VIRY.CZ

Zdravím.
Objevil se u mě vir "Policie zablokovala váš počítač". Po obnovení systému se neprojevuje , ale prosím o jeho případné odstranění.
Předem děkuji.

Log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by dracenko at 2013-11-04 17:27:28
Microsoft Windows 7 Professional
System drive C: has 63 GB (22%) free of 288 GB
Total RAM: 3957 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:27:56, on 4.11.2013
Platform: Windows 7 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\dracenko.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.99:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: (no name) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - (no file)
R3 - URLSearchHook: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O2 - BHO: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Lišta Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - (no file)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files (x86)\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKCU\..\Run: [Sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = frefre.local
O17 - HKLM\System\CCS\Services\Tcpip\..\{0A7CF649-7008-4B66-81A0-0F26ECE8A424}: NameServer = 192.168.1.97,192.168.1.94
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = frefre.local
O17 - HKLM\System\CS1\Services\Tcpip\..\{0A7CF649-7008-4B66-81A0-0F26ECE8A424}: NameServer = 192.168.1.97,192.168.1.94
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = frefre.local
O17 - HKLM\System\CS2\Services\Tcpip\..\{0A7CF649-7008-4B66-81A0-0F26ECE8A424}: NameServer = 192.168.1.97,192.168.1.94
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Remote Support Service (AvgAgent) (avgagent) - Unknown owner - avgagent.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: DraftSight API Service - Dassault Systemes - C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP SkyRoom (Hp.Skyroom.Windows.Service) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - c:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Remote Graphics Sender Service (rgsender) - Hewlett-Packard, Inc. - c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsendersvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater17.0.12 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 17691 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG10\avgchsva.exe /boot
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe
winlogon.exe
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe" C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
C:\windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe" -startService
"c:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\System32\svchost.exe -k HPZ12
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe"
"C:\Program Files (x86)\AVG\AVG10\avgam.exe"
"C:\Program Files (x86)\AVG\AVG10\avgnsa.exe"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"
\??\C:\windows\system32\conhost.exe
C:\Program Files (x86)\AVG\AVG10\avgcsrvx.exe /pipeName=8cb3ba75-3fd1-4f28-8036-aa22ff00af15 /coreSdkOptions=0 /binaryPath="C:\Program Files (x86)\AVG\AVG10\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg10"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
"C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe" /Start
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe"
"C:\Program Files (x86)\AVG\AVG10\avgtray.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe"
"C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
"C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe /pipeName=ee8b9117-79fd-464e-ba6a-f5451a0d330d /coreSdkOptions=18 /logConfFile="C:\ProgramData\AVG10\temp\250ade69-aadc-4d25-af76-a579b0136c6c-b0c-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG10\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg10" /tempPath="C:\ProgramData\AVG10\temp\"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup
"C:\windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe /pipeName=cf02d35f-54fa-4551-9419-0e2923f3f663 /coreSdkOptions=30 /logConfFile="C:\ProgramData\AVG10\temp\40074a15-fbda-4b7f-8963-e3693c188665-1b2c-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG10\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg10" /tempPath="C:\ProgramData\AVG10\temp\"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:6984 CREDAT:79873
"C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe" /medium
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:6984 CREDAT:79874
C:\windows\system32\prevhost.exe {914FEED8-267A-4BAA-B8AA-21E233792679} -Embedding
C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE -Embedding
"C:\windows\system32\mstsc.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:6984 CREDAT:79876
C:\windows\system32\sppsvc.exe
"C:\Down\RSITx64.exe"
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe20_ Global\UsGthrCtrlFltPipeMssGthrPipe20 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\ROC_JAN2013_TB_rmv.job

=========Mozilla firefox=========

ProfilePath - C:\Users\dracenko.frefre2\AppData\Roaming\Mozilla\Firefox\Profiles\nhh6om0x.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://eu.ask.com/?l=dis&o=14597"
prefs.js - "extensions.enabledItems" - "Cetrumcz@igeared:1.203.023.002, toolbar@ask.com:3.15.4.23821, {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:2.5.6.0, pdfforge@mybrowserbar.com:4.3, wtxpcom@mybrowserbar.com:4.4, dealio@mybrowserbar.com:4.4, {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1423, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.5.0.8013, {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30, avg@toolbar:15.3.0.11, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"
prefs.js - "keyword.URL" - "http://isearch.avg.com/search?cid={DEF4 ... 2011-12-11 19:26:57&pid=avg&sg=0&v=17.0.0.9&sap=ku&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files (x86)\Mozilla Firefox\plugins\
npdeployJava1.dll
npnul32.dll
NPOFF12.DLL
nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
avg-secure-search.xml
Cetrumcz_igeared.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\dracenko.frefre2\AppData\Roaming\Mozilla\Firefox\Profiles\nhh6om0x.default\extensions\
toolbar@ask.com
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}

C:\Users\dracenko.frefre2\AppData\Roaming\Mozilla\Firefox\Profiles\nhh6om0x.default\searchplugins\
askcom.xml
avg-secure-search.xml
conduit.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll [2011-09-09 3561824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-10-09 256080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll [2013-10-09 346576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2005-12-07 399424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
CentrumczToolbar BHO - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll [2010-03-26 1286448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\avgssie.dll [2011-09-09 2276704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-01-09 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll [2013-10-02 3353624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-09 194640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-07-11 3821568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll [2013-10-09 1001936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-07-07 1152776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-06-06 1519304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-01-09 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-10-09 256080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{D5D47440-0750-463D-BAEF-A47D02414806} - Lišta Centrum.cz Toolbar - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll [2010-03-26 1286448]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2005-12-07 399424]
{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-07-07 1152776]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll [2013-10-02 3353624]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-06-06 1519304]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-09 194640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-08-25 186904]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2009-11-19 1690680]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-02-26 2074408]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [2009-11-19 363064]
"nwiz"=nwiz.exe /installquiet []
"NvCplDaemon"=C:\windows\system32\NvCpl.dll [2010-02-27 16406632]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-01-29 487424]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sony Ericsson PC Companion"=C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2011-10-21 433872]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-11-11 287800]
"NUSB3MON"=c:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2009-11-21 106496]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2009-11-04 111640]
"NeroFilterCheck"=C:\Program Files (x86)\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
""= []
"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG10\avgtray.exe [2012-08-01 2345592]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2010-11-15 35736]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2013-10-02 2404376]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2012-06-06 1564872]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
wlnotify.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=3

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-11-04 17:27:28 ----D---- C:\rsit
2013-11-04 17:27:28 ----D---- C:\Program Files\trend micro
2013-11-04 17:25:34 ----D---- C:\Down
2013-11-04 16:46:13 ----D---- C:\Program Files\CCleaner
2013-11-04 15:08:09 ----D---- C:\E98C8D5A3F7DF8F66841
2013-11-03 23:25:21 ----D---- C:\ProgramData\Zemana AntiMalware
2013-11-03 23:16:11 ----D---- C:\windows\72AAF4551E54475BB0AB5413C78D0E63.TMP

======List of files/folders modified in the last 1 month======

2013-11-04 17:27:53 ----D---- C:\windows\Temp
2013-11-04 17:27:28 ----RD---- C:\Program Files
2013-11-04 16:54:24 ----D---- C:\Users\dracenko.frefre2\AppData\Roaming\Skype
2013-11-04 16:54:24 ----D---- C:\Users\dracenko.frefre2\AppData\Roaming\inkscape
2013-11-04 16:54:24 ----D---- C:\Program Files (x86)\PDFCreator
2013-11-04 16:46:14 ----D---- C:\windows\system32\Tasks
2013-11-04 16:41:01 ----D---- C:\windows\system32\drivers\AVG
2013-11-04 16:39:36 ----D---- C:\windows\system32\config
2013-11-04 16:37:56 ----D---- C:\windows\Tasks
2013-11-04 16:34:11 ----D---- C:\windows\System32
2013-11-04 16:34:11 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-11-04 16:34:10 ----D---- C:\windows\inf
2013-11-04 16:29:23 ----D---- C:\windows\SysWOW64
2013-11-04 16:29:00 ----A---- C:\windows\SYSWOW64\log.txt
2013-11-04 15:57:31 ----D---- C:\windows\SYSWOW64\wbem
2013-11-04 15:57:31 ----D---- C:\windows\system32\DriverStore
2013-11-04 15:57:31 ----D---- C:\windows\system32\catroot2
2013-11-04 15:57:17 ----D---- C:\windows\system32\drivers
2013-11-04 15:57:17 ----D---- C:\windows\system32\CodeIntegrity
2013-11-04 15:57:17 ----D---- C:\windows\security
2013-11-04 15:57:15 ----SHD---- C:\windows\Installer
2013-11-04 15:57:06 ----D---- C:\windows\AppCompat
2013-11-04 15:57:02 ----D---- C:\Users\dracenko.frefre2\AppData\Roaming\PhotoScape
2013-11-04 15:57:00 ----D---- C:\Users\dracenko.frefre2\AppData\Roaming\EurekaLab s.a.s
2013-11-04 15:56:56 ----HD---- C:\ProgramData
2013-11-04 15:56:56 ----D---- C:\ProgramData\Yahoo! Companion
2013-11-04 15:56:53 ----D---- C:\ProgramData\McAfee Security Scan
2013-11-04 15:56:52 ----D---- C:\ProgramData\AVG Secure Search
2013-11-04 15:56:49 ----D---- C:\Program Files (x86)\Yahoo!
