VIRY.CZ

Dobrý, chcel by som vás poprosiť o kontrolu logu. Počítač sa mi zdá dosť spomalený a niekedy spadne windows.
Ďakujem za odpoveď

Logfile of random's system information tool 1.09 (written by random/random)
Run by milanko at 2013-11-09 12:11:25
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 52 GB (26%) free of 200 GB
Total RAM: 3327 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:11:34, on 9. 11. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\milanko\Downloads\RSIT.exe
C:\Program Files\trend micro\milanko.exe
C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.forumswatcher.com/search.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.forumswatcher.com/search.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: InnoGames International Toolbar - {942cd1d4-9cc1-4d31-876a-ea8f489f7a59} - C:\Program Files\InnoGames_International\prxtbInno.dll
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: InnoGames International - {942cd1d4-9cc1-4d31-876a-ea8f489f7a59} - C:\Program Files\InnoGames_International\prxtbInno.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: InnoGames International Toolbar - {942cd1d4-9cc1-4d31-876a-ea8f489f7a59} - C:\Program Files\InnoGames_International\prxtbInno.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [92126C736C349E4B5613767816429D82AAD71460._service_run] "C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [Google Update] "C:\Users\milanko\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: AutorunsDisabled
O4 - Startup: Spoon.net Console.lnk = milanko\AppData\Local\Spoon\3.33.4.30\Spoon-Console.exe
O4 - Startup: Spoon.net Sandbox Manager 3.33.lnk = milanko\AppData\Local\Spoon\3.33.4.30\Spoon-Sandbox-Native.exe
O4 - Global Startup: AutorunsDisabled
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra 'Tools' menuitem: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler2\Fiddler.exe" (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = PROMETEUS
O17 - HKLM\Software\..\Telephony: DomainName = PROMETEUS
O17 - HKLM\System\CCS\Services\Tcpip\..\{B87E8602-EB0C-4CE1-AC0E-23245D905925}: Domain = arkus.local
O17 - HKLM\System\CCS\Services\Tcpip\..\{B87E8602-EB0C-4CE1-AC0E-23245D905925}: NameServer = 10.184.44.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = PROMETEUS
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = PROMETEUS
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: DkWLNP - DkWLNP.dll (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\Windows\System32\ati2sgag.exe
O23 - Service: SafeNet Log Service (DkLogger) - SafeNet, Inc. - C:\Windows\system32\dklog.exe
O23 - Service: SafeNet Token Service (DkTknSrv) - SafeNet, Inc. - C:\Windows\system32\dkcktkn.exe
O23 - Service: SafeNet Virtual Channel Monitor (DkVcm) - SafeNet, Inc. - C:\Windows\system32\dkvcm.exe
O23 - Service: ShrewSoft DNS Proxy Daemon (dtpd) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ShrewSoft IKE Daemon (iked) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\iked.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: ShrewSoft IPSEC Daemon (ipsecd) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MSI Devices Service (MSIDevicesService) - Unknown owner - C:\MSI\MSI SUITE\MSIMonitor\MSIDevicesService.exe
O23 - Service: MSI FileSync Monitor (MSIFileSyncMonitor) - Unknown owner - C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe
O23 - Service: MSI_ComCenService - MSI - C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe
O23 - Service: MSI_SuiteCharger - MSI - C:\MSI\MSI SUITE\Super-Charger\SuiteChargeService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SrvAny - Unknown owner - C:\Utils\Reskit\InstSrv\INSTSRV.EXE
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: CryptoPlus XME Engine Service (xmengine service) - Monet+, a.s. - C:\Windows\system32\xmesrv.exe

--
End of file - 12435 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017UA.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cc6faab31c8925.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017Core1cc2860b0b2ea5f.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019Core1cc729f7cd28b3c.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1020Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1020Core1cc7e03c994c14.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1020UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1024Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1024UA.job
C:\Windows\tasks\User_Feed_Synchronization-{D554975F-18FE-454F-81A5-6B27DD50DE40}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\milanko\AppData\Roaming\Mozilla\Firefox\Profiles\jyetitds.default

prefs.js - "browser.startup.homepage" - "http://search.babylon.com/?babsrc=HP_ss ... 219112d39f"
prefs.js - "keyword.URL" - "http://search.babylon.com/?babsrc=SP_ss ... fID=100489"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"fiddlerhook@fiddler2.com"=C:\Program Files\Fiddler2\FiddlerHook


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn.me/esnsonar,version=0.70.0]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@virtools.com/3DviaPlayer]
"Description"=3Dvia Player For Mozilla Based Broswer
"Path"=C:\Program Files\Virtools\3D Life Player\npvirtools.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
adtoolbar@firefox.sk
ffxtlbr@babylon.com
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\searchplugins\
acpro.xml
atlas-sk.xml
azet-sk.xml
babylon.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
vyhladavanie.xml
wikipedia-sk.xml
zoznam-sk.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-12-06 425680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}]
InnoGames International Toolbar - C:\Program Files\InnoGames_International\prxtbInno.dll [2011-01-03 175400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-09-26 56712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{942cd1d4-9cc1-4d31-876a-ea8f489f7a59} - InnoGames International Toolbar - C:\Program Files\InnoGames_International\prxtbInno.dll [2011-01-03 175400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIModeChange"=C:\Windows\system32\Ati2mdxx.exe [2006-05-03 26112]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2004-11-02 155648]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-03-07 3117344]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-09-04 311152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"92126C736C349E4B5613767816429D82AAD71460._service_run"=C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe [2013-10-09 844752]
""=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-09-04 844656]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2013-09-04 1564528]
"KiesAirMessage"=C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup []
"Google Update"=C:\Users\milanko\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-03 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\milanko\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-22 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\milanko\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-03 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2004-11-02 126976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
C:\Program Files\Samsung\Kies\KiesHelper.exe /s []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-09-04 844656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tvncontrol]
C:\Program Files\TightVNC\tvnserver.exe -controlservice -slave []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\307523~1.318\SSSCHE~1.EXE []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AutorunsDisabled

C:\Users\milanko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
AutorunsDisabled
Spoon.net Console.lnk - C:\Users\milanko\AppData\Local\Spoon\3.33.4.30\Spoon-Console.exe
Spoon.net Sandbox Manager 3.33.lnk - C:\Users\milanko\AppData\Local\Spoon\3.33.4.30\Spoon-Sandbox-Native.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\Windows\system32\Ati2evxx.dll [2010-02-11 278528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\DkWLNP]
C:\Windows\system32\DkWLNP.dll [2007-09-13 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxsrvc.dll [2004-11-02 348160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"legalnoticetext"=
"SoftwareSASGeneration"=3

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=3

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0
"NoDriveTypeAutoRun"=0
"NoDriveAutoRun"=3

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=i420vfw.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"VIDC.FPS1"=frapsvid.dll
"VIDC.VMnc"=vmnc.dll
"vidc.yv12"=yv12vfw.dll
"msacm.dvacm"=c:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"MSVideo8"=VfWWDM32.dll
"midi1"=wdmaud.drv
"midi3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"midi5"=wdmaud.drv
"vidc.mjpg"=pvmjpg30.dll
"midi6"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-11-09 12:11:25 ----D---- C:\rsit
2013-11-09 12:11:25 ----D---- C:\Program Files\trend micro
2013-10-16 19:02:33 ----A---- C:\Windows\system32\ZSHP1020.EXE
2013-10-16 19:02:33 ----A---- C:\Windows\system32\ZLhp1020.DLL

======List of files/folders modified in the last 1 month======

2013-11-09 12:11:27 ----D---- C:\Windows\Temp
2013-11-09 12:11:25 ----RD---- C:\Program Files
2013-11-09 12:09:05 ----D---- C:\Windows\system32\inetsrv
2013-11-09 12:07:59 ----D---- C:\Windows\system32\FxsTmp
2013-11-09 11:30:48 ----SHD---- C:\Windows\Installer
2013-11-09 11:30:48 ----SHD---- C:\Config.Msi
2013-11-09 11:30:46 ----D---- C:\Users\milanko\AppData\Roaming\Mozilla
2013-11-09 11:29:53 ----D---- C:\Windows\system32\config
2013-11-08 13:45:45 ----SHD---- C:\System Volume Information
2013-11-08 08:38:41 ----D---- C:\Windows\System32
2013-11-08 08:38:41 ----D---- C:\Windows\inf
2013-11-08 08:38:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-03 20:35:12 ----D---- C:\Users\milanko\AppData\Roaming\Skype
2013-10-28 15:48:54 ----D---- C:\Program Files\Steam
2013-10-26 06:47:02 ----D---- C:\Windows\system32\catroot2
2013-10-17 19:20:46 ----D---- C:\ProgramData\Skype
2013-10-17 19:20:42 ----RD---- C:\Program Files\Skype
2013-10-17 06:33:15 ----D---- C:\Windows\winsxs
2013-10-17 06:31:53 ----D---- C:\Windows\system32\catroot
2013-10-17 06:29:27 ----D---- C:\Windows
2013-10-16 19:02:55 ----D---- C:\Windows\system32\DriverStore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2012-03-14 50624]
R0 nvstor32;nvstor32; C:\Windows\system32\drivers\nvstor32.sys [2007-08-09 110624]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-10-10 218688]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 169080]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2010-05-26 371248]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 120152]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2012-03-14 33656]
R1 InCDPass;InCDPass; C:\Windows\system32\drivers\InCDPass.sys [2007-06-25 36776]
R1 incdrm;InCD Reader; C:\Windows\system32\drivers\InCDRm.sys [2007-06-25 38440]
R1 nm3;Microsoft Network Monitor 3 Driver; C:\Windows\system32\DRIVERS\nm3.sys [2010-06-09 39736]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2012-03-14 148504]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2011-03-25 32368]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 4450816]
R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 NTIOLib_1_1_S;NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib.sys [2009-12-30 7680]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2009-07-13 43008]
R3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2012-08-07 25088]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus.sys [2010-12-07 14336]
S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag.sys [2010-12-07 20736]
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps.sys [2010-12-07 20096]
S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem.sys [2010-12-07 25088]
S3 andnetadb;ADB Interface DriverNet; C:\Windows\System32\Drivers\lgandnetadb.sys [2011-02-23 25856]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag.sys [2011-02-23 23168]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem.sys [2011-02-23 28032]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-12-08 30312]
S3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athur.sys [2010-01-05 1500160]
S3 ati2mtag;ati2mtag; C:\Windows\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 cmuda;C-Media WDM Audio Interface; C:\Windows\system32\drivers\cmuda.sys [2005-05-12 1332544]
S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\System32\drivers\ctac32k.sys [2002-07-19 127948]
S3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2002-07-19 837548]
S3 ctprxy2k;Creative Proxy Driver; C:\Windows\System32\drivers\ctprxy2k.sys [2002-07-19 11068]
S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\System32\drivers\ctsfm2k.sys [2002-07-19 213860]
S3 CVirtA;Cisco Systems VPN Adapter; C:\Windows\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-08-20 84248]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2009-07-13 159232]
S3 E1G60;Intel(R) PRO/1000 NDIS 6 – ovladač adaptéru; C:\Windows\system32\DRIVERS\E1G60I32.sys [2009-07-13 118784]
S3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\System32\drivers\emupia2k.sys [2002-07-19 156604]
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2011-07-29 14216]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2011-07-29 8456]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
S3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\Windows\system32\drivers\ha10kx2k.sys [2002-07-24 998004]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 HCW85BDA;Hauppauge WinTV 885 Video Capture; C:\Windows\system32\drivers\HCW85BDA.sys [2009-07-13 1394688]
S3 HTCAND32;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2011-08-29 24576]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\ialmnt5.sys [2004-11-02 773565]
S3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\Program Files\MSI\Live Update 5\msibios32_100507.sys []
S3 netr73;USB Wireless 802.11 b/g - ovladač adaptéru pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2011-08-17 137472]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2011-08-17 8576]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files\MSI\Live Update 5\NTIOLib.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib.sys [2012-03-30 7680]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
S3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2002-07-19 195432]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2011-06-26 47360]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2012-02-16 514152]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-12-08 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-12-08 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-12-08 136808]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2011-12-08 104648]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2011-12-08 14920]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2011-12-08 132424]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-08-20 182680]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-20 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-20 25600]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
S4 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne2000.sys [2007-01-31 127376]
S4 InCDfs;InCD File System; C:\Windows\system32\drivers\InCDFs.sys [2007-06-25 119080]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 733184]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\Windows\system32\Ati2evxx.exe [2010-02-11 733184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DkLogger;SafeNet Log Service; C:\Windows\system32\dklog.exe [2007-09-13 106496]
R2 DkTknSrv;SafeNet Token Service; C:\Windows\system32\dkcktkn.exe [2007-09-13 737280]
R2 DkVcm;SafeNet Virtual Channel Monitor; C:\Windows\system32\dkvcm.exe [2007-09-13 122880]
R2 dtpd;ShrewSoft DNS Proxy Daemon; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [2010-10-08 54544]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2012-03-07 913144]
R2 IISADMIN;@%windir%\system32\inetsrv\iisres.dll,-30007; C:\Windows\system32\inetsrv\inetinfo.exe [2009-07-14 13824]
R2 iked;ShrewSoft IKE Daemon; C:\Program Files\ShrewSoft\VPN Client\iked.exe [2010-10-08 726288]
R2 ipsecd;ShrewSoft IPSEC Daemon; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [2010-10-08 541968]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsDtsServer;SQL Server Integration Services; C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe [2011-03-17 202592]
R2 msftesql;SQL Server FullText Search (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe [2007-06-22 95592]
R2 MSI_ComCenService;MSI_ComCenService; C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe [2012-04-17 75280]
R2 MSI_SuiteCharger;MSI_SuiteCharger; C:\MSI\MSI SUITE\Super-Charger\SuiteChargeService.exe [2012-07-31 125368]
R2 MSIDevicesService;MSI Devices Service; C:\MSI\MSI SUITE\MSIMonitor\MSIDevicesService.exe [2012-06-06 10752]
R2 MSIFileSyncMonitor;MSI FileSync Monitor; C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe [2012-04-23 10752]
R2 MSSQLSERVER;SQL Server (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2011-03-17 29261152]
R2 MSSQLServerOLAPService;SQL Server Analysis Services (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe [2011-03-17 14950240]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-01-11 129640]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 ReportServer;SQL Server Reporting Services (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL.3\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2011-03-17 13664]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2013-07-08 4153184]
S2 ATI Smart;ATI Smart; C:\Windows\System32\ati2sgag.exe [2006-05-03 520192]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-04 136176]
S2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-06-25 1552680]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-04 136176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-02-20 115608]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SQLSERVERAGENT;SQL Server Agent (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE [2008-11-24 346976]
S3 SrvAny;SrvAny; C:\Utils\Reskit\InstSrv\INSTSRV.EXE [1996-08-30 37888]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2013-04-19 543656]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
S4 msvsmon80;Visual Studio 2005 Remote Debugger; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2007-02-22 2808664]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2008-07-29 3201024]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-10-27 718384]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]

-----------------EOF-----------------

Zdravim

Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit

Predpokladam, ze ten ESET jak ma byt = zakoupena licence

A jeste se zeptam, pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna.

Celá zostava je zakúpená od firmy elvisdk http://www.elvisdk.sk/l_sk/profil.html, na PC je nalepená oficiálna nálepka Windows 7 Ultimate a ESET je zakúpený na 2 roky.


