Pomaly PC .Prosím o kontrolu logu.Dekuj

Zpráva

ksusa · #1 Příspěvek od **ksusa** » 16 led 2014 23:48

RogueKiller V8.8.1 [Jan 14 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Oksanka [Práva správce]
Mód : Kontrola -- Datum : 01/16/2014 23:32:27
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[SUSP PATH] GS.Enabler.exe -- c:\programdata\softwarehouse\gs.enabler\GS.Enabler.exe [x] -> SMAZÁNO [TermProc]
[SUSP PATH][DLL] rundll32.exe -- C:\Users\Oksanka\AppData\Roaming\newnext.me\nengine.dll [-] -> rundll32.exe SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : MailRuUpdater (C:\Users\Oksanka\AppData\Local\Mail.Ru\MailRuUpdater.exe [x]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : NextLive (C:\Windows\SysWOW64\rundll32.exe "C:\Users\Oksanka\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l [7][-][x]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1198225589-1884671980-4053545476-1000\[...]\Run : MailRuUpdater (C:\Users\Oksanka\AppData\Local\Mail.Ru\MailRuUpdater.exe [x]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1198225589-1884671980-4053545476-1000\[...]\Run : NextLive (C:\Windows\SysWOW64\rundll32.exe "C:\Users\Oksanka\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l [7][-][x]) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 2 ¤¤¤
[V2][SUSP PATH] {10937830-945C-4CAE-876F-4525BE1A3249} : C:\Users\Oksanka\Desktop\ZiPhoneWin-3.0.exe [x] -> NALEZENO
[V2][SUSP PATH] {9C4EE1C5-0EE9-4A4D-9879-976361EEBFF1} : C:\Users\Oksanka\Desktop\ZiPhoneWin-3.0.exe [x] -> NALEZENO

¤¤¤ spuštění položky : 1 ¤¤¤
[Oksanka][SUSP UNIC] Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk : C:\Users\Oksanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [-] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9500325AS +++++
--- User ---
[MBR] e8147b704a65f416914ddb7abe90c688
[BSP] 59ddb42bd1b4d7784a368f0ac59a57ce : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 461479 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Garmin FR620 Flash USB Device +++++
--- User ---
[MBR] c79ac5b44bab2e04a733ab676eb6afa3
[BSP] 4c3ac3199a015fcda5ee981ea246f6a3 : Empty MBR Code
Partition table:
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

Dokončeno : << RKreport[0]_S_01162014_233227.txt >>

#2 Příspěvek od **vyosek** » 17 led 2014 00:35

Zdravim

Dejte log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=130786

ksusa · #3 Příspěvek od **ksusa** » 17 led 2014 22:02

Dobrý večer,děkuji :-)Ráno PC jsem projela AVASTem ,v truhle mám 12 malwearů :-)Tady je log
Logfile of random's system information tool 1.09 (written by random/random)
Run by Oksanka at 2014-01-17 21:53:47
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 126 GB (27%) free of 461 GB
Total RAM: 3947 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:54:01, on 17.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Users\Oksanka\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Garmin\Express Fit\ExpressFit.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Users\Oksanka\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Users\Oksanka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Oksanka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Oksanka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Oksanka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Oksanka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Oksanka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Oksanka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Oksanka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.mail.ru/?homepage=1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchdwebs.info/?pid= ... Z&unqvl=22
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: EmailBHO - {647FD14A-C4F1-46F4-8FC3-0B40F54226F7} - C:\Program Files (x86)\jZip\WebmailPlugin.dll
O2 - BHO: greatSAver - {6FA3F04F-6E13-FD35-622E-25E5A0EDB09D} - C:\Program Files (x86)\greatSAver\2.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: ???????@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - (no file)
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
O3 - Toolbar: avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [ASUS Ai Charger] C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Oksanka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpeedUpMyComputer] C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as
O4 - HKCU\..\Run: [MailRuUpdater] C:\Users\Oksanka\AppData\Local\Mail.Ru\MailRuUpdater.exe
O4 - HKCU\..\Run: [ExpressFit] C:\Program Files (x86)\Garmin\Express Fit\ExpressFit.exe
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Oksanka\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Show avast! EasyPass Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Show avast! EasyPass Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = 1955
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = 1955
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = 1955
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\safesa~1\sprote~1.dll c:\progra~2\websea~1\sprote~1.dll c:\progra~2\gssupp~1\assist~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DefaultTabSearch - Unknown owner - C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe (file missing)
O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\Oksanka\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: PDF Architect Helper Service - pdfforge GbR - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GbR - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Aktualizátor aplikace Scrybe (ScrybeUpdater) - Synaptics, Inc. - C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 18906 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Windows\system32\rundll32.exe" "c:\progra~2\gssupp~1\AssistantSvc.dll",service
"C:\Windows\system32\rundll32.exe" "c:\progra~2\gssupp~1\AssistantSvc.dll",service
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
"C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe"
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe"
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2368
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Users\Oksanka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Garmin\Express Fit\ExpressFit.exe"
"C:\Windows\SysWOW64\rundll32.exe" "C:\Users\Oksanka\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
"C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe"
"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
taskeng.exe {46F3DC12-E1B3-487B-B3B5-0883868DDB5E}
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\servicing\TrustedInstaller.exe
taskeng.exe {9860B03F-85C9-4E39-A5E7-4491BC62FFE5}
taskeng.exe {6ADCB4BE-0910-4CBB-9458-90E6F2296ADB}
C:\Users\Oksanka\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Users\Oksanka\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Oksanka\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4780.0.1204859169\1435397884" --disable-image-transport-surface --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,5,13,23 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2272 --ignored=" --type=renderer " /prefetch:822062411
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Users\Oksanka\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group3 pct:10c stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --instant-process --disable-html-notifications --disable-accelerated-video-decode --enable-software-compositing --channel="4780.1.1267672340\182866599" /prefetch:673131151
"C:\Users\Oksanka\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group3 pct:10c stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --enable-software-compositing --channel="4780.2.56237199\998531239" /prefetch:673131151
"C:\Users\Oksanka\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\plugin/np-rf-plugin.dll" --lang=cs --channel="4780.4.26723297\2074456703" /prefetch:-390060480
"C:\Users\Oksanka\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group3 pct:10c stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --enable-software-compositing --channel="4780.6.1037798412\1993281542" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\Oksanka\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group3 pct:10c stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --enable-software-compositing --channel="4780.8.1998617429\1275353700" /prefetch:673131151
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Oksanka\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AmiUpdXp.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1198225589-1884671980-4053545476-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1198225589-1884671980-4053545476-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1198225589-1884671980-4053545476-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1198225589-1884671980-4053545476-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6FA3F04F-6E13-FD35-622E-25E5A0EDB09D}]
greatSAver - C:\Program Files (x86)\greatSAver\2.x64.dll [2013-01-12 408576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
avast! EasyPass Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2014-01-16 26343936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-16 1372864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14 6307960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-01-09 92232]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{647FD14A-C4F1-46F4-8FC3-0B40F54226F7}]
jZip Webmail plugin - C:\Program Files (x86)\jZip\WebmailPlugin.dll [2008-07-02 591296]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6FA3F04F-6E13-FD35-622E-25E5A0EDB09D}]
greatSAver - C:\Program Files (x86)\greatSAver\2.dll [2013-01-12 366080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
avast! EasyPass Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2014-01-16 20622024]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-11-01 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8984B388-A5BB-4DF7-B274-77B879E179DB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-08-02 51872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-16 1138536]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14 4531320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
Free Download Manager - C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2011-12-28 230400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-11-01 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - avast! EasyPass Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2014-01-16 26343936]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-16 1372864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{25A3A431-30BB-47C8-AD6A-E1063801134F} - PDF Architect Toolbar - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2013-01-09 609864]
{724d43a0-0d85-11d4-9908-00400523e39a} - avast! EasyPass Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2014-01-16 20622024]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-16 1138536]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-12-17 2531624]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Oksanka\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-13 136176]
"SpeedUpMyComputer"=C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as []
"MailRuUpdater"=C:\Users\Oksanka\AppData\Local\Mail.Ru\MailRuUpdater.exe []
"ExpressFit"=C:\Program Files (x86)\Garmin\Express Fit\ExpressFit.exe [2013-12-11 16576512]
"NextLive"=C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544]
"RoboForm"=C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-01-16 100200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2010-08-20 33120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
C:\Program Files (x86)\Ask.com\Updater\Updater.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApplePhotoStreams]
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2013-11-20 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeMovieService]
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [2011-05-09 177448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-08-02 798880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-08-02 961184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray]
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2012-01-05 296984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dolby Advanced Audio v2]
C:\Dolby PCEE4\pcee4.exe [2011-02-03 506712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate]
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2011-03-29 408432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate]
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2011-03-29 202608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Oksanka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Oksanka\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-13 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2010-12-30 391704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices]
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2013-11-20 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2010-12-30 167960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-11-02 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files (x86)\Launch Manager\LManager.exe [2011-07-01 1103440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MailRuUpdater]
C:\Users\Oksanka\AppData\Local\Mail.Ru\MailRuUpdater.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyTomTomSA.exe]
C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe [2012-09-10 436728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orbitum]
C:\Users\Oksanka\AppData\Local\Orbitum\Application\chrome.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2010-12-30 418328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power Management]
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-05-10 1831528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg]
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-06-03 2226280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-06-09 11860072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-10-21 20549280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray]
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-04-02 340848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2013-03-22 248208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zona]
C:\Program Files (x86)\Zona\Zona.exe /MINIMIZED []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~2\MCAFEE~1\307523~1.318\SSSCHE~1.EXE [2013-02-05 272248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scrybe.lnk]
C:\Windows\Installer\{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}\NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe [2012-01-08 45056]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ASUS Ai Charger"=C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [2012-08-13 547984]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2013-11-07 4956176]
"ArcadeMovieService"=C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [2011-05-09 177448]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-11-02 152392]
"mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-16 3764024]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

C:\Users\Oksanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\PROGRA~2\GSSUPP~1\ASSIST~2.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-12-23 384000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-01-17 21:53:48 ----DC---- C:\Program Files\trend micro
2014-01-17 21:53:47 ----DC---- C:\rsit
2014-01-16 23:16:55 ----D---- C:\Users\Oksanka\AppData\Roaming\AVAST Software
2014-01-16 23:16:00 ----D---- C:\ProgramData\RoboForm
2014-01-16 23:15:31 ----DC---- C:\Program Files (x86)\Siber Systems
2014-01-16 23:15:07 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-01-16 23:15:07 ----A---- C:\Windows\system32\drivers\aswstm.sys
2014-01-16 23:15:05 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-01-16 23:15:05 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-01-16 23:15:04 ----A---- C:\Windows\system32\drivers\aswSP.sys
2014-01-16 23:15:03 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-01-16 23:15:03 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-01-16 23:14:51 ----A---- C:\Windows\avastSS.scr
2014-01-15 06:33:30 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2014-01-15 06:33:30 ----A---- C:\Windows\system32\drivers\usbport.sys
2014-01-15 06:33:30 ----A---- C:\Windows\system32\drivers\usbohci.sys
2014-01-15 06:33:30 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-01-15 06:33:30 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-01-15 06:33:30 ----A---- C:\Windows\system32\drivers\usbd.sys
2014-01-15 06:33:30 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2014-01-15 06:33:29 ----A---- C:\Windows\system32\win32k.sys
2014-01-15 06:33:29 ----A---- C:\Windows\system32\drivers\netio.sys
2014-01-12 00:41:20 ----D---- C:\ProgramData\SoftWarehouse
2014-01-12 00:41:15 ----DC---- C:\Program Files (x86)\GS Supporter
2014-01-12 00:41:10 ----D---- C:\ProgramData\greatSAver
2014-01-12 00:41:10 ----D---- C:\ProgramData\6ce95ca74ad2ad43
2014-01-12 00:41:09 ----DC---- C:\Program Files (x86)\greatSAver
2014-01-11 15:33:24 ----D---- C:\ProgramData\Garmin
2014-01-11 15:29:21 ----D---- C:\Users\Oksanka\AppData\Roaming\OpenOffice
2014-01-11 15:27:37 ----DC---- C:\Program Files (x86)\OpenOffice 4
2014-01-07 18:59:09 ----DC---- C:\mdv
2014-01-02 16:37:10 ----D---- C:\Users\Oksanka\AppData\Roaming\newnext.me
2013-12-24 23:51:35 ----DC---- C:\Program Files (x86)\Garmin GPS Plugin
2013-12-24 23:51:31 ----DC---- C:\Program Files\Garmin GPS Plugin
2013-12-24 22:59:46 ----DC---- C:\Garmin
2013-12-24 22:59:06 ----DC---- C:\Program Files (x86)\Garmin
2013-12-24 22:58:47 ----D---- C:\Users\Oksanka\AppData\Roaming\Garmin
2013-12-23 20:32:50 ----A---- C:\Windows\SYSWOW64\GPhotos.scr
2013-12-20 13:31:08 ----DC---- C:\Program Files (x86)\SDA

