TrojanDownloader:Win32/Adload.DA

Zpráva

Vendulkaaa · #1 Příspěvek od **Vendulkaaa** » 28 říj 2013 01:18

Dobrý den, systém hlásí, že mám odstranit TrojanDownloader:Win32/Adload.DA
MBAM našel následující. Noťas je sestry, nevím co s tím dělá, ale tuším, že se ani nestará o aktualizace atd.
Díky za každou radu.

log MBAM:

Verze: v2013.10.27.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Wenda :: WENDA-RODINA [administrátor]

27.10.2013 23:20:50
MBAM-log-2013-10-28 (01-01-37).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 489120
Uplynulý čas: 1 hodin, 30 minut, 24 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 2
C:\Users\Wenda\AppData\Local\Temp\ct3288691 (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Wenda\AppData\Local\Temp\ct3297861 (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 8
C:\Users\Wenda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6Q3TTU0A\ism[1].exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Wenda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U30AH207\mism[1].exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Wenda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UBI0ILGP\checktbexist[1].exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Wenda\AppData\Local\Temp\ct3288691\ism.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Wenda\AppData\Local\Temp\ct3288691\chromeid.txt (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Wenda\AppData\Local\Temp\ct3288691\setup.ini.txt (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Wenda\AppData\Local\Temp\ct3297861\chromeid.txt (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Wenda\AppData\Local\Temp\ct3297861\setup.ini.txt (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.

(konec)

log RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Wenda at 2013-10-28 01:08:11
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 285 GB (61%) free of 465 GB
Total RAM: 4061 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:08:20, on 28.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Launch Manager\LManager.EXE
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Wenda.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5i48i2v77r
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = About:Blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [EPSON Stylus SX400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEGE.EXE /FU "C:\Users\Wenda\AppData\Local\Temp\E_SA143.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Show avast! EasyPass Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Show avast! EasyPass Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 17149 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Windows\PLFSetI.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\spool\drivers\x64\3\E_IATIEGE.EXE" /FU "C:\Users\Wenda\AppData\Local\Temp\E_SA143.tmp" /EF "HKCU"
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe"
"C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe"
"C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" -quickstart
"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" "-quickstart" "-env:OOO_CWD=2C:\\Program Files (x86)\\OpenOffice.org 3\\program"
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
"c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
WLIDSvcM.exe 3432
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Launch Manager\LManager.EXE"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe" /watchfiles startup
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
"C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\SeaPort.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -scheduled -critical
C:\Windows\splwow64.exe 8192
C:\Windows\system32\spool\DRIVERS\x64\3\E_IAMTEGE.EXE /FU "C:\Users\Wenda\AppData\Local\Temp\epi857B.tmp"
C:\Windows\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe"
"C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3644.0.1296641153\1697789711" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,18,21,24,26 --gpu-vendor-id=0x10de --gpu-device-id=0x06ec --gpu-driver-vendor=NVIDIA --gpu-driver-version=8.15.11.8652 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3644.1.1104687774\69107963" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3644.2.280816355\1889966251" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\plugin/rf-np-plugin.dll" --lang=cs --channel="3644.8.822455414\149319614" /prefetch:-390060480
"taskhost.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3644.24.359888198\560695293" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3644.25.1022006564\1523206521" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/OmniboxStopTimer/Standard/OutdatedInstallCheck/12WeeksOutdatedInstall/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3644.27.1258544521\1709401494" /prefetch:673131151
"C:\Windows\notepad.exe" "C:\Users\Wenda\Desktop\MBAM-log-2013-10-28 (01-01-37).txt"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/OmniboxStopTimer/Standard/OutdatedInstallCheck/12WeeksOutdatedInstall/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3644.33.1216806935\1775614134" /prefetch:673131151
taskhost.exe $(Arg0)
"C:\Users\Wenda\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton Security Scan for Wenda.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Wenda\AppData\Roaming\Mozilla\Firefox\Profiles\vqrjd4jv.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, personas@christopher.beard:1.6.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17, {989e9382-d540-4189-88d1-fc54a949a387}:0.8.7, {d62e0de0-401b-11dd-ae16-0800200c9a66}:4.5.4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Wenda\AppData\Roaming\Mozilla\Firefox\Profiles\vqrjd4jv.default\extensions\
{989e9382-d540-4189-88d1-fc54a949a387}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
avast! EasyPass Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2012-06-01 24504832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-10-11 256080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\amd64\BingExt.dll [2013-08-30 1142944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
avast! EasyPass Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2012-06-01 18423608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-08-29 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-11 194640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll [2013-08-30 1423520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-08-29 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2013-05-09 242496]
{724d43a0-0d85-11d4-9908-00400523e39a} - avast! EasyPass Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2012-06-01 24504832]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\amd64\BingExt.dll [2013-08-30 1142944]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-10-11 256080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-05-09 198688]
{724d43a0-0d85-11d4-9908-00400523e39a} - avast! EasyPass Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2012-06-01 18423608]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll [2013-08-30 1423520]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-11 194640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2009-08-06 828960]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2009-07-20 503864]
"PLFSetI"=C:\Windows\PLFSetI.exe [2009-07-03 200704]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-14 1815848]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-07-28 16334880]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus SX400 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEGE.EXE [2007-12-17 221696]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-22 39408]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"RoboForm"=C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2012-06-01 99320]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-04-19 18678376]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-08-18 825864]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"NokiaMServer"=C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2013-05-09 4858968]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2013-04-04 532040]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Wenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.4.1.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-10-28 01:08:12 ----D---- C:\Program Files\trend micro
2013-10-28 01:08:11 ----D---- C:\rsit
2013-10-13 20:43:18 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-10-13 20:43:17 ----A---- C:\Windows\system32\ieui.dll
2013-10-13 20:43:14 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-10-13 20:43:13 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-10-13 20:43:13 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-10-13 20:43:13 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-10-13 20:43:13 ----A---- C:\Windows\system32\iesetup.dll
2013-10-13 20:43:13 ----A---- C:\Windows\system32\iernonce.dll
2013-10-13 20:43:13 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-13 20:43:12 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-10-13 20:43:12 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-13 20:43:12 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-13 20:43:10 ----A---- C:\Windows\system32\iertutil.dll
2013-10-13 20:43:08 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-10-13 20:43:07 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-13 20:43:06 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-10-13 20:43:06 ----A---- C:\Windows\system32\jscript.dll
2013-10-13 20:43:05 ----A---- C:\Windows\system32\jscript9.dll
2013-10-13 20:43:03 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-10-13 20:43:03 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-10-13 20:43:02 ----A---- C:\Windows\system32\urlmon.dll
2013-10-13 20:42:59 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-10-13 20:42:59 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-13 20:42:58 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-10-13 20:42:56 ----A---- C:\Windows\system32\wininet.dll
2013-10-13 20:42:55 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-10-13 20:42:52 ----A---- C:\Windows\system32\ieframe.dll
2013-10-13 20:42:48 ----A---- C:\Windows\system32\mshtml.dll
2013-10-13 20:42:44 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-10-11 14:11:17 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-10-11 14:11:17 ----A---- C:\Windows\system32\comctl32.dll
2013-10-11 14:11:15 ----A---- C:\Windows\system32\drivers\usbser.sys
2013-10-11 14:11:15 ----A---- C:\Windows\system32\atmfd.dll
2013-10-11 14:11:14 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-10-11 14:11:14 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-10-11 14:11:14 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-10-11 14:11:14 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-10-11 14:11:14 ----A---- C:\Windows\system32\lpk.dll
2013-10-11 14:11:14 ----A---- C:\Windows\system32\fontsub.dll
2013-10-11 14:11:14 ----A---- C:\Windows\system32\dciman32.dll
2013-10-11 14:11:13 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-10-11 14:11:13 ----A---- C:\Windows\system32\atmlib.dll
2013-10-11 14:11:12 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-11 14:11:12 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-10-11 14:11:12 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-11 14:11:11 ----A---- C:\Windows\system32\drivers\usbscan.sys
2013-10-11 14:11:11 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-11 14:11:11 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-11 14:11:10 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-10-11 14:11:10 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-10-11 14:11:10 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-11 14:11:10 ----A---- C:\Windows\system32\davclnt.dll
2013-10-11 14:11:09 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-11 14:11:08 ----A---- C:\Windows\system32\mswsock.dll
2013-10-11 14:11:08 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-11 14:11:08 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-11 14:11:06 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-10-11 14:11:06 ----A---- C:\Windows\system32\win32k.sys
2013-10-11 14:11:02 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-11 14:11:01 ----A---- C:\Windows\system32\advapi32.dll
2013-10-11 14:10:59 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-10-11 14:10:58 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-10-11 14:10:58 ----A---- C:\Windows\system32\tdh.dll
2013-10-11 14:10:57 ----A---- C:\Windows\SYSWOW64\tdh.dll
2013-10-11 14:10:56 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-10-11 14:10:56 ----A---- C:\Windows\system32\ntdll.dll
2013-10-11 14:10:55 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-10-11 14:10:54 ----A---- C:\Windows\system32\wow64.dll
2013-10-11 14:10:48 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-10-11 14:10:48 ----A---- C:\Windows\SYSWOW64\user.exe
2013-10-11 14:10:48 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-10-11 14:10:48 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-10-11 14:10:48 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-10-11 14:10:34 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 14:10:33 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 14:10:33 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-11 14:10:32 ----A---- C:\Windows\system32\scavengeui.dll