Prikladám info.txt:

info.txt logfile of random's system information tool 1.09 2013-11-09 12:11:39

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\NuNInst.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->MsiExec /X{DEA314C4-0929-4250-BC92-98E4C105F28D}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58582977-44D2-44A0-A09B-031CC2AE5938}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58582977-44D2-44A0-A09B-031CC2AE5938}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A731533B-B325-4D9C-91A4-D93C8E294C19}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x9 /remove
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
2.0-->"C:\Program Files\Free Video to GIF Converter\unins000.exe"
3DVIA player 5.0-->MsiExec.exe /X{4E868D3D-6EEB-4273-926C-2287236B5B79}
7-Zip 9.20-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Flash Player 11 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe -maintain plugin
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Photoshop CS5-->C:\Program Files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"
Alien Swarm-->"C:\Program Files\Steam\steam.exe" steam://uninstall/630
Android SDK Tools-->C:\Program Files\Android\android-sdk\uninstall.exe
Astroburn Lite-->C:\Program Files\Astroburn Lite\uninst.exe
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Display Driver-->rundll32 C:\Windows\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Audacity 2.0.2-->"C:\Program Files\Audacity\unins000.exe"
Azet Phone-->"C:\Program Files\Azet phone\unins000.exe"
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
Balíček ovladače systému Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)-->C:\PROGRA~1\DIFX\25C232B9F73C1237\DPInst.exe /d /u C:\Windows\System32\DriverStore\FileRepository\olycamcomm.inf_x86_neutral_d8606778a68ee9ea\olycamcomm.inf
Battlefield 2(TM)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x9 -removeonly
Call of Duty(R) - World at War(TM) 1.1 Patch-->C:\Program Files\InstallShield Installation Information\{AFAE2B15-89A0-4215-A030-F7B5B478886B}\setup.exe -runfromtemp -l0x0409
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
C-Media WDM Audio Driver-->C:\Windows\system32\cmirmdrv.exe
Corel VideoStudio Pro X3-->c:\Program Files\Corel\Corel VideoStudio Pro X3\Setup\{F072CA07-A781-45E4-9975-C033A73019CF}\SetupARP.exe /arp
CryptoPlus CS v1.0e-->C:\Program Files\CryptoPlus\CryptoPlus CS v1.0e\UnInstCM.exe C:\Program Files\CryptoPlus\CryptoPlus CS v1.0e\crypto.inf
CrystalDiskInfo 5.0.5 Shizuku Edition-->"C:\Program Files\CrystalDiskInfo\unins000.exe"
DAEMON Tools Lite-->C:\Program Files\DAEMON Tools Lite\uninst.exe
Data Lifeguard Diagnostic for Windows 1.22-->"C:\Program Files\Western Digital Corporation\Data Lifeguard Diagnostic for Windows\unins000.exe"
Debugging Tools for Windows (x86)-->MsiExec.exe /I{300A2961-B2B5-4889-9CB9-5C2A570D08AD}
Dentist+-->MsiExec.exe /X{600362F4-875E-4F3C-80E4-134C8DEE4A4C}
Dotfuscator Software Services - Community Edition-->MsiExec.exe /X{1AA5BD63-6614-44B2-88A7-605191EDB835}
EASEUS Partition Master 9.1.0 Home Edition-->"C:\Program Files\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\unins000.exe"
Easy GIF Animator 5.2-->"C:\Program Files\Easy GIF Animator\unins000.exe"
eLicenser Control-->C:\PROGRA~1\ELICEN~1\UNWISE.EXE C:\PROGRA~1\ELICEN~1\INSTALL.LOG
Farming Simulator 2011-->"D:\Hry\Landwirtschafts Simulator 2011\Farming Simulator 2011\unins000.exe"
Fiddler-->"C:\Program Files\Fiddler2\uninst.exe"
FileOpen Client Installer-->MsiExec.exe /X{39468292-5D68-4E93-9E09-5D9D5CA00E7A}
FreeKapture 2.00 - Freeware-->"C:\Program Files\TSoft\MidWavi Pro\unins000.exe"
GDR 4060 for SQL Server Analysis Services 2005 ENU (KB2494113)-->C:\Windows\OLAP9_KB2494113_ENU\Hotfix.exe /Uninstall
GDR 4060 for SQL Server Database Services 2005 ENU (KB2494113)-->C:\Windows\SQL9_KB2494113_ENU\Hotfix.exe /Uninstall
GDR 4060 for SQL Server Integration Services 2005 ENU (KB2494113)-->C:\Windows\DTS9_KB2494113_ENU\Hotfix.exe /Uninstall
GDR 4060 for SQL Server Notification Services 2005 ENU (KB2494113)-->C:\Windows\NS9_KB2494113_ENU\Hotfix.exe /Uninstall
GDR 4060 for SQL Server Reporting Services 2005 ENU (KB2494113)-->C:\Windows\RS9_KB2494113_ENU\Hotfix.exe /Uninstall
GDR 4060 for SQL Server Tools and Workstation Components 2005 ENU (KB2494113)-->C:\Windows\SQLTools9_KB2494113_ENU\Hotfix.exe /Uninstall
Gemplus Smart Card Reader Tools-->C:\Program Files\Gemplus\ReaderTools\Installer\setup.exe /u
GIMP 2.6.11-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
GnuWin32: Wget-1.11.4-1-->"C:\Program Files\GnuWin32\uninstall\unins000.exe"
Google Drive-->MsiExec.exe /X{192A227B-A8C8-4C6D-B939-21FAEB007E1E}
Google Talk Plugin-->MsiExec.exe /I{2A83AD05-56E6-3FBD-8752-B4143162EF59}
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8301}
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8302}
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8303}
Gtk# for .Net 2.12.10-->MsiExec.exe /X{550B72C4-F404-4812-971F-947E835A877E}
HD Tune Pro 5.00-->"C:\Program Files\HD Tune Pro\unins000.exe"
HDD Health v3.3 Beta-->"C:\Program Files\HDD Health\unins000.exe"
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {99A120B0-F930-3427-A833-FAD753B85527} /parameterfolder Client
Hotfix for Microsoft Visual Studio Team System 2008 Development Edition - ENU (KB2538241)-->C:\Windows\system32\msiexec.exe /package {6721AC10-3743-38F1-B178-C0EC6C9A4108} /uninstall {68AB7B89-7912-4023-867E-D0DF6215F3ED} /qb+ REBOOTPROMPT=""
HP LaserJet M1120 MFP Series-->C:\Program Files\HP\HP LaserJet M1120 MFP\UnInstall.exe
HP Print Diagnostic Utility-->MsiExec.exe /I{209DF55F-5E5C-48A3-BC3D-A7CB1224458C}
HTML Help Workshop-->C:\Program Files\HTML Help Workshop\setup.exe Uninstall
HyperCam 3-->"C:\Program Files\HyperCam 3\Uninstall.exe" "C:\Program Files\HyperCam 3\install.log" -u
I.CA icapki-->"C:\Program Files\I.CA\I.CA web komponenty\uninstall.exe"
Infragistics NetAdvantage 2003 Vol. 3-->MsiExec.exe /I{49AC3206-DB85-4BF9-9927-FED14DEDE04D}
InnoGames International Toolbar-->C:\PROGRA~1\INNOGA~1\UNINST~1.EXE
Java(TM) 6 Update 27-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216027FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) 7-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217000FF}
Java(TM) SE Development Kit 6 Update 27-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160270}
Java(TM) SE Development Kit 7-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0170000}
JDownloader-->C:\Program Files\JDownloader\uninstall.exe
Knoll Light Factory EZ Studio 15-->C:\Windows\unvise32.exe C:\Program Files\Pinnacle\Studio 15\Plugins\RTFx\klfezstudio.log
Kořenové certifikáty I.CA-->"C:\Program Files\I.CA\Kořenové certifikáty I.CA\uninstall.exe"
League of Legends-->msiexec.exe /x {79BF4901-1EC4-4726-B3C2-A7859706C6E7}
LG United Mobile Driver-->"C:\Program Files\InstallShield Installation Information\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}\setup.exe" -runfromtemp -l0x041b LG -removeonly
Lingea Lexicon 2000-->C:\Windows\LgUninst.exe C:\Program Files\Lingea\Lex2000\Setup.exe
LinuxLive USB Creator-->C:\Program Files\LinuxLive USB Creator\Uninstall.exe
Magic ISO Maker v5.5 (build 0281)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft .NET Framework 4 Extended CSY Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ExtendedLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ExtendedLP
Microsoft .NET Framework 4 Extended-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{0A0CADCF-78DA-33C4-A350-CD51849B9702}
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools-->MsiExec.exe /X{40416836-56CC-4C0E-A6AF-5C34BADCE483}
Microsoft ASP.NET MVC 2-->MsiExec.exe /X{1803A630-3C38-4D2B-9B9A-0CB37243539C}
Microsoft Document Explorer 2005-->C:\Program Files\Common Files\Microsoft Shared\Help 8\Microsoft Document Explorer 2005\install.exe
Microsoft Document Explorer 2005-->MsiExec.exe /X{44D4AF75-6870-41F5-9181-662EA05507E1}
Microsoft Document Explorer 2008-->C:\Program Files\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008\install.exe
Microsoft Games for Windows Marketplace-->MsiExec.exe /X{4CB0307C-565E-4441-86BE-0DF2E4FB828C}
Microsoft GIF Animator-->C:\Program Files\Microsoft GIF Animator\setup\GifACME.exe
Microsoft Help Viewer 1.1-->c:\Program Files\Microsoft Help Viewer\v1.0\Microsoft Help Viewer 1.1\install.exe
Microsoft Help Viewer 1.1-->MsiExec.exe /X{57BB52B7-6B7B-31F3-89F4-4EE8FE5CEF6D}
Microsoft Network Monitor: NetworkMonitor Parsers 3.4-->MsiExec.exe /I{5A1A9AB2-2F68-462D-A67D-7C855DFF5EEB}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Visio Professional 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall VISPRO /dll OSETUP.DLL
Microsoft PVK Import (Remove only)-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\PVKIMP.INF, Uninstall.NT
Microsoft Report Viewer Redistributable 2008 SP1-->C:\Windows\Microsoft.NET\Framework\v2.0.50727\Microsoft Report Viewer Redistributable 2008 (KB971119)\install.exe
Microsoft Silverlight 3 SDK-->MsiExec.exe /X{2012098D-EEE9-4769-8DD3-B038050854D4}
Microsoft Silverlight 4 SDK-->MsiExec.exe /X{05855322-BE43-41FE-B583-D3AE0C326D58}
Microsoft SQL Server 2005 Backward compatibility-->MsiExec.exe /I{0D61D68B-DF5E-4635-82C7-B0C53F0A581B}
Microsoft SQL Server 2005 Notification Services-->MsiExec.exe /I{63A5DC0D-1EDD-4D69-8F31-87FAEB1F7084}
Microsoft SQL Server 2005 Reporting Services-->MsiExec.exe /I{3BDB182E-8371-46BD-AC39-C14A91D5EEF8}
Microsoft SQL Server 2005-->"C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server 2005-->MsiExec.exe /I{2373A92B-1C1C-4E71-B494-5CA97F96AA19}
Microsoft SQL Server 2008 R2 Transact-SQL Language Service-->MsiExec.exe /I{09C52940-A4D1-4409-A7CC-1AAE630CF578}
Microsoft SQL Server Compact 3.5 for Devices ENU-->MsiExec.exe /I{241F2BF7-69EB-42A4-9156-96B2426C7504}
Microsoft SQL Server Compact 3.5 SP1 Design Tools English-->MsiExec.exe /X{0C19D563-5F25-4621-BF10-01F741BD283F}
Microsoft SQL Server Compact 3.5 SP2 ENU-->MsiExec.exe /I{3A9FC03D-C685-4831-94CF-4EDFD3749497}
Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{56B4002F-671C-49F4-984C-C760FE3806B5}
Microsoft Team Foundation Server 2010 Object Model - ENU-->MsiExec.exe /X{6ED37A91-7710-3183-BE50-AB043FF6689E}
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219-->MsiExec.exe /X{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}
Microsoft Visual SourceSafe 2005 - ENU-->"C:\Program Files\Microsoft Visual SourceSafe\Microsoft Visual SourceSafe 2005 - ENU\setup.exe"
Microsoft Visual Studio 2005 Tools for Office Runtime-->C:\Program Files\Common Files\Microsoft Shared\VSTO\8.0\Microsoft Visual Studio 2005 Tools for Office Runtime\install.exe
Microsoft Visual Studio 2005 Tools for Office Runtime-->MsiExec.exe /X{388E4B09-3E71-4649-8921-F44A3A2954A7}
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools-->MsiExec.exe /X{14DD7530-CCD2-3798-B37D-3839ED6A441C}
Microsoft Visual Studio 2010 Professional - ENU-->C:\Program Files\Microsoft Visual Studio 10.0\Microsoft Visual Studio 2010 Professional - ENU\setup.exe
Microsoft Visual Studio 2010 Service Pack 1-->C:\ProgramData\VS\vs10sp1\SetupCache\Setup.exe
Microsoft Visual Studio 2010 Service Pack 1-->MsiExec.exe /X{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}
Microsoft Visual Studio 2010 SharePoint Developer Tools-->MsiExec.exe /X{0BE273CD-AAB9-361B-8C32-D955EAC929E3}
Microsoft Visual Studio 2010 Tools for Office Runtime (x86)-->c:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)\install.exe
Microsoft Visual Studio Macro Tools-->msiexec.exe /uninstall {6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}
Microsoft Visual Studio Team System 2008 Development Edition - ENU Service Pack 1 (KB945140)-->C:\Windows\system32\msiexec.exe /package {6721AC10-3743-38F1-B178-C0EC6C9A4108} /uninstall {8CA89076-2A6D-42C3-AA24-F203C9E5DBF3} /qb+ REBOOTPROMPT=""
Microsoft Visual Studio Team System 2008 Development Edition - ENU-->C:\Program Files\Microsoft Visual Studio 9.0\Microsoft Visual Studio Team System 2008 Development Edition - ENU\setup.exe
Microsoft Visual Studio Web Authoring Component-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall VISUALWEBDEVELOPER /dll OSETUP.DLL
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools - enu-->MsiExec.exe /X{05EC21B8-4593-3037-A781-A6B5AFFCB19D}
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense-->MsiExec.exe /X{64c5b887-b5ee-42b8-8596-78905a6b5f1f}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Minecraft 1.6.1 -->C:\Users\milanko\AppData\Roaming\.minecraft\Uninstall.exe
Minecraft 1.6.2 1.00-->C:\Users\milanko\AppData\Roaming\.minecraft\Uninstall.exe
Mono for Android 4.2.6-->MsiExec.exe /I{5187C2F7-D010-44EC-91D8-43908DFFB55A}
MonoDevelop 2.8.6.5-->MsiExec.exe /X{4CA8F8CB-2B35-4B98-8AB1-5FDC811D71D4}
Mount&Blade Warband-->D:\Hry\Mount&Blade Warband\uninstall.exe
Mozilla Firefox 19.0 (x86 sk)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"
Mozilla Thunderbird 17.0.3 (x86 sk)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSDN Library for Visual Studio 2008 SP1 - ENU-->MsiExec.exe /X{22FF90AE-764C-3490-8912-246A60F7FF57}
MSDN Library for Visual Studio 2008 SP1-->C:\Program Files\MSDN\MSDN9.0\MSDN Library for Visual Studio 2008 SP1 - ENU\setup.exe
MSI SUITE-->"C:\MSI\MSI SUITE\unins000.exe"
MSXML 4.0 SP3 Parser (KB2721691)-->MsiExec.exe /I{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}
MSXML 4.0 SP3 Parser (KB2758694)-->MsiExec.exe /I{1D95BA90-F4F8-47EC-A882-441C99D30C1E}
MSXML 4.0 SP3 Parser-->MsiExec.exe /I{196467F1-C11F-4F76-858B-5812ADC83B94}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nokia Suite-->C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}\Installer.exe
Notepad++-->C:\Program Files\Notepad++\uninstall.exe
NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI
NX Client for Windows 3.5.0-7-->"C:\Program Files\NX Client for Windows\unins000.exe"
One Man Band Originals v10.3.1 Demo-->"C:\JmSoftware\One Man Band Originals v10.3.1 Demo\unins000.exe"
OpenSSL 0.9.8m (32-bit)-->"C:\OpenSSL\unins000.exe"
Oracle VM VirtualBox 4.0.12-->MsiExec.exe /I{5BC9EFC2-8B19-4CFC-B5E0-750804179FFD}
PC Connectivity Solution-->MsiExec.exe /I{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}
PhotoScape-->"C:\Program Files\PhotoScape\uninstall.exe"
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
Pinnacle Studio 15-->MsiExec.exe /I{1362E602-9625-42D3-B57F-CDA9D26F9DA8}
Píšeme všetkými desiatimi-->C:\Program Files\Píšeme všetkými desiatimi\Uninstal.exe
Popeláři-->"D:\Hry\Popelari.CZ.SK\Popeláři\unins000.exe"
PunkBuster Services-->C:\PROGRAM FILES\STEAM\STEAMAPPS\COMMON\APB RELOADED\Binaries\pbsvc_apb.exe -u
PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}
Qemu Manager 7.0-->"C:\Program Files\QemuManager\unins000.exe"
RealUpgrade 1.1-->MsiExec.exe /I{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
Red Giant ToonIt Studio 15-->C:\Windows\unvise32.exe C:\Program Files\Pinnacle\Studio 15\Plugins\RTFx\rgtoonitstudio.log
Revo Uninstaller 1.93-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
SafeNet iKey Driver v4.1.1.1006-->MsiExec.exe /I{6257E290-5E8E-11D4-9B8D-00D0B72459DD}
Samsung Kies-->"C:\Program Files\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe" -runfromtemp -l0x0409 -removeonly
Samsung New PC Studio USB Driver Installer-->"C:\Program Files\InstallShield Installation Information\{AF7E85DC-317C-47F5-810E-B82EE093A612}\setup.exe" -runfromtemp -l0x041b -removeonly
Scan To-->MsiExec.exe /I{1204162A-1E08-4BB4-8F9C-D963D6375834}
SecureStore I.CA 2.11-->C:\Program Files\I.CA\SecureStore\uninst.exe
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {67A5F99B-5EBA-3812-8D2E-BC251490DD3F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8DDEFC7E-0C61-3D11-AFC6-5414F2DAFD01} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {86BB5A25-8CC3-33CE-A393-CF28901682B2} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {16EEC04A-B924-37E0-97CF-422DCEFC1B63} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C4D978AA-2668-3404-96DE-96E2AFC62FD7} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {CD6D9B8A-BBC4-3FA7-B24D-D74CE90630CF} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FCBF8C05-F031-381A-8B7F-45403B55ADF5} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {ECBEE23D-AB7E-3DAA-B66B-CD52003198F1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {788818B1-B191-3217-A210-7ACFDE19CE4A} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B7C20E16-9A3A-3F05-A6B5-E15AA09200E0} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {CF581973-77E0-3093-A1AC-A03130DE990F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {576C07F8-777C-3981-B8BF-063A6B57254E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {90EA7C4E-7F03-31FD-BE27-B1A9B4AE56BD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {1E88AFAE-CEF7-3540-8FF6-6D00877B2767} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8BA4E34D-95C5-3907-87E4-62FBB31A2190} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {42A3562E-8B4E-39A4-B82D-CC12F82889E3} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {FCBF8C05-F031-381A-8B7F-45403B55ADF5} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {788818B1-B191-3217-A210-7ACFDE19CE4A} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {8BA4E34D-95C5-3907-87E4-62FBB31A2190} /parameterfolder Extended
Security Update for Microsoft Visual Studio Team System 2008 Development Edition - ENU (KB2251487)-->C:\Windows\system32\msiexec.exe /package {6721AC10-3743-38F1-B178-C0EC6C9A4108} /uninstall {BEBED0E2-B204-388A-A53B-30DA66FA8ACC} /qb+ REBOOTPROMPT=""
Security Update for Microsoft Visual Studio Team System 2008 Development Edition - ENU (KB2669970)-->C:\Windows\system32\msiexec.exe /package {6721AC10-3743-38F1-B178-C0EC6C9A4108} /uninstall {CA6C4E8E-CE86-4C78-B4BC-1E083E8E613A} /qb+ REBOOTPROMPT=""
Shrew Soft VPN Client-->"C:\Program Files\ShrewSoft\VPN Client\uninstall.exe"
Schlumberger DeXa.Badge SCAK 4.4.1-->MsiExec.exe /X{6551A65A-200A-4EDE-96A0-6E083DB328AA}
Schlumberger DeXa.Badge SCUK 4.4.3-->MsiExec.exe /X{440CB343-185B-4A98-92B4-9F73334DD4F8}
Skype™ 6.9-->MsiExec.exe /X{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
SmartSound Common Data-->"C:\Program Files\InstallShield Installation Information\{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}\setup.exe" -runfromtemp -l0x0409 -removeonly
SmartSound Quicktracks 5-->"C:\Program Files\InstallShield Installation Information\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}\setup.exe" -runfromtemp -l0x0409 -removeonly
SmartSound Quicktracks 5-->MsiExec.exe /I{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}
SMRecorder 1.1.9-->C:\Program Files\SMRecorder\uninst.exe
SONAR 8.0 Producer Edition-->"C:\Program Files\Cakewalk\SONAR 8 Producer Edition\unins000.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Sublime Text 2.0.1-->"C:\Program Files\Sublime Text 2\unins000.exe"
TeamViewer 8-->C:\Program Files\TeamViewer\Version8\uninstall.exe
Textaizer Pro v4.0-->"C:\Program Files\APP\Textaizer Pro\unins000.exe"
ToonQuad-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6FAD3EC6-1FDF-4E80-A794-A46D149BDF45}
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D9961AC-7C99-36A2-9EF0-34678AED5384} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {0160BA31-409C-3FD0-9C87-C7D95BF46986} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {D5B80B17-2443-3296-A700-792FAA0748BD} /parameterfolder Client
Update for Microsoft .NET Framework 4 Extended (KB2468871)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2533523)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2600217)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {5D9961AC-7C99-36A2-9EF0-34678AED5384} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2836939)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {0160BA31-409C-3FD0-9C87-C7D95BF46986} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {D5B80B17-2443-3296-A700-792FAA0748BD} /parameterfolder Extended
UsbFix By El Desaparecido-->C:\UsbFix\Un-UsbFix.exe
viphone communicator-->"C:\Program Files\viphone communicator\unins000.exe"
Visual C++ 2008 IA64 Runtime - (v9.0.30729)-->MsiExec.exe /X{22E23C71-C27A-3F30-8849-BB6129E50679}
Visual C++ 2008 IA64 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {22E23C71-C27A-3F30-8849-BB6129E50679} /qb+ REBOOTPROMPT=""
Visual C++ 2008 x64 Runtime - (v9.0.30729)-->MsiExec.exe /X{0DF3AE91-E533-3960-8516-B23737F8B7A2}
Visual C++ 2008 x64 Runtime - (v9.0.30729.4148)-->MsiExec.exe /X{3C11D2DA-6802-3F66-BE6B-B2C046AFE866}
Visual C++ 2008 x64 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {0DF3AE91-E533-3960-8516-B23737F8B7A2} /qb+ REBOOTPROMPT=""
Visual C++ 2008 x64 Runtime - v9.0.30729.4148-->C:\Windows\system32\msiexec.exe /x {3C11D2DA-6802-3F66-BE6B-B2C046AFE866} /qb+ REBOOTPROMPT=""
Visual C++ 2008 x86 Runtime - (v9.0.30729.6161)-->MsiExec.exe /X{3F8D9A47-9C50-3F46-8F12-B92DD5CA0A2E}
Visual C++ 2008 x86 Runtime - v9.0.30729.6161-->C:\Windows\system32\msiexec.exe /x {3F8D9A47-9C50-3F46-8F12-B92DD5CA0A2E} /qb+ REBOOTPROMPT=""
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU-->MsiExec.exe /X{112C23F2-C036-4D40-BED4-0CB47BF5555C}
VLC media player 1.1.11-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VMware Player-->C:\ProgramData\VMware\VMware Player\Uninstaller\uninstall.exe -x -S "C:\ProgramData\VMware\VMware Player\Uninstaller\"
VMware Server Console-->MsiExec.exe /I{0FD23E02-2BFB-4BEC-8823-FE984F83F161}
Vodafone WCDMA Composite Device Drive Software-->C:\Windows\system32\Samsung_USB_Drivers\4\SSVDUninstall.exe
Windows Installer XML Toolset 3.0-->MsiExec.exe /I{3D7E0120-C782-40B5-A88F-1ED52BEB3859}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Messenger-->MsiExec.exe /X{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
World of Warcraft FREE Trial-->MsiExec.exe /X{02EBDBB9-4600-41D3-B566-40CB861511D2}
Yamaha USB-MIDI Driver-->"C:\Program Files\InstallShield Installation Information\{1669F2CD-E15C-4F53-A1F0-FBFC37B391D5}\setup.exe" -runfromtemp -l0x0409 -removeonly
Yamaha USB-MIDI Driver-->MsiExec.exe /X{1669F2CD-E15C-4F53-A1F0-FBFC37B391D5}