======List of files/folders modified in the last 1 month======

2014-01-17 21:53:51 ----D---- C:\Windows\Temp
2014-01-17 21:53:48 ----RDC---- C:\Program Files
2014-01-17 21:48:42 ----D---- C:\Windows\System32
2014-01-17 21:48:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-17 13:52:46 ----D---- C:\Windows\system32\config
2014-01-17 13:21:27 ----SHD---- C:\Windows\Installer
2014-01-17 13:21:26 ----HDC---- C:\Config.Msi
2014-01-17 13:20:40 ----D---- C:\Windows\SysWOW64
2014-01-17 13:17:47 ----D---- C:\ProgramData\clear.fi
2014-01-17 12:26:56 ----A---- C:\Windows\SYSWOW64\log.txt
2014-01-17 09:35:52 ----D---- C:\Windows\system32\Tasks
2014-01-17 07:23:18 ----D---- C:\Windows\system32\drivers
2014-01-17 07:20:20 ----D---- C:\ProgramData\MFAData
2014-01-16 23:21:24 ----D---- C:\Windows\Tasks
2014-01-16 23:19:41 ----D---- C:\Program Files (x86)\Google
2014-01-16 23:19:16 ----SHD---- C:\System Volume Information
2014-01-16 23:17:56 ----DC---- C:\Program Files (x86)
2014-01-16 23:17:54 ----D---- C:\Program Files (x86)\Common Files
2014-01-16 23:17:33 ----HD---- C:\ProgramData
2014-01-16 23:16:42 ----DC---- C:\Program Files (x86)\Mozilla Thunderbird
2014-01-16 23:15:00 ----D---- C:\Windows\winsxs
2014-01-16 23:14:53 ----D---- C:\Windows
2014-01-16 23:14:51 ----A---- C:\Windows\system32\aswBoot.exe
2014-01-16 23:13:27 ----DC---- C:\Program Files (x86)\Mail.Ru
2014-01-16 23:12:09 ----D---- C:\ProgramData\AVAST Software
2014-01-16 13:09:10 ----D---- C:\Windows\system32\DriverStore
2014-01-15 23:04:30 ----D---- C:\ProgramData\Microsoft Help
2014-01-15 23:03:33 ----D---- C:\Windows\system32\MRT
2014-01-15 22:59:41 ----A---- C:\Windows\system32\MRT.exe
2014-01-15 22:58:23 ----D---- C:\Users\Oksanka\AppData\Roaming\uTorrent
2014-01-15 06:33:26 ----D---- C:\Windows\system32\catroot
2014-01-12 02:31:56 ----D---- C:\Users\Oksanka\AppData\Roaming\Skype
2014-01-12 00:42:32 ----D---- C:\ProgramData\InstallMate
2014-01-12 00:41:08 ----RD---- C:\Users
2014-01-11 16:55:31 ----D---- C:\ProgramData\Skype
2014-01-11 15:28:39 ----RSD---- C:\Windows\assembly
2014-01-11 15:28:05 ----RSD---- C:\Windows\Fonts
2014-01-11 15:26:37 ----DC---- C:\Program Files\Common Files\Microsoft Shared
2014-01-09 14:45:01 ----D---- C:\Windows\Prefetch
2014-01-08 09:02:36 ----D---- C:\Windows\system32\catroot2
2014-01-06 18:01:47 ----DC---- C:\TEMP
2014-01-05 15:59:33 ----D---- C:\Users\Oksanka\AppData\Roaming\PowerCinema
2014-01-02 01:24:15 ----DC---- C:\FFOutput

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-01-16 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-01-16 207904]
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-10-24 194872]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-10-01 123704]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-05 438808]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-06-01 564824]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2014-01-16 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-01-16 1034464]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-01-16 422216]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2013-11-05 150808]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-11-04 240920]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-08-01 251192]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-08-16 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-08-16 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-08-16 62776]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-01-16 78648]
R3 AiCharger;AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [2012-03-22 14848]
R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-01-16 79672]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-11-09 2377216]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-08-02 30368]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-12-23 12260000]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-06-14 2899176]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-01-25 77424]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-03-10 18432]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-12-17 1404464]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-03-10 17408]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-08-02 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-08-02 330912]
S3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2011-08-02 110240]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-08-02 167584]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-08-02 68256]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-08-02 280992]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-08-02 511136]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 cleanhlp;cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 PCIDATA;PCIDATA; \??\D:\PCIDATA.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2010-10-29 326760]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2012-04-12 147248]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2012-04-12 117040]
S3 WinUsb;Sony sa0102 ADB Interface; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-08-02 103584]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-16 50344]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-07-01 353360]
R2 e9f32388;GS Supporter; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
R2 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-05-10 872552]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-26 29696]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-20 325656]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2012-01-05 256536]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-01-09 1324104]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-01-09 795208]
R2 ScrybeUpdater;Aktualizátor aplikace Scrybe; C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe [2011-05-27 1300264]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-03-22 93072]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 641352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 DefaultTabSearch;DefaultTabSearch; C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe []
S2 DefaultTabUpdate;DefaultTabUpdate; C:\Users\Oksanka\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-16 136176]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-13 257416]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-10-15 655624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-16 136176]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-15 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

#4 Příspěvek od **vyosek** » 17 led 2014 23:17

A jeste spousty dalsich tam je

V prve rade ale udelame poradek se zabezpecenim, v PC muze byt jen jeden antivir

v nouzovem rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti) projedte PC temito utilitami, at se zbavime zbytku antiviru co tam mate

Stahnete SecurityCheck http://screen317.spywareinfoforum.org/SecurityCheck.exe

Ulozte nejlepe na Plochu
Spustte tradicne dvouklikem a postupujte dle pokynu utility
Po dokonceni skenu se vytvori a otevre log, ten mi sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

ksusa · #5 Příspěvek od **ksusa** » 18 led 2014 11:31

Zdravím :-)Děkuji,tady jeden log
Results of screen317's Security Check version 0.99.79
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 9
Java version out of Date!
Adobe Flash Player 11.9.900.170
Adobe Reader 10.1.9 Adobe Reader out of Date!
Google Chrome 31.0.1650.63
Google Chrome 32.0.1700.76
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

ksusa · #6 Příspěvek od **ksusa** » 18 led 2014 11:38

a druhý
# AdwCleaner v3.017 - Report created 18/01/2014 at 11:33:33
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Oksanka - ACER-PC
# Running from : C:\Users\Oksanka\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : DefaultTabSearch
[#] Service Deleted : DefaultTabUpdate

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BetterSoft
Folder Deleted : C:\ProgramData\SoftWarehouse
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\ProgramData\greatSAver
Folder Deleted : C:\ProgramData\sayfEE osyAve
Folder Deleted : C:\ProgramData\SearchNewTab
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jZip
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\sayfEE osyAve
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SearchNewTab
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\DefaultTab
Folder Deleted : C:\Program Files (x86)\jZip
Folder Deleted : C:\Program Files (x86)\Mail.Ru
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\SafeSaver
Folder Deleted : C:\Program Files (x86)\Smartdl
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\Program Files (x86)\greatSAver
Folder Deleted : C:\Users\Oksanka\AppData\Local\apn
Folder Deleted : C:\Users\Oksanka\AppData\Local\Conduit
Folder Deleted : C:\Users\Oksanka\AppData\Local\genienext
Folder Deleted : C:\Users\Oksanka\AppData\Local\jZip
Folder Deleted : C:\Users\Oksanka\AppData\Local\Mail.Ru
Folder Deleted : C:\Users\Oksanka\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Oksanka\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Oksanka\AppData\Local\torch
Folder Deleted : C:\Users\Oksanka\AppData\Local\Temp\jZip
Folder Deleted : C:\Users\Oksanka\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Oksanka\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Oksanka\AppData\LocalLow\jZip
Folder Deleted : C:\Users\Oksanka\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Oksanka\AppData\LocalLow\sayfEE osyAve
Folder Deleted : C:\Users\Oksanka\AppData\LocalLow\SearchNewTab
Folder Deleted : C:\Users\Oksanka\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Oksanka\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\Oksanka\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Oksanka\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Oksanka\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\Oksanka\AppData\Roaming\registry mechanic
Folder Deleted : C:\Users\Oksanka\Documents\Mobogenie
Folder Deleted : C:\Users\Oprava\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Oprava\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Oprava\AppData\LocalLow\SearchNewTab
Folder Deleted : C:\Users\Oksanka\AppData\Roaming\Mozilla\Firefox\Profiles\dsh37k4r.default\Extensions\dzgrmdl@oieieoe.com
Folder Deleted : C:\Users\Oksanka\AppData\Roaming\Mozilla\Firefox\Profiles\dsh37k4r.default\Extensions\staged
Folder Deleted : C:\Users\Oksanka\AppData\Roaming\Mozilla\Firefox\Profiles\dsh37k4r.default\Extensions\vanoiaop@hcyiou.edu
Folder Deleted : C:\Users\Oksanka\AppData\Roaming\Mozilla\Firefox\Profiles\dsh37k4r.default\Extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}
Folder Deleted : C:\Users\Oprava\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Deleted : C:\Users\Oprava\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Folder Deleted : C:\Users\Oksanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaoocmpiheebdobkkpcnkhbganmihlbg
[!] Folder Deleted : C:\Users\Oprava\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Oksanka\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Oksanka\AppData\Roaming\Mozilla\Firefox\Profiles\dsh37k4r.default\.autoreg
File Deleted : C:\Users\Oksanka\AppData\Roaming\Mozilla\Firefox\Profiles\dsh37k4r.default\searchplugins\Babylon.xml
File Deleted : C:\Users\Oksanka\AppData\Roaming\Mozilla\Firefox\Profiles\dsh37k4r.default\searchplugins\WebSearch.xml
File Deleted : C:\Users\Oksanka\AppData\Roaming\Mozilla\Firefox\Profiles\dsh37k4r.default\user.js
File Deleted : C:\Windows\Tasks\AmiUpdXp.job

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{77BEC163-D389-42c1-91A4-C758846296A5}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{77BEC163-D389-42c1-91A4-C758846296A5}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [dzgrmdl@oieieoe.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [vanoiaop@hcyiou.edu]
Key Deleted : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Deleted : HKLM\SOFTWARE\Classes\jZip.file
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_4e24eecb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_f5d3e0aa
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_convert-pdf-to-word-software_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_convert-pdf-to-word-software_RASMANCS
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [MailRuUpdater]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F500A5E2-DA4C-7D11-834F-6FF3E906BA18}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F500A5E2-DA4C-7D11-834F-6FF3E906BA18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F500A5E2-DA4C-7D11-834F-6FF3E906BA18}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\jZip
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\jZip
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\Video downloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA41BB14-E67B-1653-C57B-5CA99418A866}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Chrome
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\jZip
Key Deleted : [x64] HKLM\SOFTWARE\Video downloader
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\safesa~1\sprote~1.dll
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\websea~1\sprote~1.dll

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page Restore]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v

[ File : C:\Users\Oksanka\AppData\Roaming\Mozilla\Firefox\Profiles\dsh37k4r.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
Line Deleted : user_pref("browser.search.order.1", "WebSearch");
Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");
Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");

-\\ Google Chrome v

[ File : C:\Users\Oksanka\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : urls_to_restore_on_startup

[ File : C:\Users\Oprava\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [20616 octets] - [18/01/2014 11:32:35]
AdwCleaner[S0].txt - [17909 octets] - [18/01/2014 11:33:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17970 octets] ##########

#7 Příspěvek od **vyosek** » 18 led 2014 17:53

Dejte log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

ksusa · #8 Příspěvek od **ksusa** » 18 led 2014 22:37

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-01-2014 03
Ran by Oksanka (administrator) on ACER-PC on 18-01-2014 22:33:22
Running from C:\Users\Oksanka\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Synaptics, Inc.) C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
(GARMIN Corp.) C:\Program Files (x86)\Garmin\Express Fit\ExpressFit.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Oksanka\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Oksanka\Desktop\FRSTLauncher (1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2010-12-17] (Synaptics Incorporated)
HKLM-x32\...\Run: [ASUS Ai Charger] - C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [547984 2012-08-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] - C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-05-09] (CyberLink Corp.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-16] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Oksanka\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-12-13] (Google Inc.)
HKCU\...\Run: [SpeedUpMyComputer] - C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as
HKCU\...\Run: [ExpressFit] - C:\Program Files (x86)\Garmin\Express Fit\ExpressFit.exe [16576512 2013-12-11] (GARMIN Corp.)
HKCU\...\Run: [RoboForm] - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [100200 2014-01-16] (Siber Systems)
MountPoints2: {7d732749-f6bf-11e0-b4c9-806e6f6e6963} - D:\dosutils\autorun\autorun.exe
MountPoints2: {b6b8edc0-5964-11e1-bb53-806e6f6e6963} - E:\start.exe
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
AppInit_DLLs: C:\Program Files (x86)\GS Supporter\Assistant_x64.dll [2759168 2014-01-12] ()
AppInit_DLLs-x32: c:\progra~2\gssupp~1\assist~1.dll [3041792 2014-01-12] ()
Startup: C:\Users\Oksanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.mail.ru/?homepage=1
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0BE4231A-B8A1-4037-80E4-9D3511123E97} URL = http://search.conduit.com/ResultsExt.as ... =CT3220468
SearchScopes: HKCU - {5220EE9B-ED34-47D7-850A-1A0308C42034} URL = http://websearch.ask.com/redirect?clien ... BD1B865981
SearchScopes: HKCU - {696D8D61-8936-406A-8517-63E512E842DE} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO: avast! EasyPass Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: jZip Webmail plugin - {647FD14A-C4F1-46F4-8FC3-0B40F54226F7} - C:\Program Files (x86)\jZip\WebmailPlugin.dll No File
BHO-x32: avast! EasyPass Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name - {8984B388-A5BB-4DF7-B274-77B879E179DB} - No File
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {ECDEE021-0D17-467F-A1FF-C7A115230949} - No File
Toolbar: HKCU - No Name - {09900DE8-1DCA-443F-9243-26FF581438AF} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1

FireFox:
========
FF ProfilePath: C:\Users\Oksanka\AppData\Roaming\Mozilla\Firefox\Profiles\dsh37k4r.default
FF DefaultSearchEngine: ?????@Mail.Ru
FF SelectedSearchEngine: ?????@Mail.Ru
FF Homepage: hxxp://go.mail.ru/?homepage=1
FF Keyword.URL: hxxp://go.mail.ru/search?fr=fftb&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @microsoft.com/Office on Demand;version=1 - C:\Users\Oksanka\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\Microsoft Office 15\npofficeondemand.dll (Microsoft Corporation)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Oksanka\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Oksanka\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Oksanka\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Oksanka\AppData\Roaming\Mozilla\Firefox\Profiles\dsh37k4r.default\searchplugins\yandex.ru-204047.xml
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-07-30]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-03-25]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Oksanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-18]
CHR Extension: (Disk Google) - C:\Users\Oksanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-18]
CHR Extension: (YouTube) - C:\Users\Oksanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-18]
CHR Extension: (Vyhled\u00E1v\u00E1n\u00ED Google) - C:\Users\Oksanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-18]
CHR Extension: (avast! Online Security) - C:\Users\Oksanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-18]
CHR Extension: (Pen\u011B\u017Eenka Google) - C:\Users\Oksanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-18]
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Oksanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-01-18]
CHR Extension: (Gmail) - C:\Users\Oksanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-01-16]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-16] (AVAST Software)
R2 e9f32388; C:\Program Files (x86)\GS Supporter\AssistantSvc.dll [146768 2014-01-12] ()
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 ScrybeUpdater; C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe [1300264 2011-05-27] (Synaptics, Inc.)