======List of files/folders modified in the last 1 month======

2013-10-28 01:08:17 ----D---- C:\Windows\Temp
2013-10-28 01:08:12 ----RD---- C:\Program Files
2013-10-27 23:22:40 ----D---- C:\Users\Wenda\AppData\Roaming\Skype
2013-10-27 23:11:16 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-27 23:11:09 ----D---- C:\Windows\system32\drivers
2013-10-27 22:56:25 ----D---- C:\Windows\System32
2013-10-27 22:56:16 ----D---- C:\Windows\debug
2013-10-27 22:53:21 ----D---- C:\Windows\tracing
2013-10-27 21:13:06 ----D---- C:\Windows\system32\Tasks
2013-10-27 21:12:45 ----D---- C:\Windows\Tasks
2013-10-27 21:07:40 ----D---- C:\Windows\system32\config
2013-10-27 20:56:16 ----SHD---- C:\System Volume Information
2013-10-27 20:47:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-27 20:47:05 ----D---- C:\Windows\inf
2013-10-21 05:18:12 ----SHD---- C:\Windows\Installer
2013-10-21 05:18:11 ----SHD---- C:\Config.Msi
2013-10-16 19:42:30 ----D---- C:\Windows\Prefetch
2013-10-15 18:03:07 ----D---- C:\Windows\rescache
2013-10-15 17:45:55 ----RSD---- C:\Windows\assembly
2013-10-15 17:45:55 ----D---- C:\Windows\Microsoft.NET
2013-10-13 21:07:11 ----D---- C:\Windows\winsxs
2013-10-13 21:05:26 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-13 21:05:25 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-10-13 21:03:29 ----D---- C:\Windows\SysWOW64
2013-10-13 21:03:29 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-13 21:03:28 ----D---- C:\Program Files\Internet Explorer
2013-10-13 21:03:27 ----D---- C:\Windows\AppPatch
2013-10-13 21:03:26 ----D---- C:\Windows\system32\DriverStore
2013-10-13 20:46:36 ----D---- C:\ProgramData\Microsoft Help
2013-10-13 20:43:48 ----D---- C:\Windows\system32\catroot
2013-10-13 20:43:45 ----D---- C:\Windows\system32\catroot2
2013-10-13 20:17:41 ----D---- C:\Windows\system32\MRT
2013-10-13 20:17:35 ----A---- C:\Windows\system32\MRT.exe
2013-10-13 20:00:13 ----D---- C:\Windows\system32\cs-CZ
2013-10-09 21:45:06 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-10-09 20:26:44 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-09 17:33:42 ----RD---- C:\Program Files (x86)
2013-10-09 17:33:08 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-06-28 189936]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2010-09-23 69152]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-03-06 22600]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-06-28 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-06-28 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2009-08-11 686080]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-07-27 58880]
R3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2011-02-04 17152]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-05-14 5435904]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-05 18432]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-07-14 273456]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-05 16896]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 48488]
S3 int15.sys;int15.sys; \??\C:\Windows\syswow64\OEM\Factory\int15.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-05-18 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-05-18 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-06-24 216576]
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-05-18 9216]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys [2008-09-04 17920]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys [2008-09-04 27136]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys [2008-09-04 33792]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-05-18 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-05-09 46808]
R2 BcmSqlStartupSvc;Služba spouštění serveru SQL Server aplikace Business Contact Manager; C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-18 864032]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-06-04 1150496]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2012-09-22 1737728]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-28 382496]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
R2 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\SeaPort.exe [2013-08-30 240288]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BBSvc.exe [2013-08-30 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-08-06 844320]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-16 135664]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-16 135664]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-12 194032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-09 118680]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-01 1255736]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 28 říj 2013 07:24

Zdravim

Nalezy MBAMu smazte

Aktualizujte Avast na nejnovejsi verzi 9

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Vendulkaaa · #3 Příspěvek od **Vendulkaaa** » 28 říj 2013 12:36