======Hosts File======

127.0.0.1 activate.adobe.com
192.168.33.1 arserver01
192.168.33.53 hermes
127.0.0.1 csmg.lgmobile.com

======System event log======

Computer Name: prometeus.PROMETEUS
Event Code: 7036
Message: Stav služby Správa služby IIS byl změněn na: Spuštěno
Record Number: 711789
Source Name: Service Control Manager
Time Written: 20130811050057.472800-000
Event Type: Informace
User:

Computer Name: prometeus.PROMETEUS
Event Code: 7036
Message: Stav služby Machine Debug Manager byl změněn na: Spuštěno
Record Number: 711788
Source Name: Service Control Manager
Time Written: 20130811050056.708400-000
Event Type: Informace
User:

Computer Name: prometeus.PROMETEUS
Event Code: 7036
Message: Stav služby ShrewSoft IPSEC Daemon byl změněn na: Spuštěno
Record Number: 711787
Source Name: Service Control Manager
Time Written: 20130811050056.521200-000
Event Type: Informace
User:

Computer Name: prometeus.PROMETEUS
Event Code: 7036
Message: Stav služby Služba IKE and AuthIP IPsec Keying Modules byl změněn na: Spuštěno
Record Number: 711786
Source Name: Service Control Manager
Time Written: 20130811050055.803600-000
Event Type: Informace
User:

Computer Name: prometeus.PROMETEUS
Event Code: 7036
Message: Stav služby Publikování prostředků rozpoznávání funkcí byl změněn na: Spuštěno
Record Number: 711785
Source Name: Service Control Manager
Time Written: 20130811050055.788000-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: prometeus.PROMETEUS
Event Code: 0
Message: Část cesty C:\MSI\Share Folder\ nebyla nalezena.
Record Number: 3176854
Source Name: MSIFileSyncMonitor
Time Written: 20131102083947.000000-000
Event Type: Chyba
User:

Computer Name: prometeus.PROMETEUS
Event Code: 0
Message: Část cesty C:\MSI\Share Folder\ nebyla nalezena.
Record Number: 3176853
Source Name: MSIFileSyncMonitor
Time Written: 20131102083942.000000-000
Event Type: Chyba
User:

Computer Name: prometeus.PROMETEUS
Event Code: 0
Message: Část cesty C:\MSI\Share Folder\ nebyla nalezena.
Record Number: 3176852
Source Name: MSIFileSyncMonitor
Time Written: 20131102083937.000000-000
Event Type: Chyba
User:

Computer Name: prometeus.PROMETEUS
Event Code: 0
Message: Část cesty C:\MSI\Share Folder\ nebyla nalezena.
Record Number: 3176851
Source Name: MSIFileSyncMonitor
Time Written: 20131102083932.000000-000
Event Type: Chyba
User:

Computer Name: prometeus.PROMETEUS
Event Code: 0
Message: Část cesty C:\MSI\Share Folder\ nebyla nalezena.
Record Number: 3176850
Source Name: MSIFileSyncMonitor
Time Written: 20131102083927.000000-000
Event Type: Chyba
User:

=====Security event log=====

Computer Name: prometeus.PROMETEUS
Event Code: 5058
Message: Operace se souborem klíče.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: PROMETEUS$
Doména účtu: DOMA
ID přihlášení: 0x3e7

Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: Není k dispozici.
Název klíče: 0003E696526372A4
Typ klíče: Klíč počítače

Informace o operaci se souborem klíče:
Cesta k souboru: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a6a616ab6e3a18c10f1956c570c3fbc6_7c6158b4-1174-4632-8a69-4a326743ef93
Operace: Čtení trvalého klíče ze souboru
Návratový kód: 0x0
Record Number: 1151586
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20131020060524.366800-000
Event Type: Úspěšný audit
User:

Computer Name: prometeus.PROMETEUS
Event Code: 5061
Message: Kryptografická operace.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: PROMETEUS$
Doména účtu: DOMA
ID přihlášení: 0x3e7

Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: RSA
Název klíče: 0003E687526372A4
Typ klíče: Klíč počítače

Kryptografická operace:
Operace: Otevřít klíč
Návratový kód: 0x0
Record Number: 1151585
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20131020060524.364800-000
Event Type: Úspěšný audit
User:

Computer Name: prometeus.PROMETEUS
Event Code: 5058
Message: Operace se souborem klíče.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: PROMETEUS$
Doména účtu: DOMA
ID přihlášení: 0x3e7

Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: Není k dispozici.
Název klíče: 0003E687526372A4
Typ klíče: Klíč počítače

Informace o operaci se souborem klíče:
Cesta k souboru: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\767a3ee62da6885e0e5fa0dbb376e016_7c6158b4-1174-4632-8a69-4a326743ef93
Operace: Čtení trvalého klíče ze souboru
Návratový kód: 0x0
Record Number: 1151584
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20131020060524.363800-000
Event Type: Úspěšný audit
User:

Computer Name: prometeus.PROMETEUS
Event Code: 5061
Message: Kryptografická operace.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: PROMETEUS$
Doména účtu: DOMA
ID přihlášení: 0x3e7

Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: RSA
Název klíče: 0003E465526372A3
Typ klíče: Klíč počítače

Kryptografická operace:
Operace: Otevřít klíč
Návratový kód: 0x0
Record Number: 1151583
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20131020060523.659800-000
Event Type: Úspěšný audit
User:

Computer Name: prometeus.PROMETEUS
Event Code: 5058
Message: Operace se souborem klíče.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: PROMETEUS$
Doména účtu: DOMA
ID přihlášení: 0x3e7

Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: Není k dispozici.
Název klíče: 0003E465526372A3
Typ klíče: Klíč počítače

