VIRY.CZ

Vše běží bez problému, jen to chci zkontrolovat, díky


Logfile of random's system information tool 1.09 (written by random/random)
Run by Jan Galek at 2012-07-05 13:33:27
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 26 GB (19%) free of 139 GB
Total RAM: 3071 MB (14% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:33:48, on 5.7.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Users\Jan Galek\AppData\Roaming\BrowserCompanion\tcbhn.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\PSPad editor\PSPad.exe
C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe
C:\Users\Jan Galek\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe
C:\Users\Jan Galek\AppData\Roaming\IMVUClient\IMVUClient.exe
C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Jan Galek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Jan Galek\AppData\Roaming\Complitly\Complitly.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Fairy - {27CF82B1-E1D2-4f9b-976E-62095A52BA4A} - C:\Program Files (x86)\Search Fairy\SearchFairy.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jan Galek\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: IMVU.lnk = Jan Galek\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe
O4 - Startup: tcbhn.lnk = Jan Galek\AppData\Roaming\BrowserCompanion\tcbhn.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Search Fairy - {81727BE7-50E7-48ed-A547-F0274756E2DD} - C:\Program Files (x86)\Search Fairy\SearchFairy.dll
O9 - Extra 'Tools' menuitem: Search Fairy options - {81727BE7-50E7-48ed-A547-F0274756E2DD} - C:\Program Files (x86)\Search Fairy\SearchFairy.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Jan Galek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Overwolf\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apache2.2 - Apache Software Foundation - C:\xampp\apache\bin\httpd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: mysql - Unknown owner - c:\xampp\mysql\bin\mysqld.exe
O23 - Service: MySQL501 - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: Overwolf Updater Service (OverwolfUpdaterService) - Overwolf Ltd - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13870 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
atieclxx
"C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\xampp\apache\bin\httpd.exe" -k runservice
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
c:\xampp\mysql\bin\mysqld.exe --defaults-file=c:\xampp\mysql\bin\my.ini mysql
"C:\Program Files (x86)\MySQL\MySQL Server 5.5\bin\mysqld" --defaults-file="C:\Program Files (x86)\MySQL\MySQL Server 5.5\my.ini" MySQL501
C:\Windows\SysWOW64\PnkBstrA.exe
"taskhost.exe"
"C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
C:\xampp\apache\bin\httpd.exe -d C:/xampp/apache
C:\Windows\Explorer.EXE
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000006d4
\??\C:\Windows\system32\conhost.exe "-586508491-10852205467941850331402461464-1628617523-1714608987-14067170251657188638
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\TortoiseSVN\bin\TSVNCache.exe"
"C:\Users\Jan Galek\AppData\Roaming\BrowserCompanion\tcbhn.exe" -interval=4320 -IEhome=0 -IEsearch=0 -FFhome=0 -FFsearch=0 -CHhome=0 -CHsearch=0
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SILENT/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/10/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_32/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --extension-process --renderer-print-preview --channel="5496.0.571208584\697887499" /prefetch:3
"C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SILENT/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/10/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_32/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --extension-process --renderer-print-preview --channel="5496.1.1939267958\906963518" /prefetch:3
"C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SILENT/OmniboxDisallowInlineHQP/Standard/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/10/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_32/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5496.3.1846613177\1819611287" /prefetch:3
"C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SILENT/OmniboxDisallowInlineHQP/Standard/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/10/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_32/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5496.4.587121261\175017667" /prefetch:3
"C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SILENT/OmniboxDisallowInlineHQP/Standard/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/10/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_32/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5496.6.1127853985\109926468" /prefetch:3
"C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SILENT/OmniboxDisallowInlineHQP/Standard/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/10/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_32/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5496.8.368966393\1037720122" /prefetch:3
"C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SILENT/OmniboxDisallowInlineHQP/Standard/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/10/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_32/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5496.9.477429183\515948167" /prefetch:3
"C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5496.10.579535468\2118821410" --reduce-gpu-sandbox --disable-image-transport-surface /prefetch:12
"C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SILENT/OmniboxDisallowInlineHQP/Standard/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/10/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_32/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5496.11.852955525\472655366" /prefetch:3
"C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll" --lang=cs --channel="5496.12.744376719\1087366983" /prefetch:4
"C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Jan Galek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfjehbfanfhgoehogmbiebedkidedjb\2.3.15.10_0\plugins/ConduitChromeApiPlugin.dll" --lang=cs --channel="5496.13.713107125\1354365273" /prefetch:4
"C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SILENT/OmniboxDisallowInlineHQP/Standard/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/10/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_32/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5496.14.627201167\1632988881" /prefetch:3
C:\Windows\system32\rundll32.exe "C:\Users\JANGAL~1\AppData\Local\Google\Chrome\APPLIC~1\200113~1.47\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll" --lang=cs --channel="5496.15.208240978\1616714925" --flash-broker=2564 /prefetch:4
"C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SILENT/OmniboxDisallowInlineHQP/Standard/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/10/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_32/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5496.17.1698752730\995163483" /prefetch:3
"C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SILENT/OmniboxDisallowInlineHQP/Standard/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/10/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_32/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5496.21.269333615\2039882940" /prefetch:3
"C:\totalcmd\TOTALCMD.EXE"
"C:\totalcmd\tcmdx64.exe" 4348331
"C:\Program Files (x86)\PSPad editor\PSPad.exe"
"C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe"
"C:\Users\Jan Galek\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe" "imvu:PeerReview?mcg=1&pid=14627396"
IMVUClient.exe imvu:PeerReview?mcg=1&pid=14627396
"C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/HttpPipeliningCompatibility/disable_test/IdleSktToImpact/idle_timeout_10/Instant/SILENT/NetworkConnectivity/disable_network_stats/OmniboxDisallowInlineHQP/Standard/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/10/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_32/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5496.37.1408445502\1264283309" /prefetch:3
"C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/HttpPipeliningCompatibility/disable_test/IdleSktToImpact/idle_timeout_10/Instant/SILENT/NetworkConnectivity/disable_network_stats/OmniboxDisallowInlineHQP/Standard/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/10/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_32/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5496.47.1492537341\547680836" /prefetch:3
"C:\Users\Jan Galek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/HttpPipeliningCompatibility/disable_test/IdleSktToImpact/idle_timeout_10/Instant/SILENT/NetworkConnectivity/disable_network_stats/OmniboxDisallowInlineHQP/Standard/OmniboxPrerenderHitWeightingTrial/OmniboxPrerenderWeight4.0/OmniboxSearchSuggest/10/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Uniformity-Trial-1-Percent/group_32/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/last_accessed_socket/WebStoreLinkExperiment/FooterLink/ --renderer-print-preview --channel="5496.50.302097688\1402174509" /prefetch:3
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 584 588 596 65536 592
"C:\Users\Jan Galek\Downloads\install.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2060766028-3040431334-1060027230-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2060766028-3040431334-1060027230-1001UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Jan Galek\AppData\Roaming\Mozilla\Firefox\Profiles\pm5l43pb.default