Dobrý den, zde jdou logy:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Home Premium x64
Ran by Wenda on po 28.10.2013 at 12:13:00,29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\robotaskbaricon_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\robotaskbaricon_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\robotaskbaricon_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\robotaskbaricon_RASMANCS

~~~ Files

Successfully deleted: [File] "C:\end"

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{00496299-660A-4EEE-84D6-4D2CFB43D7CC}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{0118C260-8622-4650-886A-7F553B406C30}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{011B3A6B-E4DA-437D-8CD9-A413692CBD83}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{01F592AF-1249-4131-92F9-705F89FF0523}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{02994CA1-3E34-467B-BABA-53BA0F5415B1}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{038F24FC-26B8-46C9-8D81-68B0472973D4}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{03AF1EB2-6BC5-4301-9DF7-85A4E302CBC8}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{0574A61D-CA4A-46B8-ADCF-92982C310BC5}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{06156972-603E-4127-B84B-F6B5BB1DBD4A}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{06216536-AB20-460F-A50B-9A64CAB6B7C7}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{083CC666-EF12-47E7-9F1F-FFCD8E86AE74}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{08476170-8884-470B-9ABD-32E1D4EE29E2}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{08E24297-1718-4ED5-AE6A-837EAA0E3180}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{09DE07FA-9D8D-4F9C-BA11-22BBEBBB2570}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{0A7F0E8F-45E7-412A-BA7C-ACF4B07C8255}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{0A8AA650-F176-4AAC-A41D-2B88C41165A3}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{0AAA0FC9-6302-4E8C-83A4-8385A67E6EDD}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{0AF6BF88-3A33-4BCF-8DF9-D26C5B993B23}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{0DE63629-2E4D-4550-82AB-362CE7160107}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{0E66FBE1-35B2-48ED-80D6-71127E29F49B}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{0F852317-48C6-44C3-8512-4309B228C42C}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{0F8C3F0D-B91F-4D81-8094-E29D5FA5F482}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{10B3580D-278B-4CA6-9C2F-71E58E63A0EE}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{1252BB88-31BD-4BD9-B84A-FA2FE3F562DD}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{1283EDBE-F7EC-4B30-9B2A-EFF0D820047A}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{13E867F3-0CDF-48F6-AAFB-0108994365BE}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{14264FE7-5231-4FEC-968A-AB5E8641EA37}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{14DE8512-E8E9-4F49-B9B0-A1B7CAAFD76F}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{159B8AA5-A319-4493-851D-4D4962E912CB}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{15BE4AA9-73CD-4E34-B3CD-0E9C73FBFACE}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{17CD4AD5-DB65-4B65-AC63-A179FF14F061}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{188C2297-E16F-4FE5-88FF-2DA1A3776BF8}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{189CE71F-1DA1-40E2-BE2F-C4A703826E4E}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{190C9A91-8B8C-453C-B025-AE7C7359E849}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{197B7B6E-0212-41FF-8B0F-521411911BAF}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{1982EE75-DBF7-4181-B7C8-A2D15EA6FE7B}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{198B0573-B46E-47E9-9292-EDEACFD03B0B}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{19A8E0A7-E6A2-41C3-9DB2-D599729A204F}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{1A7E1581-4C30-4083-95FF-1638DA4E8EB8}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{1B586CB1-1635-49F7-86D0-1AD6C1C4E1F7}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{1BF633AE-E8CF-4DB6-9F96-DFD98D6F0C4A}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{1D8F04BA-C417-44B9-8A7A-BB1D7A78DBC8}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{1DE2B595-C53B-4F04-8EFA-A7D4A69F7D24}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{1F21B518-D445-4607-B0F2-90314F4B2255}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{1F2A8A53-676F-4453-A2BD-5E4AB97B740D}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{1F394157-9D53-471C-BA25-57DF27ADBB4D}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{1FEC9EA2-9211-49B0-9502-C65B9D908A5C}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{20018D43-329B-4ACC-8851-F23AD7466795}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{204D8C96-D17E-47E8-B74D-E190CCCCB921}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{209A5393-41F3-485C-B11B-6699A190F386}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{20D76B75-E2FB-4B3F-8916-2C6E96AF07D2}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{2122D2ED-0F0F-4950-9AFA-FCE5E14E281F}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{218C06E9-756C-418C-A063-0BC3B2F83324}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{21D8C960-B248-4FC9-8A20-D72FFC7012C1}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{224DD4BB-FF77-4656-BF0D-79EC4CAAA87C}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{225CC4D3-FE76-4931-8F55-DE5019B0AE9F}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{2359A6C4-91BA-4AD9-AB16-3176881C74D7}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{2365CC2C-0732-4275-84D2-2096D1ED5DEC}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{23F2A5FC-5039-4060-8499-13D6B328EE16}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{24D61751-D9E3-41FB-AEA0-7ADE82B90471}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{26198416-C89F-4252-A1FC-000B65292C2A}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{2666CD39-333D-4456-9AD9-B704771EFDAA}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{269748A7-0A85-4EE2-B475-168106196441}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{27DE0962-3EBC-42F4-A3F2-857CE9C6B2F8}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{28D3B925-D54C-4B31-BC60-EC1D42E50BDA}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{2A7ECDC8-3BEB-447B-B7A1-1DF9BE5D25EB}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{2AD3E9E7-5824-4386-B01B-7D61BB40D9C9}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{2B476CB2-5460-4589-BDB8-3B477776A041}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{2B510FC9-FAB3-4472-BAA2-47268A90E94B}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{2B9D5D51-DAA4-4663-B07B-A6311BE78247}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{2BB91C63-F3E0-414B-B98E-14B1FF624322}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{2C4B2D72-DD27-443C-BCE6-4D94A973382D}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{2C80AE89-F7BD-4820-ADB4-C72FE3631C41}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{2D1C2118-958F-43BE-B2A0-BA412680B058}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{2E61D84F-3E4A-40A3-B52F-4B2741EE646D}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{2F260CD3-6A56-4FC4-A371-BC3C1F292A18}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{324C7ABE-3991-4202-8755-D53CC20441DB}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{3348A3F2-BD3A-4077-B437-25165FA611B7}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{33DD1659-96F7-468F-8BDB-898E2315EC71}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{347E6321-264F-452A-A5A2-FE119BA3275B}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{35BE545A-C8CF-48F5-8B7A-6488416311DC}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{36B1D52F-E374-49A1-8815-E4B09AC29B31}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{3721DEF5-038A-4F33-9350-DE09B4D917FA}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{376AFC4D-3F1D-4F38-8A83-CC812A877B09}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{380DEF8B-D936-4E4D-9ECC-96C41F48221B}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{39D323F0-62DF-4B60-882F-3852139B32CB}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{3A0B35BE-5811-4CA2-AE7E-D82F2A775AB6}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{3B1C7097-1C76-4195-9A84-F11DE978BD52}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{3BCB2718-B65E-4631-9F1C-AF5B2B645A2E}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{3ED2A629-9123-428A-AAD7-CF6B13233242}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{3F5B454B-5501-4414-9F1D-E6A9EDF08D2B}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{3F7D036E-3857-42D0-B2F5-F747CF4BF529}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{40D2F74A-86E7-4B80-B23D-60B6341A4FD8}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{4199D040-A6B4-412F-8244-14C074AF47C4}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{42184A00-F27A-4967-8B37-8A40AD1A74CA}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{423104B3-A739-4245-ABF6-519A38A55CD2}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{426AE89B-CC6B-4580-9E15-268BB3755CC4}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{429FF18A-76E0-4DB7-B73D-C13D1938B048}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{42AFBC3E-7062-43DC-8A50-9BFB2888918E}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{43735D4C-3A1B-4F9A-9917-84D3DDCF0B6D}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{438BE2C1-6243-4982-B5E3-DE58B4E8B02D}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{439E11D5-D2F8-43A7-8E50-7FE42EFE7101}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{4415D21E-4A8C-4B85-8E2B-366A73A95023}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{44817827-2747-477B-B988-57024C9AF387}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{44E5258B-141E-4E1A-AFA0-53E7AC6A1931}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{4637581F-A007-41AC-80C2-8435D1477911}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{4664E696-6ABD-42D5-AB9C-B3B8CF7DB2DC}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{46B8B12E-C1F4-4F32-9EFA-1C93F3068E64}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{474184CC-F226-4F15-8387-9B8EB14AA078}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{47DBBB7D-D987-46B7-A919-79F2D8935B0C}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{48B50E92-1B42-426A-8E8E-43E9ACCDA259}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{48BEF82D-491F-4F13-9352-C9EF96398085}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{494B8ABF-08A7-4488-9978-0B877EA97D13}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{4A608F77-107B-4C4B-91B5-32F4CC17A1C4}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{4B2F2AC0-7661-4CFD-994F-CBD60E9A2F4F}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{4BA5F28C-9CB7-406B-A369-0E59EA51A02F}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{4D4F05FC-D303-4CA2-BA25-B3C1D5138DB2}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{4DD0BD65-08BC-452B-82F9-8AB816A9EC1F}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{4EDA29BB-F4C0-4573-8219-85A81DC81632}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{4F013FA3-A55F-4A77-8359-6FCCCA5971D0}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{4F81F227-884A-4ED1-BC7C-37E12B1FBBD6}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{4F8C755E-C04F-4008-A612-455D42C02357}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{503DFEDF-3C83-4434-860A-A14AC14CD186}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{50B76247-F87E-44BF-8E7B-486B8D7CBDD0}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{50E99DE1-298A-4FB9-8310-F117DBE6775D}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{51F87ADD-D70A-4487-9FA6-57292F1E5EAF}