==================== Drivers (Whitelisted) ====================

R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTek Computer Inc.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-01-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-01-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2014-01-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2014-01-16] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2014-01-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-16] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-06-01] (Duplex Secure Ltd.)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2012-04-12] (Oracle Corporation)
U3 axuo1ztj; C:\Windows\System32\Drivers\axuo1ztj.sys [0 ] (Intel Corporation)
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [x]
S3 PCIDATA; \??\D:\PCIDATA.sys [x]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-01-18 22:33 - 2014-01-18 22:34 - 00020566 _____ C:\Users\Oksanka\Desktop\FRST.txt
2014-01-18 22:32 - 2014-01-18 22:32 - 00000000 ___DC C:\FRST
2014-01-18 22:31 - 2014-01-18 22:31 - 02076160 _____ (Farbar) C:\Users\Oksanka\Desktop\FRST64.exe
2014-01-18 22:30 - 2014-01-18 22:30 - 00112640 _____ (forum.viry.cz) C:\Users\Oksanka\Desktop\FRSTLauncher (1).exe
2014-01-18 22:29 - 2014-01-18 22:29 - 00112640 _____ (forum.viry.cz) C:\Users\Oksanka\Desktop\Nepotvrzeno 47448.crdownload
2014-01-18 22:23 - 2014-01-18 22:23 - 00112640 _____ (forum.viry.cz) C:\Users\Oksanka\Downloads\Nepotvrzeno 119936.crdownload
2014-01-18 22:21 - 2014-01-18 22:21 - 00001138 _____ C:\Users\Oksanka\Downloads\Nepotvrzeno 80003.crdownload
2014-01-18 22:20 - 2014-01-18 22:20 - 02076160 _____ (Farbar) C:\Users\Oksanka\Downloads\FRST64.exe
2014-01-18 15:48 - 2014-01-18 15:48 - 00002220 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-18 11:33 - 2014-01-18 11:33 - 00000000 ____D C:\Users\Oksanka\AppData\Roaming\newnext.me
2014-01-18 11:31 - 2014-01-18 11:33 - 00000000 ___DC C:\AdwCleaner
2014-01-18 11:31 - 2014-01-18 11:31 - 01236282 _____ C:\Users\Oksanka\Downloads\adwcleaner.exe
2014-01-18 11:15 - 2014-01-18 11:15 - 00987425 _____ C:\Users\Oksanka\Downloads\SecurityCheck.exe
2014-01-18 11:05 - 2014-01-18 11:05 - 00007832 ____C C:\FixitRegBackup.reg
2014-01-18 10:57 - 2014-01-18 10:58 - 00000000 ___DC C:\WINSSLog
2014-01-18 10:56 - 2014-01-18 11:09 - 00000000 ____D C:\Users\Oksanka\Documents\vir
2014-01-17 21:53 - 2014-01-17 21:54 - 00000000 ___DC C:\rsit
2014-01-17 21:53 - 2014-01-17 21:54 - 00000000 ___DC C:\Program Files\trend micro
2014-01-17 21:53 - 2014-01-17 21:53 - 00935175 _____ C:\Users\Oksanka\Downloads\RSITx64.exe
2014-01-16 23:52 - 2014-01-16 23:52 - 00003669 _____ C:\Users\Oksanka\Desktop\RKreport[0]_S_01162014_235213.txt
2014-01-16 23:50 - 2014-01-16 23:50 - 00003635 _____ C:\Users\Oksanka\Desktop\RKreport[0]_S_01162014_235049.txt
2014-01-16 23:32 - 2014-01-16 23:32 - 00003602 _____ C:\Users\Oksanka\Desktop\RKreport[0]_S_01162014_233227.txt
2014-01-16 23:30 - 2014-01-16 23:53 - 00000000 ____D C:\Users\Oksanka\Desktop\RK_Quarantine
2014-01-16 23:28 - 2014-01-16 23:29 - 03809280 _____ C:\Users\Oksanka\Downloads\RogueKiller.exe
2014-01-16 23:16 - 2014-01-18 15:35 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-16 23:16 - 2014-01-16 23:16 - 00003494 _____ C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon
2014-01-16 23:16 - 2014-01-16 23:16 - 00001967 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-16 23:16 - 2014-01-16 23:16 - 00000000 ____D C:\Users\Oksanka\AppData\Roaming\AVAST Software
2014-01-16 23:16 - 2014-01-16 23:16 - 00000000 ____D C:\ProgramData\RoboForm
2014-01-16 23:15 - 2014-01-16 23:16 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-16 23:15 - 2014-01-16 23:15 - 00000000 ___DC C:\Program Files (x86)\Siber Systems
2014-01-16 23:15 - 2014-01-16 23:15 - 00000000 ____D C:\Users\Oksanka\Documents\My Avast EasyPass Data
2014-01-16 23:15 - 2014-01-16 23:14 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-16 23:15 - 2014-01-16 23:14 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-16 23:15 - 2014-01-16 23:14 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-16 23:15 - 2014-01-16 23:14 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-01-16 23:15 - 2014-01-16 23:14 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-16 23:15 - 2014-01-16 23:14 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2014-01-16 23:14 - 2014-01-16 23:14 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-16 23:11 - 2014-01-16 23:11 - 04689480 _____ (AVAST Software) C:\Users\Oksanka\Downloads\avast_free_antivirus_setup_online.exe
2014-01-16 20:53 - 2014-01-16 20:53 - 00637581 _____ C:\Users\Oksanka\Downloads\activity_427929855.tcx
2014-01-16 20:53 - 2014-01-16 20:53 - 00279773 _____ C:\Users\Oksanka\Downloads\activity_430956747 (1).tcx
2014-01-16 20:52 - 2014-01-16 20:52 - 00486044 _____ C:\Users\Oksanka\Downloads\activity_430956765.tcx
2014-01-16 20:52 - 2014-01-16 20:52 - 00279773 _____ C:\Users\Oksanka\Downloads\activity_430956747.tcx
2014-01-16 20:51 - 2014-01-16 20:51 - 00275829 _____ C:\Users\Oksanka\Downloads\activity_430956806.tcx
2014-01-15 17:40 - 2014-01-15 17:40 - 00010592 _____ C:\Users\Oksanka\Downloads\rufus.log
2014-01-15 06:33 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 06:33 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 06:33 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 06:33 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 06:33 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 06:33 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 06:33 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 06:33 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 06:33 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 14:33 - 2014-01-14 14:33 - 00018489 _____ C:\Users\Oksanka\Downloads\[rutracker.org].t4607703.torrent
2014-01-13 15:08 - 2014-01-13 15:38 - 00002267 _____ C:\Users\Oksanka\Documents\ZAKOVE.odb
2014-01-12 18:28 - 2014-01-12 18:50 - 1489594368 _____ C:\Users\Oksanka\Downloads\pclinuxos-kde-cs-sk-latest.iso
2014-01-12 18:14 - 2014-01-12 18:26 - 744540160 _____ C:\Users\Oksanka\Downloads\pclinuxos-kde-mini-cs-sk-latest.iso
2014-01-12 00:44 - 2014-01-12 00:45 - 00000000 ____D C:\Users\Oksanka\Downloads\Marathon-(Malaton---Yun-cheol-Jeong)-2005
2014-01-12 00:41 - 2014-01-18 11:32 - 00000000 ____D C:\ProgramData\6ce95ca74ad2ad43
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ___DC C:\Program Files (x86)\GS Supporter
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ____D C:\Users\Oksanka\AppData\Local\Packages
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ____D C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ____D C:\Users\HomeGroupUser$\AppData\Local\Google
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ____D C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ____D C:\Users\HomeGroupUser$
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ____D C:\Users\Guest\AppData\Local\Torch
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ____D C:\Users\Guest\AppData\Local\Google
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ____D C:\Users\Guest\AppData\Local\Comodo
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ____D C:\Users\Guest
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ____D C:\Users\Administrator\AppData\Local\Torch
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ____D C:\Users\Administrator\AppData\Local\Comodo
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ____D C:\Users\Administrator
2014-01-12 00:36 - 2014-01-12 00:36 - 00028586 _____ C:\Users\Oksanka\Documents\2005 Malaton [Jeong Yun-cheol] cd1.srt
2014-01-12 00:36 - 2014-01-12 00:36 - 00000432 _____ C:\Users\Oksanka\Documents\2005 Malaton [Jeong Yun-cheol] cd1.srt.style
2014-01-12 00:35 - 2014-01-12 00:35 - 00000000 ____D C:\Users\Oksanka\Downloads\Marathon(0000016864)
2014-01-12 00:34 - 2014-01-12 00:34 - 00028970 _____ C:\Users\Oksanka\Downloads\Marathon(0000016864).zip
2014-01-11 22:57 - 2014-01-12 00:20 - 1474289781 _____ C:\Users\Oksanka\Downloads\Marathon-(Malaton---Yun-cheol-Jeong)-2005.rar
2014-01-11 20:24 - 2014-01-11 20:24 - 00000055 _____ C:\Users\Oksanka\Desktop\micak.rba
2014-01-11 17:52 - 2014-01-11 18:12 - 1204813824 _____ C:\Users\Oksanka\Downloads\linuxmint-16-xfce-dvd-32bit.iso
2014-01-11 15:41 - 2014-01-11 15:41 - 00058734 _____ C:\Users\Oksanka\Documents\zakony socialni.odt
2014-01-11 15:33 - 2014-01-11 15:33 - 00000000 ____D C:\ProgramData\Garmin
2014-01-11 15:29 - 2014-01-11 17:29 - 00002266 _____ C:\Users\Oksanka\Documents\Nová databáze.odb
2014-01-11 15:29 - 2014-01-11 15:29 - 00000000 ____D C:\Users\Oksanka\AppData\Roaming\OpenOffice
2014-01-11 15:28 - 2014-01-11 15:28 - 00001100 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-01-11 15:27 - 2014-01-11 15:28 - 00000000 ___DC C:\Program Files (x86)\OpenOffice 4
2014-01-11 15:26 - 2014-01-11 15:26 - 00000000 ____D C:\Users\Oksanka\Desktop\OpenOffice 4.0.1 (cs) Installation Files
2014-01-11 15:23 - 2014-01-11 15:26 - 130785256 _____ C:\Users\Oksanka\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_cs.exe
2014-01-11 15:20 - 2014-01-11 15:20 - 00033075 _____ C:\Users\Oksanka\Downloads\Rodičovský příspěvek.htm
2014-01-11 15:20 - 2014-01-11 15:20 - 00000000 ____D C:\Users\Oksanka\Downloads\Rodičovský příspěvek_files
2014-01-10 19:35 - 2014-01-10 19:35 - 00044637 _____ C:\Users\Oksanka\Downloads\Temnaja_Bashnja_IV.torrent
2014-01-10 19:27 - 2013-12-06 00:00 - 00018677 _____ C:\Users\Oksanka\Desktop\king-stiven-temnaya-bashnya-4-5-veter-skvoz-zamochnuyu-skvazhinu-_torrentino.torrent
2014-01-09 16:22 - 2014-01-09 16:22 - 00002222 _____ C:\Users\Oksanka\Downloads\zorin-wcg_1.0.2_i386.deb
2014-01-09 16:17 - 2014-01-09 16:32 - 824180736 _____ C:\Users\Oksanka\Downloads\zorin-os-7.1-lite.iso
2014-01-08 18:52 - 2014-01-11 20:44 - 00003495 _____ C:\Users\Oksanka\Desktop\Zrandom.bat