2013-11-04 15:56:48 ----RD---- C:\Program Files (x86)
2013-11-04 15:56:48 ----D---- C:\Program Files (x86)\pdfforge Toolbar
2013-11-04 15:56:03 ----D---- C:\windows\registration
2013-11-04 15:53:53 ----D---- C:\Users\dracenko.frefre2\AppData\Roaming\OpenCandy
2013-11-04 15:53:46 ----D---- C:\Users\dracenko.frefre2\AppData\Roaming\DraftSight
2013-11-04 15:53:45 ----D---- C:\Users\dracenko.frefre2\AppData\Roaming\Corel
2013-11-04 15:53:20 ----D---- C:\ProgramData\Corel
2013-11-04 15:53:16 ----D---- C:\Program Files\Dassault Systemes
2013-11-04 15:53:16 ----D---- C:\Program Files\Corel
2013-11-04 15:53:16 ----D---- C:\Program Files\Common Files\Corel
2013-11-04 15:53:15 ----D---- C:\Program Files (x86)\VideoLAN
2013-11-04 15:53:14 ----D---- C:\Program Files (x86)\Microsoft SDKs
2013-11-04 15:52:58 ----D---- C:\Program Files (x86)\Festo
2013-11-04 15:52:58 ----D---- C:\Program Files (x86)\Common Files
2013-11-04 15:04:56 ----SHD---- C:\System Volume Information
2013-11-04 15:00:28 ----D---- C:\windows\Prefetch
2013-11-04 14:58:56 ----D---- C:\windows\system32\wfp
2013-11-04 14:58:56 ----D---- C:\4MCAD11CLASSIC
2013-11-04 14:58:53 ----D---- C:\windows\system32\wbem
2013-11-04 14:58:53 ----D---- C:\Windows
2013-11-01 16:56:28 ----D---- C:\windows\system32\FxsTmp
2013-10-22 07:10:02 ----SHD---- C:\Config.Msi
2013-10-16 08:08:44 ----RSD---- C:\windows\assembly
2013-10-16 08:08:44 ----D---- C:\windows\Microsoft.NET
2013-10-16 07:18:15 ----D---- C:\ProgramData\Microsoft Help
2013-10-16 07:16:54 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2013-10-16 07:11:35 ----D---- C:\windows\system32\MRT
2013-10-16 07:07:54 ----A---- C:\windows\system32\MRT.exe
2013-10-10 10:16:45 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 26704]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\windows\system32\DRIVERS\avgrkx64.sys [2011-03-16 37456]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 30008]
R0 iaStor;Intel RAID Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-08-07 408600]
R0 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 storvsc;storvsc; C:\windows\system32\DRIVERS\storvsc.sys [2010-11-20 34688]
R1 Avgldx64;AVG AVI Loader Driver; C:\windows\system32\DRIVERS\avgldx64.sys [2012-11-12 312160]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\windows\system32\DRIVERS\avgmfx64.sys [2011-03-01 41552]
R1 Avgtdia;AVG TDI Driver; C:\windows\system32\DRIVERS\avgtdia.sys [2011-04-04 377936]
R1 avgtp;avgtp; \??\C:\windows\system32\drivers\avgtpx64.sys [2013-10-02 46368]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\windows\system32\Drivers\eusk2par-amd64.sys [2006-12-13 42816]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 irda;IrDA Protocol; C:\windows\system32\DRIVERS\irda.sys [2009-07-14 120320]
R2 rimmptsk;rimmptsk; C:\windows\system32\DRIVERS\rimmpx64.sys [2009-06-26 67584]
R2 rimsptsk;rimsptsk; C:\windows\system32\DRIVERS\rimspx64.sys [2009-06-26 55296]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\windows\system32\DRIVERS\rixdpx64.sys [2009-06-26 57856]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 41272]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-08-03 1208320]
R3 AVGIDSDriver;AVGIDSDriver; C:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-05-27 118864]
R3 AVGIDSFilter;AVGIDSFilter; C:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-10 29264]
R3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2010-11-20 80384]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-09-17 98344]
R3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2009-09-17 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-09-17 35104]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-09-17 21160]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\windows\system32\DRIVERS\e1k62x64.sys [2009-11-06 293552]
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 18432]
R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
R3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit; C:\windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2009-11-21 75776]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2009-11-21 177152]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys [2010-01-28 86120]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 rismcx64;RICOH Smart Card Reader; C:\windows\system32\DRIVERS\rismcx64.sys [2009-07-20 59008]
R3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-20 109056]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2009-12-18 1798400]
R3 STHDA;IDT High Definition Audio CODEC; C:\windows\system32\DRIVERS\stwrt64.sys [2010-01-29 505856]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-02-26 316464]
R3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 rimspci;rimspci; C:\windows\system32\DRIVERS\rimspe64.sys [2009-10-26 61952]
S2 risdpcie;risdpcie; C:\windows\system32\DRIVERS\risdpe64.sys [2009-10-29 79360]
S2 rixdpcie;rixdpcie; C:\windows\system32\DRIVERS\rixdpe64.sys [2009-09-29 55808]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2010-11-20 552448]
S3 ggflt;SEMC USB Flash Driver Filter; C:\windows\system32\DRIVERS\ggflt.sys [2012-01-09 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\windows\system32\DRIVERS\ggsemc.sys [2012-01-09 27176]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\windows\system32\DRIVERS\MSIRCOMM.sys [2009-07-14 30208]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\windows\system32\DRIVERS\vms3cap.sys [2010-11-20 6656]
S3 STIrUsb;SigmaTel USB-IrDA Dongle; C:\windows\system32\DRIVERS\irstusb.sys [2008-01-19 33792]
S3 usb_rndisx;Adaptér USB RNDIS; C:\windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\windows\system32\DRIVERS\vmbus.sys [2010-11-20 199552]
S3 VMBusHID;VMBusHID; C:\windows\system32\DRIVERS\VMBusHID.sys [2010-11-20 21760]
S3 vpcuxd;Služba zástupné procedury virtualizace rozhraní USB; C:\windows\system32\DRIVERS\vpcuxd.sys [2010-11-20 16384]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe [2009-03-03 89600]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-08-03 16896]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2012-01-31 7391072]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]
R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-06-15 249648]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-09-04 873248]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 DraftSight API Service;DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2012-10-03 117760]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2009-10-15 120832]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2009-11-19 102968]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2009-11-19 102968]
R2 Hp.Skyroom.Windows.Service;HP SkyRoom; C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe [2009-11-20 124984]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; c:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2009-11-12 250936]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2009-07-08 30520]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-08-25 354840]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\windows\system32\svchost.exe [2009-07-14 27136]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-11-04 268824]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2011-09-22 43028328]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2010-02-27 392296]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2011-09-22 154984]
R2 STacSV;Audio Service; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe [2010-01-29 244736]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2009-10-22 2019120]
R2 vToolbarUpdater17.0.12;vToolbarUpdater17.0.12; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [2013-10-02 1734680]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 avgagent;AVG Remote Support Service (AvgAgent); avgagent.exe /srvfsys []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-20 135664]
S2 rgsender;Remote Graphics Sender Service; c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsendersvc.exe [2009-11-19 379904]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-11-01 77944]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-11-10 167264]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-07-07 195336]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-20 135664]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-22 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-12-22 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-03-31 47128]
S4 NetMsmqActivator;@c:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-09-22 370024]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2011-09-22 255336]

-----------------EOF-----------------

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

JRT log:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Professional x64
Ran by dracenko on po 04.11.2013 at 17:58:18,54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apnupdater
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\genericasktoolbar.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\viprotocol.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\dealio
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\search settings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\7a931b0a5d8e8e947afb2124e1562280
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealiotoolbar-stub-1_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealiotoolbar-stub-1_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86d4b82a-abed-442a-be86-96357b70f4fe}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4DED59F1-A502-4922-B114-8A80161162EE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn"
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_current_user\software\ask.com"
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\apn"
Successfully deleted: [Registry Key] "hkey_local_machine\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\appid\{9b0cb95c-933a-4b8c-b6d4-edcd19a43874}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\typelib\{2996f0e7-292b-4cae-893f-47b8b1c05b56}"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\dracenko.frefre2\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\dracenko.frefre2\AppData\Roaming\pdfforge"
Successfully deleted: [Folder] "C:\Users\dracenko.frefre2\appdata\local\apn"
Successfully deleted: [Folder] "C:\Users\dracenko.frefre2\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\dracenko.frefre2\appdata\locallow\dealio"
Successfully deleted: [Folder] "C:\Users\dracenko.frefre2\appdata\locallow\search settings"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\dealio toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\pdfforge toolbar"
Successfully deleted: [Folder] "C:\Users\dracenko.frefre2\appdata\locallow\asktoolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\ask.com"
Successfully deleted: [Folder] "C:\windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}"



~~~ FireFox

Successfully deleted: [File] C:\Users\dracenko.frefre2\AppData\Roaming\mozilla\firefox\profiles\nhh6om0x.default\searchplugins\askcom.xml
Successfully deleted: [File] C:\Users\dracenko.frefre2\AppData\Roaming\mozilla\firefox\profiles\nhh6om0x.default\searchplugins\conduit.xml
Failed to delete: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\dealio@mybrowserbar.com"
Failed to delete: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\wtxpcom@mybrowserbar.com"
Failed to delete: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\dealio@mybrowserbar.com"
Failed to delete: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\wtxpcom@mybrowserbar.com"
Successfully deleted: [Folder] C:\Users\dracenko.frefre2\AppData\Roaming\mozilla\firefox\profiles\nhh6om0x.default\extensions\toolbar@ask.com
Successfully deleted the following from C:\Users\dracenko.frefre2\AppData\Roaming\mozilla\firefox\profiles\nhh6om0x.default\prefs.js

user_pref("CT2475029.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT2475029.CTID", "ct2475029");
user_pref("CT2475029.CommunitiesChangesLastCheckTime", "Thu Mar 17 2011 13:48:40 GMT+0100");
user_pref("CT2475029.CommunityChanged", true);
user_pref("CT2475029.CurrentServerDate", "17-3-2011");
user_pref("CT2475029.DialogsAlignMode", "LTR");
user_pref("CT2475029.DownloadDomainsCheckInterval", "168");
user_pref("CT2475029.DownloadDomainsListLastCheckTime", "Thu Mar 17 2011 13:48:40 GMT+0100");
user_pref("CT2475029.DownloadDomainsListLastServerUpdateTime", "1201073583");
user_pref("CT2475029.EMailNotifierPollDate", "Thu Mar 17 2011 14:28:46 GMT+0100");
user_pref("CT2475029.FeedLastCount6244576562585401993", 29);
user_pref("CT2475029.FeedPollDate129132307482029379", "Thu Mar 17 2011 15:53:45 GMT+0100");
user_pref("CT2475029.FeedPollDate129132307482029381", "Thu Mar 17 2011 15:53:45 GMT+0100");
user_pref("CT2475029.FeedPollDate129132307482029382", "Thu Mar 17 2011 15:53:45 GMT+0100");
user_pref("CT2475029.FeedPollDate129133095459686870", "Thu Mar 17 2011 15:53:45 GMT+0100");
user_pref("CT2475029.FeedPollDate129133095459686871", "Thu Mar 17 2011 15:53:45 GMT+0100");
user_pref("CT2475029.FeedPollDate129137437659687146", "Thu Mar 17 2011 14:13:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129137437659687147", "Thu Mar 17 2011 14:13:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129137437659687148", "Thu Mar 17 2011 15:53:45 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214602500", "Thu Mar 17 2011 15:48:47 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214602506", "Thu Mar 17 2011 15:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214602512", "Thu Mar 17 2011 15:48:50 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214602518", "Thu Mar 17 2011 15:48:47 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214602524", "Thu Mar 17 2011 15:48:47 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214602530", "Thu Mar 17 2011 15:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214603404", "Thu Mar 17 2011 13:48:40 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214603410", "Thu Mar 17 2011 13:48:40 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214603416", "Thu Mar 17 2011 15:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214603422", "Thu Mar 17 2011 13:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214603428", "Thu Mar 17 2011 15:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214603434", "Thu Mar 17 2011 13:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214603440", "Thu Mar 17 2011 13:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214603446", "Thu Mar 17 2011 13:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214603452", "Thu Mar 17 2011 13:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214603458", "Thu Mar 17 2011 13:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214603464", "Thu Mar 17 2011 13:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214603470", "Thu Mar 17 2011 13:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214603476", "Thu Mar 17 2011 15:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214603482", "Thu Mar 17 2011 15:48:49 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214603488", "Thu Mar 17 2011 15:48:47 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214603494", "Thu Mar 17 2011 15:48:47 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758786", "Thu Mar 17 2011 15:48:47 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758792", "Thu Mar 17 2011 15:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758798", "Thu Mar 17 2011 15:48:48 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758804", "Thu Mar 17 2011 15:48:48 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758810", "Thu Mar 17 2011 15:48:50 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758816", "Thu Mar 17 2011 15:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758822", "Thu Mar 17 2011 13:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758828", "Thu Mar 17 2011 15:48:50 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758834", "Thu Mar 17 2011 15:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758840", "Thu Mar 17 2011 15:48:48 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758846", "Thu Mar 17 2011 15:48:48 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758852", "Thu Mar 17 2011 15:48:48 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758858", "Thu Mar 17 2011 15:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758864", "Thu Mar 17 2011 15:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758870", "Thu Mar 17 2011 13:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758876", "Thu Mar 17 2011 15:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758882", "Thu Mar 17 2011 13:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758888", "Thu Mar 17 2011 15:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758894", "Thu Mar 17 2011 15:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758900", "Thu Mar 17 2011 15:48:50 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758906", "Thu Mar 17 2011 15:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758912", "Thu Mar 17 2011 15:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758918", "Thu Mar 17 2011 15:48:49 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758924", "Thu Mar 17 2011 15:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758930", "Thu Mar 17 2011 15:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758936", "Thu Mar 17 2011 15:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758942", "Thu Mar 17 2011 13:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758948", "Thu Mar 17 2011 13:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758954", "Thu Mar 17 2011 13:48:46 GMT+0100");