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{53FE7E92-1310-425D-830C-FCCCB672902C}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{54583267-412B-4357-81A3-1CC8800B386B}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{54ED7AA8-9166-4156-A615-FC7E7E146838}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{5517ED3A-4745-41FE-8256-0956E73215BF}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{5519D257-9A80-40D8-975A-F4F9B0962540}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{552FF573-E028-4857-A972-0C88F488A5FF}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{55416867-E267-416F-82DB-2A54537AEC5D}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{5601CBC8-2590-43D2-9A55-1E4F65D87A5B}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{560EC117-528C-45C5-99B8-6BD92FF1B28B}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{563C6F83-E02D-43F7-99AF-AA1D7CD771B2}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{563F3C0D-1326-4AFE-A1FB-73B28218104C}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{5713EB85-84B0-46C4-9B87-7CC37E6CFFE2}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{57FE9DDA-339D-4305-9770-E6037FA71875}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{598DB1BA-05CD-45EB-A18F-AB45C92E6499}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{59908A3A-BB23-4A00-9EE0-895F7C476529}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{59CE7CF1-BC6D-4DB3-8020-CF6ED10E7338}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{5A6CA06C-FC5F-4F29-BBA3-1B761BECD8A6}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{5AA8A6B9-AF3F-478E-BAB5-937CEC0A7310}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{5ABA428E-5232-4003-8BB7-9E4365A38CDA}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{5DB8A6D5-EC46-487F-A153-DD7B1D8060ED}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{5E54BEB8-995F-4736-976B-4CAB1FB2268F}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{5FA0EA6F-17F0-4A1B-880F-75BDB5C89698}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{6058CAAF-4956-4658-8997-C328376AB4F7}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{6201FDAE-3B81-43CE-BB4C-59A0269D6E0F}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{64512DD1-A24F-4279-866A-AC56D0424ABE}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{64CC199A-39EB-42FD-8ED2-C939F760EB6A}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{65C92DCF-3BC0-4AD9-9C8D-5AE9BA55E72A}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{65F06464-7646-45B7-8F85-CD93C977706A}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{65F91756-B996-4D74-85A3-BAC6D8439E77}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{66AEF5AC-5A2C-498E-872F-E06AE9190980}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{67459F3D-C3CC-4B45-A1D0-79DBF46367D8}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{6792F8B7-112E-4522-B232-22BE83418265}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{68A6D8BC-0F25-4B5D-BDE6-F8F47F366A9C}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{68CA8E99-9D07-47A2-B50E-C66371711680}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{68DEC7A9-4317-4E64-89DB-DDFBE0F64204}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{68FE9D3F-BDA1-4371-A6BC-7F8A6DBE56C5}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{6A0EDBC5-FBC4-46C9-8D58-67D53641F202}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{6AB71573-5F24-4FAD-B971-5DEF2B838D6E}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{6D55BDA0-A2B1-4ABA-B1AC-1394FA46D730}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{6D924C08-E501-4B49-A3A0-C5400F266AFE}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{6E9A09B3-CDCA-4F57-82C2-062003913D0D}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{6EDF7211-9F05-4327-B0DC-C581FF0F0E48}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{714582FF-F1A3-4A38-8F0A-D4987364B3A4}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{727FD545-609F-4C28-92B0-8CE285ABF2DB}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{72E6D663-46C5-4D51-BC69-2B112F9A2A1A}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{73CA1648-361F-4831-99CC-03E736FEAB7D}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{73E86B51-C6C7-4D99-A901-83D986A70EF6}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{74B2F56A-3310-4AD9-8131-116E2271794F}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{75D08877-138B-4868-BC3C-71CE2B96B7D9}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{761AF11D-6062-4E87-8A99-958B6FE2C79E}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{778E2B8F-8924-4D43-ADF0-0B9E8556CB9E}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{784B1CE7-F2B7-4C7D-A719-7038128386AA}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{7986BBE9-A692-46C3-9BE8-C4E20B7882B2}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{79A57272-AA56-4CAD-B5DD-A597BE19CF3E}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{79D8BC8C-A647-4A59-990E-92929F16EC78}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{7B2C148A-BBA3-443C-99F9-27214BD05BEC}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{7B31BA4B-84B6-45A5-8087-D77A16C2842E}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{7BC68745-52B5-4C80-B851-8DDFD6C8A69F}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{7D5EBCD6-E1D1-4C00-8163-2AE1CE8A37E8}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{7EF6FFC3-DF7E-4816-A338-1ECD2596B0F3}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{7F9D6041-72CA-42C2-8C73-7A3017EF008E}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{7FBD0000-95C2-4584-B6FF-2E9D3796EACB}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{8039EFF4-7DDE-4CAD-94A4-AE1742F794C6}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{8199C72D-721D-4193-9FD8-A73231170CF7}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{820EC3CF-1A50-4C07-8FD0-BCB00FFC4BD3}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{8278ACD9-D7F6-42D5-9C2F-DB7C574C161D}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{8282AC38-3BC7-4F54-8198-E30743D5F82D}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{839D292A-6ABA-41B9-8D72-D4889F84F374}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{84185370-4408-45F1-988B-2492EA94C519}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{843DECE4-8A71-45F3-A44E-6A3E49A7ECBC}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{8478E34F-F10B-4885-9DF2-B504A37BE381}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{85A4C6F4-605D-4D69-9DC2-5993B9E23E3C}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{86AEB9B1-F17C-4A18-B4A7-98FF2DD18814}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{86CC3A83-0D41-47EE-9387-7E26B594EC76}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{884B7454-54DC-475F-9068-4121F101299E}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{885C169C-9EF0-461C-A1D7-F051D088A246}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{88D48E42-B06D-4EFE-9EFB-FC7554F5408F}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{896D58EE-D3C4-4891-86DF-4F4FB6EE0541}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{89718834-C23F-4F23-BC60-7BC33D192C6A}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{8974DB38-4413-4DAC-96BE-AB001670D375}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{89A3091D-0D24-4481-8C86-144227F97F2E}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{8BC596C0-1D4C-4791-A904-030A7F5434A2}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{8C48F1FC-14BF-45F6-A4DC-22045359FC73}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{8C4C1CEB-E83F-4766-9774-1E76718B1119}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{8C75F93A-9B34-4436-B9CE-C5EDA67B2CF0}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{8D16D477-3281-4A1B-AC30-9AF30B050A0A}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{8D39E2C2-DBA1-4237-A738-0726FEA352DB}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{8D61FF89-A15A-4144-8B46-8C183C570168}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{8DF7EB30-315D-4E84-A59A-2646A98E8507}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{8E1CE29A-BC4D-4212-9200-D924F358CD4B}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{8F2E2307-E76D-44CF-95DB-C57EBBAA7FFC}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{9009E8C2-FD8C-424F-BA20-B337568EF6CD}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{90F0708C-9560-40BB-80DA-86D1BC1AFD70}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{922ED822-620C-42EF-87F8-C4EAA50C43B6}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{9250B3A0-51E7-4AD7-B215-139E2D480D14}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{92C29DA2-B104-42AA-9795-E0D1731B30BA}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{93706F84-01D9-47BB-B970-B6399FAD577B}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{9376B652-E27C-4CBE-B756-D9BF9E37FD54}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{942B4CD2-E65C-493D-ABFC-0A41411C57A1}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{942E44EE-91BA-435B-A835-D6DD0087A5F9}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{94DE22C9-8D37-4AAF-8F4E-6B0C3EAF1111}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{96898AA7-6C5A-4506-A073-5185AD1DDDDB}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{979BC8BD-B8FC-4611-A58E-8C6FBFD6512D}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{9925AA02-E82E-4B72-B151-D0748DE3D91E}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{99A84F71-1843-40BB-BB18-19507BB196D9}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{99BABC96-3096-4F8D-AEFC-642DE9B362FF}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{9D3B1B79-ECA3-4111-98BF-87FA4AB73B9B}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{9E084B94-B515-4714-A3B0-3EBD9CC40ED9}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{9E620358-EFA8-4782-9C8C-E0F8A74B42F3}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{9ECDAC25-7D33-4536-82AA-4EF29BD42A4D}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{9EFC534E-CBEE-4664-9801-AE8F38B69C5D}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{9F13828B-64E2-4682-9C4B-BDD4E05F9E27}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{9F370D41-A218-43F4-8804-5CF139873503}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{A03F5116-3F9E-4E59-966B-FE1E7971ED4B}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{A0B550C8-6C12-4FDE-8611-A077856A8D3A}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{A15C65AE-5B85-4717-B6A5-C97C52831CC1}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{A1C385A9-41ED-4A0E-BA3D-525C576E8BA9}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{A2288D06-6B9C-424E-AA27-87EF67E83C18}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{A4715D46-682B-4F8B-BC27-55312E1A363B}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{A4F75687-EDA3-4831-9358-69E3FAAD5920}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{A5BE38EF-7196-4CBC-B631-A906D82321AD}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{A6147592-15F6-48C1-99CA-DF0808E1DDE9}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{A6E644F8-E09E-4EB1-B2D0-4753721ED9F3}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{A7F9E752-F38F-40EF-9076-44A42B907FD1}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{A86DC889-1E54-4C76-9303-7E6EB049E61C}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{A8A3F5CF-66E7-4551-B4F4-4984F420CE0E}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{A8FEAAF1-EFE9-4D78-B9BD-AA419C2FA33B}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{A98BC202-86DB-43D8-9B4B-97EB1F3A8A4C}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{AAF4D22D-422C-4E6F-8AB2-A43CB12C424B}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{ABA99733-E071-42E0-ABAD-519847E783A9}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{ABB4A622-7967-4042-BC38-D6334D4B0B91}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{AC39C253-