prefs.js - "browser.startup.homepage" - "http://twitter.com/"

"{FFB96CC1-7EB3-449D-B827-DB661701C6BB}"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.235 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm LTD Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.118.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.122.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.5.109]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.5.109]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.5.109]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.5.109]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=15.0.5.109]
"Description"=RealPlayer Download Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - C:\Users\Jan [2012-04-30 2062]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-03-16 904832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00cbb66b-1d3b-46d3-9577-323a336acb50}]
Browser Companion Helper - C:\Program Files (x86)\BrowserCompanion\jsloader.dll [2012-03-27 225584]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - C:\Users\Jan [2012-04-30 2062]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27CF82B1-E1D2-4f9b-976E-62095A52BA4A}]
Search Fairy - C:\Program Files (x86)\Search Fairy\SearchFairy.dll [2012-03-01 175408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-07-03 426736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
uTorrentControl2 Toolbar - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-04-13 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-03-16 599680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}]
Browser Companion Helper Verifier - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll [2012-03-27 141104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-04-13 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-03-16 904832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{687578b9-7132-4a7a-80e4-30ee31099e03} - uTorrentControl2 Toolbar - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll [2011-05-09 176936]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-03-16 599680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2012-03-16 1126528]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Jan [2012-04-30 2062]
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2012-05-31 445624]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMD AVT]
Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DateReminder]
c:\Program Files\DateReminder\DateReminder.exe [2004-08-18 1061376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Program Files (x86)\Origin\Origin.exe [2012-05-24 3407496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-06-27 1996200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2012-05-12 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files (x86)\uTorrent\uTorrent.exe [2012-05-28 880496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Jan Galek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IMVU.lnk]
C:\Users\JAN [2012-04-30 2062]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2012-05-13 348624]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2012-03-19 73360]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-07-03 296096]