2014-01-08 18:10 - 2014-01-08 18:10 - 01048576 _____ C:\Users\Oksanka\Downloads\ipxe (1).iso
2014-01-08 18:02 - 2014-01-08 18:02 - 01048576 _____ C:\Users\Oksanka\Downloads\ipxe.iso
2014-01-08 17:59 - 2014-01-08 18:09 - 553648128 _____ C:\Users\Oksanka\Downloads\archlinux-2014.01.05-dual.iso
2014-01-07 20:06 - 2014-01-07 20:06 - 00273917 _____ C:\Users\Oksanka\Downloads\activity_426309457.tcx
2014-01-07 20:05 - 2014-01-07 20:05 - 00302325 _____ C:\Users\Oksanka\Downloads\activity_426309473.tcx
2014-01-07 18:59 - 2014-01-07 18:59 - 00000000 ___DC C:\mdv
2014-01-07 18:54 - 2009-11-02 17:16 - 16717824 ____R C:\Users\Oksanka\all.img
2014-01-07 10:24 - 2014-01-07 10:24 - 00000000 ____D C:\Users\Oksanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-06 21:12 - 2014-01-06 21:12 - 00000000 ____D C:\Users\Oksanka\Desktop\tom9
2014-01-06 21:11 - 2014-01-06 21:11 - 00000000 ____D C:\Users\Oksanka\Desktop\tom8
2014-01-06 21:01 - 2014-01-06 21:02 - 00000000 ____D C:\Users\Oksanka\Desktop\tom7
2014-01-06 20:16 - 2014-01-06 20:16 - 00000489 _____ C:\Users\Oksanka\Desktop\inpr.gklo.gklc – zástupce.lnk
2014-01-06 17:20 - 2014-01-06 17:50 - 1289748480 _____ C:\Users\Oksanka\Downloads\linuxmint-16-mate-dvd-32bit.iso
2014-01-06 17:14 - 2014-01-06 17:14 - 00015351 _____ C:\Users\Oksanka\Desktop\presi_edit.pptx – zástupce.lnk
2014-01-06 15:50 - 2014-01-06 15:50 - 00585216 _____ C:\Users\Oksanka\Downloads\Cenik_doporucenych_cen.xls
2014-01-06 13:25 - 2014-01-06 13:25 - 00000000 ____D C:\Users\Oksanka\AppData\Local\{3D37CA2D-4DE1-4039-B24B-F05CC50676E7}
2014-01-06 13:23 - 2014-01-06 13:23 - 00000000 ____D C:\Users\Oksanka\Desktop\VSERS2
2014-01-06 13:22 - 2014-01-06 13:25 - 00000000 ____D C:\Users\Oksanka\Desktop\VSERS
2014-01-05 15:42 - 2014-01-05 15:42 - 00001809 _____ C:\Users\Oksanka\Desktop\HRPT.lnk
2014-01-04 21:42 - 2014-01-04 21:42 - 00278640 _____ C:\Users\Oksanka\Downloads\activity_424606260.tcx
2014-01-04 20:26 - 2014-01-04 20:26 - 00000000 ____D C:\Users\Oksanka\Downloads\Noty---River-Flows-in-You
2014-01-04 20:25 - 2014-01-04 20:25 - 03046938 _____ C:\Users\Oksanka\Downloads\Noty---River-Flows-in-You.rar
2014-01-04 09:11 - 2014-01-04 09:23 - 808452096 _____ C:\Users\Oksanka\Downloads\crunchbang-11-20130506-i686.iso
2014-01-03 22:24 - 2014-01-03 22:24 - 00031107 _____ C:\Users\Oksanka\Downloads\crunchbang-11-20130506-i686.iso.torrent
2014-01-03 21:49 - 2014-01-03 21:49 - 00000421 _____ C:\Users\Oksanka\Desktop\inpr.gklo.gklc
2014-01-03 14:48 - 2014-01-03 15:06 - 1031405569 _____ C:\Users\Oksanka\Downloads\Wall-Street---Penize-nikdy-nespi-CZ-2010.avi
2014-01-02 16:37 - 2014-01-16 19:56 - 00009122 _____ C:\Users\Oksanka\daemonprocess.txt
2014-01-02 16:37 - 2014-01-02 16:37 - 00000000 ____D C:\Users\Oksanka\AppData\Local\cache
2014-01-02 16:37 - 2014-01-02 16:37 - 00000000 ____D C:\Users\Oksanka\.android
2014-01-02 16:35 - 2014-01-02 16:35 - 00211302 _____ C:\Users\Oksanka\Downloads\GotClip_Setup.exe
2014-01-02 14:52 - 2014-01-02 14:52 - 00282809 _____ C:\Users\Oksanka\Downloads\activity_423308454 (1).tcx
2014-01-02 14:32 - 2014-01-02 14:32 - 01100330 _____ C:\Users\Oksanka\Downloads\activity_421816958 (3).tcx
2014-01-02 14:28 - 2014-01-02 14:28 - 00282809 _____ C:\Users\Oksanka\Downloads\activity_423308454.tcx
2014-01-02 14:27 - 2014-01-02 14:27 - 01100330 _____ C:\Users\Oksanka\Downloads\activity_421816958 (2).tcx
2014-01-02 14:26 - 2014-01-02 14:26 - 00417124 _____ C:\Users\Oksanka\Downloads\activity_420526154.tcx
2014-01-02 14:25 - 2014-01-02 14:25 - 00281599 _____ C:\Users\Oksanka\Downloads\activity_420105537.tcx
2014-01-02 14:24 - 2014-01-02 14:24 - 00269755 _____ C:\Users\Oksanka\Downloads\activity_419789798.tcx
2014-01-02 13:19 - 2014-01-02 13:35 - 1055916032 _____ C:\Users\Oksanka\Downloads\kubuntu-13.10-desktop-i386.iso
2014-01-02 13:10 - 2014-01-06 19:23 - 00000000 ____D C:\Users\Oksanka\PcitVdi
2014-01-02 01:11 - 2014-01-02 01:12 - 05102492 _____ C:\Users\Oksanka\Documents\Můj film.wmv
2014-01-02 01:08 - 2014-01-02 01:09 - 00000000 ____D C:\Users\Oksanka\AppData\Local\{34E6264C-112E-4434-A0DF-0E4322F73728}
2014-01-01 21:09 - 2014-01-10 19:26 - 00012570 _____ C:\Users\Oksanka\Desktop\stiven-king-tyomnaya-bashnya-4-koldun-i-kristall-mp3-[torrentino].torrent
2014-01-01 21:08 - 2014-01-01 21:08 - 00211536 _____ (Destiny Media) C:\Users\Oksanka\Downloads\stiven_king_-_tyomnaya_bashnya_4_koldun_i_kristall_2012_mp3.exe
2014-01-01 21:08 - 2014-01-01 21:08 - 00106920 _____ (LLC Pentagon) C:\Users\Oksanka\Downloads\stiven-king-tyomnaya-bashnya-4-koldun-i-kristall-mp3-[torrentino].exe
2013-12-31 09:21 - 2013-12-31 09:32 - 489327760 _____ C:\Users\Oksanka\Downloads\Návrat do budoucnosti III (1990).avi
2013-12-30 20:40 - 2013-12-30 20:40 - 01100330 _____ C:\Users\Oksanka\Downloads\activity_421816958 (1).tcx
2013-12-30 20:40 - 2013-12-30 20:40 - 00462824 _____ C:\Users\Oksanka\Downloads\activity_421816958.gpx
2013-12-30 20:29 - 2013-12-30 20:29 - 01014436 _____ C:\Users\Oksanka\Downloads\activity_421816958 (1).kml
2013-12-30 18:14 - 2013-12-30 18:14 - 01014436 _____ C:\Users\Oksanka\Downloads\activity_421816958.kml
2013-12-30 18:13 - 2013-12-30 18:13 - 01100330 _____ C:\Users\Oksanka\Downloads\activity_421816958.tcx
2013-12-29 12:57 - 2013-12-29 13:27 - 00000000 ____D C:\Users\Oksanka\Desktop\dev sdc1
2013-12-29 12:26 - 2013-12-29 12:42 - 1362100224 _____ C:\Users\Oksanka\Downloads\linuxmint-16-kde-dvd-32bit.iso
2013-12-28 00:12 - 2013-12-28 00:12 - 00000000 ____D C:\Users\Oksanka\Downloads\Lykke Li
2013-12-27 18:51 - 2013-12-27 18:59 - 741343232 _____ C:\Users\Oksanka\Downloads\ubuntu-12.04.3-desktop-i386.iso
2013-12-27 18:50 - 2013-12-27 18:50 - 00003825 _____ C:\Users\Oksanka\Downloads\ubuntu-12.04.3-desktop-i386.list
2013-12-26 14:14 - 2013-12-26 14:14 - 00553008 _____ C:\Users\Oksanka\Downloads\140400-gdm3.tar.gz
2013-12-26 09:48 - 2013-12-26 10:00 - 729808896 _____ C:\Users\Oksanka\Downloads\lubuntu-13.10-desktop-i386.iso
2013-12-25 22:28 - 2013-12-25 22:28 - 15478976 _____ C:\Users\Oksanka\Downloads\ExpressFit_201 (2).exe
2013-12-25 17:30 - 2013-12-25 17:35 - 00000386 _____ C:\Users\Oksanka\Desktop\navod.txt
2013-12-25 12:02 - 2014-01-10 19:36 - 00000000 ____D C:\Users\Oksanka\Downloads\UGNM
2013-12-25 12:02 - 2013-12-25 12:25 - 918552576 _____ C:\Users\Oksanka\Downloads\ubuntu-gnome-13.10-desktop-i386.iso
2013-12-25 12:02 - 2013-12-25 12:02 - 00035276 _____ C:\Users\Oksanka\Downloads\ubuntu-gnome-13.10-desktop-i386.iso.torrent
2013-12-25 11:39 - 2013-12-25 11:39 - 00547256 _____ (Akeo Consulting (http://akeo.ie)) C:\Users\Oksanka\Downloads\rufus_v1.4.1.exe
2013-12-25 11:35 - 2013-12-25 11:37 - 00000000 ____D C:\Users\Oksanka\Desktop\pcitvdientlinuxfiles
2013-12-25 00:13 - 2013-12-25 00:41 - 300519424 _____ C:\Users\Oksanka\Downloads\Topo_Czech_2013.exe
2013-12-24 23:56 - 2013-12-24 23:57 - 18864072 _____ C:\Users\Oksanka\Downloads\CommunicatorPlugin_410 (1).exe
2013-12-24 23:51 - 2013-12-24 23:51 - 00000000 ___DC C:\Program Files\Garmin GPS Plugin
2013-12-24 23:51 - 2013-12-24 23:51 - 00000000 ___DC C:\Program Files (x86)\Garmin GPS Plugin
2013-12-24 23:49 - 2013-12-24 23:49 - 18864072 _____ C:\Users\Oksanka\Downloads\CommunicatorPlugin_410.exe
2013-12-24 23:20 - 2013-12-24 23:21 - 15478976 _____ C:\Users\Oksanka\Downloads\ExpressFit_201 (1).exe
2013-12-24 22:59 - 2013-12-24 22:59 - 00000000 ___DC C:\Program Files (x86)\Garmin
2013-12-24 22:59 - 2013-12-24 22:59 - 00000000 ___DC C:\Garmin
2013-12-24 22:58 - 2014-01-11 15:33 - 00000000 ____D C:\Users\Oksanka\AppData\Roaming\Garmin
2013-12-24 22:58 - 2013-12-24 22:58 - 15478976 _____ C:\Users\Oksanka\Downloads\ExpressFit_201.exe
2013-12-23 22:04 - 2014-01-11 20:45 - 03063451 _____ C:\Users\Oksanka\Desktop\ios_ryclost.ipad
2013-12-23 20:32 - 2013-12-23 20:32 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
2013-12-23 15:00 - 2013-12-23 15:00 - 00024256 _____ C:\Users\Oksanka\Downloads\plutil.pl
2013-12-23 10:52 - 2013-12-23 10:52 - 00034320 _____ C:\Users\Oksanka\Downloads\ubuntu-drivers-common_0.2.71.1_amd64.deb
2013-12-23 10:52 - 2013-12-23 10:52 - 00034320 _____ C:\Users\Oksanka\Downloads\ubuntu-drivers-common_0.2.71.1_amd64 (1).deb
2013-12-23 10:36 - 2013-12-23 13:10 - 3942645760 _____ C:\Users\Oksanka\Downloads\debian-7.3.0-amd64-DVD-1.iso
2013-12-23 10:35 - 2013-12-23 10:58 - 652214272 _____ C:\Users\Oksanka\Downloads\debian-7.3.0-amd64-CD-1.iso
2013-12-23 10:35 - 2013-12-23 10:35 - 00075621 _____ C:\Users\Oksanka\Downloads\debian-7.3.0-amd64-DVD-1.iso.torrent
2013-12-23 09:18 - 2013-12-23 09:34 - 946864128 _____ C:\Users\Oksanka\Downloads\openSUSE-13.1-KDE-Live-i686.iso
2013-12-22 17:19 - 2013-12-22 17:19 - 02560216 _____ C:\Users\Oksanka\Downloads\wubi.exe
2013-12-21 18:39 - 2013-12-21 18:40 - 00387775 _____ C:\Users\Oksanka\Downloads\Baltie.zip
2013-12-20 14:07 - 2013-12-20 14:31 - 1209864481 _____ C:\Users\Oksanka\Downloads\NOOBS_v1_3_2 (1).zip
2013-12-20 13:31 - 2013-12-20 13:31 - 00002050 _____ C:\Users\Public\Desktop\SDFormatter.lnk
2013-12-20 13:31 - 2013-12-20 13:31 - 00000000 ___DC C:\Program Files (x86)\SDA
2013-12-20 13:30 - 2013-12-20 13:30 - 00236194 _____ C:\Users\Oksanka\Downloads\SDFormatter_4.00B.pkg
2013-12-20 13:29 - 2013-12-20 13:29 - 06286748 _____ C:\Users\Oksanka\Downloads\SDFormatterv4.zip
2013-12-20 13:28 - 2013-12-20 13:28 - 20918392 _____ C:\Users\Oksanka\Downloads\NOOBS_lite_v1_3_2.zip
2013-12-19 14:27 - 2013-12-25 11:45 - 00000000 ____D C:\Users\Oksanka\Desktop\linux_magic_tweak
2013-12-19 14:10 - 2013-12-19 14:17 - 00000000 ____D C:\Users\Oksanka\Downloads\Темная Башня III - Бесплодные земли
2013-12-19 14:08 - 2013-12-19 14:43 - 727711744 _____ C:\Users\Oksanka\Downloads\Mageia-3-LiveCD-KDE4-en-i586-CD.iso
2013-12-19 14:07 - 2013-12-19 14:07 - 00000056 _____ C:\Users\Oksanka\Downloads\Mageia-3-i586-DVD.iso.md5
2013-12-19 13:05 - 2013-12-19 13:28 - 00198389 _____ C:\Users\Oksanka\presi_edit.pptx
2013-12-19 13:04 - 2014-01-06 20:14 - 00000000 ____D C:\Users\Oksanka\Desktop\PRZ