1271-4106-9DC5-E739035656B4}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{AD03BFDB-9FA3-4F1C-9D09-CF346B9F7FC8}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{AD42661C-897B-40A8-906F-C29739497898}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{AD6E590F-AA68-45D1-9559-476CBDF9BAB1}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{AEB469AF-970C-46AD-BDC2-B2E32BA4D1C4}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{AF07C14E-634C-427A-B1D1-5B1A1588498C}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{AF0BB3B5-4642-4F5C-B016-13E3C89C1885}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{AF98A8D8-363B-43C7-A1A6-B862164A5B32}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{B04D2FF2-5436-48EF-A906-5B6D22F912A4}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{B17763D2-A619-449F-9D40-A2E3C3F10310}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{B1D8D65D-B1F2-41A9-854F-BE521DE17573}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{B41A548F-FB5D-4EB0-9414-21BE0085296F}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{B4DF3D28-36AE-4DCA-9378-0EB891CE08E7}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{B4E37BE0-3943-464E-9258-BCC51CA83C03}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{B5437A2F-B70F-438C-BB52-17702F2BA10C}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{B5CD53FB-4FD2-4556-8873-D3913117DA3D}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{B9770705-F601-41CD-A999-D1D770F48AF2}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{BA505478-4084-440E-9A4C-43C724745C1D}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{BAA0D10F-0E7C-4EBE-AF61-16461AFD9EFD}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{BAD77A0A-4825-48D4-BE2D-A4B2B5E69299}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{BBA20665-F48C-4184-BD10-9733C85989E2}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{BBCBAEA0-77B7-4419-AC7F-BE75187903F6}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{BC7C8ACB-404D-4C41-A0AF-8A170276F816}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{BD4E3AD7-A678-42C6-8D95-16E35E87F46D}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{BD6298EC-6BBB-4A20-A279-6F9B2789DBB0}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{BD7D3F08-83D3-431F-B0EC-8952A4C98416}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{BE00462B-533D-4CA1-B6BC-3F25250FA627}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{BE3302D5-6561-4DF0-8799-3B65B364CB78}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{BE3BFD2E-0BC2-4B8A-8BA5-F5FBBB6E7473}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{BEFBB790-994A-40A5-B25D-2F78ADC9E53C}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{BF20E309-33D0-43E9-B2D0-8EFFBCEEDC5B}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{BF83E5DE-C419-48E7-9012-6973CBB811C7}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{C0213AC1-B215-4E6D-AE61-A3BF64CDFE11}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{C0D237B2-F37E-40F6-B5C1-DAD61D74BDA6}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{C1DC380A-DB4B-4CDA-B02B-985E30643BFE}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{C23D6D1D-77BF-40F6-9709-43B4F1088581}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{C26C74AA-5E71-4642-B34B-27A895BA3DB4}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{C27DDE14-59F8-421B-9B0F-91E8264F371C}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{C51B9E53-F157-4BCD-AC21-20736754B17F}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{C6E859F8-FA75-4B4F-989A-2CC8A5A2B13F}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{C75E0A75-7255-4A01-99A9-42700E677834}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{CB27EC1F-198B-442E-B26F-39ABC326FEEE}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{CBC44A69-54B7-445F-9C02-A0B8541DFC32}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{CBE61132-36B9-4625-A90F-660DCF4C3A65}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{CC1D093D-2062-4AAA-A4FA-24F4608B4675}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{CDABBB8E-E4D0-402D-95B3-85D871A58F11}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{CDEA3B22-5445-401C-B458-7669BD059D39}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{CEE48975-4DB1-4C8C-98E2-D6D595B2A7CB}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{D01BC40E-CDCE-4C60-9922-9713E36F6BA0}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{D0419E3F-7326-40EC-A79D-8161C656310F}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{D1BA4D06-43C1-44F5-B799-66AA11CCA6DA}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{D3723174-3F61-4F99-AE17-8A3198AC3A70}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{D3AAF409-0406-4E6C-9387-4808A7D4FCA3}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{D41B47CD-DCCC-419F-8596-D8A307A12197}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{D496789F-0599-4811-9BD0-A65DAE8EE4E1}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{D4AE06C2-EA56-47AD-A736-D0A88420F13E}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{D53BE2F4-8543-4685-9F70-32652DD6FDEF}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{D578F3A5-0CCF-48D6-AFCD-DDA86743E456}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{D5FB04CE-FB92-4F3D-A46D-4A6F2C2872B4}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{D6183D59-8C19-4CF2-B4EF-4AA4B8FE9968}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{D77C7B0E-2070-4FB6-A47C-A256677F2B2B}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{D88BD939-B282-4A80-A1C6-2D7223BBCCAE}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{D8B1EEF7-54CC-4C47-8DCD-1434C4AE3AC5}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{D8CFC204-45AD-4EDA-AB78-4027EBF29BBE}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{DC145C8A-5C74-4AF0-904B-A2C36DF86E92}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{DCA2A5B9-EE4C-4E61-87E5-6F305C016DC7}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{DCCD7AC6-072C-456E-8CC3-DAF225AA3BCC}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{DD1E77F3-0903-4A86-B91D-1A29863877D9}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{DD94DA97-84D0-426D-877F-FFF96B3A8698}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{DFAE4F02-8FF5-454F-9C4C-104A50435199}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{E0EF2289-B3DC-426D-A759-51E0D3343C9F}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{E11D8E19-4C85-4F15-8F55-BE2FAD5B2EFF}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{E30592D0-3A79-4D4F-A131-4C1401CBCB6A}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{E4AB7304-5B4E-402E-931A-F713974BC92B}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{E4EEAF02-B142-4D58-B833-9E9853E3FF06}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{E536F68B-BFE9-4CA1-BB9D-D8231302196C}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{E5AF0083-0271-457E-ADE6-730AE99A51A6}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{E642D726-0AAE-4334-9B61-EAB9A4F2B8D6}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{E6C215CE-49B7-4B89-83EF-D413BE7EB318}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{E70D683D-E1CD-4116-AAAF-8AEE1FA04A0D}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{E738B665-52EC-48FC-BD61-84C37C684EC9}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{E8071658-7E93-42EE-8677-AB1482BAF10F}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{E8DBF209-E6F7-494C-9C7C-F0F693B5A6BA}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{E9C7ACBD-D881-49C0-88EC-E0B2FCF4BDA7}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{EA9B7A07-38F5-447B-9F2D-BD20EFEE7526}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{EAE63A2A-A1B7-422C-82D4-48D026EF7748}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{EBA9B1C2-CBD1-4D37-B32C-4104A5F3CAED}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{EBC72A99-718C-4779-9D3D-20B5D5D0EE59}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{EBEBD7A3-B91E-4713-A5C9-0AA521981F33}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{EBF84A36-CD72-4D27-9AC8-B8FB990F6918}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{ECAE5E8E-5DD4-4072-83E4-DE572062C5AA}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{ECEF0662-9FCF-444C-9B18-46DDDE4A2326}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{ED0AF1CC-47AC-41B7-B0B0-C984C6EAA519}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{ED327927-62E8-4A2A-84AB-8E3AE064D374}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{ED704E96-A997-4D59-A64B-B598BCDEE396}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{ED934488-756E-4C26-995B-94F6422DBB0F}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{EDFF278B-A1BD-447A-BDC5-19339714E0DB}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{EE45E0A0-AA6A-4DDD-A8D3-0BCC11E52A98}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{EE6BACFD-3919-43C1-815E-2DEF1AC66AC3}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{EE9732FD-6B20-4182-B02C-4022FC475657}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{EF63BB41-1D9E-4FC7-93A5-0D94D54C8DA5}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{F0659580-6BA0-4E1A-80EE-F82258282AEC}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{F090A009-4379-4471-AE3D-163E88297B65}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{F15E3405-38CA-4DA3-A891-60CC2D31CADE}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{F16AB8E3-E404-4B83-BD72-5A9F67105767}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{F21AB7C4-5C75-494C-AE06-C17472532E65}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{F222689A-7673-4CC1-91B8-2233211DA470}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{F25F3EDB-6B15-4997-B30D-86DFC0E53A28}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{F2CED366-371D-42EE-BFBD-CAE8F5D78A3D}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{F3316309-DC7B-4A25-A9A4-CC42BF6AD188}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{F36938B2-429C-44B1-83F0-A3FC4DB1E0A2}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{F3AD21E4-B6A8-4963-BD46-A305855769B9}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{F4E7E09C-0248-4062-9B26-3E9EFBC78324}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{F4F9FAB1-F6D7-4705-8DBD-2B8F98DB2A66}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{F55526B8-A7B8-4E3B-915D-BB7D5E307B06}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{F647A0FF-255C-4AB9-904D-BF49E5BD73F2}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{F780FE7A-6814-4A8C-AAC9-FF19EAE4B39A}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{F781C115-6218-4204-A11C-6C8F59034F6B}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{F79D8297-D6EA-43A8-87FF-8436703D20ED}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{F80FA966-4F11-4AA7-B5FC-DE6A2EA25E5B}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{FABF0C89-843E-4533-92E9-556D2D8C157E}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{FAC59A27-9990-4260-AAB0-2200F1809EF1}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{FAE403F0-CC85-46E6-89B7-69E28A69DF25}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{FB5F1715-3790-4B6E-A6E9-E7801715F366}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{FBCD4FCA-8737-4B6B-93CF-597DDDA31685}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{FC946ED5-032C-421D-8D7B-A405C322B6F3}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{FCCD7BDB-5877-4823-B87D-7CFB3994E61C}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{FCD600F2-1870-4B1F-AE78-87A12E72F473}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{FDFF3067-5179-4412-9A22-BD4B4CD51CD4}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{FED44F0B-F253-46CB-A540-AB4A233E287D}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{FF8BB3A2-6961-48C8-8813-89488FC2A60C}
Successfully deleted: [Empty Folder] C:\Users\Wenda\appdata\local\{FFF4D49C-B061-43DB-BC18-5ED3BD27BFE0}