C:\Users\Jan Galek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
IMVU.lnk - C:\Users\Jan Galek\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe
tcbhn.lnk - C:\Users\Jan Galek\AppData\Roaming\BrowserCompanion\tcbhn.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-07-05 13:33:29 ----D---- C:\Program Files\trend micro
2012-07-05 13:33:27 ----D---- C:\rsit
2012-07-03 11:28:05 ----D---- C:\Windows\pss
2012-07-03 00:06:44 ----A---- C:\Windows\SYSWOW64\rmoc3260.dll
2012-07-03 00:06:21 ----A---- C:\Windows\SYSWOW64\pndx5032.dll
2012-07-03 00:06:21 ----A---- C:\Windows\SYSWOW64\pndx5016.dll
2012-07-03 00:05:57 ----D---- C:\Program Files (x86)\Real
2012-07-03 00:05:52 ----D---- C:\Users\Jan Galek\AppData\Roaming\Real
2012-07-03 00:04:00 ----D---- C:\ProgramData\Real
2012-07-02 19:05:49 ----D---- C:\Users\Jan Galek\AppData\Roaming\Corel
2012-07-02 19:05:47 ----D---- C:\ProgramData\Protexis
2012-07-02 18:47:56 ----D---- C:\ProgramData\CorelDRAW Graphics Suite X6
2012-07-02 09:24:21 ----SHD---- C:\found.001
2012-07-01 09:25:45 ----D---- C:\CFLog
2012-07-01 09:17:10 ----D---- C:\SG Interactive
2012-06-30 20:05:01 ----D---- C:\Users\Jan Galek\AppData\Roaming\IMVU
2012-06-30 20:03:19 ----D---- C:\Users\Jan Galek\AppData\Roaming\IMVUClient
2012-06-29 22:39:33 ----A---- C:\cmdlog.txt
2012-06-29 20:05:08 ----D---- C:\Program Files (x86)\Gameforge
2012-06-29 15:21:36 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2012-06-21 17:38:38 ----A---- C:\Windows\system32\wups2.dll
2012-06-21 17:38:38 ----A---- C:\Windows\system32\wucltux.dll
2012-06-21 17:38:38 ----A---- C:\Windows\system32\wuaueng.dll
2012-06-21 17:38:38 ----A---- C:\Windows\system32\wuauclt.exe
2012-06-21 17:38:27 ----A---- C:\Windows\system32\wups.dll
2012-06-21 17:38:27 ----A---- C:\Windows\system32\wudriver.dll
2012-06-21 17:38:27 ----A---- C:\Windows\system32\wuapi.dll
2012-06-21 17:38:10 ----A---- C:\Windows\system32\wuwebv.dll
2012-06-21 17:38:10 ----A---- C:\Windows\system32\wuapp.exe
2012-06-18 17:31:00 ----D---- C:\Program Files (x86)\FreeRapid
2012-06-17 16:51:13 ----D---- C:\ProgramData\Mozilla
2012-06-17 16:51:12 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-06-17 16:51:08 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-06-16 09:33:31 ----AH---- C:\Windows\system32\hamachi.sys
2012-06-15 22:37:26 ----A---- C:\Windows\system32\mshtmled.dll
2012-06-15 22:37:25 ----A---- C:\Windows\SYSWOW64\url.dll
2012-06-15 22:37:25 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-06-15 22:37:25 ----A---- C:\Windows\system32\url.dll
2012-06-15 22:37:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-06-15 22:37:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-06-15 22:37:24 ----A---- C:\Windows\system32\urlmon.dll
2012-06-15 22:37:24 ----A---- C:\Windows\system32\iertutil.dll
2012-06-15 22:37:23 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-06-15 22:37:23 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-06-15 22:37:23 ----A---- C:\Windows\system32\ieUnatt.exe
2012-06-15 22:37:23 ----A---- C:\Windows\system32\ieui.dll
2012-06-15 22:37:22 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-06-15 22:37:22 ----A---- C:\Windows\system32\wininet.dll
2012-06-15 22:37:22 ----A---- C:\Windows\system32\jsproxy.dll