Informace o operaci se souborem klíče:
Cesta k souboru: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\599013e901c4b55567463eb6ef70f095_7c6158b4-1174-4632-8a69-4a326743ef93
Operace: Čtení trvalého klíče ze souboru
Návratový kód: 0x0
Record Number: 1151582
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20131020060523.659800-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 67 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=4303
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
"BPADir"=C:\Program Files\Microsoft Team Foundation Server 2008 Power Tools\Best Practices Analyzer\
"lib"=C:\Program Files\SQLXML 4.0\bin\
"OPENSSL_CONF"=C:\OpenSSL\bin\openssl.cfg
"Path"=C:\Program Files\Borland\Delphi7\Bin;C:\Program Files\Borland\Delphi7\Projects\Bpl\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\PHP;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files\Microsoft SQL Server\80\Tools\Binn;C:\Program Files\Microsoft SQL Server\90\DTS\Binn;C:\Program Files\Microsoft SQL Server\90\Tools\binn;C:\Program Files\Microsoft SQL Server\90\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\PrivateAssemblies;C:\Program Files\GnuWin32\bin;%TFSPowerToolDir%;%BPADir%;C:\Program Files\Microsoft File Checksum Integrity Verifier;C:\OpenSSL\bin;C:\Program Files\Microsoft Network Monitor 3;C:\Program Files\Schlumberger\Smart Cards and Terminals\Cyberflex Access Kits\v4;c:\Program Files\Common Files\Ulead Systems\MPEG;C:\Windows\system32\Wbem;C:\Program Files\Android\android-sdk\tools;C:\Program Files\Android\android-sdk\platform-tools;C:\Program Files\Java\jdk1.6.0_27\bin;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Microsoft SQL Server\90\Tools\binn\;C:\Program Files\Microsoft SQL Server\90\DTS\Binn\;C:\Program Files\Microsoft SQL Server\90\Tools\Binn\VSShell\Common7\IDE\;C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\PrivateAssemblies\;C:\Program Files\Pinnacle\Shared Files\;C:\Program Files\GtkSharp\2.12\bin;C:\Program Files\TortoiseSVN\bin;C:\Program Files\Windows Live\Shared
"SDK"=C:\Program Files\Android\android-sdk-windows\tools;C:\Program Files\Android\android-sdk-windows\platform-tools
"TFSPowerToolDir"=C:\Program Files\Microsoft Team Foundation Server 2008 Power Tools\
"VBOX_INSTALL_PATH"=C:\Program Files\Oracle\VirtualBox\
"VS100COMNTOOLS"=C:\Program Files\Microsoft Visual Studio 10.0\Common7\Tools\
"VS90COMNTOOLS"=C:\Program Files\Microsoft Visual Studio 9.0\Common7\Tools\
"WIX"=C:\Program Files\Windows Installer XML v3\
"GTK_BASEPATH"=C:\Program Files\GtkSharp\2.12\

-----------------EOF-----------------

Dekuji za info

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

A ešte mám problém, že pri každom štarte PC vybehne varovanie:

[Window Title]
C:\Users\milanko\AppData\Local\Spoon\3.33.4.30\spoon-sandbox.exe

[Content]
Systém Windows nemůže najít položku C:\Users\milanko\AppData\Local\Spoon\3.33.4.30\spoon-sandbox.exe. Ujistěte se, zda je název zadán správně, a akci opakujte.

[OK]

Prikladám log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Ultimate x86
Ran by milanko on ne 10. 11. 2013 at 8:46:37.00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\bho.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tbcommonutils.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tbhelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\utorrentbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bho.browserplugin
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bho.browserplugin.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\conduit.engine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbcommonutils.commonutils
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbcommonutils.commonutils.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbdownloadmanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbdownloadmanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbpropertymanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbpropertymanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbrequest
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbrequest.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbtask
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbtask.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.toolbarhelper
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.toolbarhelper.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2786678
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2832595
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}



~~~ Files

Successfully deleted: [File] C:\Windows\System32\Tasks\goforfilesupdate



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\Users\milanko\AppData\Roaming\goforfiles"
Successfully deleted: [Folder] "C:\Users\milanko\AppData\Roaming\toolbar4"
Successfully deleted: [Folder] "C:\Users\milanko\appdata\local\apn"
Successfully deleted: [Folder] "C:\Users\milanko\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\milanko\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\milanko\appdata\locallow\toolbar4"
Successfully deleted: [Folder] "C:\Users\milanko\appdata\locallow\utorrentbar"
Successfully deleted: [Folder] "C:\Program Files\autocompletepro"
Successfully deleted: [Folder] "C:\Program Files\daemon tools toolbar"
Successfully deleted: [Folder] "C:\Program Files\goforfiles"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"
Successfully deleted: [Folder] "C:\Users\milanko\appdata\locallow\asktoolbar"



~~~ FireFox

Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] C:\Users\milanko\AppData\Roaming\mozilla\firefox\profiles\jyetitds.default\user.js
Successfully deleted: [Folder] "C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com"
Successfully deleted the following from C:\Users\milanko\AppData\Roaming\mozilla\firefox\profiles\jyetitds.default\prefs.js