user_pref("CT2475029.FeedPollDate129255180214758960", "Thu Mar 17 2011 15:48:46 GMT+0100");
user_pref("CT2475029.FeedTTL129255180214602500", 15);
user_pref("CT2475029.FeedTTL129255180214602512", 2);
user_pref("CT2475029.FeedTTL129255180214602518", 5);
user_pref("CT2475029.FeedTTL129255180214602524", 5);
user_pref("CT2475029.FeedTTL129255180214603416", 15);
user_pref("CT2475029.FeedTTL129255180214603428", 60);
user_pref("CT2475029.FeedTTL129255180214603482", 60);
user_pref("CT2475029.FeedTTL129255180214603488", 15);
user_pref("CT2475029.FeedTTL129255180214603494", 2);
user_pref("CT2475029.FeedTTL129255180214758786", 5);
user_pref("CT2475029.FeedTTL129255180214758798", 30);
user_pref("CT2475029.FeedTTL129255180214758804", 30);
user_pref("CT2475029.FeedTTL129255180214758810", 2);
user_pref("CT2475029.FeedTTL129255180214758828", 15);
user_pref("CT2475029.FeedTTL129255180214758840", 15);
user_pref("CT2475029.FeedTTL129255180214758846", 15);
user_pref("CT2475029.FeedTTL129255180214758852", 15);
user_pref("CT2475029.FeedTTL129255180214758870", 1440);
user_pref("CT2475029.FeedTTL129255180214758900", 10);
user_pref("CT2475029.FeedTTL129255180214758918", 5);
user_pref("CT2475029.FirstServerDate", "17-3-2011");
user_pref("CT2475029.FirstTime", true);
user_pref("CT2475029.FirstTimeFF3", true);
user_pref("CT2475029.FixPageNotFoundErrors", true);
user_pref("CT2475029.GroupingLastCheckTime", "Thu Mar 17 2011 13:48:40 GMT+0100");
user_pref("CT2475029.GroupingLastErrorCode", "");
user_pref("CT2475029.GroupingLastResponse", true);
user_pref("CT2475029.GroupingLastServerUpdateTime", "129440252824830000");
user_pref("CT2475029.GroupingServerCheckInterval", 1440);
user_pref("CT2475029.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT2475029.Initialize", true);
user_pref("CT2475029.InitializeCommonPrefs", true);
user_pref("CT2475029.InstalledDate", "Thu Mar 17 2011 13:48:40 GMT+0100");
user_pref("CT2475029.InvalidateCache", false);
user_pref("CT2475029.IsGrouping", true);
user_pref("CT2475029.IsMulticommunity", true);
user_pref("CT2475029.IsOpenThankYouPage", false);
user_pref("CT2475029.IsOpenUninstallPage", true);
user_pref("CT2475029.LanguagePackLastCheckTime", "Thu Mar 17 2011 13:48:45 GMT+0100");
user_pref("CT2475029.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2475029.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT2475029.LastLogin_2.5.6.0", "Thu Mar 17 2011 13:48:41 GMT+0100");
user_pref("CT2475029.LatestVersion", "3.2.5.2");
user_pref("CT2475029.Locale", "en");
user_pref("CT2475029.LoginCache", 4);
user_pref("CT2475029.MCDetectTooltipHeight", "83");
user_pref("CT2475029.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT2475029.MCDetectTooltipWidth", "295");
user_pref("CT2475029.RadioIsPodcast", false);
user_pref("CT2475029.RadioLastCheckTime", "Thu Mar 17 2011 13:48:41 GMT+0100");
user_pref("CT2475029.RadioLastUpdateIPServer", "3");
user_pref("CT2475029.RadioLastUpdateServer", "129054397178370000");
user_pref("CT2475029.RadioMediaID", "13098944");
user_pref("CT2475029.RadioMediaType", "Media Player");
user_pref("CT2475029.RadioMenuSelectedID", "EBRadioMenu_CT247502913098944");
user_pref("CT2475029.RadioStationName", "Mellesleg%20-%20Rapp");
user_pref("CT2475029.RadioStationURL", "hxxp://195.228.254.168:8060/");
user_pref("CT2475029.SHRINK_TOOLBAR", 1);
user_pref("CT2475029.SavedHomepage", "hxxp://eu.ask.com?o=15425&l=dis");
user_pref("CT2475029.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2475029&octid=EB_ORIGINAL_CTID&SearchSource=1");
user_pref("CT2475029.SearchFromAddressBarIsInit", true);
user_pref("CT2475029.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&q=");
user_pref("CT2475029.SearchInNewTabEnabled", true);
user_pref("CT2475029.SearchInNewTabIntervalMM", 1440);
user_pref("CT2475029.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
user_pref("CT2475029.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
user_pref("CT2475029.SettingsCheckIntervalMin", 120);
user_pref("CT2475029.SettingsLastCheckTime", "Thu Mar 17 2011 13:48:37 GMT+0100");
user_pref("CT2475029.SettingsLastUpdate", "1299544482");
user_pref("CT2475029.ThirdPartyComponentsInterval", 504);
user_pref("CT2475029.ThirdPartyComponentsLastCheck", "Thu Mar 17 2011 13:48:37 GMT+0100");
user_pref("CT2475029.ThirdPartyComponentsLastUpdate", "1246790578");
user_pref("CT2475029.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
user_pref("CT2475029.UserID", "UN28159446218785256");
user_pref("CT2475029.WeatherNetwork", "");
user_pref("CT2475029.WeatherPollDate", "Thu Mar 17 2011 14:18:46 GMT+0100");
user_pref("CT2475029.WeatherUnit", "C");
user_pref("CT2475029.clientLogIsEnabled", true);
user_pref("CT2475029.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2475029.ct2475029.DialogsAlignMode", "LTR");
user_pref("CT2475029.ct2475029.FeedLastCount129133095456874337", 0);
user_pref("CT2475029.ct2475029.FeedLastCount6244576562585401993", 882);
user_pref("CT2475029.ct2475029.GroupingInvalidateCache", false);
user_pref("CT2475029.ct2475029.GroupingLastCheckTime", "Thu Mar 17 2011 13:48:42 GMT+0100");
user_pref("CT2475029.ct2475029.GroupingLastErrorCode", "");
user_pref("CT2475029.ct2475029.GroupingLastResponse", true);
user_pref("CT2475029.ct2475029.GroupingLastServerUpdateTime", "129440252824830000");
user_pref("CT2475029.ct2475029.InvalidateCache", false);
user_pref("CT2475029.ct2475029.LanguagePackLastCheckTime", "Thu Mar 17 2011 13:48:45 GMT+0100");
user_pref("CT2475029.ct2475029.Locale", "en");
user_pref("CT2475029.ct2475029.RadioLastCheckTime", "Thu Mar 17 2011 13:48:46 GMT+0100");
user_pref("CT2475029.ct2475029.RadioLastUpdateIPServer", "3");
user_pref("CT2475029.ct2475029.RadioLastUpdateServer", "129054397178370000");
user_pref("CT2475029.ct2475029.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=ct2475029&octid=EB_ORIGINAL_CTID&SearchSource=1");
user_pref("CT2475029.ct2475029.SearchInNewTabLastCheckTime", "Thu Mar 17 2011 13:48:42 GMT+0100");
user_pref("CT2475029.ct2475029.SettingsCheckIntervalMin", 120);
user_pref("CT2475029.ct2475029.SettingsLastCheckTime", "Thu Mar 17 2011 13:48:40 GMT+0100");
user_pref("CT2475029.ct2475029.SettingsLastUpdate", "1299544482");
user_pref("CT2475029.ct2475029.ThirdPartyComponentsLastCheck", "Thu Mar 17 2011 13:48:40 GMT+0100");
user_pref("CT2475029.ct2475029.ThirdPartyComponentsLastUpdate", "1246790578");
user_pref("CT2475029.myStuffEnabled", true);
user_pref("CT2475029.myStuffPublihserMinWidth", 400);
user_pref("CT2475029.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT2475029.myStuffServiceIntervalMM", 1440);
user_pref("CT2475029.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT2475029.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.avg.com/route/?d=4d06174b&v=6.010.023.001&i=26&tp=ab&iy=&ychte=us&lng=cs&q=");
user_pref("CommunityToolbar.ToolbarsList", "CT2475029");
user_pref("CommunityToolbar.ToolbarsList2", "CT2475029");
user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2475029");
user_pref("CommunityToolbar.twitter.user_1344951.LastCheckTime", "Thu Mar 17 2011 13:48:40 GMT+0100");
user_pref("avg.install.userHPSettings", "hxxp://search.conduit.com/?ctid=CT2475029&SearchSource=13");
user_pref("browser.search.defaultthis.engineName", "MyAshampoo Customized Web Search");
user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}");
user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
user_pref("extensions.asktb.apn_dbr", "ie_8.0.7601.17514");
user_pref("extensions.asktb.cbid", "FV");
user_pref("extensions.asktb.cr-o", "14594cr");
user_pref("extensions.asktb.crumb", "2012.09.07+01.15.52-toolbar016iad-CZ-UHJhZ3VlLEN6ZWNoIFJlcHVibGlj");
user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l}&q={query}&dm=all");
user_pref("extensions.asktb.dtid", "YYYYYYYYCZ");
user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q=");
user_pref("extensions.asktb.guid", "3ac8f5c0-2fb4-4bc1-9532-3f65778bfc3d");
user_pref("extensions.asktb.hpr", "YES");
user_pref("extensions.asktb.if", "new");
user_pref("extensions.asktb.l", "dis");
user_pref("extensions.asktb.locale", "en_EU");
user_pref("extensions.asktb.location", "Prague,Czech Republic");
user_pref("extensions.asktb.nthp", "YES");
user_pref("extensions.asktb.nthp_prev", "0");
user_pref("extensions.asktb.o", "14594");
user_pref("extensions.asktb.oldVersion", "5.15.4.23821");
user_pref("extensions.asktb.qsrc", "2871");
user_pref("extensions.asktb.sa", "YES");
user_pref("extensions.asktb.saguid", "1A995690-F833-4402-AB45-F2B434731707");
user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
user_pref("extensions.asktb.themeid", "");
user_pref("extensions.asktb.timeinstalled", "7.9.2012 10:16:23");
user_pref("extensions.asktb.to", "");
user_pref("extensions.asktb.version", "5.15.4.23821");
user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid={DEF4F0E8-D1D8-41C8-9981-DA8CFB2BF6C1}&mid=2c4ef8ad01b26283c9ec85f59c6b58f0-62e292c82f6c411baa0b7dbc4bd7eb63b2cdf06



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 04.11.2013 at 18:10:39,57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ADWCleaner log:
# AdwCleaner v3.011 - Report created 04/11/2013 at 18:15:03
# Updated 03/11/2013 by Xplode
# Operating System : Windows 7 Professional (64 bits)
# Username : dracenko - TPV_O_NOTE
# Running from : C:\Users\dracenko.frefre2\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : vToolbarUpdater17.0.12

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\dracenko.frefre2\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\dracenko.frefre2\AppData\Local\AVG Security Toolbar
Folder Deleted : C:\Users\dracenko.frefre2\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\dracenko.frefre2\AppData\LocalLow\AVG Security Toolbar
Folder Deleted : C:\Users\dracenko.frefre2\AppData\Roaming\Mozilla\Firefox\Profiles\nhh6om0x.default\CT2475029
Folder Deleted : C:\Users\dracenko.frefre2\AppData\Roaming\Mozilla\Firefox\Profiles\nhh6om0x.default\Extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
Folder Deleted : C:\Users\dracenko.frefre2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Folder Deleted : C:\Users\dracenko.frefre2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\dealio@mybrowserbar.com
File Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\pdfforge@mybrowserbar.com
File Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\wtxpcom@mybrowserbar.com
File Deleted : C:\Program Files (x86)\Mozilla Firefox\.autoreg
File Deleted : C:\Users\dracenko.frefre2\AppData\Roaming\Mozilla\Firefox\Profiles\nhh6om0x.default\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B922D405-6D13-4A2B-AE89-08A030DA4402}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\pdfforge
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Dealio
Key Deleted : HKLM\Software\DeviceVM
Key Deleted : HKLM\Software\pdfforge
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0B139A7-E8D5-49E8-A7BF-12421E652208}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7601.17514


-\\ Mozilla Firefox v3.6.15 (cs)

[ File : C:\Users\dracenko.frefre2\AppData\Roaming\Mozilla\Firefox\Profiles\nhh6om0x.default\prefs.js ]

Line Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\15.3.0.11");
Line Deleted : user_pref("avg.install.userSPSettings", "AVG Secure Search");
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://eu.ask.com/?l=dis&o=14597");
Line Deleted : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
Line Deleted : user_pref("extensions.asktb.crumb", "2012.09.07+01.15.52-toolbar016iad-CZ-UHJhZ3VlLEN6ZWNoIFJlcHVibGlj");
Line Deleted : user_pref("extensions.enabledItems", "Cetrumcz@igeared:1.203.023.002,toolbar@ask.com:3.15.4.23821,{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:2.5.6.0,pdfforge@mybrowserbar.com:4.3,wtxpcom@mybrowserbar.com:[...]

-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\dracenko.frefre2\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : icon_url
Deleted : search_url
Deleted : keyword

*************************

AdwCleaner[R0].txt - [9731 octets] - [04/11/2013 18:13:45]
AdwCleaner[S0].txt - [9771 octets] - [04/11/2013 18:15:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9831 octets] ##########

Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by dracenko (administrator) on TPV_O_NOTE on 04-11-2013 18:59:56
Running from C:\Users\dracenko.frefre2\Desktop
Windows 7 Professional (X64) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG10\avgchsva.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(IDT, Inc.) C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe
(Hewlett-Packard) C:\windows\system32\Hpservice.exe
(Validity Sensors, Inc.) C:\windows\system32\vcsFPService.exe
(Andrea Electronics Corporation) C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe
(Hewlett-Packard Company) c:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG10\avgam.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG10\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Hewlett-Packard, Inc.) c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsendersvc.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsender.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\plugins\ice\Hp.SkyRoom.Windows.RgsPlugin.Authentication\Hp.SkyRoom.Windows.RgsPlugin.Authentication.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\plugins\ice\Hp.SkyRoom.Windows.RgsPlugin.Lens\Hp.SkyRoom.Windows.RgsPlugin.Lens.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\plugins\ice\Hp.SkyRoom.Windows.RgsPlugin.Licensing\Hp.SkyRoom.Windows.RgsPlugin.Licensing.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG10\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsender_gui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG10\avgtray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
(Microsoft Corporation) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2009-08-25] (Intel Corporation)
HKLM\...\Run: [HPPowerAssistant] - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [1690680 2009-11-19] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2074408 2010-02-26] (Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2009-11-19] (Hewlett-Packard)
HKLM\...\Run: [nwiz] - nwiz.exe /installquiet
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-01-29] (IDT, Inc.)