==================== One Month Modified Files and Folders =======

2014-01-18 22:34 - 2014-01-18 22:33 - 00020566 _____ C:\Users\Oksanka\Desktop\FRST.txt
2014-01-18 22:32 - 2014-01-18 22:32 - 00000000 ___DC C:\FRST
2014-01-18 22:32 - 2011-10-15 00:55 - 01266168 _____ C:\Windows\WindowsUpdate.log
2014-01-18 22:31 - 2014-01-18 22:31 - 02076160 _____ (Farbar) C:\Users\Oksanka\Desktop\FRST64.exe
2014-01-18 22:30 - 2014-01-18 22:30 - 00112640 _____ (forum.viry.cz) C:\Users\Oksanka\Desktop\FRSTLauncher (1).exe
2014-01-18 22:29 - 2014-01-18 22:29 - 00112640 _____ (forum.viry.cz) C:\Users\Oksanka\Desktop\Nepotvrzeno 47448.crdownload
2014-01-18 22:23 - 2014-01-18 22:23 - 00112640 _____ (forum.viry.cz) C:\Users\Oksanka\Downloads\Nepotvrzeno 119936.crdownload
2014-01-18 22:21 - 2014-01-18 22:21 - 00001138 _____ C:\Users\Oksanka\Downloads\Nepotvrzeno 80003.crdownload
2014-01-18 22:20 - 2014-01-18 22:20 - 02076160 _____ (Farbar) C:\Users\Oksanka\Downloads\FRST64.exe
2014-01-18 22:20 - 2011-12-16 14:47 - 00000000 ____D C:\Users\Oksanka\AppData\Roaming\Skype
2014-01-18 22:03 - 2011-12-13 13:13 - 00000970 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1198225589-1884671980-4053545476-1000UA.job
2014-01-18 21:55 - 2012-08-12 11:05 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-18 21:44 - 2011-12-16 12:59 - 00000954 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-18 21:03 - 2011-12-13 13:13 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1198225589-1884671980-4053545476-1000Core.job
2014-01-18 20:49 - 2011-10-15 01:43 - 07853448 _____ C:\Windows\system32\perfh005.dat
2014-01-18 20:49 - 2011-10-15 01:43 - 02651812 _____ C:\Windows\system32\perfc005.dat
2014-01-18 20:49 - 2009-07-14 06:13 - 00005466 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-18 20:48 - 2011-08-16 08:09 - 00000000 ___RD C:\Program Files (x86)\Skype
2014-01-18 20:48 - 2011-08-16 08:09 - 00000000 ____D C:\ProgramData\Skype
2014-01-18 20:47 - 2012-02-15 09:04 - 00000990 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1198225589-1884671980-4053545476-1000UA.job
2014-01-18 20:47 - 2012-02-15 09:04 - 00000968 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1198225589-1884671980-4053545476-1000Core.job
2014-01-18 17:44 - 2011-12-16 12:59 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-18 15:48 - 2014-01-18 15:48 - 00002220 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-18 15:48 - 2011-12-13 13:13 - 00000000 ____D C:\Users\Oksanka\AppData\Local\Google
2014-01-18 15:47 - 2011-12-16 12:59 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-18 15:41 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-18 15:41 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-18 15:36 - 2011-12-13 08:56 - 00000000 ____D C:\ProgramData\clear.fi
2014-01-18 15:35 - 2014-01-16 23:16 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-18 15:34 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-18 15:33 - 2013-11-21 19:31 - 00008188 _____ C:\Windows\setupact.log
2014-01-18 11:35 - 2009-07-14 06:08 - 00032626 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-18 11:34 - 2013-08-31 11:44 - 00066214 _____ C:\Windows\PFRO.log
2014-01-18 11:33 - 2014-01-18 11:33 - 00000000 ____D C:\Users\Oksanka\AppData\Roaming\newnext.me
2014-01-18 11:33 - 2014-01-18 11:31 - 00000000 ___DC C:\AdwCleaner
2014-01-18 11:32 - 2014-01-12 00:41 - 00000000 ____D C:\ProgramData\6ce95ca74ad2ad43
2014-01-18 11:31 - 2014-01-18 11:31 - 01236282 _____ C:\Users\Oksanka\Downloads\adwcleaner.exe
2014-01-18 11:15 - 2014-01-18 11:15 - 00987425 _____ C:\Users\Oksanka\Downloads\SecurityCheck.exe
2014-01-18 11:09 - 2014-01-18 10:56 - 00000000 ____D C:\Users\Oksanka\Documents\vir
2014-01-18 11:05 - 2014-01-18 11:05 - 00007832 ____C C:\FixitRegBackup.reg
2014-01-18 10:58 - 2014-01-18 10:57 - 00000000 ___DC C:\WINSSLog
2014-01-18 10:55 - 2013-12-16 17:06 - 00093696 ___SH C:\Users\Oksanka\Desktop\Thumbs.db
2014-01-17 23:27 - 2012-05-09 18:15 - 00000000 ____D C:\Users\Oksanka\AppData\Roaming\Free Download Manager
2014-01-17 21:54 - 2014-01-17 21:53 - 00000000 ___DC C:\rsit
2014-01-17 21:54 - 2014-01-17 21:53 - 00000000 ___DC C:\Program Files\trend micro
2014-01-17 21:53 - 2014-01-17 21:53 - 00935175 _____ C:\Users\Oksanka\Downloads\RSITx64.exe
2014-01-17 08:08 - 2012-12-07 21:46 - 00000000 ____D C:\Users\Oksanka\AppData\Local\MediaGet2
2014-01-17 08:00 - 2013-10-05 09:03 - 00000000 ____D C:\ProgramData\Guard.Mail.Ru
2014-01-16 23:53 - 2014-01-16 23:30 - 00000000 ____D C:\Users\Oksanka\Desktop\RK_Quarantine
2014-01-16 23:52 - 2014-01-16 23:52 - 00003669 _____ C:\Users\Oksanka\Desktop\RKreport[0]_S_01162014_235213.txt
2014-01-16 23:50 - 2014-01-16 23:50 - 00003635 _____ C:\Users\Oksanka\Desktop\RKreport[0]_S_01162014_235049.txt
2014-01-16 23:32 - 2014-01-16 23:32 - 00003602 _____ C:\Users\Oksanka\Desktop\RKreport[0]_S_01162014_233227.txt
2014-01-16 23:29 - 2014-01-16 23:28 - 03809280 _____ C:\Users\Oksanka\Downloads\RogueKiller.exe
2014-01-16 23:17 - 2012-01-11 18:22 - 00000000 ____D C:\Users\Oksanka\AppData\Local\CrashDumps
2014-01-16 23:16 - 2014-01-16 23:16 - 00003494 _____ C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon
2014-01-16 23:16 - 2014-01-16 23:16 - 00001967 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-16 23:16 - 2014-01-16 23:16 - 00000000 ____D C:\Users\Oksanka\AppData\Roaming\AVAST Software
2014-01-16 23:16 - 2014-01-16 23:16 - 00000000 ____D C:\ProgramData\RoboForm
2014-01-16 23:16 - 2014-01-16 23:15 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-16 23:16 - 2013-04-25 15:02 - 00000000 ___DC C:\Program Files (x86)\Mozilla Thunderbird
2014-01-16 23:15 - 2014-01-16 23:15 - 00000000 ___DC C:\Program Files (x86)\Siber Systems
2014-01-16 23:15 - 2014-01-16 23:15 - 00000000 ____D C:\Users\Oksanka\Documents\My Avast EasyPass Data
2014-01-16 23:14 - 2014-01-16 23:15 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-16 23:14 - 2014-01-16 23:15 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-16 23:14 - 2014-01-16 23:15 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-16 23:14 - 2014-01-16 23:15 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-01-16 23:14 - 2014-01-16 23:15 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-16 23:14 - 2014-01-16 23:15 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2014-01-16 23:14 - 2014-01-16 23:14 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-16 23:14 - 2011-12-13 13:14 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-16 23:12 - 2011-12-13 13:14 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-16 23:11 - 2014-01-16 23:11 - 04689480 _____ (AVAST Software) C:\Users\Oksanka\Downloads\avast_free_antivirus_setup_online.exe
2014-01-16 20:53 - 2014-01-16 20:53 - 00637581 _____ C:\Users\Oksanka\Downloads\activity_427929855.tcx
2014-01-16 20:53 - 2014-01-16 20:53 - 00279773 _____ C:\Users\Oksanka\Downloads\activity_430956747 (1).tcx
2014-01-16 20:52 - 2014-01-16 20:52 - 00486044 _____ C:\Users\Oksanka\Downloads\activity_430956765.tcx
2014-01-16 20:52 - 2014-01-16 20:52 - 00279773 _____ C:\Users\Oksanka\Downloads\activity_430956747.tcx
2014-01-16 20:51 - 2014-01-16 20:51 - 00275829 _____ C:\Users\Oksanka\Downloads\activity_430956806.tcx
2014-01-16 19:56 - 2014-01-02 16:37 - 00009122 _____ C:\Users\Oksanka\daemonprocess.txt
2014-01-16 13:11 - 2009-07-14 05:45 - 00460976 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 23:04 - 2011-12-30 00:11 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-15 23:03 - 2013-07-21 11:39 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 22:59 - 2011-12-13 13:34 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 22:58 - 2012-09-01 21:43 - 00000000 ____D C:\Users\Oksanka\AppData\Roaming\uTorrent
2014-01-15 18:07 - 2013-11-09 17:13 - 00000270 __RSH C:\ProgramData\ntuser.pol
2014-01-15 17:40 - 2014-01-15 17:40 - 00010592 _____ C:\Users\Oksanka\Downloads\rufus.log
2014-01-14 14:33 - 2014-01-14 14:33 - 00018489 _____ C:\Users\Oksanka\Downloads\[rutracker.org].t4607703.torrent
2014-01-13 15:38 - 2014-01-13 15:08 - 00002267 _____ C:\Users\Oksanka\Documents\ZAKOVE.odb
2014-01-12 18:50 - 2014-01-12 18:28 - 1489594368 _____ C:\Users\Oksanka\Downloads\pclinuxos-kde-cs-sk-latest.iso
2014-01-12 18:26 - 2014-01-12 18:14 - 744540160 _____ C:\Users\Oksanka\Downloads\pclinuxos-kde-mini-cs-sk-latest.iso
2014-01-12 00:45 - 2014-01-12 00:44 - 00000000 ____D C:\Users\Oksanka\Downloads\Marathon-(Malaton---Yun-cheol-Jeong)-2005
2014-01-12 00:42 - 2013-07-07 18:15 - 00000000 ____D C:\ProgramData\InstallMate
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ___DC C:\Program Files (x86)\GS Supporter
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ____D C:\Users\Oksanka\AppData\Local\Packages
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ____D C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ____D C:\Users\HomeGroupUser$\AppData\Local\Google
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ____D C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ____D C:\Users\HomeGroupUser$
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ____D C:\Users\Guest\AppData\Local\Torch
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ____D C:\Users\Guest\AppData\Local\Google
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ____D C:\Users\Guest\AppData\Local\Comodo
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ____D C:\Users\Guest
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ____D C:\Users\Administrator\AppData\Local\Torch
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ____D C:\Users\Administrator\AppData\Local\Comodo
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ____D C:\Users\Administrator
2014-01-12 00:36 - 2014-01-12 00:36 - 00028586 _____ C:\Users\Oksanka\Documents\2005 Malaton [Jeong Yun-cheol] cd1.srt
2014-01-12 00:36 - 2014-01-12 00:36 - 00000432 _____ C:\Users\Oksanka\Documents\2005 Malaton [Jeong Yun-cheol] cd1.srt.style
2014-01-12 00:35 - 2014-01-12 00:35 - 00000000 ____D C:\Users\Oksanka\Downloads\Marathon(0000016864)
2014-01-12 00:34 - 2014-01-12 00:34 - 00028970 _____ C:\Users\Oksanka\Downloads\Marathon(0000016864).zip
2014-01-12 00:20 - 2014-01-11 22:57 - 1474289781 _____ C:\Users\Oksanka\Downloads\Marathon-(Malaton---Yun-cheol-Jeong)-2005.rar
2014-01-11 20:45 - 2013-12-23 22:04 - 03063451 _____ C:\Users\Oksanka\Desktop\ios_ryclost.ipad
2014-01-11 20:44 - 2014-01-08 18:52 - 00003495 _____ C:\Users\Oksanka\Desktop\Zrandom.bat
2014-01-11 20:24 - 2014-01-11 20:24 - 00000055 _____ C:\Users\Oksanka\Desktop\micak.rba
2014-01-11 18:12 - 2014-01-11 17:52 - 1204813824 _____ C:\Users\Oksanka\Downloads\linuxmint-16-xfce-dvd-32bit.iso
2014-01-11 17:29 - 2014-01-11 15:29 - 00002266 _____ C:\Users\Oksanka\Documents\Nová databáze.odb
2014-01-11 15:46 - 2013-03-03 22:14 - 00217600 ___SH C:\Users\Oksanka\Documents\Thumbs.db
2014-01-11 15:41 - 2014-01-11 15:41 - 00058734 _____ C:\Users\Oksanka\Documents\zakony socialni.odt
2014-01-11 15:33 - 2014-01-11 15:33 - 00000000 ____D C:\ProgramData\Garmin
2014-01-11 15:33 - 2013-12-24 22:58 - 00000000 ____D C:\Users\Oksanka\AppData\Roaming\Garmin
2014-01-11 15:29 - 2014-01-11 15:29 - 00000000 ____D C:\Users\Oksanka\AppData\Roaming\OpenOffice
2014-01-11 15:29 - 2011-12-13 08:35 - 00118456 _____ C:\Users\Oksanka\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-11 15:28 - 2014-01-11 15:28 - 00001100 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-01-11 15:28 - 2014-01-11 15:27 - 00000000 ___DC C:\Program Files (x86)\OpenOffice 4
