User)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-20] (Google Inc.)
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888384 2015-05-15] (Valve Corporation)
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Run: [OM_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Master\Monitor.exe [57344 2005-07-19] (OLYMPUS IMAGING CORP.)
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [231424 2012-04-05] ()
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-09-20] (Nero AG)
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-11-03] (Google Inc.)
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2015-04-30] (Nota Inc.)
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\...\MountPoints2: {5b85258f-9e8c-11e1-a6da-50e54936b78b} - E:\ZTE_Handset_USB_Driver.exe
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2012-06-17]

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)

DisableService: NMIndexingService

S3 gdrv; \??\C:\Windows\gdrv.sys [X]

C:\Program Files (x86)\Skype\Toolbars
2015-05-16 23:59 - 2015-05-16 23:59 - 00023423 _____ () C:\Users\User\Desktop\FRST.txt
2015-05-16 23:57 - 2015-05-16 23:57 - 00112640 _____ (forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe
2015-05-16 22:44 - 2015-05-16 22:13 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-05-16 22:43 - 2015-05-16 22:43 - 00000081 _____ () C:\folders.txt
2015-05-16 22:16 - 2015-05-16 22:47 - 00034758 _____ () C:\zoek-results.log
2015-05-16 22:13 - 2015-05-16 22:46 - 00000000 ____D () C:\zoek_backup
2015-05-16 22:12 - 2015-05-16 22:12 - 01308672 _____ () C:\Users\User\Desktop\zoek.exe
2015-05-16 22:03 - 2015-05-16 22:05 - 00000000 ____D () C:\AdwCleaner
2015-05-16 22:00 - 2015-05-16 22:01 - 02209792 _____ () C:\Users\User\Desktop\adwcleaner_4.204.exe
2015-05-16 21:44 - 2015-05-16 21:44 - 00000000 ____D () C:\rsit
2015-05-16 21:44 - 2015-05-16 21:44 - 00000000 ____D () C:\Program Files\trend micro
2015-05-16 21:43 - 2015-05-16 21:43 - 01222144 _____ () C:\Users\User\Desktop\RSITx64.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3717432927-1355506929-3792285562-1000Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3717432927-1355506929-3792285562-1000UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully.
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => value deleted successfully.
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Windows\CurrentVersion\Run\\OM_Monitor => value deleted successfully.
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SteelSeries Engine => value deleted successfully.
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => value deleted successfully.
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Windows\CurrentVersion\Run\\swg => value deleted successfully.
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Gyazo => value deleted successfully.
"HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5b85258f-9e8c-11e1-a6da-50e54936b78b}" => Key deleted successfully.
HKCR\CLSID\{5b85258f-9e8c-11e1-a6da-50e54936b78b} => Key not found.
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk => Moved successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\S-1-5-21-3717432927-1355506929-3792285562-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => Moved successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service deleted successfully.
NMIndexingService service was disabled
gdrv => Service deleted successfully.
C:\Program Files (x86)\Skype\Toolbars => Moved successfully.
"C:\Users\User\Desktop\FRST.txt" => File/Directory not found.
C:\Users\User\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\folders.txt => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\User\Desktop\zoek.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\User\Desktop\adwcleaner_4.204.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\User\Desktop\RSITx64.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3717432927-1355506929-3792285562-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3717432927-1355506929-3792285562-1000UA.job => Moved successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype => Key Deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 583.1 MB temporary data.


The system needed a reboot.

==== End of Fixlog 08:26:35 ====
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: preventivka

#10 Příspěvek od vyosek »

Jak se chova PC??
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
reptoid
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 16 kvě 2015 20:34

Re: preventivka

#11 Příspěvek od reptoid »

Snad v pohodě. :) Ani předtím to nebylo strašné, ale jen jsem se chtěl ujistit. Jinak, jestli to nevadí, mohl bych se zeptat, co jsem tam měl za havěť ? :)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: preventivka

#12 Příspěvek od vyosek »

Tak jeste uklidime :James008:

:arrow: DelFix https://toolslib.net/downloads/finish/2/
  • Stahnete a spustte
  • Ponechte zatrzitkou pouze u volby Remove disinfection tools
  • Kliknete na Run
:arrow: Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: Bylo tam hodne nezadouciho reklamniho SW - chce to cist, co se instaluje jako doplnek http://forum.viry.cz/viewtopic.php?f=24&t=142553



:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :|
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
reptoid
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 16 kvě 2015 20:34

Re: preventivka

#13 Příspěvek od reptoid »

Díky moc za pomoc. :)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: preventivka

#14 Příspěvek od vyosek »

Nemate zac, rad jsem pomohl :worship: Zase nekdy :)


A na zaklade Pravidla o zamykani temat :lock:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“