Winlogon\Notify\ScCertProp: C:\Windows\SysWOW64\explorer.exe (Microsoft Corporation)
HKCU\...\Run: [Sony Ericsson PC Companion] - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [433872 2011-10-21] (Sony Ericsson)
HKLM-x32\...\Run: [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe [287800 2009-11-11] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-21] (NEC Electronics Corporation)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111640 2009-11-04] ()
HKLM-x32\...\Run: [NeroFilterCheck] - C:\Program Files (x86)\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [AVG_TRAY] - C:\Program Files (x86)\AVG\AVG10\avgtray.exe [2345592 2012-08-01] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKU\dracenko\...\Run: [ROC_JAN2013_TB] - "C:\Program Files (x86)\AVG Secure Search\ROC_JAN2013_TB.exe" /PROMPT /CMPID=JAN2013_TB
HKU\dracenko\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB
HKU\dracenko\...\RunOnce: [spchecker] - C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe [390472 2011-05-11] ()
BootExecute: autocheck autochk * C:\PROGRA~2\AVG\AVG10\avgchsva.exe /syncC:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart

==================== Internet (Whitelisted) ====================

ProxyServer: 192.168.1.99:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
URLSearchHook: HKCU - CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
URLSearchHook: HKCU - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {80F13005-1D04-4230-B5F8-9E0C19246A9B} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKCU - DefaultScope {3B9862EA-5229-42FB-8FF7-30C82EAFCAA1} URL = http://search.centrum.cz/index.php?q={s ... trum-1.0.0
SearchScopes: HKCU - {3B9862EA-5229-42FB-8FF7-30C82EAFCAA1} URL = http://search.centrum.cz/index.php?q={s ... trum-1.0.0
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKCU - {80F13005-1D04-4230-B5F8-9E0C19246A9B} URL =
SearchScopes: HKCU - {CA2675F2-744F-43A6-9AE1-6C687FD1F6A6} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKCU - {F4B9FA2F-EBAA-44FF-8FDE-E4FA8F61DF1D} URL = http://www.webhledani.cz/results.aspx?i ... earchTerms}
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Lišta Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {D5D47440-0750-463D-BAEF-A47D02414806} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 84.21.109.1 84.16.96.2
Tcpip\..\Interfaces\{0A7CF649-7008-4B66-81A0-0F26ECE8A424}: [NameServer]192.168.1.97,192.168.1.94

FireFox:
========
FF ProfilePath: C:\Users\dracenko.frefre2\AppData\Roaming\Mozilla\Firefox\Profiles\nhh6om0x.default
FF DefaultSearchEngine: Centrum.cz Search
FF SelectedSearchEngine: Centrum.cz Search
FF NetworkProxy: "backup.ftp", "192.168.1.99"
FF NetworkProxy: "backup.ftp_port", 8080
FF NetworkProxy: "backup.gopher", "192.168.1.99"
FF NetworkProxy: "backup.gopher_port", 8080
FF NetworkProxy: "backup.socks", "192.168.1.99"
FF NetworkProxy: "backup.socks_port", 8080
FF NetworkProxy: "backup.ssl", "192.168.1.99"
FF NetworkProxy: "backup.ssl_port", 8080
FF NetworkProxy: "ftp", "192.168.1.99"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "gopher", "192.168.1.99"
FF NetworkProxy: "gopher_port", 8080
FF NetworkProxy: "http", "192.168.1.99"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "no_proxies_on", "localhost,127.0.0.1"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "192.168.1.99"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "192.168.1.99"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 1
FF Plugin: @microsoft.com/GENUINE - C:\windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - C:\windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Cetrumcz_igeared.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF Extension: Click to call with Skype - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
FF HKLM-x32\...\Firefox\Extensions: [Cetrumcz@igeared] - C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared
FF Extension: Lišta Centrum.cz Toolbar - C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared
FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG10\Firefox4\
FF Extension: AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\Firefox4\

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (AVG Secure Search) - http://www.google.com
CHR DefaultSuggestURL: (AVG Secure Search) - http://clients5.google.com/complete/sea ... utEncoding}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\pdf.dll No File
CHR Plugin: (AVG Internet Security) - C:\Users\dracenko.frefre2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\dracenko.frefre2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.8013_0\npSkypeChromePlugin.dll (Skype Technologies S.A.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Activation Technologies) - C:\windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Ask Toolbar) - C:\Users\ONDRAC~1.FEI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.0_0
CHR Extension: (Click to call with Skype) - C:\Users\ONDRAC~1.FEI\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.8013_0
CHR HKLM-x32\...\Chrome\Extension: [aaaapoldfpilohhfkhihnhdckpackghi] - C:\Users\dracenko.frefre2\AppData\Local\APN\GoogleCRXs\aaaapoldfpilohhfkhihnhdckpackghi_7.15.4.0.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

==================== Services (Whitelisted) =================

R2 AESTFilters; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [77944 2010-11-01] (Autodesk)
S3 AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [167264 2011-11-10] ()
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [7391072 2012-01-31] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [269520 2011-02-08] (AVG Technologies CZ, s.r.o.)
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [117760 2012-10-03] (Dassault Systèmes)
R2 Hp.Skyroom.Windows.Service; C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe [124984 2009-11-20] (Hewlett-Packard)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [43028328 2011-09-22] (Microsoft Corporation)
R2 rgsender; c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsendersvc.exe [379904 2009-11-19] (Hewlett-Packard, Inc.)
S3 Sony Ericsson PCCompanion; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [155344 2011-06-29] (Avanquest Software)
S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [370024 2011-09-22] (Microsoft Corporation)
R2 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe [244736 2010-01-29] (IDT, Inc.)
S2 avgagent; avgagent.exe /srvfsys [x]

==================== Drivers (Whitelisted) ====================

R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys [118864 2011-05-27] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSEH; C:\Windows\System32\DRIVERS\AVGIDSEH.Sys [26704 2011-02-22] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys [29264 2011-02-10] (AVG Technologies CZ, s.r.o. )
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [312160 2012-11-12] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [41552 2011-03-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [37456 2011-03-16] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [377936 2011-04-04] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [46368 2013-10-02] (AVG Technologies)
R1 eusk2par; C:\windows\system32\Drivers\eusk2par-amd64.sys [42816 2006-12-13] (Eutron)
S3 MSIRCOMM; C:\Windows\System32\DRIVERS\MSIRCOMM.sys [30208 2009-07-14] (Microsoft Corporation)
R3 rismcx64; C:\Windows\System32\DRIVERS\rismcx64.sys [59008 2009-07-20] (RICOH Company, Ltd.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1798400 2009-12-18] ()
S3 STIrUsb; C:\Windows\System32\DRIVERS\irstusb.sys [33792 2008-01-19] (SigmaTel, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-04 18:59 - 2013-11-04 18:59 - 00000000 ____D C:\FRST
2013-11-04 18:57 - 2013-11-04 18:57 - 01957098 _____ (Farbar) C:\Users\dracenko.frefre2\Desktop\FRST64.exe
2013-11-04 18:11 - 2013-11-04 18:15 - 00000000 ____D C:\AdwCleaner
2013-11-04 18:10 - 2013-11-04 18:10 - 00030358 _____ C:\Users\dracenko.frefre2\Desktop\JRT.txt
2013-11-04 18:01 - 2013-11-04 18:01 - 01073258 _____ C:\Users\dracenko.frefre2\Desktop\adwcleaner.exe
2013-11-04 17:58 - 2013-11-04 17:58 - 00000000 ____D C:\windows\ERUNT
2013-11-04 17:57 - 2013-11-04 17:57 - 01033335 _____ (Thisisu) C:\Users\dracenko.frefre2\Desktop\JRT.exe
2013-11-04 17:27 - 2013-11-04 17:27 - 00000000 ____D C:\rsit
2013-11-04 17:27 - 2013-11-04 17:27 - 00000000 ____D C:\Program Files\trend micro
2013-11-04 17:25 - 2013-11-04 18:58 - 00000000 ____D C:\Down
2013-11-04 16:58 - 2013-11-04 16:58 - 00000434 _____ C:\Users\dracenko.frefre2\Documents\cc_20131104_165832.reg
2013-11-04 16:58 - 2013-11-04 16:58 - 00000082 _____ C:\Users\dracenko.frefre2\Documents\cc_20131104_165811.reg
2013-11-04 16:57 - 2013-11-04 16:57 - 00017038 _____ C:\Users\dracenko.frefre2\Documents\cc_20131104_165734.reg
2013-11-04 16:56 - 2013-11-04 16:56 - 00812010 _____ C:\Users\dracenko.frefre2\Documents\cc_20131104_165557.reg
2013-11-04 16:46 - 2013-11-04 16:46 - 00002778 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2013-11-04 16:46 - 2013-11-04 16:46 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-11-04 16:46 - 2013-11-04 16:46 - 00000000 ____D C:\Program Files\CCleaner
2013-11-04 16:45 - 2013-11-04 16:45 - 04379048 _____ (Piriform Ltd) C:\Users\dracenko.frefre2\Downloads\ccsetup407.exe
2013-11-04 16:45 - 2013-11-04 16:45 - 00921600 _____ C:\Users\dracenko.frefre2\Downloads\centrumie-1.1.2.0.msi
2013-11-04 16:43 - 2013-11-04 16:44 - 00730400 _____ () C:\Users\dracenko.frefre2\Downloads\ccleaner-lista-centrumcz-pro-internet-explorer.exe
2013-11-04 15:08 - 2013-11-04 15:08 - 00000000 ____D C:\E98C8D5A3F7DF8F66841
2013-11-03 23:25 - 2013-11-03 23:37 - 00000000 ____D C:\ProgramData\Zemana AntiMalware
2013-11-03 23:16 - 2013-11-04 15:56 - 00000000 ____D C:\windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2013-11-03 21:54 - 2013-11-03 21:54 - 00061024 ____T (Microsoft Corporation) C:\ProgramData\j23irb.pss
2013-11-03 21:53 - 2013-11-04 09:13 - 95025368 ____T C:\ProgramData\j23irb.bxx
2013-11-03 21:53 - 2013-11-04 09:13 - 00000000 _____ C:\ProgramData\j23irb.fvv
2013-11-03 21:53 - 2013-11-03 21:53 - 00151552 _____ (Корпорация Майкрософт) C:\ProgramData\bri32j.dss
2013-11-01 12:53 - 2013-11-01 12:53 - 00000000 ____D C:\Users\dracenko.frefre2\Documents\Změnová řízení

==================== One Month Modified Files and Folders =======

2013-11-04 18:59 - 2013-11-04 18:59 - 00000000 ____D C:\FRST
2013-11-04 18:59 - 2010-05-23 21:32 - 01973947 _____ C:\windows\WindowsUpdate.log
2013-11-04 18:58 - 2013-11-04 17:25 - 00000000 ____D C:\Down
2013-11-04 18:57 - 2013-11-04 18:57 - 01957098 _____ (Farbar) C:\Users\dracenko.frefre2\Desktop\FRST64.exe
2013-11-04 18:25 - 2013-06-04 06:13 - 00000350 _____ C:\windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2013-11-04 18:25 - 2013-01-23 07:14 - 00000354 _____ C:\windows\Tasks\ROC_JAN2013_TB_rmv.job