~~~ FireFox

Emptied folder: C:\Users\Wenda\AppData\Roaming\mozilla\firefox\profiles\vqrjd4jv.default\minidumps [42 files]

~~~ Chrome

Successfully deleted: [Folder] C:\Users\Wenda\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 28.10.2013 at 12:23:18,81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.010 - Report created 28/10/2013 at 12:28:31
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Wenda - WENDA-RODINA
# Running from : C:\Users\Wenda\Downloads\adwcleaner (1).exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Wenda\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\Vepřík mladší\AppData\Local\Temp\boost_interprocess

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

-\\ Mozilla Firefox v24.0 (cs)

[ File : C:\Users\Wenda\AppData\Roaming\Mozilla\Firefox\Profiles\vqrjd4jv.default\prefs.js ]

[ File : C:\Users\Vepřík mladší\AppData\Roaming\Mozilla\Firefox\Profiles\37t86i4e.default\prefs.js ]

-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\Wenda\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2180 octets] - [28/10/2013 12:25:56]
AdwCleaner[S0].txt - [2123 octets] - [28/10/2013 12:28:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2183 octets] ##########

#4 Příspěvek od **vyosek** » 28 říj 2013 12:45

Poprosim o log z FRSTLauncheru http://forum.viry.cz/viewtopic.php?f=13&t=133100

Vendulkaaa · #5 Příspěvek od **Vendulkaaa** » 28 říj 2013 13:35

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-10-2013
Ran by Wenda (administrator) on WENDA-RODINA on 28-10-2013 13:13:48
Running from C:\Users\Wenda\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Lavasoft Limited ) C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Microsoft Corporation) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIEGE.EXE
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.EXE
(Nokia) C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\SeaPort.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Wenda\Desktop\FRSTLauncher.exe
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\setup\instup.exe
(forum.viry.cz) C:\Users\Wenda\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [828960 2009-08-06] (Acer Incorporated)
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe [503864 2009-07-20] (Conexant Systems, Inc.)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2009-07-03] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-14] (Synaptics Incorporated)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe, [x]
HKCU\...\Run: [EPSON Stylus SX400 Series] - C:\Users\Wenda\AppData\Local\Temp\E_SA143.tmp [122 2012-01-09] ()
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-22] (Google Inc.)
HKCU\...\Run: [RoboForm] - C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe [99320 2012-06-01] (Siber Systems)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.EXE [825864 2009-08-18] (Dritek System Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-03-21] ()
HKLM-x32\...\Run: [NokiaMServer] - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3568312 2013-10-28] (AVAST Software)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()
HKU\Vepřík mladší\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-22] (Google Inc.)
HKU\Vepřík mladší\...\Run: [EPSON Stylus SX400 Series] - C:\Users\Vepřík mladší\AppData\Local\Temp\E_SDA38.tmp [122 2010-02-22] ()
HKU\Vepřík mladší\...\Run: [NVIDIA driver monitor] - C:\Users\Public\nvsvc32.exe
HKU\Vepřík mladší\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4283256 2011-05-13] (Microsoft Corporation)
Startup: C:\Users\Vepřík mladší\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Wenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * lsdelete

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = About:Blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5i48i2v77r
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: avast! EasyPass Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: avast! EasyPass Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (AVAST Software)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 176.102.128.2 176.102.128.3

FireFox:
========
FF ProfilePath: C:\Users\Wenda\AppData\Roaming\Mozilla\Firefox\Profiles\vqrjd4jv.default
FF Homepage: hxxp://www.seznam.cz/
FF NetworkProxy: "ftp", "127.0.0.1"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: FennecFox - C:\Users\Wenda\AppData\Roaming\Mozilla\Firefox\Profiles\vqrjd4jv.default\Extensions\{989e9382-d540-4189-88d1-fc54a949a387}
FF Extension: personas - C:\Users\Wenda\AppData\Roaming\Mozilla\Firefox\Profiles\vqrjd4jv.default\Extensions\personas@christopher.beard.xpi
FF Extension: No Name - C:\Users\Wenda\AppData\Roaming\Mozilla\Firefox\Profiles\vqrjd4jv.default\Extensions\{d62e0de0-401b-11dd-ae16-0800200c9a66}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: avast! EasyPass Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (YouTube) - C:\Users\Wenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Wenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Gmail) - C:\Users\Wenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2013-10-28] (AVAST Software)
R2 Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [1737728 2012-09-22] (Lavasoft Limited )
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-10-28] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-03-06] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-10-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-10-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-10-28] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-10-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-10-28] ()
S3 int15.sys; C:\Windows\System32\OEM\Factory\int15.sys [17952 2008-03-28] (Acer, Inc.)
R3 Lavasoft Kernexplorer; C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-02-04] ()
R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69152 2010-09-23] (Lavasoft AB)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-09-04] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-09-04] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-09-04] (LG Electronics Inc.)
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-10-28 13:10 - 2013-10-28 13:10 - 00000000 ____D C:\FRST
2013-10-28 13:05 - 2013-10-28 13:05 - 00112128 _____ (forum.viry.cz) C:\Users\Wenda\Desktop\FRSTLauncher.exe
2013-10-28 13:04 - 2013-10-28 13:04 - 01956538 _____ (Farbar) C:\Users\Wenda\Desktop\FRST64.exe
2013-10-28 12:32 - 2013-10-28 12:32 - 00003620 _____ C:\Windows\System32\Tasks\Ad-Aware Update (Weekly)
2013-10-28 12:25 - 2013-10-28 12:28 - 00000000 ____D C:\AdwCleaner
2013-10-28 12:24 - 2013-10-28 12:24 - 01060070 _____ C:\Users\Wenda\Downloads\adwcleaner (1).exe
2013-10-28 12:23 - 2013-10-28 12:23 - 00043042 _____ C:\Users\Wenda\Desktop\JRT.txt
2013-10-28 12:14 - 2013-10-28 12:14 - 01060070 _____ C:\Users\Wenda\Downloads\adwcleaner.exe
2013-10-28 12:12 - 2013-10-28 12:12 - 01033335 _____ (Thisisu) C:\Users\Wenda\Downloads\JRT.exe
2013-10-28 12:12 - 2013-10-28 12:12 - 00000000 ____D C:\Windows\ERUNT
2013-10-28 12:09 - 2013-10-28 12:09 - 00000000 ____D C:\Users\Wenda\AppData\Roaming\AVAST Software
2013-10-28 12:01 - 2013-10-28 12:01 - 00001981 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-28 11:59 - 2013-10-28 11:59 - 00000000 ____D C:\ProgramData\Oracle
2013-10-28 11:59 - 2013-10-28 11:59 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-28 11:58 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-28 11:58 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-28 11:58 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-28 11:58 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-28 11:56 - 2013-10-28 11:58 - 00004746 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-28 01:08 - 2013-10-28 01:08 - 00000000 ____D C:\rsit
2013-10-28 01:08 - 2013-10-28 01:08 - 00000000 ____D C:\Program Files\trend micro
2013-10-27 23:29 - 2013-10-27 23:29 - 00935175 _____ C:\Users\Wenda\Downloads\RSITx64.exe
2013-10-27 23:22 - 2013-10-27 23:22 - 01805736 _____ (Symantec Corporation) C:\Users\Wenda\Downloads\FixZeroAccess.exe
2013-10-27 23:11 - 2013-10-27 23:11 - 00001117 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-27 22:55 - 2013-10-27 22:55 - 00595816 _____ C:\Users\Wenda\Downloads\msert(2).exe.part
2013-10-27 22:53 - 2013-10-27 22:55 - 91406096 _____ (Microsoft Corporation) C:\Users\Wenda\Downloads\msert.exe
2013-10-27 22:53 - 2013-10-27 22:55 - 66477212 _____ C:\Users\Wenda\Downloads\msert(1).exe.part
2013-10-27 22:51 - 2013-10-27 22:52 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Wenda\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-23 17:08 - 2013-10-23 17:08 - 00048917 _____ C:\Users\Wenda\Desktop\Filosofické texty - LN 1.odt
2013-10-22 18:09 - 2013-10-22 18:37 - 03734608 _____ C:\Users\Wenda\Desktop\Lymfocyty.pptx
2013-10-22 17:32 - 2013-10-22 17:32 - 00010549 _____ C:\Users\Wenda\Desktop\povídání o lymfocytech.odt
2013-10-13 20:43 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-13 20:43 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-13 20:43 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-13 20:43 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-13 20:43 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-13 20:43 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-13 20:43 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-13 20:43 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-13 20:43 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-13 20:43 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-13 20:43 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-13 20:43 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-13 20:43 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-13 20:43 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-13 20:43 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-13 20:43 - 2013-09-22 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-13 20:43 - 2013-09-22 23:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-13 20:43 - 2013-09-22 23:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-13 20:43 - 2013-09-22 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-13 20:43 - 2013-09-21 04:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-13 20:43 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-13 20:43 - 2013-09-21 03:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-13 20:43 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-13 20:42 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-13 20:42 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-13 20:42 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-13 