2014-01-11 15:26 - 2014-01-11 15:26 - 00000000 ____D C:\Users\Oksanka\Desktop\OpenOffice 4.0.1 (cs) Installation Files
2014-01-11 15:26 - 2014-01-11 15:23 - 130785256 _____ C:\Users\Oksanka\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_cs.exe
2014-01-11 15:26 - 2009-07-14 04:20 - 00000000 ___DC C:\Program Files\Common Files\Microsoft Shared
2014-01-11 15:20 - 2014-01-11 15:20 - 00033075 _____ C:\Users\Oksanka\Downloads\Rodičovský příspěvek.htm
2014-01-11 15:20 - 2014-01-11 15:20 - 00000000 ____D C:\Users\Oksanka\Downloads\Rodičovský příspěvek_files
2014-01-10 19:36 - 2013-12-25 12:02 - 00000000 ____D C:\Users\Oksanka\Downloads\UGNM
2014-01-10 19:35 - 2014-01-10 19:35 - 00044637 _____ C:\Users\Oksanka\Downloads\Temnaja_Bashnja_IV.torrent
2014-01-10 19:26 - 2014-01-01 21:09 - 00012570 _____ C:\Users\Oksanka\Desktop\stiven-king-tyomnaya-bashnya-4-koldun-i-kristall-mp3-[torrentino].torrent
2014-01-09 16:32 - 2014-01-09 16:17 - 824180736 _____ C:\Users\Oksanka\Downloads\zorin-os-7.1-lite.iso
2014-01-09 16:22 - 2014-01-09 16:22 - 00002222 _____ C:\Users\Oksanka\Downloads\zorin-wcg_1.0.2_i386.deb
2014-01-08 18:10 - 2014-01-08 18:10 - 01048576 _____ C:\Users\Oksanka\Downloads\ipxe (1).iso
2014-01-08 18:09 - 2014-01-08 17:59 - 553648128 _____ C:\Users\Oksanka\Downloads\archlinux-2014.01.05-dual.iso
2014-01-08 18:02 - 2014-01-08 18:02 - 01048576 _____ C:\Users\Oksanka\Downloads\ipxe.iso
2014-01-07 20:06 - 2014-01-07 20:06 - 00273917 _____ C:\Users\Oksanka\Downloads\activity_426309457.tcx
2014-01-07 20:05 - 2014-01-07 20:05 - 00302325 _____ C:\Users\Oksanka\Downloads\activity_426309473.tcx
2014-01-07 18:59 - 2014-01-07 18:59 - 00000000 ___DC C:\mdv
2014-01-07 18:54 - 2011-12-13 08:35 - 00000000 ____D C:\Users\Oksanka
2014-01-07 10:24 - 2014-01-07 10:24 - 00000000 ____D C:\Users\Oksanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-06 21:12 - 2014-01-06 21:12 - 00000000 ____D C:\Users\Oksanka\Desktop\tom9
2014-01-06 21:11 - 2014-01-06 21:11 - 00000000 ____D C:\Users\Oksanka\Desktop\tom8
2014-01-06 21:02 - 2014-01-06 21:01 - 00000000 ____D C:\Users\Oksanka\Desktop\tom7
2014-01-06 20:16 - 2014-01-06 20:16 - 00000489 _____ C:\Users\Oksanka\Desktop\inpr.gklo.gklc – zástupce.lnk
2014-01-06 20:14 - 2013-12-19 13:04 - 00000000 ____D C:\Users\Oksanka\Desktop\PRZ
2014-01-06 19:23 - 2014-01-02 13:10 - 00000000 ____D C:\Users\Oksanka\PcitVdi
2014-01-06 17:50 - 2014-01-06 17:20 - 1289748480 _____ C:\Users\Oksanka\Downloads\linuxmint-16-mate-dvd-32bit.iso
2014-01-06 17:14 - 2014-01-06 17:14 - 00015351 _____ C:\Users\Oksanka\Desktop\presi_edit.pptx – zástupce.lnk
2014-01-06 15:50 - 2014-01-06 15:50 - 00585216 _____ C:\Users\Oksanka\Downloads\Cenik_doporucenych_cen.xls
2014-01-06 13:25 - 2014-01-06 13:25 - 00000000 ____D C:\Users\Oksanka\AppData\Local\{3D37CA2D-4DE1-4039-B24B-F05CC50676E7}
2014-01-06 13:25 - 2014-01-06 13:22 - 00000000 ____D C:\Users\Oksanka\Desktop\VSERS
2014-01-06 13:23 - 2014-01-06 13:23 - 00000000 ____D C:\Users\Oksanka\Desktop\VSERS2
2014-01-05 15:59 - 2011-12-13 09:14 - 00000000 ____D C:\Users\Oksanka\AppData\Roaming\PowerCinema
2014-01-05 15:59 - 2011-12-13 08:35 - 00000000 ____D C:\Users\Oksanka\AppData\Local\PowerCinema
2014-01-05 15:42 - 2014-01-05 15:42 - 00001809 _____ C:\Users\Oksanka\Desktop\HRPT.lnk
2014-01-04 21:42 - 2014-01-04 21:42 - 00278640 _____ C:\Users\Oksanka\Downloads\activity_424606260.tcx
2014-01-04 20:26 - 2014-01-04 20:26 - 00000000 ____D C:\Users\Oksanka\Downloads\Noty---River-Flows-in-You
2014-01-04 20:25 - 2014-01-04 20:25 - 03046938 _____ C:\Users\Oksanka\Downloads\Noty---River-Flows-in-You.rar
2014-01-04 09:23 - 2014-01-04 09:11 - 808452096 _____ C:\Users\Oksanka\Downloads\crunchbang-11-20130506-i686.iso
2014-01-03 22:24 - 2014-01-03 22:24 - 00031107 _____ C:\Users\Oksanka\Downloads\crunchbang-11-20130506-i686.iso.torrent
2014-01-03 21:49 - 2014-01-03 21:49 - 00000421 _____ C:\Users\Oksanka\Desktop\inpr.gklo.gklc
2014-01-03 15:06 - 2014-01-03 14:48 - 1031405569 _____ C:\Users\Oksanka\Downloads\Wall-Street---Penize-nikdy-nespi-CZ-2010.avi
2014-01-02 16:37 - 2014-01-02 16:37 - 00000000 ____D C:\Users\Oksanka\AppData\Local\cache
2014-01-02 16:37 - 2014-01-02 16:37 - 00000000 ____D C:\Users\Oksanka\.android
2014-01-02 16:35 - 2014-01-02 16:35 - 00211302 _____ C:\Users\Oksanka\Downloads\GotClip_Setup.exe
2014-01-02 14:52 - 2014-01-02 14:52 - 00282809 _____ C:\Users\Oksanka\Downloads\activity_423308454 (1).tcx
2014-01-02 14:32 - 2014-01-02 14:32 - 01100330 _____ C:\Users\Oksanka\Downloads\activity_421816958 (3).tcx
2014-01-02 14:28 - 2014-01-02 14:28 - 00282809 _____ C:\Users\Oksanka\Downloads\activity_423308454.tcx
2014-01-02 14:27 - 2014-01-02 14:27 - 01100330 _____ C:\Users\Oksanka\Downloads\activity_421816958 (2).tcx
2014-01-02 14:26 - 2014-01-02 14:26 - 00417124 _____ C:\Users\Oksanka\Downloads\activity_420526154.tcx
2014-01-02 14:25 - 2014-01-02 14:25 - 00281599 _____ C:\Users\Oksanka\Downloads\activity_420105537.tcx
2014-01-02 14:24 - 2014-01-02 14:24 - 00269755 _____ C:\Users\Oksanka\Downloads\activity_419789798.tcx
2014-01-02 13:35 - 2014-01-02 13:19 - 1055916032 _____ C:\Users\Oksanka\Downloads\kubuntu-13.10-desktop-i386.iso
2014-01-02 01:24 - 2013-01-16 22:22 - 00000000 ___DC C:\FFOutput
2014-01-02 01:12 - 2014-01-02 01:11 - 05102492 _____ C:\Users\Oksanka\Documents\Můj film.wmv
2014-01-02 01:09 - 2014-01-02 01:08 - 00000000 ____D C:\Users\Oksanka\AppData\Local\{34E6264C-112E-4434-A0DF-0E4322F73728}
2014-01-02 01:04 - 2011-12-25 10:30 - 00035840 _____ C:\Users\Oksanka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-01 23:48 - 2011-12-24 23:57 - 00000000 ____D C:\Users\Oksanka\AppData\Local\Apple Computer
2014-01-01 21:08 - 2014-01-01 21:08 - 00211536 _____ (Destiny Media) C:\Users\Oksanka\Downloads\stiven_king_-_tyomnaya_bashnya_4_koldun_i_kristall_2012_mp3.exe
2014-01-01 21:08 - 2014-01-01 21:08 - 00106920 _____ (LLC Pentagon) C:\Users\Oksanka\Downloads\stiven-king-tyomnaya-bashnya-4-koldun-i-kristall-mp3-[torrentino].exe
2014-01-01 15:05 - 2013-07-09 19:51 - 00003067 ____H C:\Users\Oksanka\Downloads\.picasa.ini
2014-01-01 15:05 - 2013-07-09 19:51 - 00000000 ___HD C:\Users\Oksanka\Downloads\.picasaoriginals
2013-12-31 09:32 - 2013-12-31 09:21 - 489327760 _____ C:\Users\Oksanka\Downloads\Návrat do budoucnosti III (1990).avi
2013-12-30 20:40 - 2013-12-30 20:40 - 01100330 _____ C:\Users\Oksanka\Downloads\activity_421816958 (1).tcx
2013-12-30 20:40 - 2013-12-30 20:40 - 00462824 _____ C:\Users\Oksanka\Downloads\activity_421816958.gpx
2013-12-30 20:29 - 2013-12-30 20:29 - 01014436 _____ C:\Users\Oksanka\Downloads\activity_421816958 (1).kml
2013-12-30 18:14 - 2013-12-30 18:14 - 01014436 _____ C:\Users\Oksanka\Downloads\activity_421816958.kml
2013-12-30 18:13 - 2013-12-30 18:13 - 01100330 _____ C:\Users\Oksanka\Downloads\activity_421816958.tcx
2013-12-29 13:27 - 2013-12-29 12:57 - 00000000 ____D C:\Users\Oksanka\Desktop\dev sdc1
2013-12-29 12:42 - 2013-12-29 12:26 - 1362100224 _____ C:\Users\Oksanka\Downloads\linuxmint-16-kde-dvd-32bit.iso
2013-12-28 00:12 - 2013-12-28 00:12 - 00000000 ____D C:\Users\Oksanka\Downloads\Lykke Li
2013-12-27 18:59 - 2013-12-27 18:51 - 741343232 _____ C:\Users\Oksanka\Downloads\ubuntu-12.04.3-desktop-i386.iso
2013-12-27 18:50 - 2013-12-27 18:50 - 00003825 _____ C:\Users\Oksanka\Downloads\ubuntu-12.04.3-desktop-i386.list
2013-12-26 14:14 - 2013-12-26 14:14 - 00553008 _____ C:\Users\Oksanka\Downloads\140400-gdm3.tar.gz
2013-12-26 10:00 - 2013-12-26 09:48 - 729808896 _____ C:\Users\Oksanka\Downloads\lubuntu-13.10-desktop-i386.iso
2013-12-25 22:28 - 2013-12-25 22:28 - 15478976 _____ C:\Users\Oksanka\Downloads\ExpressFit_201 (2).exe
2013-12-25 17:35 - 2013-12-25 17:30 - 00000386 _____ C:\Users\Oksanka\Desktop\navod.txt
2013-12-25 12:25 - 2013-12-25 12:02 - 918552576 _____ C:\Users\Oksanka\Downloads\ubuntu-gnome-13.10-desktop-i386.iso
2013-12-25 12:02 - 2013-12-25 12:02 - 00035276 _____ C:\Users\Oksanka\Downloads\ubuntu-gnome-13.10-desktop-i386.iso.torrent
2013-12-25 11:45 - 2013-12-19 14:27 - 00000000 ____D C:\Users\Oksanka\Desktop\linux_magic_tweak
2013-12-25 11:39 - 2013-12-25 11:39 - 00547256 _____ (Akeo Consulting (http://akeo.ie)) C:\Users\Oksanka\Downloads\rufus_v1.4.1.exe
2013-12-25 11:37 - 2013-12-25 11:35 - 00000000 ____D C:\Users\Oksanka\Desktop\pcitvdientlinuxfiles
2013-12-25 00:41 - 2013-12-25 00:13 - 300519424 _____ C:\Users\Oksanka\Downloads\Topo_Czech_2013.exe
2013-12-24 23:57 - 2013-12-24 23:56 - 18864072 _____ C:\Users\Oksanka\Downloads\CommunicatorPlugin_410 (1).exe
2013-12-24 23:51 - 2013-12-24 23:51 - 00000000 ___DC C:\Program Files\Garmin GPS Plugin
2013-12-24 23:51 - 2013-12-24 23:51 - 00000000 ___DC C:\Program Files (x86)\Garmin GPS Plugin
2013-12-24 23:49 - 2013-12-24 23:49 - 18864072 _____ C:\Users\Oksanka\Downloads\CommunicatorPlugin_410.exe
2013-12-24 23:21 - 2013-12-24 23:20 - 15478976 _____ C:\Users\Oksanka\Downloads\ExpressFit_201 (1).exe
2013-12-24 22:59 - 2013-12-24 22:59 - 00000000 ___DC C:\Program Files (x86)\Garmin
2013-12-24 22:59 - 2013-12-24 22:59 - 00000000 ___DC C:\Garmin
2013-12-24 22:58 - 2013-12-24 22:58 - 15478976 _____ C:\Users\Oksanka\Downloads\ExpressFit_201.exe
2013-12-23 22:04 - 2013-06-13 21:20 - 00000000 ____D C:\Users\Oksanka\Desktop\materialy na praci
2013-12-23 20:32 - 2013-12-23 20:32 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
2013-12-23 15:00 - 2013-12-23 15:00 - 00024256 _____ C:\Users\Oksanka\Downloads\plutil.pl
2013-12-23 13:10 - 2013-12-23 10:36 - 3942645760 _____ C:\Users\Oksanka\Downloads\debian-7.3.0-amd64-DVD-1.iso
2013-12-23 10:58 - 2013-12-23 10:35 - 652214272 _____ C:\Users\Oksanka\Downloads\debian-7.3.0-amd64-CD-1.iso
2013-12-23 10:52 - 2013-12-23 10:52 - 00034320 _____ C:\Users\Oksanka\Downloads\ubuntu-drivers-common_0.2.71.1_amd64.deb
2013-12-23 10:52 - 2013-12-23 10:52 - 00034320 _____ C:\Users\Oksanka\Downloads\ubuntu-drivers-common_0.2.71.1_amd64 (1).deb
2013-12-23 10:35 - 2013-12-23 10:35 - 00075621 _____ C:\Users\Oksanka\Downloads\debian-7.3.0-amd64-DVD-1.iso.torrent
2013-12-23 09:34 - 2013-12-23 09:18 - 946864128 _____ C:\Users\Oksanka\Downloads\openSUSE-13.1-KDE-Live-i686.iso
2013-12-22 17:19 - 2013-12-22 17:19 - 02560216 _____ C:\Users\Oksanka\Downloads\wubi.exe
2013-12-21 18:40 - 2013-12-21 18:39 - 00387775 _____ C:\Users\Oksanka\Downloads\Baltie.zip
2013-12-20 14:31 - 2013-12-20 14:07 - 1209864481 _____ C:\Users\Oksanka\Downloads\NOOBS_v1_3_2 (1).zip
2013-12-20 13:31 - 2013-12-20 13:31 - 00002050 _____ C:\Users\Public\Desktop\SDFormatter.lnk
2013-12-20 13:31 - 2013-12-20 13:31 - 00000000 ___DC C:\Program Files (x86)\SDA
2013-12-20 13:30 - 2013-12-20 13:30 - 00236194 _____ C:\Users\Oksanka\Downloads\SDFormatter_4.00B.pkg
2013-12-20 13:29 - 2013-12-20 13:29 - 06286748 _____ C:\Users\Oksanka\Downloads\SDFormatterv4.zip
2013-12-20 13:29 - 2012-07-31 14:17 - 00000000 ____D C:\Users\Oksanka\AppData\Local\Downloaded Installations
2013-12-20 13:28 - 2013-12-20 13:28 - 20918392 _____ C:\Users\Oksanka\Downloads\NOOBS_lite_v1_3_2.zip
2013-12-19 14:43 - 2013-12-19 14:08 - 727711744 _____ C:\Users\Oksanka\Downloads\Mageia-3-LiveCD-KDE4-en-i586-CD.iso
2013-12-19 14:17 - 2013-12-19 14:10 - 00000000 ____D C:\Users\Oksanka\Downloads\Темная Башня III - Бесплодные земли
2013-12-19 14:07 - 2013-12-19 14:07 - 00000056 _____ C:\Users\Oksanka\Downloads\Mageia-3-i586-DVD.iso.md5
2013-12-19 13:28 - 2013-12-19 13:05 - 00198389 _____ C:\Users\Oksanka\presi_edit.pptx