2013-11-04 18:25 - 2010-10-20 05:44 - 00000952 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-04 18:25 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-04 18:25 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-04 18:21 - 2010-04-07 01:54 - 00737058 _____ C:\windows\system32\perfh005.dat
2013-11-04 18:21 - 2010-04-07 01:54 - 00166700 _____ C:\windows\system32\perfc005.dat
2013-11-04 18:21 - 2009-07-14 06:13 - 00964772 _____ C:\windows\system32\PerfStringBackup.INI
2013-11-04 18:17 - 2010-05-23 21:27 - 00036982 _____ C:\windows\PFRO.log
2013-11-04 18:17 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-11-04 18:17 - 2009-07-14 05:51 - 00124717 _____ C:\windows\setupact.log
2013-11-04 18:15 - 2013-11-04 18:11 - 00000000 ____D C:\AdwCleaner
2013-11-04 18:15 - 2012-12-21 07:57 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-11-04 18:15 - 2010-10-20 11:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-04 18:10 - 2013-11-04 18:10 - 00030358 _____ C:\Users\dracenko.frefre2\Desktop\JRT.txt
2013-11-04 18:04 - 2010-10-20 05:44 - 00000956 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-04 18:01 - 2013-11-04 18:01 - 01073258 _____ C:\Users\dracenko.frefre2\Desktop\adwcleaner.exe
2013-11-04 17:58 - 2013-11-04 17:58 - 00000000 ____D C:\windows\ERUNT
2013-11-04 17:57 - 2013-11-04 17:57 - 01033335 _____ (Thisisu) C:\Users\dracenko.frefre2\Desktop\JRT.exe
2013-11-04 17:29 - 2010-11-05 07:28 - 00002092 ____H C:\Users\dracenko.frefre2\Documents\Default.rdp
2013-11-04 17:27 - 2013-11-04 17:27 - 00000000 ____D C:\rsit
2013-11-04 17:27 - 2013-11-04 17:27 - 00000000 ____D C:\Program Files\trend micro
2013-11-04 16:58 - 2013-11-04 16:58 - 00000434 _____ C:\Users\dracenko.frefre2\Documents\cc_20131104_165832.reg
2013-11-04 16:58 - 2013-11-04 16:58 - 00000082 _____ C:\Users\dracenko.frefre2\Documents\cc_20131104_165811.reg
2013-11-04 16:57 - 2013-11-04 16:57 - 00017038 _____ C:\Users\dracenko.frefre2\Documents\cc_20131104_165734.reg
2013-11-04 16:56 - 2013-11-04 16:56 - 00812010 _____ C:\Users\dracenko.frefre2\Documents\cc_20131104_165557.reg
2013-11-04 16:54 - 2012-12-10 15:47 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-11-04 16:54 - 2011-11-28 11:30 - 00000000 ____D C:\Users\dracenko.frefre2\AppData\Roaming\inkscape
2013-11-04 16:54 - 2011-07-28 09:38 - 00000000 ____D C:\Users\dracenko.frefre2\AppData\Roaming\Skype
2013-11-04 16:46 - 2013-11-04 16:46 - 00002778 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2013-11-04 16:46 - 2013-11-04 16:46 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-11-04 16:46 - 2013-11-04 16:46 - 00000000 ____D C:\Program Files\CCleaner
2013-11-04 16:45 - 2013-11-04 16:45 - 04379048 _____ (Piriform Ltd) C:\Users\dracenko.frefre2\Downloads\ccsetup407.exe
2013-11-04 16:45 - 2013-11-04 16:45 - 00921600 _____ C:\Users\dracenko.frefre2\Downloads\centrumie-1.1.2.0.msi
2013-11-04 16:44 - 2013-11-04 16:43 - 00730400 _____ () C:\Users\dracenko.frefre2\Downloads\ccleaner-lista-centrumcz-pro-internet-explorer.exe
2013-11-04 16:41 - 2010-12-13 13:52 - 00000000 ____D C:\windows\system32\Drivers\AVG
2013-11-04 16:37 - 2010-10-19 11:58 - 00000000 ____D C:\Users\dracenko.frefre2
2013-11-04 15:57 - 2013-09-06 09:57 - 00000000 ____D C:\Users\dracenko.frefre2\Desktop\Kuličkové stoly
2013-11-04 15:57 - 2013-08-16 14:51 - 00000000 ____D C:\Users\dracenko.frefre2\Desktop\lisovací - prolis vložky zásobníku
2013-11-04 15:57 - 2013-08-06 06:53 - 00000000 ____D C:\Users\dracenko.frefre2\Desktop\DCIM
2013-11-04 15:57 - 2013-07-25 15:09 - 00000000 ____D C:\Users\dracenko.frefre2\Desktop\foto 25.7.2013
2013-11-04 15:57 - 2013-07-19 14:17 - 00000000 ____D C:\Users\dracenko.frefre2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
2013-11-04 15:57 - 2013-06-14 11:33 - 00000000 ____D C:\Users\dracenko.frefre2\AppData\Roaming\EurekaLab s.a.s
2013-11-04 15:57 - 2013-05-31 15:11 - 00000000 ____D C:\Users\dracenko.frefre2\Desktop\Crocodile
2013-11-04 15:57 - 2013-03-26 07:58 - 00000000 ____D C:\Users\dracenko.frefre2\Desktop\Čelisti. rozpínače roztaženy
2013-11-04 15:57 - 2013-01-22 13:01 - 00000000 ____D C:\Users\dracenko.frefre2\AppData\Roaming\PhotoScape
2013-11-04 15:57 - 2012-10-31 12:47 - 00000000 ____D C:\Users\dracenko.frefre2\Desktop\Pazera_Free_MP4_to_AVI_Converter
2013-11-04 15:57 - 2012-01-27 10:29 - 00000000 ____D C:\Users\dracenko.frefre2\Desktop\Tunel + balička SL140
2013-11-04 15:57 - 2011-02-25 12:22 - 00000000 ____D C:\Users\dracenko.frefre2\AppData\Local\RBuilder
2013-11-04 15:57 - 2010-12-22 09:31 - 00000000 ___RD C:\Users\dracenko.frefre2\Virtual Machines
2013-11-04 15:57 - 2010-04-07 01:40 - 00000000 ____D C:\windows\System32\Tasks\Hewlett-Packard
2013-11-04 15:57 - 2009-07-14 04:20 - 00000000 ____D C:\windows\security
2013-11-04 15:57 - 2009-07-14 04:20 - 00000000 ____D C:\windows\AppCompat
2013-11-04 15:56 - 2013-11-03 23:16 - 00000000 ____D C:\windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2013-11-04 15:56 - 2011-03-31 13:34 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-11-04 15:56 - 2010-10-31 11:27 - 00000000 ____D C:\ProgramData\Yahoo! Companion
2013-11-04 15:56 - 2010-10-29 20:45 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-11-04 15:56 - 2009-07-14 04:20 - 00000000 ____D C:\windows\registration
2013-11-04 15:54 - 2013-03-14 15:54 - 00000000 ____D C:\Users\dracenko.frefre2\Documents\Corel
2013-11-04 15:54 - 2011-02-28 18:46 - 00000000 ____D C:\Users\dracenko.frefre2\Documents\Solid
2013-11-04 15:54 - 2010-10-21 12:46 - 00000000 ____D C:\Users\dracenko.frefre2\Documents\VÝROBA
2013-11-04 15:53 - 2013-03-14 15:55 - 00000000 ____D C:\Users\dracenko.frefre2\AppData\Roaming\Corel
2013-11-04 15:53 - 2013-03-14 15:51 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-11-04 15:53 - 2013-03-14 15:48 - 00000000 ____D C:\Program Files\Common Files\Corel
2013-11-04 15:53 - 2013-03-14 15:47 - 00000000 ____D C:\ProgramData\Corel
2013-11-04 15:53 - 2013-03-14 15:43 - 00000000 ____D C:\Program Files\Corel
2013-11-04 15:53 - 2013-03-10 21:36 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-11-04 15:53 - 2012-11-16 06:21 - 00000000 ____D C:\Users\dracenko.frefre2\AppData\Roaming\DraftSight
2013-11-04 15:53 - 2012-11-16 06:21 - 00000000 ____D C:\Program Files\Dassault Systemes
2013-11-04 15:52 - 2013-04-22 13:12 - 00000000 ____D C:\Program Files (x86)\Festo
2013-11-04 15:10 - 2010-12-31 15:43 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log
2013-11-04 15:08 - 2013-11-04 15:08 - 00000000 ____D C:\E98C8D5A3F7DF8F66841
2013-11-04 14:59 - 2010-10-19 09:49 - 00000000 ____D C:\Users\dracenko
2013-11-04 14:58 - 2012-10-18 09:24 - 00000000 ____D C:\4MCAD11CLASSIC
2013-11-04 09:20 - 2012-11-25 18:41 - 00000000 ____D C:\Users\dracenko.frefre2\Desktop\Záznamy o neshodě - nápravná opatření
2013-11-04 09:13 - 2013-11-03 21:53 - 95025368 ____T C:\ProgramData\j23irb.bxx
2013-11-04 09:13 - 2013-11-03 21:53 - 00000000 _____ C:\ProgramData\j23irb.fvv
2013-11-04 07:17 - 2010-10-19 11:44 - 00000128 _____ C:\windows\system32\config\netlogon.ftl
2013-11-03 23:37 - 2013-11-03 23:25 - 00000000 ____D C:\ProgramData\Zemana AntiMalware
2013-11-03 21:54 - 2013-11-03 21:54 - 00061024 ____T (Microsoft Corporation) C:\ProgramData\j23irb.pss
2013-11-03 21:53 - 2013-11-03 21:53 - 00151552 _____ (Корпорация Майкрософт) C:\ProgramData\bri32j.dss
2013-11-01 16:56 - 2009-07-14 06:32 - 00000000 ____D C:\windows\system32\FxsTmp
2013-11-01 12:53 - 2013-11-01 12:53 - 00000000 ____D C:\Users\dracenko.frefre2\Documents\Změnová řízení
2013-10-30 15:08 - 2012-08-08 07:59 - 00074752 _____ C:\Users\dracenko.frefre2\Desktop\Hmotnost-výpočet.xls
2013-10-21 07:07 - 2011-07-28 09:39 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-16 07:18 - 2010-10-21 10:14 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-16 07:16 - 2010-11-10 09:22 - 00947726 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2013-10-16 07:11 - 2013-08-21 07:01 - 00000000 ____D C:\windows\system32\MRT
2013-10-16 07:07 - 2012-10-24 07:02 - 80541720 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-10-10 10:16 - 2012-12-21 07:57 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-10-10 10:16 - 2012-12-21 07:57 - 00003852 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-10-10 10:16 - 2011-11-03 07:15 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-10 06:48 - 2010-10-20 05:44 - 00000000 ____D C:\Users\dracenko.frefre2\AppData\Local\Google
2013-10-08 11:59 - 2010-10-20 05:44 - 00003952 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-08 11:59 - 2010-10-20 05:44 - 00003700 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore

Files to move or delete:
====================
C:\ProgramData\bri32j.dss


Some content of TEMP:
====================
C:\Users\dracenko\AppData\Local\Temp\HPQSi.exe
C:\Users\dracenko.frefre2\AppData\Local\Temp\Quarantine.exe
C:\Users\dracenko.frefre2\AppData\Local\Temp\~6F36.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-31 13:13

==================== End Of Log ============================

Nedrzite se navodu

Stahl jste jen FRST64.exe ale uz ne FRSTLauncher, jak je v navodu psano. Takze je stahnete a pak jej spustte - proste se drzte navodu. My si jej nepiseme pro sebe a z nudy, ale piseme jej pro vas...

Omlouvám se!

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by dracenko (administrator) on TPV_O_NOTE on 04-11-2013 19:37:10
Running from C:\Users\dracenko.frefre2\Desktop
Windows 7 Professional (X64) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(IDT, Inc.) C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe
(Hewlett-Packard) C:\windows\system32\Hpservice.exe
(Validity Sensors, Inc.) C:\windows\system32\vcsFPService.exe
(Andrea Electronics Corporation) C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe
(Hewlett-Packard Company) c:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Hewlett-Packard, Inc.) c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsendersvc.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsender.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\plugins\ice\Hp.SkyRoom.Windows.RgsPlugin.Authentication\Hp.SkyRoom.Windows.RgsPlugin.Authentication.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\plugins\ice\Hp.SkyRoom.Windows.RgsPlugin.Lens\Hp.SkyRoom.Windows.RgsPlugin.Lens.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\plugins\ice\Hp.SkyRoom.Windows.RgsPlugin.Licensing\Hp.SkyRoom.Windows.RgsPlugin.Licensing.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsender_gui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG10\avgtray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
(Microsoft Corporation) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
(forum.viry.cz) C:\Users\dracenko.frefre2\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2009-08-25] (Intel Corporation)
HKLM\...\Run: [HPPowerAssistant] - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [1690680 2009-11-19] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2074408 2010-02-26] (Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2009-11-19] (Hewlett-Packard)
HKLM\...\Run: [nwiz] - nwiz.exe /installquiet
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-01-29] (IDT, Inc.)