20:42 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-13 20:42 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-13 20:42 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-13 20:42 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-13 20:42 - 2013-09-22 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-11 14:11 - 2013-09-14 02:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-11 14:11 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-11 14:11 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-11 14:11 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-11 14:11 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-11 14:11 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-11 14:11 - 2013-08-29 02:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2013-10-11 14:11 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-11 14:11 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-11 14:11 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-11 14:11 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-11 14:11 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-11 14:11 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-11 14:11 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-11 14:11 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-11 14:11 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-11 14:11 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-11 14:11 - 2013-07-03 05:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-11 14:11 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-11 14:11 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-11 14:11 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-11 14:11 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-11 14:11 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-11 14:11 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-11 14:11 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-11 14:11 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-11 14:11 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-11 14:11 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-11 14:11 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-11 14:11 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-11 14:11 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-11 14:10 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-11 14:10 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-11 14:10 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-11 14:10 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-11 14:10 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-11 14:10 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-11 14:10 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-11 14:10 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-11 14:10 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-11 14:10 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-11 14:10 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-11 14:10 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-11 14:10 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-11 14:10 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-11 14:10 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-11 14:10 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 14:10 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-07 20:41 - 2013-10-07 20:41 - 00024919 _____ C:\Users\Wenda\Desktop\jungová.odt
2013-10-07 19:34 - 2013-10-07 19:59 - 450375680 ____R C:\Users\Wenda\Desktop\Hitlerova-rodina---Ve-stínu-diktátora.avi
2013-10-04 15:43 - 2013-10-04 15:43 - 00073045 _____ C:\Users\Wenda\Desktop\moskva.jpeg
2013-10-03 18:19 - 2013-10-03 20:15 - 00026850 _____ C:\Users\Wenda\Desktop\svatá aliance.odt
2013-10-02 13:44 - 2013-10-02 13:44 - 00008783 _____ C:\Users\Wenda\Desktop\zdroje rusko.odt

==================== One Month Modified Files and Folders =======

2013-10-28 13:10 - 2013-10-28 13:10 - 00000000 ____D C:\FRST
2013-10-28 13:07 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-28 13:07 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-28 13:05 - 2013-10-28 13:05 - 00112128 _____ (forum.viry.cz) C:\Users\Wenda\Desktop\FRSTLauncher.exe
2013-10-28 13:04 - 2013-10-28 13:04 - 01956538 _____ (Farbar) C:\Users\Wenda\Desktop\FRST64.exe
2013-10-28 13:00 - 2013-03-29 18:10 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-28 13:00 - 2009-07-14 05:51 - 00366352 _____ C:\Windows\setupact.log
2013-10-28 13:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2013-10-28 12:38 - 2010-05-12 23:37 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-28 12:38 - 2009-07-14 06:13 - 01601472 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-28 12:38 - 2009-07-03 07:48 - 00678234 _____ C:\Windows\system32\perfh005.dat
2013-10-28 12:38 - 2009-07-03 07:48 - 00139670 _____ C:\Windows\system32\perfc005.dat
2013-10-28 12:37 - 2009-07-03 06:58 - 01241101 _____ C:\Windows\WindowsUpdate.log
2013-10-28 12:33 - 2012-12-15 19:18 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-28 12:33 - 2010-02-16 23:21 - 00000000 ____D C:\Users\Wenda\AppData\Roaming\Skype
2013-10-28 12:32 - 2013-10-28 12:32 - 00003620 _____ C:\Windows\System32\Tasks\Ad-Aware Update (Weekly)
2013-10-28 12:31 - 2010-05-12 23:37 - 00000946 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-28 12:31 - 2010-02-18 20:35 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-10-28 12:30 - 2010-05-20 11:30 - 00266252 _____ C:\aaw7boot.log
2013-10-28 12:30 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-28 12:28 - 2013-10-28 12:25 - 00000000 ____D C:\AdwCleaner
2013-10-28 12:24 - 2013-10-28 12:24 - 01060070 _____ C:\Users\Wenda\Downloads\adwcleaner (1).exe
2013-10-28 12:23 - 2013-10-28 12:23 - 00043042 _____ C:\Users\Wenda\Desktop\JRT.txt
2013-10-28 12:14 - 2013-10-28 12:14 - 01060070 _____ C:\Users\Wenda\Downloads\adwcleaner.exe
2013-10-28 12:12 - 2013-10-28 12:12 - 01033335 _____ (Thisisu) C:\Users\Wenda\Downloads\JRT.exe
2013-10-28 12:12 - 2013-10-28 12:12 - 00000000 ____D C:\Windows\ERUNT
2013-10-28 12:09 - 2013-10-28 12:09 - 00000000 ____D C:\Users\Wenda\AppData\Roaming\AVAST Software
2013-10-28 12:07 - 2010-02-19 21:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-28 12:06 - 2009-08-22 04:34 - 00835764 _____ C:\Windows\PFRO.log
2013-10-28 12:01 - 2013-10-28 12:01 - 00001981 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-28 12:01 - 2013-04-26 07:11 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-10-28 12:01 - 2013-04-26 07:11 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-10-28 12:01 - 2012-03-23 17:11 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-10-28 12:01 - 2011-03-28 16:47 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-10-28 12:01 - 2011-01-15 20:54 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-10-28 12:01 - 2010-06-29 12:03 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-10-28 12:01 - 2010-04-18 13:54 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-10-28 12:01 - 2010-04-18 13:54 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-10-28 12:01 - 2010-04-18 13:54 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-10-28 12:01 - 2010-04-18 13:54 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-10-28 11:59 - 2013-10-28 11:59 - 00000000 ____D C:\ProgramData\Oracle
2013-10-28 11:59 - 2013-10-28 11:59 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-28 11:58 - 2013-10-28 11:56 - 00004746 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-28 11:58 - 2013-08-29 14:07 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-28 11:58 - 2010-04-18 13:54 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-28 01:08 - 2013-10-28 01:08 - 00000000 ____D C:\rsit
2013-10-28 01:08 - 2013-10-28 01:08 - 00000000 ____D C:\Program Files\trend micro
2013-10-28 00:49 - 2010-09-02 14:12 - 00000498 ____H C:\Windows\Tasks\Norton Security Scan for Wenda.job
2013-10-27 23:29 - 2013-10-27 23:29 - 00935175 _____ C:\Users\Wenda\Downloads\RSITx64.exe
2013-10-27 23:22 - 2013-10-27 23:22 - 01805736 _____ (Symantec Corporation) C:\Users\Wenda\Downloads\FixZeroAccess.exe
2013-10-27 23:11 - 2013-10-27 23:11 - 00001117 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-27 23:11 - 2013-01-15 19:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-27 22:55 - 2013-10-27 22:55 - 00595816 _____ C:\Users\Wenda\Downloads\msert(2).exe.part
2013-10-27 22:55 - 2013-10-27 22:53 - 91406096 _____ (Microsoft Corporation) C:\Users\Wenda\Downloads\msert.exe
2013-10-27 22:55 - 2013-10-27 22:53 - 66477212 _____ C:\Users\Wenda\Downloads\msert(1).exe.part
2013-10-27 22:52 - 2013-10-27 22:51 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Wenda\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-27 21:12 - 2011-04-27 10:28 - 00000064 _____ C:\Windows\SysWOW64\rp_stats.dat
2013-10-27 21:12 - 2011-04-27 10:28 - 00000044 _____ C:\Windows\SysWOW64\rp_rules.dat
2013-10-27 20:48 - 2010-12-26 01:15 - 00003986 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B7305FAA-192A-405E-8FF8-2E96CF3982D5}
2013-10-23 17:08 - 2013-10-23 17:08 - 00048917 _____ C:\Users\Wenda\Desktop\Filosofické texty - LN 1.odt
2013-10-22 18:37 - 2013-10-22 18:09 - 03734608 _____ C:\Users\Wenda\Desktop\Lymfocyty.pptx
2013-10-22 17:32 - 2013-10-22 17:32 - 00010549 _____ C:\Users\Wenda\Desktop\povídání o lymfocytech.odt
2013-10-15 18:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-10-13 21:06 - 2009-07-14 05:45 - 00444232 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-13 21:05 - 2013-03-15 20:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-13 21:05 - 2013-03-15 20:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-13 20:46 - 2009-08-22 04:10 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-13 20:29 - 2013-07-31 17:35 - 00000000 ____D C:\Windows\system32\MRT
2013-10-13 20:17 - 2010-03-02 15:28 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 21:45 - 2013-03-29 18:10 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 21:45 - 2013-03-29 18:10 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-09 21:45 - 2011-05-13 11:08 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 20:26 - 2012-04-26 15:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-09 17:33 - 2013-08-18 22:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-09 17:33 - 2010-05-12 23:37 - 00003946 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-09 17:33 - 2010-05-12 23:37 - 00003694 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-09 17:33 - 2010-02-16 17:51 - 00000000 ____D C:\Users\Wenda\AppData\Local\Mozilla