2012-06-15 22:37:21 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-06-15 22:37:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-06-15 22:37:21 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-06-15 22:37:21 ----A---- C:\Windows\system32\jscript9.dll
2012-06-15 22:37:21 ----A---- C:\Windows\system32\jscript.dll
2012-06-15 22:37:20 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-06-15 22:37:19 ----A---- C:\Windows\system32\mshtml.dll
2012-06-15 22:37:18 ----A---- C:\Windows\system32\ieframe.dll
2012-06-15 22:37:17 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-06-15 13:14:10 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-06-15 13:14:10 ----A---- C:\Windows\system32\rdpwsx.dll
2012-06-15 13:14:10 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-06-15 13:13:42 ----A---- C:\Windows\system32\profsvc.dll
2012-06-15 13:13:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-06-15 13:13:28 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-06-15 13:13:28 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-06-15 13:13:17 ----A---- C:\Windows\system32\win32k.sys
2012-06-15 13:13:08 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-06-15 13:12:56 ----A---- C:\Windows\system32\msi.dll
2012-06-15 13:12:55 ----A---- C:\Windows\SYSWOW64\msi.dll
2012-06-15 13:12:31 ----A---- C:\Windows\system32\crypt32.dll
2012-06-15 13:12:29 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-06-15 13:12:29 ----A---- C:\Windows\system32\cryptsvc.dll
2012-06-15 13:12:29 ----A---- C:\Windows\system32\cryptnet.dll
2012-06-15 13:12:28 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-06-15 13:12:28 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-06-15 13:03:26 ----D---- C:\ProgramData\Overwolf
2012-06-10 13:23:14 ----D---- C:\Program Files (x86)\GNU
2012-06-06 18:29:48 ----D---- C:\ProgramData\Codemasters
2012-06-06 18:11:29 ----A---- C:\Windows\SYSWOW64\mkl_vml_p4.dll
2012-06-06 18:11:29 ----A---- C:\Windows\SYSWOW64\mkl_vml_p3.dll
2012-06-06 18:11:28 ----A---- C:\Windows\SYSWOW64\rapture3d_oal.dll
2012-06-06 18:11:28 ----A---- C:\Windows\SYSWOW64\mkl_vml_def.dll
2012-06-06 18:11:28 ----A---- C:\Windows\SYSWOW64\mkl_p4.dll
2012-06-06 18:11:28 ----A---- C:\Windows\SYSWOW64\mkl_p3.dll
2012-06-06 18:11:28 ----A---- C:\Windows\SYSWOW64\mkl_lapack64.dll
2012-06-06 18:11:28 ----A---- C:\Windows\SYSWOW64\mkl_lapack32.dll
2012-06-06 18:11:28 ----A---- C:\Windows\SYSWOW64\mkl_def.dll
2012-06-06 18:11:28 ----A---- C:\Windows\SYSWOW64\libguide40.dll
2012-06-06 18:11:27 ----D---- C:\Program Files (x86)\BRS
2012-06-06 18:10:31 ----D---- C:\Windows\SYSWOW64\xlive
2012-06-06 18:10:31 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2012-06-06 18:09:39 ----RA---- C:\Windows\SYSWOW64\tmp3EF4.tmp
2012-06-06 18:09:39 ----D---- C:\Program Files (x86)\OpenAL
2012-06-06 18:09:39 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2012-06-06 18:09:39 ----A---- C:\Windows\system32\wrap_oal.dll
2012-06-06 18:09:39 ----A---- C:\Windows\system32\OpenAL32.dll
2012-06-06 18:07:21 ----RA---- C:\Windows\SYSWOW64\tmp3EF3.tmp
2012-06-06 18:01:47 ----A---- C:\Windows\SYSWOW64\msidcrl40.dll
2012-06-06 18:01:07 ----A---- C:\Windows\SYSWOW64\xlive.dll
2012-06-06 17:59:40 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll

======List of files/folders modified in the last 1 month======

2012-07-05 13:33:43 ----D---- C:\Windows\Temp
2012-07-05 13:33:29 ----RD---- C:\Program Files
2012-07-05 12:49:52 ----D---- C:\Users\Jan Galek\AppData\Roaming\FileZilla
2012-07-05 12:04:59 ----D---- C:\Users\Jan Galek\AppData\Roaming\BrowserCompanion
2012-07-05 09:22:12 ----D---- C:\Windows\system32\config
2012-07-05 09:09:11 ----D---- C:\Windows\Prefetch
2012-07-04 23:13:07 ----D---- C:\Users\Jan Galek\AppData\Roaming\Skype
2012-07-04 21:02:56 ----D---- C:\Users\Jan Galek\AppData\Roaming\vlc
2012-07-04 20:41:21 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-07-04 20:41:14 ----SHD---- C:\System Volume Information
2012-07-04 12:17:06 ----D---- C:\Windows\Microsoft.NET
2012-07-04 12:07:43 ----SHD---- C:\Windows\Installer
2012-07-04 12:07:30 ----D---- C:\ProgramData\Microsoft Help
2012-07-04 12:06:40 ----D---- C:\Windows\system32\catroot
2012-07-04 12:06:37 ----D---- C:\Windows\system32\DriverStore
2012-07-04 12:06:34 ----D---- C:\Windows\inf
2012-07-03 12:23:30 ----D---- C:\Windows\winsxs
2012-07-03 12:14:08 ----RD---- C:\Program Files (x86)
2012-07-03 12:13:13 ----HD---- C:\ProgramData
2012-07-03 12:13:09 ----D---- C:\Program Files (x86)\Common Files
2012-07-03 12:10:15 ----RSD---- C:\Windows\assembly
2012-07-03 12:08:50 ----D---- C:\Windows\SysWOW64
2012-07-03 11:28:05 ----D---- C:\Windows
2012-07-03 11:26:38 ----D---- C:\Program Files\CCleaner
2012-07-03 03:14:23 ----D---- C:\ProgramData\PMB Files
2012-07-03 00:13:26 ----D---- C:\Windows\system32\Tasks
2012-07-03 00:06:18 ----A---- C:\Windows\SYSWOW64\pncrt.dll
2012-07-03 00:06:12 ----A---- C:\Windows\SYSWOW64\msvcr71.dll
2012-07-03 00:06:11 ----A---- C:\Windows\SYSWOW64\msvcp71.dll
2012-07-02 19:02:02 ----SD---- C:\Users\Jan Galek\AppData\Roaming\Microsoft
2012-07-02 19:02:02 ----SD---- C:\ProgramData\Microsoft
2012-07-02 19:00:46 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 9.0
2012-07-02 18:53:48 ----RSD---- C:\Windows\Fonts
2012-07-02 09:42:00 ----D---- C:\Windows\SYSWOW64\drivers
2012-07-01 23:24:46 ----D---- C:\Users\Jan Galek\AppData\Roaming\uTorrent
2012-06-29 12:33:08 ----D---- C:\Windows\system32\catroot2
2012-06-29 03:01:54 ----D---- C:\Windows\System32
2012-06-28 15:44:46 ----D---- C:\Program Files\TortoiseSVN
2012-06-28 15:44:42 ----D---- C:\Program Files\Common Files\TortoiseOverlays
2012-06-28 13:15:01 ----D---- C:\Program Files (x86)\Git
2012-06-28 11:58:52 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 10.0
2012-06-26 19:36:54 ----D---- C:\Users\Jan Galek\AppData\Roaming\TS3Client
2012-06-26 19:36:50 ----D---- C:\Program Files\TeamSpeak 3 Client
2012-06-26 11:03:13 ----D---- C:\Users\Jan Galek\AppData\Roaming\PSpad
2012-06-23 17:57:47 ----D---- C:\Users\Jan Galek\AppData\Roaming\.minecraft
2012-06-23 17:56:30 ----D---- C:\Games
2012-06-22 20:06:44 ----D---- C:\Program Files (x86)\Overwolf
2012-06-22 18:01:10 ----D---- C:\Windows\rescache
2012-06-22 05:41:53 ----D---- C:\Windows\system32\cs-CZ
2012-06-20 22:17:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-06-17 16:52:02 ----D---- C:\Users\Jan Galek\AppData\Roaming\Mozilla
2012-06-17 10:32:51 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-06-17 01:34:44 ----D---- C:\ProgramData\Skype
2012-06-16 09:02:11 ----D---- C:\Windows\system32\drivers
2012-06-16 09:02:10 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-06-16 09:02:08 ----D---- C:\Windows\SYSWOW64\migration
2012-06-16 09:02:08 ----D---- C:\Program Files (x86)\Internet Explorer
2012-06-16 09:02:07 ----D---- C:\Windows\system32\migration
2012-06-16 09:02:07 ----D---- C:\Program Files\Internet Explorer
2012-06-15 22:43:15 ----A---- C:\Windows\system32\MRT.exe
2012-06-09 00:02:28 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-06-06 17:16:07 ----D---- C:\Program Files (x86)\Battlelog Web Plugins