Winlogon\Notify\ScCertProp: C:\Windows\SysWOW64\explorer.exe (Microsoft Corporation)
HKCU\...\Run: [Sony Ericsson PC Companion] - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [433872 2011-10-21] (Sony Ericsson)
HKLM-x32\...\Run: [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe [287800 2009-11-11] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-21] (NEC Electronics Corporation)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111640 2009-11-04] ()
HKLM-x32\...\Run: [NeroFilterCheck] - C:\Program Files (x86)\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [AVG_TRAY] - C:\Program Files (x86)\AVG\AVG10\avgtray.exe [2345592 2012-08-01] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKU\dracenko\...\Run: [ROC_JAN2013_TB] - "C:\Program Files (x86)\AVG Secure Search\ROC_JAN2013_TB.exe" /PROMPT /CMPID=JAN2013_TB
HKU\dracenko\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB
HKU\dracenko\...\RunOnce: [spchecker] - C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe [390472 2011-05-11] ()
BootExecute: autocheck autochk * C:\PROGRA~2\AVG\AVG10\avgchsva.exe /syncC:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart

==================== Internet (Whitelisted) ====================

ProxyServer: 192.168.1.99:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
URLSearchHook: HKCU - CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
URLSearchHook: HKCU - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {80F13005-1D04-4230-B5F8-9E0C19246A9B} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKCU - DefaultScope {3B9862EA-5229-42FB-8FF7-30C82EAFCAA1} URL = http://search.centrum.cz/index.php?q={s ... trum-1.0.0
SearchScopes: HKCU - {3B9862EA-5229-42FB-8FF7-30C82EAFCAA1} URL = http://search.centrum.cz/index.php?q={s ... trum-1.0.0
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKCU - {80F13005-1D04-4230-B5F8-9E0C19246A9B} URL =
SearchScopes: HKCU - {CA2675F2-744F-43A6-9AE1-6C687FD1F6A6} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKCU - {F4B9FA2F-EBAA-44FF-8FDE-E4FA8F61DF1D} URL = http://www.webhledani.cz/results.aspx?i ... earchTerms}
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Lišta Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {D5D47440-0750-463D-BAEF-A47D02414806} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 84.21.109.1 84.16.96.2
Tcpip\..\Interfaces\{0A7CF649-7008-4B66-81A0-0F26ECE8A424}: [NameServer]192.168.1.97,192.168.1.94

FireFox:
========
FF ProfilePath: C:\Users\dracenko.frefre2\AppData\Roaming\Mozilla\Firefox\Profiles\nhh6om0x.default
FF DefaultSearchEngine: Centrum.cz Search
FF SelectedSearchEngine: Centrum.cz Search
FF NetworkProxy: "backup.ftp", "192.168.1.99"
FF NetworkProxy: "backup.ftp_port", 8080
FF NetworkProxy: "backup.gopher", "192.168.1.99"
FF NetworkProxy: "backup.gopher_port", 8080
FF NetworkProxy: "backup.socks", "192.168.1.99"
FF NetworkProxy: "backup.socks_port", 8080
FF NetworkProxy: "backup.ssl", "192.168.1.99"
FF NetworkProxy: "backup.ssl_port", 8080
FF NetworkProxy: "ftp", "192.168.1.99"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "gopher", "192.168.1.99"
FF NetworkProxy: "gopher_port", 8080
FF NetworkProxy: "http", "192.168.1.99"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "no_proxies_on", "localhost,127.0.0.1"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "192.168.1.99"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "192.168.1.99"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 1
FF Plugin: @microsoft.com/GENUINE - C:\windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - C:\windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Cetrumcz_igeared.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF Extension: Click to call with Skype - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
FF HKLM-x32\...\Firefox\Extensions: [Cetrumcz@igeared] - C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared
FF Extension: Lišta Centrum.cz Toolbar - C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared
FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG10\Firefox4\
FF Extension: AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\Firefox4\

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (AVG Secure Search) - http://www.google.com
CHR DefaultSuggestURL: (AVG Secure Search) - http://clients5.google.com/complete/sea ... utEncoding}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\pdf.dll No File
CHR Plugin: (AVG Internet Security) - C:\Users\dracenko.frefre2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\dracenko.frefre2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.8013_0\npSkypeChromePlugin.dll (Skype Technologies S.A.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Activation Technologies) - C:\windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Ask Toolbar) - C:\Users\ONDRAC~1.FEI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.0_0
CHR Extension: (Click to call with Skype) - C:\Users\ONDRAC~1.FEI\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.8013_0
CHR HKLM-x32\...\Chrome\Extension: [aaaapoldfpilohhfkhihnhdckpackghi] - C:\Users\dracenko.frefre2\AppData\Local\APN\GoogleCRXs\aaaapoldfpilohhfkhihnhdckpackghi_7.15.4.0.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

==================== Services (Whitelisted) =================

R2 AESTFilters; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [77944 2010-11-01] (Autodesk)
S3 AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [167264 2011-11-10] ()
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [7391072 2012-01-31] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [269520 2011-02-08] (AVG Technologies CZ, s.r.o.)
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [117760 2012-10-03] (Dassault Systèmes)
R2 Hp.Skyroom.Windows.Service; C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe [124984 2009-11-20] (Hewlett-Packard)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [43028328 2011-09-22] (Microsoft Corporation)
R2 rgsender; c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsendersvc.exe [379904 2009-11-19] (Hewlett-Packard, Inc.)
S3 Sony Ericsson PCCompanion; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [155344 2011-06-29] (Avanquest Software)
S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [370024 2011-09-22] (Microsoft Corporation)
R2 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe [244736 2010-01-29] (IDT, Inc.)
S2 avgagent; avgagent.exe /srvfsys [x]

==================== Drivers (Whitelisted) ====================

R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys [118864 2011-05-27] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSEH; C:\Windows\System32\DRIVERS\AVGIDSEH.Sys [26704 2011-02-22] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys [29264 2011-02-10] (AVG Technologies CZ, s.r.o. )
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [312160 2012-11-12] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [41552 2011-03-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [37456 2011-03-16] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [377936 2011-04-04] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [46368 2013-10-02] (AVG Technologies)
R1 eusk2par; C:\windows\system32\Drivers\eusk2par-amd64.sys [42816 2006-12-13] (Eutron)
S3 MSIRCOMM; C:\Windows\System32\DRIVERS\MSIRCOMM.sys [30208 2009-07-14] (Microsoft Corporation)
R3 rismcx64; C:\Windows\System32\DRIVERS\rismcx64.sys [59008 2009-07-20] (RICOH Company, Ltd.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1798400 2009-12-18] ()
S3 STIrUsb; C:\Windows\System32\DRIVERS\irstusb.sys [33792 2008-01-19] (SigmaTel, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-04 19:30 - 2013-11-04 19:35 - 00112128 _____ (forum.viry.cz) C:\Users\dracenko.frefre2\Desktop\FRSTLauncher.exe
2013-11-04 18:59 - 2013-11-04 18:59 - 00000000 ____D C:\FRST
2013-11-04 18:57 - 2013-11-04 18:57 - 01957098 _____ (Farbar) C:\Users\dracenko.frefre2\Desktop\FRST64.exe
2013-11-04 18:11 - 2013-11-04 18:15 - 00000000 ____D C:\AdwCleaner
2013-11-04 18:10 - 2013-11-04 18:10 - 00030358 _____ C:\Users\dracenko.frefre2\Desktop\JRT.txt
2013-11-04 18:01 - 2013-11-04 18:01 - 01073258 _____ C:\Users\dracenko.frefre2\Desktop\adwcleaner.exe
2013-11-04 17:58 - 2013-11-04 17:58 - 00000000 ____D C:\windows\ERUNT
2013-11-04 17:57 - 2013-11-04 17:57 - 01033335 _____ (Thisisu) C:\Users\dracenko.frefre2\Desktop\JRT.exe
2013-11-04 17:27 - 2013-11-04 17:27 - 00000000 ____D C:\rsit
2013-11-04 17:27 - 2013-11-04 17:27 - 00000000 ____D C:\Program Files\trend micro
2013-11-04 17:25 - 2013-11-04 19:03 - 00000000 ____D C:\Down
2013-11-04 16:58 - 2013-11-04 16:58 - 00000434 _____ C:\Users\dracenko.frefre2\Documents\cc_20131104_165832.reg
2013-11-04 16:58 - 2013-11-04 16:58 - 00000082 _____ C:\Users\dracenko.frefre2\Documents\cc_20131104_165811.reg
2013-11-04 16:57 - 2013-11-04 16:57 - 00017038 _____ C:\Users\dracenko.frefre2\Documents\cc_20131104_165734.reg
2013-11-04 16:56 - 2013-11-04 16:56 - 00812010 _____ C:\Users\dracenko.frefre2\Documents\cc_20131104_165557.reg
2013-11-04 16:46 - 2013-11-04 16:46 - 00002778 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2013-11-04 16:46 - 2013-11-04 16:46 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-11-04 16:46 - 2013-11-04 16:46 - 00000000 ____D C:\Program Files\CCleaner
2013-11-04 16:45 - 2013-11-04 16:45 - 04379048 _____ (Piriform Ltd) C:\Users\dracenko.frefre2\Downloads\ccsetup407.exe
2013-11-04 16:45 - 2013-11-04 16:45 - 00921600 _____ C:\Users\dracenko.frefre2\Downloads\centrumie-1.1.2.0.msi
2013-11-04 16:43 - 2013-11-04 16:44 - 00730400 _____ () C:\Users\dracenko.frefre2\Downloads\ccleaner-lista-centrumcz-pro-internet-explorer.exe
2013-11-04 15:08 - 2013-11-04 15:08 - 00000000 ____D C:\E98C8D5A3F7DF8F66841
2013-11-03 23:25 - 2013-11-03 23:37 - 00000000 ____D C:\ProgramData\Zemana AntiMalware
2013-11-03 23:16 - 2013-11-04 15:56 - 00000000 ____D C:\windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2013-11-03 21:54 - 2013-11-03 21:54 - 00061024 ____T (Microsoft Corporation) C:\ProgramData\j23irb.pss
2013-11-03 21:53 - 2013-11-04 09:13 - 95025368 ____T C:\ProgramData\j23irb.bxx
2013-11-03 21:53 - 2013-11-04 09:13 - 00000000 _____ C:\ProgramData\j23irb.fvv
2013-11-03 21:53 - 2013-11-03 21:53 - 00151552 _____ (Корпорация Майкрософт) C:\ProgramData\bri32j.dss
2013-11-01 12:53 - 2013-11-01 12:53 - 00000000 ____D C:\Users\dracenko.frefre2\Documents\Změnová řízení

==================== One Month Modified Files and Folders =======

2013-11-04 19:35 - 2013-11-04 19:30 - 00112128 _____ (forum.viry.cz) C:\Users\dracenko.frefre2\Desktop\FRSTLauncher.exe
2013-11-04 19:30 - 2010-04-07 01:54 - 00737058 _____ C:\windows\system32\perfh005.dat
2013-11-04 19:30 - 2010-04-07 01:54 - 00166700 _____ C:\windows\system32\perfc005.dat
2013-11-04 19:30 - 2009-07-14 06:13 - 00964772 _____ C:\windows\system32\PerfStringBackup.INI
2013-11-04 19:27 - 2010-05-23 21:32 - 01982007 _____ C:\windows\WindowsUpdate.log
2013-11-04 19:15 - 2012-12-21 07:57 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-11-04 19:04 - 2010-10-20 05:44 - 00000956 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-04 19:03 - 2013-11-04 17:25 - 00000000 ____D C:\Down
2013-11-04 18:59 - 2013-11-04 18:59 - 00000000 ____D C:\FRST
2013-11-04 18:57 - 2013-11-04 18:57 - 01957098 _____ (Farbar) C:\Users\dracenko.frefre2\Desktop\FRST64.exe
2013-11-04 18:25 - 2013-06-04 06:13 - 00000350 _____ C:\windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2013-11-04 18:25 - 2013-01-23 07:14 - 00000354 _____ C:\windows\Tasks\ROC_JAN2013_TB_rmv.job
2013-11-04 18:25 - 2010-10-20 05:44 - 00000952 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-04 18:25 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-04 18:25 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-04 18:17 - 2010-05-23 21:27 - 00036982 _____ C:\windows\PFRO.log
2013-11-04 18:17 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-11-04 18:17 - 2009-07-14 05:51 - 00124717 _____ C:\windows\setupact.log
2013-11-04 18:15 - 2013-11-04 18:11 - 00000000 ____D C:\AdwCleaner
2013-11-04 18:15 - 2010-10-20 11:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-04 18:10 - 2013-11-04 18:10 - 00030358 _____ C:\Users\dracenko.frefre2\Desktop\JRT.txt