user_pref("browser.search.selectedEngine", "Search the web (Babylon)");
user_pref("browser.startup.homepage", "hxxp://search.babylon.com/?babsrc=HP_ss&affID=100489&mntrId=ee07c2d100000000000000219112d39f");
user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar.babTrack", "affID=100489");
user_pref("extensions.BabylonToolbar.bbDpng", 26);
user_pref("extensions.BabylonToolbar.dfltLng", "en");
user_pref("extensions.BabylonToolbar.dfltSrch", true);
user_pref("extensions.BabylonToolbar.hmpg", true);
user_pref("extensions.BabylonToolbar.id", "ee07c2d100000000000000219112d39f");
user_pref("extensions.BabylonToolbar.instlDay", "15259");
user_pref("extensions.BabylonToolbar.instlRef", "sst");
user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=ee07c2d100000000000000219112d39f&tlver=1.4.35.10&affID=100489
user_pref("extensions.BabylonToolbar.lastDP", 26);
user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.4.35.1015:36:07");
user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "7.0");
user_pref("extensions.BabylonToolbar.newTab", true);
user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.propectorlck", 58207726);
user_pref("extensions.BabylonToolbar.prtkDS", 1);
user_pref("extensions.BabylonToolbar.prtkHmpg", 1);
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.ptch_0717", true);
user_pref("extensions.BabylonToolbar.smplGrp", "none");
user_pref("extensions.BabylonToolbar.srcExt", "ss");
user_pref("extensions.BabylonToolbar.srchPrvdr", "Search the web (Babylon)");
user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
user_pref("extensions.BabylonToolbar.vrsn", "1.4.35.10");
user_pref("extensions.BabylonToolbar.vrsnTs", "1.4.35.1015:36:07");
user_pref("keyword.URL", "hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=ee07c2d100000000000000219112d39f&tlver=1.4.35.10&affID=100489");



~~~ Event Viewer Logs were cleared


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 10. 11. 2013 at 8:49:17.13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~










# AdwCleaner v3.011 - Report created 10/11/2013 at 08:54:46
# Updated 03/11/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : milanko - PROMETEUS
# Running from : C:\Users\milanko\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\InnoGames_International
Folder Deleted : C:\Users\milanko\AppData\Local\GamePlayLabs Plugin
Folder Deleted : C:\Users\milanko\AppData\LocalLow\InnoGames_International
Folder Deleted : C:\Users\matus\AppData\Local\Babylon
Folder Deleted : C:\Users\matus\AppData\Local\GamePlayLabs Plugin
Folder Deleted : C:\Users\matus\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\matus\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\matus\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\matus\AppData\LocalLow\InnoGames_International
Folder Deleted : C:\Users\matus\AppData\Roaming\Babylon
Folder Deleted : C:\Users\alenka\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\alenka\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\alenka\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\alenka\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\alenka\AppData\LocalLow\InnoGames_International
Folder Deleted : C:\Users\milan\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\milan\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\milan\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\milan\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\milan\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\milan\AppData\LocalLow\InnoGames_International
Folder Deleted : C:\Users\marek\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\marek\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\marek\AppData\LocalLow\InnoGames_International
Folder Deleted : C:\Users\matus\AppData\Roaming\Mozilla\Firefox\Profiles\e66mkozy.default\Extensions\support@predictad.com
Folder Deleted : C:\Users\matus\AppData\Roaming\Mozilla\Firefox\Profiles\gtm5xw6j.default\Extensions\support@predictad.com
Folder Deleted : C:\Users\matus\AppData\Roaming\Mozilla\Firefox\Profiles\ym3ucr4q.default\Extensions\support@predictad.com
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\Users\matus\AppData\Roaming\Mozilla\Firefox\Profiles\gtm5xw6j.default\user.js
File Deleted : C:\Users\alenka\AppData\Roaming\Mozilla\Firefox\Profiles\0s3k9ebs.default\user.js
File Deleted : C:\Users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\8vrhukpp.default\user.js
File Deleted : C:\Users\marek\AppData\Roaming\Mozilla\Firefox\Profiles\5tdnc5fv.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ocphobfcfafpclibolpjdafgaffkaoci
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{ACB4CF88-12E5-4942-AF23-1B3F4DB76753}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ACB4CF88-12E5-4942-AF23-1B3F4DB76753}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{65C994A2-C65A-4A20-BA92-AADAFC0DCE49}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{06821BBE-BE49-4453-9073-99232CEEE2D5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E7AD93B-3E87-423D-947F-A321FA7E31C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{942CD1D4-9CC1-4D31-876A-EA8F489F7A59}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{06821BBE-BE49-4453-9073-99232CEEE2D5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{942CD1D4-9CC1-4D31-876A-EA8F489F7A59}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{06821BBE-BE49-4453-9073-99232CEEE2D5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3CB9B48-F580-49F5-9843-6D1A0EEC9322}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5AE653DC-86E8-4CE8-B318-88256BCBF2E3}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{942CD1D4-9CC1-4D31-876A-EA8F489F7A59}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{942CD1D4-9CC1-4D31-876A-EA8F489F7A59}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{942CD1D4-9CC1-4D31-876A-EA8F489F7A59}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{942CD1D4-9CC1-4D31-876A-EA8F489F7A59}]
Key Deleted : HKCU\Software\AutocompletePro
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\AppDataLow\Software\InnoGames_International
Key Deleted : HKLM\Software\Description
Key Deleted : HKLM\Software\GamePlayLabs
Key Deleted : HKLM\Software\InnoGames_International
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InnoGames_International Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Mozilla Firefox v19.0 (sk)

[ File : C:\Users\milanko\AppData\Roaming\Mozilla\Firefox\Profiles\jyetitds.default\prefs.js ]


[ File : C:\Users\matus\AppData\Roaming\Mozilla\Firefox\Profiles\e66mkozy.default\prefs.js ]

Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.autocompletepro.com?si=10555");
Line Deleted : user_pref("keyword.URL", "hxxp://search.autocompletepro.com?si=10555&q=");

[ File : C:\Users\matus\AppData\Roaming\Mozilla\Firefox\Profiles\gtm5xw6j.default\prefs.js ]

Line Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Line Deleted : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
Line Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)");
Line Deleted : user_pref("browser.search.selectedEngine", "Search the web (Babylon)");
Line Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Line Deleted : user_pref("extensions.BabylonToolbar.babTrack", "affID=100489");
Line Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 27);
Line Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Line Deleted : user_pref("extensions.BabylonToolbar.dfltSrch", true);
Line Deleted : user_pref("extensions.BabylonToolbar.hmpg", true);
Line Deleted : user_pref("extensions.BabylonToolbar.id", "ee07c2d100000000000000219112d39f");
Line Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15259");
Line Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Line Deleted : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=ee07c2d100000000000000219112d39f&tlver=1.4.35.10&affID=100489");
Line Deleted : user_pref("extensions.BabylonToolbar.lastDP", 27);
Line Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.4.35.1015:36:07");
Line Deleted : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "7.0");
Line Deleted : user_pref("extensions.BabylonToolbar.newTab", true);
Line Deleted : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
Line Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Line Deleted : user_pref("extensions.BabylonToolbar.propectorlck", 58265954);
Line Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 1);
Line Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 1);
Line Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Line Deleted : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Line Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Line Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Line Deleted : user_pref("extensions.BabylonToolbar.srchPrvdr", "Search the web (Babylon)");
Line Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.4.35.10");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.4.35.1015:36:07");
Line Deleted : user_pref("keyword.URL", "hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=ee07c2d100000000000000219112d39f&tlver=1.4.35.10&affID=100489");

[ File : C:\Users\matus\AppData\Roaming\Mozilla\Firefox\Profiles\ym3ucr4q.default\prefs.js ]

Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.autocompletepro.com?si=10555");
Line Deleted : user_pref("keyword.URL", "hxxp://search.autocompletepro.com?si=10555&q=");

[ File : C:\Users\alenka\AppData\Roaming\Mozilla\Firefox\Profiles\0s3k9ebs.default\prefs.js ]


[ File : C:\Users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\8vrhukpp.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
Line Deleted : user_pref("browser.search.selectedEngine", "Search the web (Babylon)");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.babylon.com/?babsrc=HP_Prot");
Line Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Line Deleted : user_pref("extensions.BabylonToolbar.babTrack", "affID=100489");
Line Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 3);
Line Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Line Deleted : user_pref("extensions.BabylonToolbar.dfltSrch", true);
Line Deleted : user_pref("extensions.BabylonToolbar.hmpg", true);
Line Deleted : user_pref("extensions.BabylonToolbar.id", "ee07c2d100000000000000219112d39f");
Line Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15259");
Line Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Line Deleted : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=ee07c2d100000000000000219112d39f&tlver=1.4.35.10&affID=100489");
Line Deleted : user_pref("extensions.BabylonToolbar.lastDP", 3);
Line Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.4.35.1015:36:07");
Line Deleted : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "19.0");
Line Deleted : user_pref("extensions.BabylonToolbar.newTab", true);
Line Deleted : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
Line Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Line Deleted : user_pref("extensions.BabylonToolbar.propectorlck", 119377427);
Line Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 1);
Line Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 1);
Line Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Line Deleted : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Line Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "azb");
Line Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Line Deleted : user_pref("extensions.BabylonToolbar.srchPrvdr", "Search the web (Babylon)");
Line Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.4.35.10");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.4.35.1015:36:07");
Line Deleted : user_pref("extensions.enabledAddons", "adtoolbar%40firefox.sk:1.1,ffxtlbr%40babylon.com:1.1.9,%7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0");
Line Deleted : user_pref("keyword.URL", "hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=ee07c2d100000000000000219112d39f&tlver=1.4.35.10&affID=100489");

[ File : C:\Users\marek\AppData\Roaming\Mozilla\Firefox\Profiles\5tdnc5fv.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\milanko\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : urls_to_restore_on_startup

[ File : C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\alenka\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\marek\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [13368 octets] - [10/11/2013 08:50:15]
AdwCleaner[S0].txt - [13610 octets] - [10/11/2013 08:54:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13671 octets] ##########

Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=30&t=133101

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2013 01
Ran by milanko (administrator) on PROMETEUS on 10-11-2013 19:34:40
Running from C:\Users\milanko\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(SafeNet, Inc.) C:\Windows\system32\dklog.exe
(SafeNet, Inc.) C:\Windows\system32\dkvcm.exe
() C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Microsoft Corporation) C:\Windows\system32\inetsrv\inetinfo.exe
() C:\Program Files\ShrewSoft\VPN Client\iked.exe
() C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe
() C:\MSI\MSI SUITE\MSIMonitor\MSIDevicesService.exe
() C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe
(MSI) C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe
(MSI) C:\MSI\MSI SUITE\Super-Charger\SuiteChargeService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe
(Protexis Inc.) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.3\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Monet+, a.s.) C:\Windows\system32\xmesrv.exe
(SafeNet, Inc.) C:\Windows\system32\dkcktkn.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(VMware, Inc.) C:\Program Files\VMware\VMware Player\vmware-authd.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Google Inc.) C:\Users\alenka\AppData\Local\Google\Update\GoogleUpdate.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\system32\wbengine.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\system32\rdpclip.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Google Inc.) C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(Google Inc.) C:\Users\milanko\AppData\Local\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe
(forum.viry.cz) C:\Users\milanko\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ATIModeChange] - C:\Windows\System32\Ati2mdxx.exe [26112 2006-05-03] (ATI Technologies, Inc.)
HKLM\...\Run: [Cmaudio] - RunDll32 cmicnfg.cpl,CMICtrlWnd
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [3117344 2012-03-07] (ESET)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2010-02-10] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-09-04] (Samsung Electronics Co., Ltd.)
Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\DkWLNP: C:\Windows\system32\DkWLNP.dll (SafeNet, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxsrvc.dll (Intel Corporation)
HKCU\...\Run: [92126C736C349E4B5613767816429D82AAD71460._service_run] - C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe [844752 2013-10-09] (Google Inc.)
HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)
HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-09-04] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKCU\...\Run: [Google Update] - C:\Users\milanko\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-02-03] (Google Inc.)
HKCU\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
HKCU\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ATTENTION!
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
MountPoints2: {217e7a0f-69b0-11e0-b86b-00219112d39f} - H:\
HKU\Administrator\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [ 2013-10-02] (Skype Technologies S.A.)
HKU\Administrator\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [ 2009-07-14] (Microsoft Corporation)
HKU\Administrator\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [ 2011-01-20] (DT Soft Ltd)
HKU\Administrator\...\Run: [92126C736C349E4B5613767816429D82AAD71460._service_run] - C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe [ 2013-10-09] (Google Inc.)
HKU\Administrator\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [ 2010-11-20] (Microsoft Corporation)
HKU\Administrator\...\RunOnce: [DPAPIKeyMig] - C:\Windows\System32\dpapimig.exe [ 2009-07-14] (Microsoft Corporation)
HKU\marek\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [ 2010-11-20] (Microsoft Corporation)
HKU\marek\...\Run: [Google Update] - C:\Users\marek\AppData\Local\Google\Update\GoogleUpdate.exe [ 2011-09-10] (Google Inc.)
HKU\marek\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [ 2013-10-02] (Skype Technologies S.A.)
HKU\marek\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [ 2011-01-20] (DT Soft Ltd)
HKU\marek\...\Run: [92126C736C349E4B5613767816429D82AAD71460._service_run] - C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe [ 2013-10-09] (Google Inc.)
HKU\marek\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [ 2007-06-27] (Nero AG)
HKU\marek\...\Policies\system: [LogonHoursAction] 2
HKU\marek\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\matus\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [ 2011-01-20] (DT Soft Ltd)
HKU\matus\...\Run: [Google Update] - C:\Users\matus\AppData\Local\Google\Update\GoogleUpdate.exe [ 2011-02-03] (Google Inc.)
HKU\matus\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [ 2009-07-14] (Microsoft Corporation)
HKU\matus\...\Run: [Facebook Update] - C:\Users\matus\AppData\Local\Facebook\Update\FacebookUpdate.exe [ 2012-08-14] (Facebook Inc.)
HKU\matus\...\Run: [Steam] - C:\Program Files\Steam\Steam.exe [ 2013-04-19] (Valve Corporation)
HKU\matus\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [ 2013-10-02] (Skype Technologies S.A.)
HKU\matus\...\Run: [92126C736C349E4B5613767816429D82AAD71460._service_run] - C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe [ 2013-10-09] (Google Inc.)
HKU\matus\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [ 2007-06-27] (Nero AG)
HKU\matus\...\Policies\system: [LogonHoursAction] 2
HKU\matus\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\milan\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [ 2007-06-27] (Nero AG)
HKU\milan\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [ 2011-01-20] (DT Soft Ltd)
HKU\milan\...\Run: [92126C736C349E4B5613767816429D82AAD71460._service_run] - C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe [ 2013-10-09] (Google Inc.)
HKU\milan\...\Policies\system: [LogonHoursAction] 2
HKU\milan\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\milanko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\milanko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spoon.net Console.lnk
ShortcutTarget: Spoon.net Console.lnk -> C:\Users\milanko\AppData\Local\Spoon\3.33.4.30\Spoon-Console.exe (Code Systems Corporation)
Startup: C:\Users\milanko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spoon.net Sandbox Manager 3.33.lnk
ShortcutTarget: Spoon.net Sandbox Manager 3.33.lnk -> C:\Users\milanko\AppData\Local\Spoon\3.33.4.30\Spoon-Sandbox-Native.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.forumswatcher.com/search.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF94BDCCED97DCC01
URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKCU - {C0618EAE-70DD-49E8-AB43-E16477B00AB5} URL = http://www.google.co.uk/search?hl=en&q= ... rms}&meta=
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.12.1
Tcpip\..\Interfaces\{B87E8602-EB0C-4CE1-AC0E-23245D905925}: [NameServer]10.184.44.1

FireFox:
========
FF ProfilePath: C:\Users\milanko\AppData\Roaming\Mozilla\Firefox\Profiles\jyetitds.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @esn.me/esnsonar,version=0.70.0 - C:\Program Files\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @virtools.com/3DviaPlayer - C:\Program Files\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\milanko\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @spoon.net/Spoon Plugin 3.33 - C:\Users\milanko\AppData\Local\Spoon\3.33.4.30\npMozillaSpoonPlugin.dll (Code Systems Corporation)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\milanko\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\milanko\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\milanko\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\milanko\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\milanko\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\acpro.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\vyhladavanie.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml
FF Extension: Firefox.sk Toolbar - C:\Program Files\Mozilla Firefox\extensions\adtoolbar@firefox.sk