Some content of TEMP:
====================
C:\Users\Oksanka\AppData\Local\Temp\mediahitbrowsersetup.exe
C:\Users\Oksanka\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Oksanka\AppData\Local\Temp\pyl623C.tmp.exe
C:\Users\Oksanka\AppData\Local\Temp\pylD421.tmp.exe
C:\Users\Oksanka\AppData\Local\Temp\pylEA2E.tmp.exe
C:\Users\Oksanka\AppData\Local\Temp\Quarantine.exe
C:\Users\Oksanka\AppData\Local\Temp\runprog.exe
C:\Users\Oksanka\AppData\Local\Temp\tmp5482.exe
C:\Users\Oksanka\AppData\Local\Temp\Tsu663FE862.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-01-17 13:36

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (/) (Fixed) (Total:450.66 GB) (Free:122.97 GB) NTFS

Available physical RAM: 1719.18 MB
Total physical RAM: 3946.73 MB
Percentage of memory in use: 56%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: C3683201)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1198225589-1884671980-4053545476-1000Core.job => C:\Users\Oksanka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1198225589-1884671980-4053545476-1000UA.job => C:\Users\Oksanka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1198225589-1884671980-4053545476-1000Core.job => C:\Users\Oksanka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1198225589-1884671980-4053545476-1000UA.job => C:\Users\Oksanka\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
AlternateDataStreams: C:\Users\Oksanka\Downloads\chanel_botky_vel_38_100%_original.eml:OECustomProperty

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Oksanka\Desktop" je 687 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater
"C:\Program Files (x86)\Ask.com\Updater\Updater.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApplePhotoStreams
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeMovieService
"C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dolby Advanced Audio v2
"C:\Dolby PCEE4\pcee4.exe" -autostart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
"C:\Users\Oksanka\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\Oksanka\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds
C:\Windows\system32\hkcmd.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray
C:\Windows\system32\igfxtray.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager
C:\Program Files (x86)\Launch Manager\LManager.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MailRuUpdater
C:\Users\Oksanka\AppData\Local\Mail.Ru\MailRuUpdater.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC
"c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyTomTomSA.exe
"C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orbitum
C:\Users\Oksanka\AppData\Local\Orbitum\Application\chrome.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence
C:\Windows\system32\igfxpers.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power Management
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray
"C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zona
C:\Program Files (x86)\Zona\Zona.exe /MINIMIZED [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~2\MCAFEE~1\307523~1.318\SSSCHE~1.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scrybe.lnk
C:\Windows\Installer\{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}\NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

ksusa · #9 Příspěvek od **ksusa** » 18 led 2014 22:40

Addition.txt přiloha

#10 Příspěvek od **vyosek** » 19 led 2014 06:05

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKCU\...\Run: [Google Update] - C:\Users\Oksanka\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-12-13] (Google Inc.)
HKCU\...\Run: [SpeedUpMyComputer] - C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as
HKCU\...\Run: [ExpressFit] - C:\Program Files (x86)\Garmin\Express Fit\ExpressFit.exe [16576512 2013-12-11] (GARMIN Corp.)
HKCU\...\Run: [RoboForm] - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [100200 2014-01-16] (Siber Systems)
MountPoints2: {7d732749-f6bf-11e0-b4c9-806e6f6e6963} - D:\dosutils\autorun\autorun.exe
MountPoints2: {b6b8edc0-5964-11e1-bb53-806e6f6e6963} - E:\start.exe
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
AppInit_DLLs-x32: c:\progra~2\gssupp~1\assist~1.dll [3041792 2014-01-12] ()
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.mail.ru/?homepage=1
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0BE4231A-B8A1-4037-80E4-9D3511123E97} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468
SearchScopes: HKCU - {5220EE9B-ED34-47D7-850A-1A0308C42034} URL = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^CZ&apn_uid=990CCA78-B8CE-4C75-B3FD-0881051C870F&apn_sauid=AC8730A8-AF6D-4198-ADB3-DABD1B865981
SearchScopes: HKCU - {696D8D61-8936-406A-8517-63E512E842DE} URL = http://www.mysearchresults.com/search?c=2355&t=01&q={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO-x32: jZip Webmail plugin - {647FD14A-C4F1-46F4-8FC3-0B40F54226F7} - C:\Program Files (x86)\jZip\WebmailPlugin.dll No File
BHO-x32: No Name - {8984B388-A5BB-4DF7-B274-77B879E179DB} - No File
Toolbar: HKCU - No Name - {ECDEE021-0D17-467F-A1FF-C7A115230949} - No File
Toolbar: HKCU - No Name - {09900DE8-1DCA-443F-9243-26FF581438AF} - No File

FF DefaultSearchEngine: ?????@Mail.Ru
FF SelectedSearchEngine: ?????@Mail.Ru
FF Homepage: hxxp://go.mail.ru/?homepage=1
FF Keyword.URL: hxxp://go.mail.ru/search?fr=fftb&q=

R2 e9f32388; C:\Program Files (x86)\GS Supporter\AssistantSvc.dll [146768 2014-01-12] ()

2014-01-18 22:30 - 2014-01-18 22:30 - 00112640 _____ (forum.viry.cz) C:\Users\Oksanka\Desktop\FRSTLauncher (1).exe
2014-01-18 22:29 - 2014-01-18 22:29 - 00112640 _____ (forum.viry.cz) C:\Users\Oksanka\Desktop\Nepotvrzeno 47448.crdownload
2014-01-18 22:23 - 2014-01-18 22:23 - 00112640 _____ (forum.viry.cz) C:\Users\Oksanka\Downloads\Nepotvrzeno 119936.crdownload
2014-01-18 22:21 - 2014-01-18 22:21 - 00001138 _____ C:\Users\Oksanka\Downloads\Nepotvrzeno 80003.crdownload
2014-01-18 22:20 - 2014-01-18 22:20 - 02076160 _____ (Farbar) C:\Users\Oksanka\Downloads\FRST64.exe
2014-01-18 11:31 - 2014-01-18 11:31 - 01236282 _____ C:\Users\Oksanka\Downloads\adwcleaner.exe
2014-01-18 11:15 - 2014-01-18 11:15 - 00987425 _____ C:\Users\Oksanka\Downloads\SecurityCheck.exe
2014-01-18 11:05 - 2014-01-18 11:05 - 00007832 ____C C:\FixitRegBackup.reg
2014-01-17 21:53 - 2014-01-17 21:53 - 00935175 _____ C:\Users\Oksanka\Downloads\RSITx64.exe
2014-01-16 23:52 - 2014-01-16 23:52 - 00003669 _____ C:\Users\Oksanka\Desktop\RKreport[0]_S_01162014_235213.txt
2014-01-16 23:50 - 2014-01-16 23:50 - 00003635 _____ C:\Users\Oksanka\Desktop\RKreport[0]_S_01162014_235049.txt
2014-01-16 23:32 - 2014-01-16 23:32 - 00003602 _____ C:\Users\Oksanka\Desktop\RKreport[0]_S_01162014_233227.txt
2014-01-16 23:30 - 2014-01-16 23:53 - 00000000 ____D C:\Users\Oksanka\Desktop\RK_Quarantine
2014-01-16 23:28 - 2014-01-16 23:29 - 03809280 _____ C:\Users\Oksanka\Downloads\RogueKiller.exe
2014-01-16 23:16 - 2014-01-16 23:16 - 00003494 _____ C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ___DC C:\Program Files (x86)\GS Supporter
C:\Users\Oksanka\AppData\Local\Temp\mediahitbrowsersetup.exe
C:\Users\Oksanka\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Oksanka\AppData\Local\Temp\pyl623C.tmp.exe
C:\Users\Oksanka\AppData\Local\Temp\pylD421.tmp.exe
C:\Users\Oksanka\AppData\Local\Temp\pylEA2E.tmp.exe
C:\Users\Oksanka\AppData\Local\Temp\Quarantine.exe
C:\Users\Oksanka\AppData\Local\Temp\runprog.exe
C:\Users\Oksanka\AppData\Local\Temp\tmp5482.exe
C:\Users\Oksanka\AppData\Local\Temp\Tsu663FE862.dll

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1198225589-1884671980-4053545476-1000Core.job => C:\Users\Oksanka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1198225589-1884671980-4053545476-1000UA.job => C:\Users\Oksanka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1198225589-1884671980-4053545476-1000Core.job => C:\Users\Oksanka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1198225589-1884671980-4053545476-1000UA.job => C:\Users\Oksanka\AppData\Local\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
AlternateDataStreams: C:\Users\Oksanka\Downloads\chanel_botky_vel_38_100%_original.eml:OECustomProperty