2013-11-04 18:01 - 2013-11-04 18:01 - 01073258 _____ C:\Users\dracenko.frefre2\Desktop\adwcleaner.exe
2013-11-04 17:58 - 2013-11-04 17:58 - 00000000 ____D C:\windows\ERUNT
2013-11-04 17:57 - 2013-11-04 17:57 - 01033335 _____ (Thisisu) C:\Users\dracenko.frefre2\Desktop\JRT.exe
2013-11-04 17:29 - 2010-11-05 07:28 - 00002092 ____H C:\Users\dracenko.frefre2\Documents\Default.rdp
2013-11-04 17:27 - 2013-11-04 17:27 - 00000000 ____D C:\rsit
2013-11-04 17:27 - 2013-11-04 17:27 - 00000000 ____D C:\Program Files\trend micro
2013-11-04 16:58 - 2013-11-04 16:58 - 00000434 _____ C:\Users\dracenko.frefre2\Documents\cc_20131104_165832.reg
2013-11-04 16:58 - 2013-11-04 16:58 - 00000082 _____ C:\Users\dracenko.frefre2\Documents\cc_20131104_165811.reg
2013-11-04 16:57 - 2013-11-04 16:57 - 00017038 _____ C:\Users\dracenko.frefre2\Documents\cc_20131104_165734.reg
2013-11-04 16:56 - 2013-11-04 16:56 - 00812010 _____ C:\Users\dracenko.frefre2\Documents\cc_20131104_165557.reg
2013-11-04 16:54 - 2012-12-10 15:47 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-11-04 16:54 - 2011-11-28 11:30 - 00000000 ____D C:\Users\dracenko.frefre2\AppData\Roaming\inkscape
2013-11-04 16:54 - 2011-07-28 09:38 - 00000000 ____D C:\Users\dracenko.frefre2\AppData\Roaming\Skype
2013-11-04 16:46 - 2013-11-04 16:46 - 00002778 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2013-11-04 16:46 - 2013-11-04 16:46 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-11-04 16:46 - 2013-11-04 16:46 - 00000000 ____D C:\Program Files\CCleaner
2013-11-04 16:45 - 2013-11-04 16:45 - 04379048 _____ (Piriform Ltd) C:\Users\dracenko.frefre2\Downloads\ccsetup407.exe
2013-11-04 16:45 - 2013-11-04 16:45 - 00921600 _____ C:\Users\dracenko.frefre2\Downloads\centrumie-1.1.2.0.msi
2013-11-04 16:44 - 2013-11-04 16:43 - 00730400 _____ () C:\Users\dracenko.frefre2\Downloads\ccleaner-lista-centrumcz-pro-internet-explorer.exe
2013-11-04 16:41 - 2010-12-13 13:52 - 00000000 ____D C:\windows\system32\Drivers\AVG
2013-11-04 16:37 - 2010-10-19 11:58 - 00000000 ____D C:\Users\dracenko.frefre2
2013-11-04 15:57 - 2013-09-06 09:57 - 00000000 ____D C:\Users\dracenko.frefre2\Desktop\Kuličkové stoly
2013-11-04 15:57 - 2013-08-16 14:51 - 00000000 ____D C:\Users\dracenko.frefre2\Desktop\lisovací - prolis vložky zásobníku
2013-11-04 15:57 - 2013-08-06 06:53 - 00000000 ____D C:\Users\dracenko.frefre2\Desktop\DCIM
2013-11-04 15:57 - 2013-07-25 15:09 - 00000000 ____D C:\Users\dracenko.frefre2\Desktop\foto 25.7.2013
2013-11-04 15:57 - 2013-07-19 14:17 - 00000000 ____D C:\Users\dracenko.frefre2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
2013-11-04 15:57 - 2013-06-14 11:33 - 00000000 ____D C:\Users\dracenko.frefre2\AppData\Roaming\EurekaLab s.a.s
2013-11-04 15:57 - 2013-05-31 15:11 - 00000000 ____D C:\Users\dracenko.frefre2\Desktop\Crocodile
2013-11-04 15:57 - 2013-03-26 07:58 - 00000000 ____D C:\Users\dracenko.frefre2\Desktop\Čelisti. rozpínače roztaženy
2013-11-04 15:57 - 2013-01-22 13:01 - 00000000 ____D C:\Users\dracenko.frefre2\AppData\Roaming\PhotoScape
2013-11-04 15:57 - 2012-10-31 12:47 - 00000000 ____D C:\Users\dracenko.frefre2\Desktop\Pazera_Free_MP4_to_AVI_Converter
2013-11-04 15:57 - 2012-01-27 10:29 - 00000000 ____D C:\Users\dracenko.frefre2\Desktop\Tunel + balička SL140
2013-11-04 15:57 - 2011-02-25 12:22 - 00000000 ____D C:\Users\dracenko.frefre2\AppData\Local\RBuilder
2013-11-04 15:57 - 2010-12-22 09:31 - 00000000 ___RD C:\Users\dracenko.frefre2\Virtual Machines
2013-11-04 15:57 - 2010-04-07 01:40 - 00000000 ____D C:\windows\System32\Tasks\Hewlett-Packard
2013-11-04 15:57 - 2009-07-14 04:20 - 00000000 ____D C:\windows\security
2013-11-04 15:57 - 2009-07-14 04:20 - 00000000 ____D C:\windows\AppCompat
2013-11-04 15:56 - 2013-11-03 23:16 - 00000000 ____D C:\windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2013-11-04 15:56 - 2011-03-31 13:34 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-11-04 15:56 - 2010-10-31 11:27 - 00000000 ____D C:\ProgramData\Yahoo! Companion
2013-11-04 15:56 - 2010-10-29 20:45 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-11-04 15:56 - 2009-07-14 04:20 - 00000000 ____D C:\windows\registration
2013-11-04 15:54 - 2013-03-14 15:54 - 00000000 ____D C:\Users\dracenko.frefre2\Documents\Corel
2013-11-04 15:54 - 2011-02-28 18:46 - 00000000 ____D C:\Users\dracenko.frefre2\Documents\Solid
2013-11-04 15:54 - 2010-10-21 12:46 - 00000000 ____D C:\Users\dracenko.frefre2\Documents\VÝROBA
2013-11-04 15:53 - 2013-03-14 15:55 - 00000000 ____D C:\Users\dracenko.frefre2\AppData\Roaming\Corel
2013-11-04 15:53 - 2013-03-14 15:51 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-11-04 15:53 - 2013-03-14 15:48 - 00000000 ____D C:\Program Files\Common Files\Corel
2013-11-04 15:53 - 2013-03-14 15:47 - 00000000 ____D C:\ProgramData\Corel
2013-11-04 15:53 - 2013-03-14 15:43 - 00000000 ____D C:\Program Files\Corel
2013-11-04 15:53 - 2013-03-10 21:36 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-11-04 15:53 - 2012-11-16 06:21 - 00000000 ____D C:\Users\dracenko.frefre2\AppData\Roaming\DraftSight
2013-11-04 15:53 - 2012-11-16 06:21 - 00000000 ____D C:\Program Files\Dassault Systemes
2013-11-04 15:52 - 2013-04-22 13:12 - 00000000 ____D C:\Program Files (x86)\Festo
2013-11-04 15:10 - 2010-12-31 15:43 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log
2013-11-04 15:08 - 2013-11-04 15:08 - 00000000 ____D C:\E98C8D5A3F7DF8F66841
2013-11-04 14:59 - 2010-10-19 09:49 - 00000000 ____D C:\Users\dracenko
2013-11-04 14:58 - 2012-10-18 09:24 - 00000000 ____D C:\4MCAD11CLASSIC
2013-11-04 09:20 - 2012-11-25 18:41 - 00000000 ____D C:\Users\dracenko.frefre2\Desktop\Záznamy o neshodě - nápravná opatření
2013-11-04 09:13 - 2013-11-03 21:53 - 95025368 ____T C:\ProgramData\j23irb.bxx
2013-11-04 09:13 - 2013-11-03 21:53 - 00000000 _____ C:\ProgramData\j23irb.fvv
2013-11-04 07:17 - 2010-10-19 11:44 - 00000128 _____ C:\windows\system32\config\netlogon.ftl
2013-11-03 23:37 - 2013-11-03 23:25 - 00000000 ____D C:\ProgramData\Zemana AntiMalware
2013-11-03 21:54 - 2013-11-03 21:54 - 00061024 ____T (Microsoft Corporation) C:\ProgramData\j23irb.pss
2013-11-03 21:53 - 2013-11-03 21:53 - 00151552 _____ (Корпорация Майкрософт) C:\ProgramData\bri32j.dss
2013-11-01 16:56 - 2009-07-14 06:32 - 00000000 ____D C:\windows\system32\FxsTmp
2013-11-01 12:53 - 2013-11-01 12:53 - 00000000 ____D C:\Users\dracenko.frefre2\Documents\Změnová řízení
2013-10-30 15:08 - 2012-08-08 07:59 - 00074752 _____ C:\Users\dracenko.frefre2\Desktop\Hmotnost-výpočet.xls
2013-10-21 07:07 - 2011-07-28 09:39 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-16 07:18 - 2010-10-21 10:14 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-16 07:16 - 2010-11-10 09:22 - 00947726 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2013-10-16 07:11 - 2013-08-21 07:01 - 00000000 ____D C:\windows\system32\MRT
2013-10-16 07:07 - 2012-10-24 07:02 - 80541720 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-10-10 10:16 - 2012-12-21 07:57 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-10-10 10:16 - 2012-12-21 07:57 - 00003852 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-10-10 10:16 - 2011-11-03 07:15 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-10 06:48 - 2010-10-20 05:44 - 00000000 ____D C:\Users\dracenko.frefre2\AppData\Local\Google
2013-10-08 11:59 - 2010-10-20 05:44 - 00003952 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-08 11:59 - 2010-10-20 05:44 - 00003700 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore

Files to move or delete:
====================
C:\ProgramData\bri32j.dss


Some content of TEMP:
====================
C:\Users\dracenko\AppData\Local\Temp\HPQSi.exe
C:\Users\dracenko.frefre2\AppData\Local\Temp\Quarantine.exe
C:\Users\dracenko.frefre2\AppData\Local\Temp\~6F36.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-31 13:13




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:280.79 GB) (Free:61.37 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.49 GB) FAT32

Available physical RAM: 2292.09 MB
Total physical RAM: 3957.45 MB
Percentage of memory in use: 42%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 5CC28112)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=281 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\windows\TEMP\{39DA6F48-1BB2-4472-9824-3E778F87CD97}.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ROC_JAN2013_TB_rmv.job => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:0888F409
AlternateDataStreams: C:\ProgramData\TEMP:66633281

==================== Security Center ==================

AV: AVG Anti-Virus Business Edition 2011 (Disabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: AVG Anti-Virus Business Edition 2011 (Disabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\dracenko.frefre2\Desktop" je 20136 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001


==================== End Of Log ==============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKCU\...\Run: [Sony Ericsson PC Companion] - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [433872 2011-10-21] (Sony Ericsson)
  HKLM-x32\...\Run: [NeroFilterCheck] - C:\Program Files (x86)\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
  HKLM-x32\...\Run: [] - [x]
  HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
  HKU\dracenko\...\Run: [ROC_JAN2013_TB] - "C:\Program Files (x86)\AVG Secure Search\ROC_JAN2013_TB.exe" /PROMPT /CMPID=JAN2013_TB
  HKU\dracenko\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB
  HKU\dracenko\...\RunOnce: [spchecker] - C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe [390472 2011-05-11] ()
  
  ProxyServer: 192.168.1.99:8080
  HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
  HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
  HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
  HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
  HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
  HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
  HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
  URLSearchHook: HKCU - CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
  URLSearchHook: HKCU - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
  SearchScopes: HKLM - DefaultScope {80F13005-1D04-4230-B5F8-9E0C19246A9B} URL = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
  SearchScopes: HKCU - DefaultScope {3B9862EA-5229-42FB-8FF7-30C82EAFCAA1} URL = http://search.centrum.cz/index.php?q={searchTerms}&toolbar=centrum-1.0.0
  SearchScopes: HKCU - {3B9862EA-5229-42FB-8FF7-30C82EAFCAA1} URL = http://search.centrum.cz/index.php?q={searchTerms}&toolbar=centrum-1.0.0
  SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
  SearchScopes: HKCU - {80F13005-1D04-4230-B5F8-9E0C19246A9B} URL =
  SearchScopes: HKCU - {CA2675F2-744F-43A6-9AE1-6C687FD1F6A6} URL = http://search.yahoo.com/search?fr=chr-g ... =827316&p={searchTerms}
  SearchScopes: HKCU - {F4B9FA2F-EBAA-44FF-8FDE-E4FA8F61DF1D} URL = http://www.webhledani.cz/results.aspx?i=42&tp=ie&q={searchTerms}
  BHO-x32: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
  Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
  Toolbar: HKCU - No Name - {D5D47440-0750-463D-BAEF-A47D02414806} - No File
  Handler: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - No File
  Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
  Handler-x32: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
  
  FF DefaultSearchEngine: Centrum.cz Search
  FF SelectedSearchEngine: Centrum.cz Search
  FF NetworkProxy: "backup.ftp", "192.168.1.99"
  FF NetworkProxy: "backup.ftp_port", 8080
  FF NetworkProxy: "backup.gopher", "192.168.1.99"
  FF NetworkProxy: "backup.gopher_port", 8080
  FF NetworkProxy: "backup.socks", "192.168.1.99"
  FF NetworkProxy: "backup.socks_port", 8080
  FF NetworkProxy: "backup.ssl", "192.168.1.99"
  FF NetworkProxy: "backup.ssl_port", 8080
  FF NetworkProxy: "ftp", "192.168.1.99"
  FF NetworkProxy: "ftp_port", 8080
  FF NetworkProxy: "gopher", "192.168.1.99"
  FF NetworkProxy: "gopher_port", 8080
  FF NetworkProxy: "http", "192.168.1.99"
  FF NetworkProxy: "http_port", 8080