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: No Name - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files\Fiddler2\FiddlerHook
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [customsearch@apsolo.com] - C:\Program Files\SMRecorder\scripts\firefox
FF Extension: Custom Search - C:\Program Files\SMRecorder\scripts\firefox

Chrome:
=======
CHR HomePage: chrome://newtab
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Users\milanko\AppData\Local\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files\real\realplayer\Netscape6\nppl3260.dll No File
CHR Plugin: (RealPlayer Version Plugin) - c:\program files\real\realplayer\Netscape6\nprpjplug.dll No File
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - D:\PFiles\Plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\milanko\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\milanko\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Google Talk Plugin) - C:\Users\milanko\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\milanko\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files\Battlelog Web Plugins\0.80.0\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7) - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (3DVIA player) - C:\Program Files\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (RealJukebox NS Plugin) - c:\program files\real\realplayer\Netscape6\nprjplug.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (YouTube) - C:\Users\milanko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\milanko\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0
CHR Extension: (Google Search) - C:\Users\milanko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Toss it) - C:\Users\milanko\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlifoiidlkcpdlchhngenehnhcadakpl\4.0.0_0
CHR Extension: (Photo Zoom for Facebook) - C:\Users\milanko\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0
CHR Extension: (MUSIC) - C:\Users\milanko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggdnongihnengempmndkncnlkjhkleml\1.0.3_0
CHR Extension: () - C:\Users\milanko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkclphmapdcppbmekmbkcjfanpmoidpg\3_0
CHR Extension: (Options \u2014 $EXTNAME$) - C:\Users\milanko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gokffdfnlmampchciemmflgbckijpmlb\0.15.4_0
CHR Extension: (IE Tab) - C:\Users\milanko\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\5.8.13.1_0
CHR Extension: (Google Keep) - C:\Users\milanko\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki\0.1.13411.1374_0
CHR Extension: (VNC Viewer for Google Chrome\u2122) - C:\Users\milanko\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabmpiboiopbgfabjmgeedhcmjenhbla\1.1.0.985_0
CHR Extension: (SingleFile Core) - C:\Users\milanko\AppData\Local\Google\Chrome\User Data\Default\Extensions\jemlklgaibiijojffihnhieihhagocma\0.3.18_0
CHR Extension: (Grepolis) - C:\Users\milanko\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkgkognjknhcgbgbeijjondlikfkgnog\2.11.14_0
CHR Extension: (Google Mail Checker) - C:\Users\milanko\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\milanko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\milanko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx
CHR HKLM\...\Chrome\Extension: [lpgjmggepafkhenaeknpnjiceakbedpi] - C:\Users\milanko\AppData\Local\Temp\ccex.crx
CHR StartMenuInternet: Google Chrome - C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

S2 ATI Smart; C:\Windows\System32\ati2sgag.exe [520192 2006-05-03] ()
R2 DkLogger; C:\Windows\system32\dklog.exe [106496 2007-09-13] (SafeNet, Inc.)
R2 DkTknSrv; C:\Windows\system32\dkcktkn.exe [737280 2007-09-13] (SafeNet, Inc.)
R2 DkVcm; C:\Windows\system32\dkvcm.exe [122880 2007-09-13] (SafeNet, Inc.)
R2 dtpd; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [54544 2010-10-08] ()
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [913144 2012-03-07] (ESET)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [13824 2009-07-14] (Microsoft Corporation)
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [726288 2010-10-08] ()
S2 InCDsrv; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [1552680 2007-06-25] (Nero AG)
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [541968 2010-10-08] ()
R2 MsDtsServer; C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe [202592 2011-03-17] (Microsoft Corporation)
R2 MSIDevicesService; C:\MSI\MSI SUITE\MSIMonitor\MSIDevicesService.exe [10752 2012-06-06] ()
R2 MSIFileSyncMonitor; C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe [10752 2012-04-23] ()
R2 MSI_ComCenService; C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe [75280 2012-04-17] (MSI)
R2 MSI_SuiteCharger; C:\MSI\MSI SUITE\Super-Charger\SuiteChargeService.exe [125368 2012-07-31] (MSI)
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29261152 2011-03-17] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45408 2008-11-24] (Microsoft Corporation)
S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2808664 2007-02-22] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe [3201024 2008-07-29] (Microsoft Corporation)
R2 ReportServer; C:\Program Files\Microsoft SQL Server\MSSQL.3\Reporting Services\ReportServer\bin\ReportingServicesService.exe [13664 2011-03-17] (Microsoft Corporation)
S3 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE [346976 2008-11-24] (Microsoft Corporation)
S3 SrvAny; C:\Utils\Reskit\InstSrv\INSTSRV.EXE [37888 1996-08-30] ()
R2 VMAuthdService; C:\Program Files\VMware\VMware Player\vmware-authd.exe [113264 2011-03-25] (VMware, Inc.)
S2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [334448 2011-03-25] (VMware, Inc.)
R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [539248 2011-03-25] (VMware, Inc.)
S2 VMware NAT Service; C:\Windows\system32\vmnat.exe [404080 2011-03-25] (VMware, Inc.)
R2 xmengine service; C:\Windows\system32\xmesrv.exe [34696 2009-10-09] (Monet+, a.s.)
R2 msftesql; "C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe" -s:MSSQL.1 -f:MSSQLSERVER [x]
R2 MSSQLServerOLAPService; "C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe" -s "C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\Config"
S3 ufad-ws60; "C:\Program Files\VMware\VMware Player\vmware-ufad.exe" -d "C:\Program Files\VMware\VMware Player\\" -s ufad-p2v.xml

==================== Drivers (Whitelisted) ====================

S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus.sys [14336 2010-12-07] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag.sys [20736 2010-12-07] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps.sys [20096 2010-12-07] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem.sys [25088 2010-12-07] (LG Electronics Inc.)
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [25856 2011-02-23] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23168 2011-02-23] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [28032 2011-02-23] (LG Electronics Inc.)
S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2010-01-05] (Atheros Communications, Inc.)
S3 cmuda; C:\Windows\System32\drivers\cmuda.sys [1332544 2005-05-12] (C-Media Inc)
S3 ctac32k; C:\Windows\System32\drivers\ctac32k.sys [127948 2002-07-19] ()
S3 ctprxy2k; C:\Windows\System32\drivers\ctprxy2k.sys [11068 2002-07-19] ()
S3 ctsfm2k; C:\Windows\System32\drivers\ctsfm2k.sys [213860 2002-07-19] ()
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
S4 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [127376 2007-01-31] (Deterministic Networks, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218688 2011-10-10] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [169080 2012-03-14] (ESET)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [371248 2010-05-26] (Symantec Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [120152 2012-03-14] (ESET)
S3 emupia; C:\Windows\System32\drivers\emupia2k.sys [156604 2002-07-19] ()
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [148504 2012-03-14] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [33656 2012-03-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [50624 2012-03-14] (ESET)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14216 2011-07-29] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [8456 2011-07-29] ()
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] ()
S3 ha10kx2k; C:\Windows\System32\drivers\ha10kx2k.sys [998004 2002-07-24] (Creative Technology Ltd)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [32368 2011-03-25] (VMware, Inc.)
S3 ialm; C:\Windows\System32\DRIVERS\ialmnt5.sys [773565 2004-11-02] (Intel Corporation)
S4 InCDfs; C:\Windows\System32\drivers\InCDFs.sys [119080 2007-06-25] (Nero AG)
R1 InCDPass; C:\Windows\System32\drivers\InCDPass.sys [36776 2007-06-25] (Nero AG)
R1 incdrm; C:\Windows\System32\drivers\InCDRm.sys [38440 2007-06-25] (Nero AG)
R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtport.sys [12160 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbus.sys [10496 2009-09-29] (LG Electronics Inc.)
S3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmodem.sys [12928 2009-09-29] (LG Electronics Inc.)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH)
R1 nm3; C:\Windows\System32\DRIVERS\nm3.sys [39736 2010-06-09] (Microsoft Corporation)
S3 NTIOLib_1_0_C; C:\MSI\MSI SUITE\NTIOLib.sys [7680 2012-03-30] (MSI)
R3 NTIOLib_1_1_S; C:\MSI\MSI SUITE\Super-Charger\NTIOLib.sys [7680 2009-12-30] (MSI)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation)
R3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2012-08-07] (TeamViewer GmbH)
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13056 2011-02-14] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [20864 2011-02-14] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [25216 2011-02-14] (LG Electronics Inc.)
R1 vflt; C:\Windows\System32\DRIVERS\vfilter.sys [17920 2010-09-02] (Shrew Soft Inc)
R3 vmkbd; C:\Windows\system32\drivers\VMkbd.sys [24688 2011-03-25] (VMware, Inc.)
R1 vmm; C:\Windows\system32\Drivers\vmm.sys [229224 2009-07-15] (Microsoft Corporation)
S2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [36400 2011-03-25] (VMware, Inc.)
S2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [26352 2011-03-25] (VMware, Inc.)
R2 VMparport; C:\Windows\system32\Drivers\VMparport.sys [23792 2011-03-25] (VMware, Inc.)
R2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [854256 2011-03-25] (VMware, Inc.)
S3 VNA; C:\Windows\System32\DRIVERS\vna.sys [129304 2009-04-02] (Check Point Software Technologies)
S3 vnet; C:\Windows\System32\DRIVERS\virtualnet.sys [13824 2010-09-02] (Shrew Soft Inc)
S3 VSPerfDrv90; C:\Program Files\Microsoft Visual Studio 9.0\Team Tools\Performance Tools\VSPerfDrv90.sys [55664 2007-09-04] (Microsoft Corporation)
R2 vstor2-ws60; C:\Program Files\VMware\VMware Player\vstor2-ws60.sys [22448 2010-08-19] (VMware, Inc.)
S3 YMIDUSBW; C:\Windows\System32\drivers\ymidusbw.sys [34280 2011-05-10] (Yamaha Corporation)
S3 MSI_MSIBIOS_010507; \??\C:\Program Files\MSI\Live Update 5\msibios32_100507.sys [x]
S3 NTIOLib_1_0_4; \??\C:\Program Files\MSI\Live Update 5\NTIOLib.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-10 19:34 - 2013-11-10 19:34 - 00000000 ____D C:\FRST
2013-11-10 19:32 - 2013-11-10 19:33 - 01090275 _____ (Farbar) C:\Users\milanko\Desktop\FRST.exe
2013-11-10 19:32 - 2013-11-10 19:32 - 00112128 _____ (forum.viry.cz) C:\Users\milanko\Desktop\FRSTLauncher.exe
2013-11-10 08:50 - 2013-11-10 08:56 - 00000000 ____D C:\AdwCleaner
2013-11-10 08:49 - 2013-11-10 08:49 - 00008785 _____ C:\Users\milanko\Desktop\JRT.txt
2013-11-10 08:46 - 2013-11-10 08:46 - 00000000 ____D C:\Windows\ERUNT
2013-11-09 21:10 - 2013-11-09 21:10 - 01073262 _____ C:\Users\milanko\Downloads\adwcleaner.exe
2013-11-09 21:10 - 2013-11-09 21:10 - 01034531 _____ (Thisisu) C:\Users\milanko\Downloads\JRT.exe
2013-11-09 12:11 - 2013-11-09 12:16 - 31532451 _____ C:\Users\milanko\Downloads\enlightenment-0.17.5.tar.gz
2013-11-09 12:11 - 2013-11-09 12:11 - 00781383 _____ C:\Users\milanko\Downloads\RSIT.exe
2013-11-09 12:11 - 2013-11-09 12:11 - 00000000 ____D C:\rsit
2013-11-09 12:11 - 2013-11-09 12:11 - 00000000 ____D C:\Program Files\trend micro
2013-11-03 13:25 - 2013-11-03 13:25 - 01158927 _____ (pendrivelinux.com) C:\Users\milanko\Downloads\Universal-USB-Installer-1.9.4.4.exe
2013-11-03 12:39 - 2013-11-03 12:39 - 00000000 ____D C:\Users\marek\AppData\Roaming\Mozilla
2013-11-03 12:39 - 2013-11-03 12:39 - 00000000 ____D C:\Users\marek\AppData\Local\Mozilla
2013-11-03 12:39 - 2013-11-03 12:39 - 00000000 ____D C:\Users\marek\AppData\Local\Macromedia
2013-11-02 13:21 - 2013-11-02 13:21 - 12501198 _____ C:\Users\milanko\Desktop\Fotky.rar
2013-11-02 10:34 - 2013-11-02 10:34 - 00000000 ____D C:\Users\alenka\Documents\Battlefield 2
2013-10-26 08:10 - 2013-10-26 08:10 - 00000000 ____D C:\Users\marek\Desktop\Nová složka
2013-10-24 19:41 - 2013-10-24 19:41 - 00019514 _____ C:\Users\milanko\Downloads\flashplugin-nonfree_3.2.tar.gz
2013-10-17 06:29 - 2013-11-10 19:18 - 00591209 _____ C:\Windows\setupact.log
2013-10-17 06:29 - 2013-10-17 06:29 - 00000000 _____ C:\Windows\setuperr.log
2013-10-16 19:02 - 2012-09-18 14:26 - 00365568 _____ C:\Windows\system32\ZSHP1020.EXE
2013-10-16 19:02 - 2012-09-18 14:26 - 00169472 _____ C:\Windows\system32\ZLhp1020.DLL
2013-10-16 19:01 - 2013-10-16 19:01 - 01528184 _____ (Microsoft Corporation) C:\Users\milanko\Downloads\GenuineCheck.exe
2013-10-15 15:15 - 2013-10-15 15:15 - 01325046 _____ C:\Users\milanko\Downloads\matematikaderivciaprklady.zip
2013-10-14 14:47 - 2013-10-14 14:47 - 00064375 _____ C:\Users\milanko\Downloads\SK_RETAIL_research_WiFiLCDPC_leaflets_13.10.2013.xlsx
2013-10-13 13:08 - 2013-10-13 13:08 - 00097792 _____ C:\Users\alenka\Downloads\kombinatorika.ppt
2013-10-12 10:12 - 2013-10-12 10:11 - 00287543 _____ C:\Users\milan\Desktop\Gems4.ZIP
2013-10-12 10:11 - 2013-10-12 10:11 - 00287543 _____ C:\Users\milan\Downloads\Gems4.ZIP

==================== One Month Modified Files and Folders =======

2013-11-10 19:35 - 2009-11-03 14:58 - 00000466 ____H C:\Windows\Tasks\User_Feed_Synchronization-{D554975F-18FE-454F-81A5-6B27DD50DE40}.job
2013-11-10 19:34 - 2013-11-10 19:34 - 00000000 ____D C:\FRST
2013-11-10 19:33 - 2013-11-10 19:32 - 01090275 _____ (Farbar) C:\Users\milanko\Desktop\FRST.exe
2013-11-10 19:32 - 2013-11-10 19:32 - 00112128 _____ (forum.viry.cz) C:\Users\milanko\Desktop\FRSTLauncher.exe
2013-11-10 19:31 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-11-10 19:30 - 2013-03-08 19:21 - 00000644 __RSH C:\Users\milanko\ntuser.pol
2013-11-10 19:30 - 2011-10-10 14:28 - 00000000 ____D C:\Users\milanko
2013-11-10 19:30 - 2011-09-10 12:13 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cc6faab31c8925.job
2013-11-10 19:26 - 2011-10-10 14:26 - 00011104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-10 19:26 - 2011-10-10 14:26 - 00011104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-10 19:23 - 2011-10-24 19:04 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1020UA.job
2013-11-10 19:23 - 2011-10-10 16:14 - 01497953 _____ C:\Windows\WindowsUpdate.log
2013-11-10 19:21 - 2013-02-24 08:06 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-10 19:20 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\inetsrv
2013-11-10 19:18 - 2013-10-17 06:29 - 00591209 _____ C:\Windows\setupact.log
2013-11-10 19:18 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-10 15:31 - 2012-03-10 08:33 - 00000000 ____D C:\Users\milan\AppData\Local\TSVNCache
2013-11-10 15:30 - 2011-02-05 14:19 - 00002290 ____H C:\Users\milan\Documents\Default.rdp
2013-11-10 15:11 - 2011-10-15 05:58 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-10 14:56 - 2012-12-07 14:54 - 00000954 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017UA.job
2013-11-10 14:46 - 2011-10-30 06:54 - 00000946 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1024UA.job
2013-11-10 14:38 - 2011-10-24 18:12 - 00000946 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019UA.job
2013-11-10 14:16 - 2011-10-18 15:10 - 00001042 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019UA.job
2013-11-10 12:57 - 2012-09-03 17:32 - 00000936 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017UA.job
2013-11-10 11:23 - 2011-09-28 18:21 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1020Core1cc7e03c994c14.job
2013-11-10 10:46 - 2011-09-25 19:19 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1024Core.job
2013-11-10 09:04 - 2012-03-13 12:18 - 00000000 ____D C:\Users\alenka\AppData\Local\TSVNCache
2013-11-10 09:04 - 2012-03-10 07:59 - 00000000 ____D C:\Users\milanko\AppData\Local\TSVNCache
2013-11-10 08:56 - 2013-11-10 08:50 - 00000000 ____D C:\AdwCleaner
2013-11-10 08:56 - 2011-06-11 18:55 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017Core1cc2860b0b2ea5f.job
2013-11-10 08:49 - 2013-11-10 08:49 - 00008785 _____ C:\Users\milanko\Desktop\JRT.txt
2013-11-10 08:46 - 2013-11-10 08:46 - 00000000 ____D C:\Windows\ERUNT
2013-11-09 21:10 - 2013-11-09 21:10 - 01073262 _____ C:\Users\milanko\Downloads\adwcleaner.exe
2013-11-09 21:10 - 2013-11-09 21:10 - 01034531 _____ (Thisisu) C:\Users\milanko\Downloads\JRT.exe
2013-11-09 19:38 - 2011-09-14 06:31 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019Core1cc729f7cd28b3c.job
2013-11-09 13:07 - 2012-11-05 19:20 - 00000600 _____ C:\Users\milanko\AppData\Local\PUTTY.RND
2013-11-09 12:16 - 2013-11-09 12:11 - 31532451 _____ C:\Users\milanko\Downloads\enlightenment-0.17.5.tar.gz
2013-11-09 12:11 - 2013-11-09 12:11 - 00781383 _____ C:\Users\milanko\Downloads\RSIT.exe
2013-11-09 12:11 - 2013-11-09 12:11 - 00000000 ____D C:\rsit
2013-11-09 12:11 - 2013-11-09 12:11 - 00000000 ____D C:\Program Files\trend micro
2013-11-09 11:30 - 2011-02-03 14:46 - 00000000 ____D C:\Users\milanko\AppData\Roaming\Mozilla
2013-11-08 15:07 - 2011-08-24 11:21 - 00000000 ____D C:\Users\alenka\AppData\Roaming\Skype
2013-11-08 11:21 - 2011-02-06 10:34 - 00000000 ____D C:\Users\milan\AppData\Roaming\Skype
2013-11-08 08:38 - 2010-11-20 22:01 - 02074916 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-07 17:16 - 2011-10-18 15:10 - 00001020 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019Core.job
2013-11-06 15:57 - 2012-09-03 17:32 - 00000914 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017Core.job
2013-11-03 20:35 - 2011-02-03 14:33 - 00000000 ____D C:\Users\milanko\AppData\Roaming\Skype
2013-11-03 15:31 - 2012-03-11 14:09 - 00000000 ____D C:\Users\marek\AppData\Local\TSVNCache
2013-11-03 15:15 - 2011-11-15 19:53 - 00000000 ____D C:\Users\marek\AppData\Roaming\Skype
2013-11-03 13:25 - 2013-11-03 13:25 - 01158927 _____ (pendrivelinux.com) C:\Users\milanko\Downloads\Universal-USB-Installer-1.9.4.4.exe
2013-11-03 12:39 - 2013-11-03 12:39 - 00000000 ____D C:\Users\marek\AppData\Roaming\Mozilla
2013-11-03 12:39 - 2013-11-03 12:39 - 00000000 ____D C:\Users\marek\AppData\Local\Mozilla
2013-11-03 12:39 - 2013-11-03 12:39 - 00000000 ____D C:\Users\marek\AppData\Local\Macromedia
2013-11-02 13:21 - 2013-11-02 13:21 - 12501198 _____ C:\Users\milanko\Desktop\Fotky.rar
2013-11-02 10:34 - 2013-11-02 10:34 - 00000000 ____D C:\Users\alenka\Documents\Battlefield 2
2013-11-01 13:27 - 2012-02-13 13:37 - 00000000 ____D C:\Users\marek\AppData\Roaming\.minecraft
2013-10-28 15:51 - 2012-03-11 17:03 - 00000000 ____D C:\Users\matus\AppData\Local\TSVNCache
2013-10-28 15:50 - 2011-02-05 15:37 - 00000000 ____D C:\Users\matus\AppData\Roaming\Skype
2013-10-28 15:48 - 2011-10-31 07:09 - 00000000 ____D C:\Program Files\Steam
2013-10-26 08:10 - 2013-10-26 08:10 - 00000000 ____D C:\Users\marek\Desktop\Nová složka
2013-10-26 08:09 - 2012-10-28 16:24 - 00000000 ____D C:\Users\marek\Desktop\HRY
2013-10-24 19:41 - 2013-10-24 19:41 - 00019514 _____ C:\Users\milanko\Downloads\flashplugin-nonfree_3.2.tar.gz
2013-10-18 08:40 - 2011-02-03 14:29 - 00002382 _____ C:\Users\milanko\Desktop\Google Chrome.lnk
2013-10-17 19:20 - 2010-09-13 16:36 - 00000000 ___RD C:\Program Files\Skype
2013-10-17 19:20 - 2009-05-25 10:03 - 00000000 ____D C:\ProgramData\Skype
2013-10-17 06:29 - 2013-10-17 06:29 - 00000000 _____ C:\Windows\setuperr.log
2013-10-17 06:29 - 2010-11-20 22:48 - 00019030 _____ C:\Windows\PFRO.log
2013-10-16 19:01 - 2013-10-16 19:01 - 01528184 _____ (Microsoft Corporation) C:\Users\milanko\Downloads\GenuineCheck.exe
2013-10-15 15:15 - 2013-10-15 15:15 - 01325046 _____ C:\Users\milanko\Downloads\matematikaderivciaprklady.zip
2013-10-14 19:48 - 2011-02-03 16:06 - 00002006 ____H C:\Users\milanko\Documents\Default.rdp
2013-10-14 14:47 - 2013-10-14 14:47 - 00064375 _____ C:\Users\milanko\Downloads\SK_RETAIL_research_WiFiLCDPC_leaflets_13.10.2013.xlsx
2013-10-13 13:20 - 2013-05-21 10:48 - 00000000 ____D C:\Users\alenka\Desktop\účtenky-rama
2013-10-13 13:08 - 2013-10-13 13:08 - 00097792 _____ C:\Users\alenka\Downloads\kombinatorika.ppt