2013-10-08 17:04 - 2013-09-03 16:59 - 00000000 ____D C:\Users\Wenda\Desktop\Hotové 3. ročník
2013-10-08 07:50 - 2013-10-28 11:58 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 07:46 - 2013-10-28 11:58 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 07:46 - 2013-10-28 11:58 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 07:46 - 2013-10-28 11:58 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-07 20:41 - 2013-10-07 20:41 - 00024919 _____ C:\Users\Wenda\Desktop\jungová.odt
2013-10-07 19:59 - 2013-10-07 19:34 - 450375680 ____R C:\Users\Wenda\Desktop\Hitlerova-rodina---Ve-stínu-diktátora.avi
2013-10-04 15:43 - 2013-10-04 15:43 - 00073045 _____ C:\Users\Wenda\Desktop\moskva.jpeg
2013-10-03 20:15 - 2013-10-03 18:19 - 00026850 _____ C:\Users\Wenda\Desktop\svatá aliance.odt
2013-10-02 13:44 - 2013-10-02 13:44 - 00008783 _____ C:\Users\Wenda\Desktop\zdroje rusko.odt

Some content of TEMP:
====================
C:\Users\Vepřík mladší\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Wenda\AppData\Local\Temp\CVS_11_setup_1.0.0.95.exe
C:\Users\Wenda\AppData\Local\Temp\CVS_11_setup_1.0.0.97.exe
C:\Users\Wenda\AppData\Local\Temp\CVS_11_setup_1.1.0.2.exe
C:\Users\Wenda\AppData\Local\Temp\CVS_11_setup_1.1.0.3.exe
C:\Users\Wenda\AppData\Local\Temp\DivXSetup.exe
C:\Users\Wenda\AppData\Local\Temp\EpsonInkjetDriverDownloader.EXE
C:\Users\Wenda\AppData\Local\Temp\htmlayout.dll
C:\Users\Wenda\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe
C:\Users\Wenda\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe
C:\Users\Wenda\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe
C:\Users\Wenda\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Users\Wenda\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\Wenda\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\Wenda\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Wenda\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Wenda\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Wenda\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Wenda\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Wenda\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Wenda\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Wenda\AppData\Local\Temp\NEventMessages.dll
C:\Users\Wenda\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Wenda\AppData\Local\Temp\ose00000.exe
C:\Users\Wenda\AppData\Local\Temp\Quarantine.exe
C:\Users\Wenda\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Wenda\AppData\Local\Temp\_is8EE6.exe
C:\Users\Wenda\AppData\Local\Temp\_isC9C4.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-10-28 01:45

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Acer) (Fixed) (Total:453.66 GB) (Free:279.63 GB) NTFS

Available physical RAM: 1983.71 MB
Total physical RAM: 4060.93 MB
Percentage of memory in use: 51%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 2366F461)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=454 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for Wenda.job => C:\Program Files (x86)\Norton Security Scan\Engine\2.7.3.34\Nss.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:0B9176C0
AlternateDataStreams: C:\ProgramData\TEMP:1D32EC29
AlternateDataStreams: C:\ProgramData\TEMP:4CF61E54
AlternateDataStreams: C:\ProgramData\TEMP:4D066AD2
AlternateDataStreams: C:\ProgramData\TEMP:5D7E5A8F
AlternateDataStreams: C:\ProgramData\TEMP:93DE1838
AlternateDataStreams: C:\ProgramData\TEMP:AB689DEA
AlternateDataStreams: C:\ProgramData\TEMP:ABE89FFE
AlternateDataStreams: C:\ProgramData\TEMP:E1F04E8D
AlternateDataStreams: C:\ProgramData\TEMP:E3C56885

==================== Security Center ==================

AV: Lavasoft Ad-Watch Live! Anti-Virus (Disabled - Up to date) {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Lavasoft Ad-Watch Live! (Disabled - Up to date) {24938260-56EE-C1E5-047B-DC2BDD234BAB}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Wenda\Desktop" je 18871 MB.
Velikost slozky "C:\Users\Wenda\Desktop" je 18871 MB.

***** Startup Programs *****
***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#6 Příspěvek od **vyosek** » 28 říj 2013 14:22

Odinstalujte Ad-Aware, je v konfliktu s Avastem

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-22] (Google Inc.)
HKCU\...\Run: [RoboForm] - C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe [99320 2012-06-01] (Siber Systems)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-03-21] ()
HKLM-x32\...\Run: [NokiaMServer] - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()
HKU\Vepřík mladší\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-22] (Google Inc.)
HKU\Vepřík mladší\...\Run: [NVIDIA driver monitor] - C:\Users\Public\nvsvc32.exe
HKU\Vepřík mladší\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4283256 2011-05-13] (Microsoft Corporation)
Startup: C:\Users\Vepřík mladší\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
Startup: C:\Users\Wenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = About:Blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5i48i2v77r
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File

FF NetworkProxy: "ftp", "127.0.0.1"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for Wenda.job => C:\Program Files (x86)\Norton Security Scan\Engine\2.7.3.34\Nss.exe

AlternateDataStreams: C:\ProgramData\TEMP:0B9176C0
AlternateDataStreams: C:\ProgramData\TEMP:1D32EC29
AlternateDataStreams: C:\ProgramData\TEMP:4CF61E54
AlternateDataStreams: C:\ProgramData\TEMP:4D066AD2
AlternateDataStreams: C:\ProgramData\TEMP:5D7E5A8F
AlternateDataStreams: C:\ProgramData\TEMP:93DE1838
AlternateDataStreams: C:\ProgramData\TEMP:AB689DEA
AlternateDataStreams: C:\ProgramData\TEMP:ABE89FFE
AlternateDataStreams: C:\ProgramData\TEMP:E1F04E8D
AlternateDataStreams: C:\ProgramData\TEMP:E3C56885

C:\Users\Public\nvsvc32.exe

Hosts:

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Vendulkaaa · #7 Příspěvek od **Vendulkaaa** » 28 říj 2013 14:52

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-10-2013
Ran by Wenda at 2013-10-28 14:51:20 Run:1
Running from C:\Users\Wenda\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-22] (Google Inc.)
HKCU\...\Run: [RoboForm] - C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe [99320 2012-06-01] (Siber Systems)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-03-21] ()
HKLM-x32\...\Run: [NokiaMServer] - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()
HKU\Vepřík mladší\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-22] (Google Inc.)
HKU\Vepřík mladší\...\Run: [NVIDIA driver monitor] - C:\Users\Public\nvsvc32.exe
HKU\Vepřík mladší\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4283256 2011-05-13] (Microsoft Corporation)
Startup: C:\Users\Vepřík mladší\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
Startup: C:\Users\Wenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = About:Blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5i48i2v77r
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File

FF NetworkProxy: "ftp", "127.0.0.1"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for Wenda.job => C:\Program Files (x86)\Norton Security Scan\Engine\2.7.3.34\Nss.exe

AlternateDataStreams: C:\ProgramData\TEMP:0B9176C0
AlternateDataStreams: C:\ProgramData\TEMP:1D32EC29
AlternateDataStreams: C:\ProgramData\TEMP:4CF61E54
AlternateDataStreams: C:\ProgramData\TEMP:4D066AD2
AlternateDataStreams: C:\ProgramData\TEMP:5D7E5A8F
AlternateDataStreams: C:\ProgramData\TEMP:93DE1838
AlternateDataStreams: C:\ProgramData\TEMP:AB689DEA
AlternateDataStreams: C:\ProgramData\TEMP:ABE89FFE
AlternateDataStreams: C:\ProgramData\TEMP:E1F04E8D
AlternateDataStreams: C:\ProgramData\TEMP:E3C56885

C:\Users\Public\nvsvc32.exe

Hosts:

End
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\RoboForm => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\NortonOnlineBackupReminder => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\NokiaMServer => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKU\Default\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ScrSav => Value deleted successfully.
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ScrSav => Value not found.
HKU\Vepřík mladší\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Value deleted successfully.
HKU\Vepřík mladší\Software\Microsoft\Windows\CurrentVersion\Run\\NVIDIA driver monitor => Value deleted successfully.
HKU\Vepřík mladší\Software\Microsoft\Windows\CurrentVersion\Run\\msnmsgr => Value deleted successfully.
C:\Users\Vepřík mladší\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk => Moved successfully.
C:\Users\Wenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKCR\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key not found.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File => Key not found.
"FF Plugin: @microsoft.com/GENUINE - disabled No File" => not found.
HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @microsoft.com/GENUINE - disabled No File => Key not found.
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\Norton Security Scan for Wenda.job => Moved successfully.
C:\ProgramData\TEMP => ":0B9176C0" ADS removed successfully.
C:\ProgramData\TEMP => ":1D32EC29" ADS removed successfully.
C:\ProgramData\TEMP => ":4CF61E54" ADS removed successfully.
C:\ProgramData\TEMP => ":4D066AD2" ADS removed successfully.
C:\ProgramData\TEMP => ":5D7E5A8F" ADS removed successfully.
C:\ProgramData\TEMP => ":93DE1838" ADS removed successfully.
C:\ProgramData\TEMP => ":AB689DEA" ADS removed successfully.
C:\ProgramData\TEMP => ":ABE89FFE" ADS removed successfully.
C:\ProgramData\TEMP => ":E1F04E8D" ADS removed successfully.
C:\ProgramData\TEMP => ":E3C56885" ADS removed successfully.
"C:\Users\Public\nvsvc32.exe" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

#8 Příspěvek od **vyosek** » 28 říj 2013 19:00

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Vendulkaaa · #9 Příspěvek od **Vendulkaaa** » 28 říj 2013 20:37

Moc děkuju, na podporu fora už putuje skromná (studentská) částka

#10 Příspěvek od **vyosek** » 28 říj 2013 20:58

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

Za podporu fora jmenem celeho tymu dekuji

Na rozloucenou vam zahraje nase kapela :guitar:

A na zaklade Pravidla o zamykani temat

VIRY.CZ

TrojanDownloader:Win32/Adload.DA

TrojanDownloader:Win32/Adload.DA

Re: TrojanDownloader:Win32/Adload.DA

Re: TrojanDownloader:Win32/Adload.DA

Re: TrojanDownloader:Win32/Adload.DA

Re: TrojanDownloader:Win32/Adload.DA

Re: TrojanDownloader:Win32/Adload.DA

Re: TrojanDownloader:Win32/Adload.DA

Re: TrojanDownloader:Win32/Adload.DA

Re: TrojanDownloader:Win32/Adload.DA

Re: TrojanDownloader:Win32/Adload.DA