  FF NetworkProxy: "no_proxies_on", "localhost,127.0.0.1"
  FF NetworkProxy: "share_proxy_settings", true
  FF NetworkProxy: "socks", "192.168.1.99"
  FF NetworkProxy: "socks_port", 8080
  FF NetworkProxy: "ssl", "192.168.1.99"
  FF NetworkProxy: "ssl_port", 8080
  FF NetworkProxy: "type", 1
  FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Cetrumcz_igeared.xml
  FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
  FF HKLM-x32\...\Firefox\Extensions: [Cetrumcz@igeared] - C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared
  FF Extension: Lišta Centrum.cz Toolbar - C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared
  FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG10\Firefox4\
  FF Extension: AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\Firefox4\
  
  CHR DefaultSearchURL: (AVG Secure Search) - http://www.google.com
  CHR DefaultSuggestURL: (AVG Secure Search) - http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding}
  CHR Plugin: (AVG Internet Security) - C:\Users\dracenko.frefre2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll No File
  CHR Extension: (Ask Toolbar) - C:\Users\ONDRAC~1.FEI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.0_0
  CHR HKLM-x32\...\Chrome\Extension: [aaaapoldfpilohhfkhihnhdckpackghi] - C:\Users\dracenko.frefre2\AppData\Local\APN\GoogleCRXs\aaaapoldfpilohhfkhihnhdckpackghi_7.15.4.0.crx
  
  S3 AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [167264 2011-11-10] ()
  S2 avgagent; avgagent.exe /srvfsys [x]
  
  2013-11-03 21:54 - 2013-11-03 21:54 - 00061024 ____T (Microsoft Corporation) C:\ProgramData\j23irb.pss
  2013-11-03 21:53 - 2013-11-04 09:13 - 95025368 ____T C:\ProgramData\j23irb.bxx
  2013-11-03 21:53 - 2013-11-04 09:13 - 00000000 _____ C:\ProgramData\j23irb.fvv
  2013-11-03 21:53 - 2013-11-03 21:53 - 00151552 _____ (Корпорация Майкрософт) C:\ProgramData\bri32j.dss
  C:\Program Files (x86)\AVG Secure Search
  C:\Program Files (x86)\AVG\AVG10\Toolbar
  C:\Users\dracenko\AppData\Local\Temp\HPQSi.exe
  C:\Users\dracenko.frefre2\AppData\Local\Temp\Quarantine.exe
  C:\Users\dracenko.frefre2\AppData\Local\Temp\~6F36.exe
  C:\ProgramData\bri32j.dss
  
  Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\windows\TEMP\{39DA6F48-1BB2-4472-9824-3E778F87CD97}.exe
  Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\windows\Tasks\ROC_JAN2013_TB_rmv.job => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe
  
  AlternateDataStreams: C:\ProgramData\TEMP:0888F409
  AlternateDataStreams: C:\ProgramData\TEMP:66633281
  
  REG: reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore" /v "Generalize_DisableSR" /t REG_DWORD /d "0" /f
  
  Hosts:
  
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-10-2013
Ran by dracenko at 2013-11-05 06:24:57 Run:1
Running from C:\Users\dracenko.frefre2\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKCU\...\Run: [Sony Ericsson PC Companion] - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [433872 2011-10-21] (Sony Ericsson)
HKLM-x32\...\Run: [NeroFilterCheck] - C:\Program Files (x86)\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKU\dracenko\...\Run: [ROC_JAN2013_TB] - "C:\Program Files (x86)\AVG Secure Search\ROC_JAN2013_TB.exe" /PROMPT /CMPID=JAN2013_TB
HKU\dracenko\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB
HKU\dracenko\...\RunOnce: [spchecker] - C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe [390472 2011-05-11] ()

ProxyServer: 192.168.1.99:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
URLSearchHook: HKCU - CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
URLSearchHook: HKCU - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
SearchScopes: HKLM - DefaultScope {80F13005-1D04-4230-B5F8-9E0C19246A9B} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKCU - DefaultScope {3B9862EA-5229-42FB-8FF7-30C82EAFCAA1} URL = http://search.centrum.cz/index.php?q={s ... trum-1.0.0
SearchScopes: HKCU - {3B9862EA-5229-42FB-8FF7-30C82EAFCAA1} URL = http://search.centrum.cz/index.php?q={s ... trum-1.0.0
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKCU - {80F13005-1D04-4230-B5F8-9E0C19246A9B} URL =
SearchScopes: HKCU - {CA2675F2-744F-43A6-9AE1-6C687FD1F6A6} URL = http://search.yahoo.com/search?fr=chr-g ... =827316&p={searchTerms}
SearchScopes: HKCU - {F4B9FA2F-EBAA-44FF-8FDE-E4FA8F61DF1D} URL = http://www.webhledani.cz/results.aspx?i ... earchTerms}
BHO-x32: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {D5D47440-0750-463D-BAEF-A47D02414806} - No File
Handler: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll ()

FF DefaultSearchEngine: Centrum.cz Search
FF SelectedSearchEngine: Centrum.cz Search
FF NetworkProxy: "backup.ftp", "192.168.1.99"
FF NetworkProxy: "backup.ftp_port", 8080
FF NetworkProxy: "backup.gopher", "192.168.1.99"
FF NetworkProxy: "backup.gopher_port", 8080
FF NetworkProxy: "backup.socks", "192.168.1.99"
FF NetworkProxy: "backup.socks_port", 8080
FF NetworkProxy: "backup.ssl", "192.168.1.99"
FF NetworkProxy: "backup.ssl_port", 8080
FF NetworkProxy: "ftp", "192.168.1.99"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "gopher", "192.168.1.99"
FF NetworkProxy: "gopher_port", 8080
FF NetworkProxy: "http", "192.168.1.99"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "no_proxies_on", "localhost,127.0.0.1"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "192.168.1.99"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "192.168.1.99"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 1
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Cetrumcz_igeared.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF HKLM-x32\...\Firefox\Extensions: [Cetrumcz@igeared] - C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared
FF Extension: Lišta Centrum.cz Toolbar - C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared
FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG10\Firefox4\
FF Extension: AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\Firefox4\

CHR DefaultSearchURL: (AVG Secure Search) - http://www.google.com
CHR DefaultSuggestURL: (AVG Secure Search) - http://clients5.google.com/complete/sea ... utEncoding}
CHR Plugin: (AVG Internet Security) - C:\Users\dracenko.frefre2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll No File
CHR Extension: (Ask Toolbar) - C:\Users\ONDRAC~1.FEI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi\7.15.4.0_0
CHR HKLM-x32\...\Chrome\Extension: [aaaapoldfpilohhfkhihnhdckpackghi] - C:\Users\dracenko.frefre2\AppData\Local\APN\GoogleCRXs\aaaapoldfpilohhfkhihnhdckpackghi_7.15.4.0.crx

S3 AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [167264 2011-11-10] ()
S2 avgagent; avgagent.exe /srvfsys [x]

2013-11-03 21:54 - 2013-11-03 21:54 - 00061024 ____T (Microsoft Corporation) C:\ProgramData\j23irb.pss
2013-11-03 21:53 - 2013-11-04 09:13 - 95025368 ____T C:\ProgramData\j23irb.bxx
2013-11-03 21:53 - 2013-11-04 09:13 - 00000000 _____ C:\ProgramData\j23irb.fvv
2013-11-03 21:53 - 2013-11-03 21:53 - 00151552 _____ (Корпорация Майкрософт) C:\ProgramData\bri32j.dss
C:\Program Files (x86)\AVG Secure Search
C:\Program Files (x86)\AVG\AVG10\Toolbar
C:\Users\dracenko\AppData\Local\Temp\HPQSi.exe
C:\Users\dracenko.frefre2\AppData\Local\Temp\Quarantine.exe
C:\Users\dracenko.frefre2\AppData\Local\Temp\~6F36.exe
C:\ProgramData\bri32j.dss

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\windows\TEMP\{39DA6F48-1BB2-4472-9824-3E778F87CD97}.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ROC_JAN2013_TB_rmv.job => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe

AlternateDataStreams: C:\ProgramData\TEMP:0888F409
AlternateDataStreams: C:\ProgramData\TEMP:66633281

REG: reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore" /v "Generalize_DisableSR" /t REG_DWORD /d "0" /f

Hosts:

End
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Sony Ericsson PC Companion => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKU\dracenko\Software\Microsoft\Windows\CurrentVersion\Run\\ROC_JAN2013_TB => Value deleted successfully.
HKU\dracenko\Software\Microsoft\Windows\CurrentVersion\Run\\AVG-Secure-Search-Update_JUNE2013_TB => Value deleted successfully.
HKU\dracenko\Software\Microsoft\Windows\CurrentVersion\RunOnce\\spchecker => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3B9862EA-5229-42FB-8FF7-30C82EAFCAA1} => Key deleted successfully.
HKCR\CLSID\{3B9862EA-5229-42FB-8FF7-30C82EAFCAA1} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{80F13005-1D04-4230-B5F8-9E0C19246A9B} => Key deleted successfully.
HKCR\CLSID\{80F13005-1D04-4230-B5F8-9E0C19246A9B} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CA2675F2-744F-43A6-9AE1-6C687FD1F6A6} => Key deleted successfully.
HKCR\CLSID\{CA2675F2-744F-43A6-9AE1-6C687FD1F6A6} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F4B9FA2F-EBAA-44FF-8FDE-E4FA8F61DF1D} => Key deleted successfully.
HKCR\CLSID\{F4B9FA2F-EBAA-44FF-8FDE-E4FA8F61DF1D} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value deleted successfully.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D5D47440-0750-463D-BAEF-A47D02414806} => Value deleted successfully.
HKCR\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806} => Key not found.
HKCR\PROTOCOLS\Handler\centrumcztoolbar => Key deleted successfully.
HKCR\CLSID\{61A97628-7C82-4315-957A-C74C2CDD85DF} => Key not found.
HKCR\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\centrumcztoolbar => Key not found.
HKCR\Wow6432Node\CLSID\{61A97628-7C82-4315-957A-C74C2CDD85DF} => Key deleted successfully.
Firefox DefaultSearchEngine deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
C:\Program Files (x86)\mozilla firefox\searchplugins\Cetrumcz_igeared.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml => Moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\Cetrumcz@igeared => Value deleted successfully.
C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared => Moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4} => Value deleted successfully.
C:\Program Files (x86)\AVG\AVG10\Firefox4\ => Moved successfully.
CHR DefaultSearchURL: (AVG Secure Search) - http://www.google.com ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSuggestURL: (AVG Secure Search) - http://clients5.google.com/complete/sea ... utEncoding} ==> The Chrome "Settings" can be used to fix the entry.
C:\Users\dracenko.frefre2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll not found.
C:\Users\ONDRAC~1.FEI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaapoldfpilohhfkhihnhdckpackghi => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaapoldfpilohhfkhihnhdckpackghi => Key deleted successfully.
"C:\Users\dracenko.frefre2\AppData\Local\APN\GoogleCRXs\aaaapoldfpilohhfkhihnhdckpackghi_7.15.4.0.crx" => File/Directory not found.
AVG Security Toolbar Service => Service deleted successfully.
avgagent => Service deleted successfully.
C:\ProgramData\j23irb.pss => Moved successfully.
C:\ProgramData\j23irb.bxx => Moved successfully.
C:\ProgramData\j23irb.fvv => Moved successfully.
C:\ProgramData\bri32j.dss => Moved successfully.
"C:\Program Files (x86)\AVG Secure Search" => File/Directory not found.
C:\Program Files (x86)\AVG\AVG10\Toolbar => Moved successfully.
C:\Users\dracenko\AppData\Local\Temp\HPQSi.exe => Moved successfully.
C:\Users\dracenko.frefre2\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\dracenko.frefre2\AppData\Local\Temp\~6F36.exe => Moved successfully.
"C:\ProgramData\bri32j.dss" => File/Directory not found.
C:\windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\ROC_JAN2013_TB_rmv.job => Moved successfully.
C:\ProgramData\TEMP => ":0888F409" ADS removed successfully.
C:\ProgramData\TEMP => ":66633281" ADS removed successfully.

========= reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore" /v "Generalize_DisableSR" /t REG_DWORD /d "0" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

Jak se chova PC

Leží a ani nedutá Zdá se OK. Za celou dobu od vrácení do pár dnů starého bodu obnovy pc netropilo nic nestandardního a ani po zákrocích se nic neděje.

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Uklizeno, počítač běží. Děkuji moc za pomoc!

Nemate zac, rad jsem pomohl Zase nekdy

A na zaklade Pravidla o zamykani temat