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-05-13 132832]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2011-09-16 27760]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-05-20 283200]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2012-03-13 224048]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2012-03-13 130864]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2011-05-07 454232]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2012-05-13 98848]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2012-03-16 33672]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-03-09 10857984]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-03-09 328704]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-12-05 95248]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx64.sys [2007-03-06 1479848]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2012-03-13 147248]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2012-03-13 166192]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2012-04-01 22336]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 X6va009;X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 []
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-03-09 235520]
R2 AntiVirService;Avira Realtime Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-05-13 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-13 86224]
R2 Apache2.2;Apache2.2; C:\xampp\apache\bin\httpd.exe [2011-09-10 18432]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 2369960]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2012-03-16 827520]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 57617752]
R2 mysql;mysql; c:\xampp\mysql\bin\mysqld.exe [2011-09-09 8158720]
R2 MySQL501;MySQL501; C:\Program Files (x86)\MySQL\MySQL Server 5.5\bin\mysqld --defaults-file=C:\Program Files (x86)\MySQL\MySQL Server 5.5\my.ini MySQL501 []
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-04-16 76888]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2012-03-19 2421640]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-17 257224]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-15 113120]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2012-04-18 4598592]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 OverwolfUpdaterService;Overwolf Updater Service; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2012-06-21 18360]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-02 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2008-07-29 4737024]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S4 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]

-----------------EOF-----------------

Zdravim

Na logu se pracuje, bude to nejakou dobu trvat.

Dobrý den, dobře děkuji, já mám času dost ^_^

Najdete tento soubor C:\Program Files\trend micro\Jan Galek.exe , kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Kliknete na Main menu a na Do a system scan only
U techto radku dejte vlevo zatrzitko Kliknete na nápis Fix checked a potvrdte





Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe a ulozte nejlepe na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands) Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 57482 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jan Galek
->Temp folder emptied: 4808210395 bytes
->Temporary Internet Files folder emptied: 247003756 bytes
->Java cache emptied: 28109066 bytes
->FireFox cache emptied: 68265950 bytes
->Google Chrome cache emptied: 282519250 bytes
->Flash cache emptied: 10303472 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 1619120 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4582693849 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 46357046 bytes
RecycleBin emptied: 777529026 bytes

Total Files Cleaned = 10 350,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Jan Galek
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service npggsvc stopped successfully!
Service npggsvc deleted successfully!
Service SwitchBoard stopped successfully!
Service SwitchBoard deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2060766028-3040431334-1060027230-1001Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2060766028-3040431334-1060027230-1001UA.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{687578b9-7132-4a7a-80e4-30ee31099e03} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578b9-7132-4a7a-80e4-30ee31099e03}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27CF82B1-E1D2-4f9b-976E-62095A52BA4A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27CF82B1-E1D2-4f9b-976E-62095A52BA4A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578b9-7132-4a7a-80e4-30ee31099e03}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{687578b9-7132-4a7a-80e4-30ee31099e03} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578b9-7132-4a7a-80e4-30ee31099e03}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMD AVT\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 07052012_171158

Files moved on Reboot...
C:\Users\Jan Galek\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Jan Galek\AppData\Local\Temp\~DF65FAC68A38B8FF76.TMP moved successfully.
C:\Windows\temp\ZLT0737c.TMP moved successfully.

Registry entries deleted on Reboot...

OTM provedlo co melo, zbytek logu vypada cisty. Takze pokud nejsou nejake potize, muzeme jen uklidit a bude to vse


Vsechny tyto programy - vcetne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)
Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar, jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk
Stahnete napriklad program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci


Kdyby byl problem, udelame hlubsi prohlidku.