2013-10-12 10:11 - 2013-10-12 10:12 - 00287543 _____ C:\Users\milan\Desktop\Gems4.ZIP
2013-10-12 10:11 - 2013-10-12 10:11 - 00287543 _____ C:\Users\milan\Downloads\Gems4.ZIP

Files to move or delete:
====================
C:\Users\milan\AppData\Roaming\desktop.ini


Some content of TEMP:
====================
C:\Users\alenka\AppData\Local\Temp\SkypeSetup.exe
C:\Users\marek\AppData\Local\Temp\drm_dialogs.dll
C:\Users\marek\AppData\Local\Temp\drm_dyndata_7360006.dll
C:\Users\marek\AppData\Local\Temp\i4jdel0.exe
C:\Users\marek\AppData\Local\Temp\i4jdel1.exe
C:\Users\marek\AppData\Local\Temp\i4jdel2.exe
C:\Users\marek\AppData\Local\Temp\i4jdel3.exe
C:\Users\marek\AppData\Local\Temp\i4jdel4.exe
C:\Users\marek\AppData\Local\Temp\SkypeSetup.exe
C:\Users\matus\AppData\Local\Temp\drm_dialogs.dll
C:\Users\matus\AppData\Local\Temp\drm_dyndata_7360006.dll
C:\Users\matus\AppData\Local\Temp\DSETUP.dll
C:\Users\matus\AppData\Local\Temp\dsetup32.dll
C:\Users\matus\AppData\Local\Temp\DXSETUP.exe
C:\Users\matus\AppData\Local\Temp\GoogleSetup.exe
C:\Users\matus\AppData\Local\Temp\i4jdel0.exe
C:\Users\matus\AppData\Local\Temp\lowproc.exe
C:\Users\matus\AppData\Local\Temp\SkypeSetup.exe
C:\Users\matus\AppData\Local\Temp\smd_runtime.exe
C:\Users\matus\AppData\Local\Temp\stubhelper.dll
C:\Users\matus\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\milan\AppData\Local\Temp\setup.exe
C:\Users\milan\AppData\Local\Temp\SkypeSetup.exe
C:\Users\milan\AppData\Local\Temp\update.exe
C:\Users\milanko\AppData\Local\Temp\i4jdel0.exe
C:\Users\milanko\AppData\Local\Temp\pyl544D.tmp.exe
C:\Users\milanko\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-10 13:34




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:195.31 GB) (Free:50.14 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:400.83 GB) (Free:90.66 GB) NTFS

Available physical RAM: 1942.05 MB
Total physical RAM: 3327.37 MB
Percentage of memory in use: 41%

==================== MBR and Partition Table ==================

YAMAHA XG SoftSynthesizer S-YXG50
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 24EBE382)
Partition 2: (Active) - (Size=195 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=401 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017Core.job => C:\Users\milanko\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017UA.job => C:\Users\milanko\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019Core.job => C:\Users\matus\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019UA.job => C:\Users\matus\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cc6faab31c8925.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017Core.job => C:\Users\milanko\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017Core1cc2860b0b2ea5f.job => C:\Users\milanko\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017UA.job => C:\Users\milanko\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019Core.job => C:\Users\matus\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019Core1cc729f7cd28b3c.job => C:\Users\matus\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019UA.job => C:\Users\matus\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1020Core.job => C:\Users\alenka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1020Core1cc7e03c994c14.job => C:\Users\alenka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1020UA.job => C:\Users\alenka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1024Core.job => C:\Users\marek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1024UA.job => C:\Users\marek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{D554975F-18FE-454F-81A5-6B27DD50DE40}.job => C:\Windows\system32\msfeedssync.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET Smart Security 5.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 5.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\milanko\Desktop" je 31 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
"C:\Users\milanko\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\milanko\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds
C:\Windows\system32\hkcmd.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper
C:\Program Files\Samsung\Kies\KiesHelper.exe /s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui
"C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tvncontrol
"C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~1\MCAFEE~1\307523~1.318\SSSCHE~1.EXE [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
  HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
  HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-09-04] (Samsung Electronics Co., Ltd.)
  HKCU\...\Run: [92126C736C349E4B5613767816429D82AAD71460._service_run] - C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe [844752 2013-10-09] (Google Inc.)
  HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung)
  HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)
  HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-09-04] (Samsung)
  HKCU\...\Run: [KiesAirMessage] - C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
  HKCU\...\Run: [Google Update] - C:\Users\milanko\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-02-03] (Google Inc.)
  HKCU\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
  HKCU\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ATTENTION!
  HKCU\...\Policies\system: [LogonHoursAction] 2
  HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
  MountPoints2: {217e7a0f-69b0-11e0-b86b-00219112d39f} - H:\
  HKU\Administrator\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [ 2013-10-02] (Skype Technologies S.A.)
  HKU\Administrator\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [ 2009-07-14] (Microsoft Corporation)
  HKU\Administrator\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [ 2011-01-20] (DT Soft Ltd)
  HKU\Administrator\...\Run: [92126C736C349E4B5613767816429D82AAD71460._service_run] - C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe [ 2013-10-09] (Google Inc.)
  HKU\marek\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [ 2010-11-20] (Microsoft Corporation)
  HKU\marek\...\Run: [Google Update] - C:\Users\marek\AppData\Local\Google\Update\GoogleUpdate.exe [ 2011-09-10] (Google Inc.)
  HKU\marek\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [ 2013-10-02] (Skype Technologies S.A.)
  HKU\marek\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [ 2011-01-20] (DT Soft Ltd)
  HKU\marek\...\Run: [92126C736C349E4B5613767816429D82AAD71460._service_run] - C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe [ 2013-10-09] (Google Inc.)
  HKU\marek\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [ 2007-06-27] (Nero AG)
  HKU\marek\...\Policies\system: [LogonHoursAction] 2
  HKU\marek\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
  HKU\matus\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [ 2011-01-20] (DT Soft Ltd)
  HKU\matus\...\Run: [Google Update] - C:\Users\matus\AppData\Local\Google\Update\GoogleUpdate.exe [ 2011-02-03] (Google Inc.)
  HKU\matus\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [ 2009-07-14] (Microsoft Corporation)
  HKU\matus\...\Run: [Facebook Update] - C:\Users\matus\AppData\Local\Facebook\Update\FacebookUpdate.exe [ 2012-08-14] (Facebook Inc.)
  HKU\matus\...\Run: [Steam] - C:\Program Files\Steam\Steam.exe [ 2013-04-19] (Valve Corporation)
  HKU\matus\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [ 2013-10-02] (Skype Technologies S.A.)
  HKU\matus\...\Run: [92126C736C349E4B5613767816429D82AAD71460._service_run] - C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe [ 2013-10-09] (Google Inc.)
  HKU\matus\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [ 2007-06-27] (Nero AG)
  HKU\matus\...\Policies\system: [LogonHoursAction] 2
  HKU\matus\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
  HKU\milan\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [ 2007-06-27] (Nero AG)
  HKU\milan\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [ 2011-01-20] (DT Soft Ltd)
  HKU\milan\...\Run: [92126C736C349E4B5613767816429D82AAD71460._service_run] - C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe [ 2013-10-09] (Google Inc.)
  HKU\milan\...\Policies\system: [LogonHoursAction] 2
  HKU\milan\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
  Startup: C:\Users\milanko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
  Startup: C:\Users\milanko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spoon.net Console.lnk
  
  HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF94BDCCED97DCC01
  URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
  SearchScopes: HKLM - DefaultScope value is missing.
  SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
  SearchScopes: HKCU - {C0618EAE-70DD-49E8-AB43-E16477B00AB5} URL = http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=
  HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.forumswatcher.com/search.htm
  ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
  
  CHR Plugin: (Shockwave Flash) - C:\Users\milanko\AppData\Local\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
  CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
  CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
  CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files\real\realplayer\Netscape6\nppl3260.dll No File
  CHR Plugin: (RealPlayer Version Plugin) - c:\program files\real\realplayer\Netscape6\nprpjplug.dll No File
  CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files\Battlelog Web Plugins\0.80.0\npesnlaunch.dll No File
  CHR Plugin: (ESN Sonar API) - C:\Program Files\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
  CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
  CHR HKLM\...\Chrome\Extension: [lpgjmggepafkhenaeknpnjiceakbedpi] - C:\Users\milanko\AppData\Local\Temp\ccex.crx
  
  C:\Users\milan\AppData\Roaming\desktop.ini
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017Core.job => C:\Users\milanko\AppData\Local\Facebook\Update\FacebookUpdate.exe
  Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017UA.job => C:\Users\milanko\AppData\Local\Facebook\Update\FacebookUpdate.exe
  Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019Core.job => C:\Users\matus\AppData\Local\Facebook\Update\FacebookUpdate.exe
  Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019UA.job => C:\Users\matus\AppData\Local\Facebook\Update\FacebookUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cc6faab31c8925.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017Core.job => C:\Users\milanko\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017Core1cc2860b0b2ea5f.job => C:\Users\milanko\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017UA.job => C:\Users\milanko\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019Core.job => C:\Users\matus\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019Core1cc729f7cd28b3c.job => C:\Users\matus\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019UA.job => C:\Users\matus\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1020Core.job => C:\Users\alenka\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1020Core1cc7e03c994c14.job => C:\Users\alenka\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1020UA.job => C:\Users\alenka\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1024Core.job => C:\Users\marek\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1024UA.job => C:\Users\marek\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\User_Feed_Synchronization-{D554975F-18FE-454F-81A5-6B27DD50DE40}.job => C:\Windows\system32\msfeedssync.exe
  
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tvncontrol" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f
  
  Hosts:
  
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 10-11-2013 01
Ran by milanko at 2013-11-11 15:32:07 Run:1
Running from C:\Users\milanko\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-09-04] (Samsung Electronics Co., Ltd.)
HKCU\...\Run: [92126C736C349E4B5613767816429D82AAD71460._service_run] - C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe [844752 2013-10-09] (Google Inc.)
HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)
HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-09-04] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKCU\...\Run: [Google Update] - C:\Users\milanko\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-02-03] (Google Inc.)
HKCU\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
HKCU\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ATTENTION!
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
MountPoints2: {217e7a0f-69b0-11e0-b86b-00219112d39f} - H:\
HKU\Administrator\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [ 2013-10-02] (Skype Technologies S.A.)
HKU\Administrator\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [ 2009-07-14] (Microsoft Corporation)
HKU\Administrator\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [ 2011-01-20] (DT Soft Ltd)
HKU\Administrator\...\Run: [92126C736C349E4B5613767816429D82AAD71460._service_run] - C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe [ 2013-10-09] (Google Inc.)
HKU\marek\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [ 2010-11-20] (Microsoft Corporation)
HKU\marek\...\Run: [Google Update] - C:\Users\marek\AppData\Local\Google\Update\GoogleUpdate.exe [ 2011-09-10] (Google Inc.)
HKU\marek\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [ 2013-10-02] (Skype Technologies S.A.)
HKU\marek\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [ 2011-01-20] (DT Soft Ltd)
HKU\marek\...\Run: [92126C736C349E4B5613767816429D82AAD71460._service_run] - C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe [ 2013-10-09] (Google Inc.)
HKU\marek\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [ 2007-06-27] (Nero AG)
HKU\marek\...\Policies\system: [LogonHoursAction] 2
HKU\marek\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\matus\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [ 2011-01-20] (DT Soft Ltd)
HKU\matus\...\Run: [Google Update] - C:\Users\matus\AppData\Local\Google\Update\GoogleUpdate.exe [ 2011-02-03] (Google Inc.)
HKU\matus\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [ 2009-07-14] (Microsoft Corporation)
HKU\matus\...\Run: [Facebook Update] - C:\Users\matus\AppData\Local\Facebook\Update\FacebookUpdate.exe [ 2012-08-14] (Facebook Inc.)
HKU\matus\...\Run: [Steam] - C:\Program Files\Steam\Steam.exe [ 2013-04-19] (Valve Corporation)
HKU\matus\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [ 2013-10-02] (Skype Technologies S.A.)
HKU\matus\...\Run: [92126C736C349E4B5613767816429D82AAD71460._service_run] - C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe [ 2013-10-09] (Google Inc.)
HKU\matus\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [ 2007-06-27] (Nero AG)
HKU\matus\...\Policies\system: [LogonHoursAction] 2
HKU\matus\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\milan\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [ 2007-06-27] (Nero AG)
HKU\milan\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [ 2011-01-20] (DT Soft Ltd)
HKU\milan\...\Run: [92126C736C349E4B5613767816429D82AAD71460._service_run] - C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe [ 2013-10-09] (Google Inc.)
HKU\milan\...\Policies\system: [LogonHoursAction] 2
HKU\milan\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\milanko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\milanko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spoon.net Console.lnk

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF94BDCCED97DCC01
URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKCU - {C0618EAE-70DD-49E8-AB43-E16477B00AB5} URL = http://www.google.co.uk/search?hl=en&q= ... rms}&meta=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.forumswatcher.com/search.htm
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]

CHR Plugin: (Shockwave Flash) - C:\Users\milanko\AppData\Local\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files\real\realplayer\Netscape6\nppl3260.dll No File
CHR Plugin: (RealPlayer Version Plugin) - c:\program files\real\realplayer\Netscape6\nprpjplug.dll No File
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files\Battlelog Web Plugins\0.80.0\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR HKLM\...\Chrome\Extension: [lpgjmggepafkhenaeknpnjiceakbedpi] - C:\Users\milanko\AppData\Local\Temp\ccex.crx

C:\Users\milan\AppData\Roaming\desktop.ini
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017Core.job => C:\Users\milanko\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017UA.job => C:\Users\milanko\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019Core.job => C:\Users\matus\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019UA.job => C:\Users\matus\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cc6faab31c8925.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017Core.job => C:\Users\milanko\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017Core1cc2860b0b2ea5f.job => C:\Users\milanko\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017UA.job => C:\Users\milanko\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019Core.job => C:\Users\matus\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019Core1cc729f7cd28b3c.job => C:\Users\matus\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019UA.job => C:\Users\matus\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1020Core.job => C:\Users\alenka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1020Core1cc7e03c994c14.job => C:\Users\alenka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1020UA.job => C:\Users\alenka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1024Core.job => C:\Users\marek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1024UA.job => C:\Users\marek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{D554975F-18FE-454F-81A5-6B27DD50DE40}.job => C:\Windows\system32\msfeedssync.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tvncontrol" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f

Hosts:

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\KiesTrayAgent => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\92126C736C349E4B5613767816429D82AAD71460._service_run => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\KiesPreload => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\KiesAirMessage => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value deleted successfully.
HKCU\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} => Key deleted successfully.
HKCU\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} => Key deleted successfully. If the key returned, move the associated file, reboot and list the key for deletion.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system\\LogonHoursAction => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DontDisplayLogonHoursWarnings => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{217e7a0f-69b0-11e0-b86b-00219112d39f} => Key deleted successfully.
HKCR\CLSID\{217e7a0f-69b0-11e0-b86b-00219112d39f} => Key not found.
HKU\Administrator\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKU\Administrator\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG => Value deleted successfully.
HKU\Administrator\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\Administrator\Software\Microsoft\Windows\CurrentVersion\Run\\92126C736C349E4B5613767816429D82AAD71460._service_run => Value deleted successfully.
HKU\marek\Software\Microsoft\Windows\CurrentVersion\Run\\ehTray.exe => Value deleted successfully.
HKU\marek\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value deleted successfully.
HKU\marek\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKU\marek\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\marek\Software\Microsoft\Windows\CurrentVersion\Run\\92126C736C349E4B5613767816429D82AAD71460._service_run => Value deleted successfully.
HKU\marek\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => Value deleted successfully.
HKU\marek\Software\Microsoft\Windows\CurrentVersion\Policies\system\\LogonHoursAction => Value deleted successfully.
HKU\marek\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DontDisplayLogonHoursWarnings => Value deleted successfully.
HKU\matus\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\matus\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value deleted successfully.
HKU\matus\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG => Value deleted successfully.
HKU\matus\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value deleted successfully.
HKU\matus\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => Value deleted successfully.