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MailRuUpdater" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyTomTomSA.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orbitum" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zona" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scrybe.lnk" /f

C:\Program Files (x86)\SmartTweak
Hosts:

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

ksusa · #11 Příspěvek od **ksusa** » 19 led 2014 09:54

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-01-2014 03
Ran by Oksanka at 2014-01-19 09:50:36 Run:1
Running from C:\Users\Oksanka\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKCU\...\Run: [Google Update] - C:\Users\Oksanka\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-12-13] (Google Inc.)
HKCU\...\Run: [SpeedUpMyComputer] - C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as
HKCU\...\Run: [ExpressFit] - C:\Program Files (x86)\Garmin\Express Fit\ExpressFit.exe [16576512 2013-12-11] (GARMIN Corp.)
HKCU\...\Run: [RoboForm] - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [100200 2014-01-16] (Siber Systems)
MountPoints2: {7d732749-f6bf-11e0-b4c9-806e6f6e6963} - D:\dosutils\autorun\autorun.exe
MountPoints2: {b6b8edc0-5964-11e1-bb53-806e6f6e6963} - E:\start.exe
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
AppInit_DLLs-x32: c:\progra~2\gssupp~1\assist~1.dll [3041792 2014-01-12] ()
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.mail.ru/?homepage=1
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0BE4231A-B8A1-4037-80E4-9D3511123E97} URL = http://search.conduit.com/ResultsExt.as ... =CT3220468
SearchScopes: HKCU - {5220EE9B-ED34-47D7-850A-1A0308C42034} URL = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^CZ&apn_uid=990CCA78-B8CE-4C75-B3FD-0881051C870F&apn_sauid=AC8730A8-AF6D-4198-ADB3-DABD1B865981
SearchScopes: HKCU - {696D8D61-8936-406A-8517-63E512E842DE} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO-x32: jZip Webmail plugin - {647FD14A-C4F1-46F4-8FC3-0B40F54226F7} - C:\Program Files (x86)\jZip\WebmailPlugin.dll No File
BHO-x32: No Name - {8984B388-A5BB-4DF7-B274-77B879E179DB} - No File
Toolbar: HKCU - No Name - {ECDEE021-0D17-467F-A1FF-C7A115230949} - No File
Toolbar: HKCU - No Name - {09900DE8-1DCA-443F-9243-26FF581438AF} - No File

FF DefaultSearchEngine: ?????@Mail.Ru
FF SelectedSearchEngine: ?????@Mail.Ru
FF Homepage: hxxp://go.mail.ru/?homepage=1
FF Keyword.URL: hxxp://go.mail.ru/search?fr=fftb&q=

R2 e9f32388; C:\Program Files (x86)\GS Supporter\AssistantSvc.dll [146768 2014-01-12] ()

2014-01-18 22:30 - 2014-01-18 22:30 - 00112640 _____ (forum.viry.cz) C:\Users\Oksanka\Desktop\FRSTLauncher (1).exe
2014-01-18 22:29 - 2014-01-18 22:29 - 00112640 _____ (forum.viry.cz) C:\Users\Oksanka\Desktop\Nepotvrzeno 47448.crdownload
2014-01-18 22:23 - 2014-01-18 22:23 - 00112640 _____ (forum.viry.cz) C:\Users\Oksanka\Downloads\Nepotvrzeno 119936.crdownload
2014-01-18 22:21 - 2014-01-18 22:21 - 00001138 _____ C:\Users\Oksanka\Downloads\Nepotvrzeno 80003.crdownload
2014-01-18 22:20 - 2014-01-18 22:20 - 02076160 _____ (Farbar) C:\Users\Oksanka\Downloads\FRST64.exe
2014-01-18 11:31 - 2014-01-18 11:31 - 01236282 _____ C:\Users\Oksanka\Downloads\adwcleaner.exe
2014-01-18 11:15 - 2014-01-18 11:15 - 00987425 _____ C:\Users\Oksanka\Downloads\SecurityCheck.exe
2014-01-18 11:05 - 2014-01-18 11:05 - 00007832 ____C C:\FixitRegBackup.reg
2014-01-17 21:53 - 2014-01-17 21:53 - 00935175 _____ C:\Users\Oksanka\Downloads\RSITx64.exe
2014-01-16 23:52 - 2014-01-16 23:52 - 00003669 _____ C:\Users\Oksanka\Desktop\RKreport[0]_S_01162014_235213.txt
2014-01-16 23:50 - 2014-01-16 23:50 - 00003635 _____ C:\Users\Oksanka\Desktop\RKreport[0]_S_01162014_235049.txt
2014-01-16 23:32 - 2014-01-16 23:32 - 00003602 _____ C:\Users\Oksanka\Desktop\RKreport[0]_S_01162014_233227.txt
2014-01-16 23:30 - 2014-01-16 23:53 - 00000000 ____D C:\Users\Oksanka\Desktop\RK_Quarantine
2014-01-16 23:28 - 2014-01-16 23:29 - 03809280 _____ C:\Users\Oksanka\Downloads\RogueKiller.exe
2014-01-16 23:16 - 2014-01-16 23:16 - 00003494 _____ C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon
2014-01-12 00:41 - 2014-01-12 00:41 - 00000000 ___DC C:\Program Files (x86)\GS Supporter
C:\Users\Oksanka\AppData\Local\Temp\mediahitbrowsersetup.exe
C:\Users\Oksanka\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Oksanka\AppData\Local\Temp\pyl623C.tmp.exe
C:\Users\Oksanka\AppData\Local\Temp\pylD421.tmp.exe
C:\Users\Oksanka\AppData\Local\Temp\pylEA2E.tmp.exe
C:\Users\Oksanka\AppData\Local\Temp\Quarantine.exe
C:\Users\Oksanka\AppData\Local\Temp\runprog.exe
C:\Users\Oksanka\AppData\Local\Temp\tmp5482.exe
C:\Users\Oksanka\AppData\Local\Temp\Tsu663FE862.dll

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1198225589-1884671980-4053545476-1000Core.job => C:\Users\Oksanka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1198225589-1884671980-4053545476-1000UA.job => C:\Users\Oksanka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1198225589-1884671980-4053545476-1000Core.job => C:\Users\Oksanka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1198225589-1884671980-4053545476-1000UA.job => C:\Users\Oksanka\AppData\Local\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
AlternateDataStreams: C:\Users\Oksanka\Downloads\chanel_botky_vel_38_100%_original.eml:OECustomProperty

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MailRuUpdater" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyTomTomSA.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orbitum" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zona" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scrybe.lnk" /f

C:\Program Files (x86)\SmartTweak
Hosts:

End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\SpeedUpMyComputer => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\ExpressFit => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\RoboForm => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7d732749-f6bf-11e0-b4c9-806e6f6e6963} => Key deleted successfully.
HKCR\CLSID\{7d732749-f6bf-11e0-b4c9-806e6f6e6963} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b6b8edc0-5964-11e1-bb53-806e6f6e6963} => Key deleted successfully.
HKCR\CLSID\{b6b8edc0-5964-11e1-bb53-806e6f6e6963} => Key not found.
HKU\Default\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ScrSav => Value deleted successfully.
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ScrSav => Value not found.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
Default URLSearchHook was restored successfully .
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0BE4231A-B8A1-4037-80E4-9D3511123E97} => Key deleted successfully.
HKCR\CLSID\{0BE4231A-B8A1-4037-80E4-9D3511123E97} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5220EE9B-ED34-47D7-850A-1A0308C42034} => Key deleted successfully.
HKCR\CLSID\{5220EE9B-ED34-47D7-850A-1A0308C42034} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{696D8D61-8936-406A-8517-63E512E842DE} => Key deleted successfully.
HKCR\CLSID\{696D8D61-8936-406A-8517-63E512E842DE} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{647FD14A-C4F1-46F4-8FC3-0B40F54226F7} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{647FD14A-C4F1-46F4-8FC3-0B40F54226F7} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8984B388-A5BB-4DF7-B274-77B879E179DB} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{8984B388-A5BB-4DF7-B274-77B879E179DB} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{ECDEE021-0D17-467F-A1FF-C7A115230949} => Value deleted successfully.
HKCR\CLSID\{ECDEE021-0D17-467F-A1FF-C7A115230949} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{09900DE8-1DCA-443F-9243-26FF581438AF} => Value deleted successfully.
HKCR\CLSID\{09900DE8-1DCA-443F-9243-26FF581438AF} => Key not found.
Firefox DefaultSearchEngine deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
Firefox homepage deleted successfully.
Firefox Keyword.URL deleted successfully.
e9f32388 => Service deleted successfully.
C:\Users\Oksanka\Desktop\FRSTLauncher (1).exe => Moved successfully.
"C:\Users\Oksanka\Desktop\Nepotvrzeno 47448.crdownload" => File/Directory not found.
"C:\Users\Oksanka\Downloads\Nepotvrzeno 119936.crdownload" => File/Directory not found.
"C:\Users\Oksanka\Downloads\Nepotvrzeno 80003.crdownload" => File/Directory not found.
C:\Users\Oksanka\Downloads\FRST64.exe => Moved successfully.
C:\Users\Oksanka\Downloads\adwcleaner.exe => Moved successfully.
C:\Users\Oksanka\Downloads\SecurityCheck.exe => Moved successfully.
C:\FixitRegBackup.reg => Moved successfully.
C:\Users\Oksanka\Downloads\RSITx64.exe => Moved successfully.
C:\Users\Oksanka\Desktop\RKreport[0]_S_01162014_235213.txt => Moved successfully.
C:\Users\Oksanka\Desktop\RKreport[0]_S_01162014_235049.txt => Moved successfully.
C:\Users\Oksanka\Desktop\RKreport[0]_S_01162014_233227.txt => Moved successfully.
C:\Users\Oksanka\Desktop\RK_Quarantine => Moved successfully.
C:\Users\Oksanka\Downloads\RogueKiller.exe => Moved successfully.
C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon => Moved successfully.

"C:\Program Files (x86)\GS Supporter" directory move:

C:\Program Files (x86)\GS Supporter\Assistant.dll => Moved successfully.
Could not move "C:\Program Files (x86)\GS Supporter\AssistantSvc.dll" => Scheduled to move on reboot.
C:\Program Files (x86)\GS Supporter\Assistant_x64.dll => Moved successfully.
Could not move "C:\Program Files (x86)\GS Supporter" directory. => Scheduled to move on reboot.

C:\Users\Oksanka\AppData\Local\Temp\mediahitbrowsersetup.exe => Moved successfully.
C:\Users\Oksanka\AppData\Local\Temp\ntdll_dump.dll => Moved successfully.
C:\Users\Oksanka\AppData\Local\Temp\pyl623C.tmp.exe => Moved successfully.
C:\Users\Oksanka\AppData\Local\Temp\pylD421.tmp.exe => Moved successfully.
C:\Users\Oksanka\AppData\Local\Temp\pylEA2E.tmp.exe => Moved successfully.
C:\Users\Oksanka\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Oksanka\AppData\Local\Temp\runprog.exe => Moved successfully.
C:\Users\Oksanka\AppData\Local\Temp\tmp5482.exe => Moved successfully.
C:\Users\Oksanka\AppData\Local\Temp\Tsu663FE862.dll => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1198225589-1884671980-4053545476-1000Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1198225589-1884671980-4053545476-1000UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1198225589-1884671980-4053545476-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1198225589-1884671980-4053545476-1000UA.job => Moved successfully.
C:\ProgramData\Temp => ":373E1720" ADS removed successfully.
C:\ProgramData\Temp => ":D1B5B4F1" ADS removed successfully.
C:\Users\Oksanka\Downloads\chanel_botky_vel_38_100%_original.eml => ":OECustomProperty" ADS removed successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MailRuUpdater" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyTomTomSA.exe" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orbitum" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zona" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scrybe.lnk" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

C:\Program Files (x86)\SmartTweak => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-01-19 09:53:48)<=

C:\Program Files (x86)\GS Supporter\AssistantSvc.dll => Is moved successfully.
C:\Program Files (x86)\GS Supporter => Is moved successfully.

==== End of Fixlog ====

#12 Příspěvek od **vyosek** » 19 led 2014 09:59

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Jak se chova PC?

ksusa · #13 Příspěvek od **ksusa** » 19 led 2014 13:37

Děkuji mnohokrát-PC chová se ukázkově

#14 Příspěvek od **vyosek** » 19 led 2014 17:04

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

Pomaly PC .Prosím o kontrolu logu.Dekuj

Pomaly PC .Prosím o kontrolu logu.Dekuj

Re: Pomaly PC .Prosím o kontrolu logu.Dekuj

Re: Pomaly PC .Prosím o kontrolu logu.Dekuj

Re: Pomaly PC .Prosím o kontrolu logu.Dekuj

Re: Pomaly PC .Prosím o kontrolu logu.Dekuj

Re: Pomaly PC .Prosím o kontrolu logu.Dekuj

Re: Pomaly PC .Prosím o kontrolu logu.Dekuj

Re: Pomaly PC .Prosím o kontrolu logu.Dekuj

Re: Pomaly PC .Prosím o kontrolu logu.Dekuj

Re: Pomaly PC .Prosím o kontrolu logu.Dekuj

Re: Pomaly PC .Prosím o kontrolu logu.Dekuj

Re: Pomaly PC .Prosím o kontrolu logu.Dekuj

Re: Pomaly PC .Prosím o kontrolu logu.Dekuj

Re: Pomaly PC .Prosím o kontrolu logu.Dekuj