HKU\matus\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKU\matus\Software\Microsoft\Windows\CurrentVersion\Run\\92126C736C349E4B5613767816429D82AAD71460._service_run => Value deleted successfully.
HKU\matus\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => Value deleted successfully.
HKU\matus\Software\Microsoft\Windows\CurrentVersion\Policies\system\\LogonHoursAction => Value deleted successfully.
HKU\matus\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DontDisplayLogonHoursWarnings => Value deleted successfully.
HKU\milan\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => Value deleted successfully.
HKU\milan\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\milan\Software\Microsoft\Windows\CurrentVersion\Run\\92126C736C349E4B5613767816429D82AAD71460._service_run => Value deleted successfully.
HKU\milan\Software\Microsoft\Windows\CurrentVersion\Policies\system\\LogonHoursAction => Value deleted successfully.
HKU\milan\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DontDisplayLogonHoursWarnings => Value deleted successfully.
C:\Users\milanko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled => Moved successfully.
C:\Users\milanko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spoon.net Console.lnk => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C0618EAE-70DD-49E8-AB43-E16477B00AB5} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{C0618EAE-70DD-49E8-AB43-E16477B00AB5} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} => Value deleted successfully.
HKCR\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972} => Key not found.
C:\Users\milanko\AppData\Local\Google\Chrome\Application\30.0.1599.101\gcswf32.dll not found.
C:\Windows\system32\Macromed\Flash\NPSWF32.dll not found.
C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll not found.
c:\program files\real\realplayer\Netscape6\nppl3260.dll not found.
c:\program files\real\realplayer\Netscape6\nprpjplug.dll not found.
C:\Program Files\Battlelog Web Plugins\0.80.0\npesnlaunch.dll not found.
C:\Program Files\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll not found.
C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\lpgjmggepafkhenaeknpnjiceakbedpi => Key deleted successfully.
"C:\Users\milanko\AppData\Local\Temp\ccex.crx" => File/Directory not found.
C:\Users\milan\AppData\Roaming\desktop.ini => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017UA.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cc6faab31c8925.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017Core1cc2860b0b2ea5f.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1017UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019Core1cc729f7cd28b3c.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1019UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1020Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1020Core1cc7e03c994c14.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1020UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1024Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4232150597-3782277959-890183869-1024UA.job => Moved successfully.
C:\Windows\Tasks\User_Feed_Synchronization-{D554975F-18FE-454F-81A5-6B27DD50DE40}.job => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tvncontrol" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

Jak se chova PC, nastala nejaka zmena??

Díky moc, PC je svižnejší, rýchlejšie reaguje a hlavne o moc rýchlejšie nabehne.
Ale stále ma hnevá dialógové okno pri prihlásení

[Window Title]
C:\Users\milanko\AppData\Local\Spoon\3.33.4.30\spoon-sandbox.exe

[Content]
Systém Windows nemůže najít položku C:\Users\milanko\AppData\Local\Spoon\3.33.4.30\spoon-sandbox.exe. Ujistěte se, zda je název zadán správně, a akci opakujte.

[OK]

Poprosim o novy log z RSIT http://forum.viry.cz/viewtopic.php?f=24&t=130784

Logfile of random's system information tool 1.09 (written by random/random)
Run by milanko at 2013-11-12 16:15:26
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 53 GB (27%) free of 200 GB
Total RAM: 3327 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:15:28, on 12. 11. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Users\milanko\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Users\milanko\Downloads\RSIT.exe
C:\Program Files\trend micro\milanko.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.forumswatcher.com/search.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [92126C736C349E4B5613767816429D82AAD71460._service_run] "C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: AutorunsDisabled
O4 - Startup: Spoon.net Sandbox Manager 3.33.lnk = milanko\AppData\Local\Spoon\3.33.4.30\Spoon-Sandbox-Native.exe
O4 - Global Startup: AutorunsDisabled
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra 'Tools' menuitem: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler2\Fiddler.exe" (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = PROMETEUS
O17 - HKLM\Software\..\Telephony: DomainName = PROMETEUS
O17 - HKLM\System\CCS\Services\Tcpip\..\{B87E8602-EB0C-4CE1-AC0E-23245D905925}: Domain = arkus.local
O17 - HKLM\System\CCS\Services\Tcpip\..\{B87E8602-EB0C-4CE1-AC0E-23245D905925}: NameServer = 10.184.44.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = PROMETEUS
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = PROMETEUS
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: DkWLNP - DkWLNP.dll (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\Windows\System32\ati2sgag.exe
O23 - Service: SafeNet Log Service (DkLogger) - SafeNet, Inc. - C:\Windows\system32\dklog.exe
O23 - Service: SafeNet Token Service (DkTknSrv) - SafeNet, Inc. - C:\Windows\system32\dkcktkn.exe
O23 - Service: SafeNet Virtual Channel Monitor (DkVcm) - SafeNet, Inc. - C:\Windows\system32\dkvcm.exe
O23 - Service: ShrewSoft DNS Proxy Daemon (dtpd) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ShrewSoft IKE Daemon (iked) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\iked.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: ShrewSoft IPSEC Daemon (ipsecd) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MSI Devices Service (MSIDevicesService) - Unknown owner - C:\MSI\MSI SUITE\MSIMonitor\MSIDevicesService.exe
O23 - Service: MSI FileSync Monitor (MSIFileSyncMonitor) - Unknown owner - C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe
O23 - Service: MSI_ComCenService - MSI - C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe
O23 - Service: MSI_SuiteCharger - MSI - C:\MSI\MSI SUITE\Super-Charger\SuiteChargeService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SrvAny - Unknown owner - C:\Utils\Reskit\InstSrv\INSTSRV.EXE
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: CryptoPlus XME Engine Service (xmengine service) - Monet+, a.s. - C:\Windows\system32\xmesrv.exe

--
End of file - 9858 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\milanko\AppData\Roaming\Mozilla\Firefox\Profiles\jyetitds.default

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"fiddlerhook@fiddler2.com"=C:\Program Files\Fiddler2\FiddlerHook


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn.me/esnsonar,version=0.70.0]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@virtools.com/3DviaPlayer]
"Description"=3Dvia Player For Mozilla Based Broswer
"Path"=C:\Program Files\Virtools\3D Life Player\npvirtools.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
adtoolbar@firefox.sk
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\searchplugins\
acpro.xml
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
vyhladavanie.xml
wikipedia-sk.xml
zoznam-sk.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-12-06 425680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-09-26 56712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIModeChange"=C:\Windows\system32\Ati2mdxx.exe [2006-05-03 26112]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2004-11-02 155648]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-03-07 3117344]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"92126C736C349E4B5613767816429D82AAD71460._service_run"=C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe [2013-10-09 844752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2004-11-02 126976]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AutorunsDisabled

C:\Users\milanko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
AutorunsDisabled
Spoon.net Sandbox Manager 3.33.lnk - C:\Users\milanko\AppData\Local\Spoon\3.33.4.30\Spoon-Sandbox-Native.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\Windows\system32\Ati2evxx.dll [2010-02-11 278528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\DkWLNP]
C:\Windows\system32\DkWLNP.dll [2007-09-13 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxsrvc.dll [2004-11-02 348160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"legalnoticetext"=
"SoftwareSASGeneration"=3

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=3

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0
"NoDriveTypeAutoRun"=0
"NoDriveAutoRun"=3

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=i420vfw.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"VIDC.FPS1"=frapsvid.dll
"VIDC.VMnc"=vmnc.dll
"vidc.yv12"=yv12vfw.dll
"msacm.dvacm"=c:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"MSVideo8"=VfWWDM32.dll
"midi1"=wdmaud.drv
"midi3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"midi5"=wdmaud.drv
"vidc.mjpg"=pvmjpg30.dll
"midi6"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-11-10 19:34:15 ----D---- C:\FRST
2013-11-10 08:50:11 ----D---- C:\AdwCleaner
2013-11-10 08:46:34 ----D---- C:\Windows\ERUNT
2013-11-09 12:11:25 ----D---- C:\rsit
2013-11-09 12:11:25 ----D---- C:\Program Files\trend micro
2013-10-16 19:02:33 ----A---- C:\Windows\system32\ZSHP1020.EXE
2013-10-16 19:02:33 ----A---- C:\Windows\system32\ZLhp1020.DLL

======List of files/folders modified in the last 1 month======

2013-11-12 16:15:28 ----D---- C:\Windows\Temp
2013-11-12 16:05:20 ----D---- C:\Windows\system32\config
2013-11-12 15:54:25 ----D---- C:\Windows\system32\FxsTmp
2013-11-12 15:37:11 ----D---- C:\Windows\system32\inetsrv
2013-11-12 07:11:32 ----SHD---- C:\System Volume Information
2013-11-11 15:32:24 ----D---- C:\Windows\system32\drivers\etc
2013-11-11 15:32:23 ----D---- C:\Windows\Tasks
2013-11-10 19:34:23 ----D---- C:\Windows
2013-11-10 19:29:09 ----D---- C:\Windows\system32\catroot2
2013-11-10 08:54:56 ----RD---- C:\Program Files
2013-11-10 08:47:13 ----D---- C:\Windows\System32
2013-11-10 08:47:03 ----HD---- C:\ProgramData
2013-11-10 08:46:41 ----D---- C:\Windows\system32\Tasks
2013-11-09 11:30:48 ----SHD---- C:\Windows\Installer
2013-11-09 11:30:48 ----SHD---- C:\Config.Msi
2013-11-09 11:30:46 ----D---- C:\Users\milanko\AppData\Roaming\Mozilla
2013-11-08 08:38:41 ----D---- C:\Windows\inf
2013-11-08 08:38:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-03 20:35:12 ----D---- C:\Users\milanko\AppData\Roaming\Skype
2013-10-28 15:48:54 ----D---- C:\Program Files\Steam
2013-10-17 19:20:46 ----D---- C:\ProgramData\Skype
2013-10-17 19:20:42 ----RD---- C:\Program Files\Skype
2013-10-17 06:33:15 ----D---- C:\Windows\winsxs
2013-10-17 06:31:53 ----D---- C:\Windows\system32\catroot
2013-10-16 19:02:55 ----D---- C:\Windows\system32\DriverStore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2012-03-14 50624]
R0 nvstor32;nvstor32; C:\Windows\system32\drivers\nvstor32.sys [2007-08-09 110624]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-10-10 218688]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 169080]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2010-05-26 371248]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 120152]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2012-03-14 33656]
R1 InCDPass;InCDPass; C:\Windows\system32\drivers\InCDPass.sys [2007-06-25 36776]
R1 incdrm;InCD Reader; C:\Windows\system32\drivers\InCDRm.sys [2007-06-25 38440]
R1 nm3;Microsoft Network Monitor 3 Driver; C:\Windows\system32\DRIVERS\nm3.sys [2010-06-09 39736]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2012-03-14 148504]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2011-03-25 32368]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 4450816]
R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 NTIOLib_1_1_S;NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib.sys [2009-12-30 7680]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2009-07-13 43008]
R3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2012-08-07 25088]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus.sys [2010-12-07 14336]
S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag.sys [2010-12-07 20736]
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps.sys [2010-12-07 20096]
S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem.sys [2010-12-07 25088]
S3 andnetadb;ADB Interface DriverNet; C:\Windows\System32\Drivers\lgandnetadb.sys [2011-02-23 25856]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag.sys [2011-02-23 23168]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem.sys [2011-02-23 28032]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-12-08 30312]
S3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athur.sys [2010-01-05 1500160]
S3 ati2mtag;ati2mtag; C:\Windows\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 cmuda;C-Media WDM Audio Interface; C:\Windows\system32\drivers\cmuda.sys [2005-05-12 1332544]
S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\System32\drivers\ctac32k.sys [2002-07-19 127948]
S3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2002-07-19 837548]
S3 ctprxy2k;Creative Proxy Driver; C:\Windows\System32\drivers\ctprxy2k.sys [2002-07-19 11068]
S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\System32\drivers\ctsfm2k.sys [2002-07-19 213860]
S3 CVirtA;Cisco Systems VPN Adapter; C:\Windows\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-08-20 84248]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2009-07-13 159232]
S3 E1G60;Intel(R) PRO/1000 NDIS 6 – ovladač adaptéru; C:\Windows\system32\DRIVERS\E1G60I32.sys [2009-07-13 118784]
S3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\System32\drivers\emupia2k.sys [2002-07-19 156604]
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2011-07-29 14216]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2011-07-29 8456]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
S3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\Windows\system32\drivers\ha10kx2k.sys [2002-07-24 998004]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 HCW85BDA;Hauppauge WinTV 885 Video Capture; C:\Windows\system32\drivers\HCW85BDA.sys [2009-07-13 1394688]
S3 HTCAND32;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2011-08-29 24576]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\ialmnt5.sys [2004-11-02 773565]
S3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\Program Files\MSI\Live Update 5\msibios32_100507.sys []
S3 netr73;USB Wireless 802.11 b/g - ovladač adaptéru pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2011-08-17 137472]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2011-08-17 8576]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files\MSI\Live Update 5\NTIOLib.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib.sys [2012-03-30 7680]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
S3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2002-07-19 195432]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2011-06-26 47360]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2012-02-16 514152]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-12-08 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-12-08 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-12-08 136808]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2011-12-08 104648]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2011-12-08 14920]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2011-12-08 132424]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-08-20 182680]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-20 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-20 25600]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
S4 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne2000.sys [2007-01-31 127376]
S4 InCDfs;InCD File System; C:\Windows\system32\drivers\InCDFs.sys [2007-06-25 119080]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 733184]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\Windows\system32\Ati2evxx.exe [2010-02-11 733184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DkLogger;SafeNet Log Service; C:\Windows\system32\dklog.exe [2007-09-13 106496]
R2 DkTknSrv;SafeNet Token Service; C:\Windows\system32\dkcktkn.exe [2007-09-13 737280]
R2 DkVcm;SafeNet Virtual Channel Monitor; C:\Windows\system32\dkvcm.exe [2007-09-13 122880]
R2 dtpd;ShrewSoft DNS Proxy Daemon; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [2010-10-08 54544]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2012-03-07 913144]
R2 IISADMIN;@%windir%\system32\inetsrv\iisres.dll,-30007; C:\Windows\system32\inetsrv\inetinfo.exe [2009-07-14 13824]
R2 iked;ShrewSoft IKE Daemon; C:\Program Files\ShrewSoft\VPN Client\iked.exe [2010-10-08 726288]
R2 ipsecd;ShrewSoft IPSEC Daemon; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [2010-10-08 541968]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsDtsServer;SQL Server Integration Services; C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe [2011-03-17 202592]
R2 msftesql;SQL Server FullText Search (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe [2007-06-22 95592]
R2 MSI_ComCenService;MSI_ComCenService; C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe [2012-04-17 75280]
R2 MSI_SuiteCharger;MSI_SuiteCharger; C:\MSI\MSI SUITE\Super-Charger\SuiteChargeService.exe [2012-07-31 125368]
R2 MSIDevicesService;MSI Devices Service; C:\MSI\MSI SUITE\MSIMonitor\MSIDevicesService.exe [2012-06-06 10752]
R2 MSIFileSyncMonitor;MSI FileSync Monitor; C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe [2012-04-23 10752]
R2 MSSQLSERVER;SQL Server (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2011-03-17 29261152]
R2 MSSQLServerOLAPService;SQL Server Analysis Services (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe [2011-03-17 14950240]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-01-11 129640]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 ReportServer;SQL Server Reporting Services (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL.3\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2011-03-17 13664]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2013-07-08 4153184]
S2 ATI Smart;ATI Smart; C:\Windows\System32\ati2sgag.exe [2006-05-03 520192]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-04 136176]
S2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-06-25 1552680]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-04 136176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-02-20 115608]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SQLSERVERAGENT;SQL Server Agent (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE [2008-11-24 346976]
S3 SrvAny;SrvAny; C:\Utils\Reskit\InstSrv\INSTSRV.EXE [1996-08-30 37888]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2013-04-19 543656]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
S4 msvsmon80;Visual Studio 2005 Remote Debugger; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2007-02-22 2808664]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2008-07-29 3201024]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-10-27 718384]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]

-----------------EOF-----------------

Spustte HJT a provedeme fixnuti polozek

• HJT najdete zde C:\Program Files\trend micro\milanko.exe
• Otevre se Vam okno, kliknete na Do a system scan only
• V dalsim okne najdete radky které jsem Vam vypsal nize, vedle nich je ctverecek, do ktereho udelate zatrzitko
• O4 - HKCU\..\Run: [92126C736C349E4B5613767816429D82AAD71460._service_run] "C:\Users\milanko\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
  O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
  O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
  O4 - Startup: AutorunsDisabled
  O4 - Startup: Spoon.net Sandbox Manager 3.33.lnk = milanko\AppData\Local\Spoon\3.33.4.30\Spoon-Sandbox-Native.exe
  O4 - Global Startup: AutorunsDisabled
  O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
• Kliknete na Fix checked (vlevo dole)
• HJT se Vas zepta zda opravdu ANO, s tim souhlasite a je hotovo

Díky moc, už to ide supeeer. Som vám veľmi vďačný.