VIRY.CZ

Logfile of random's system information tool 1.09 (written by random/random)
Run by Koluch at 2014-01-17 20:29:08
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 24 GB (26%) free of 95 GB
Total RAM: 4077 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:29:14, on 17.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\Rundll32.exe
D:\Programy\Samsung Kies\Kies\Kies.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
D:\Programy\Samsung Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Users\Koluch\AppData\Local\CatalinaGroup\Update\1.3.25.203\CatalinaCrashHandler.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
D:\Programy\Samsung Kies\Kies\KiesTrayAgent.exe
D:\Programy\itunes\iTunesHelper.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SoftwareDistribution\Download\Install\CheckSURPackage.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Koluch.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source= ... 1380350351
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source= ... 1380350351
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source= ... 1380350351
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [KiesTrayAgent] D:\Programy\Samsung Kies\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Programy\itunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Printsrv] c:\Windows\System32\Printing_Admin_Scripts\en-US\drvupd.vbs
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [KiesPreload] D:\Programy\Samsung Kies\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [] D:\Programy\Samsung Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CatalinaGroup Update] "C:\Users\Koluch\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe" /c
O4 - HKCU\..\Run: [BackgroundContainer] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Koluch\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://www.asus.com/support/asusTek_sys_ctrl3.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Desk 365 service (desksvc) - 337 Technology Limited. - C:\Program Files (x86)\Desk 365\deskSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater17.3.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WinZiper service (winzipersvc) - Taiwan Shui Mu Chih Ching Technology Limited. - C:\Program Files (x86)\WinZipper\winzipersvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13140 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Desk 365\deskSvc.exe"
"C:\Program Files (x86)\WinZipper\winzipersvc.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
taskeng.exe {D462FDCD-B021-49A6-B67F-3180B0F53BF5}
Ati2evxx.exe -Client
C:\Windows\SysWOW64\Rundll32.exe "C:\Users\Koluch\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"D:\Programy\Samsung Kies\Kies\Kies.exe" /preload
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe"
"D:\Programy\Samsung Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"
\??\C:\Windows\system32\conhost.exe "-20869821191834670734-1950960103-270998254-1422668059-377015550173938202-1675679666
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Users\Koluch\AppData\Local\CatalinaGroup\Update\1.3.25.203\CatalinaCrashHandler.exe" /crashhandler
"C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"D:\Programy\Samsung Kies\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"D:\Programy\itunes\iTunesHelper.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5996.0.1036025812\1610959998" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,13,23 --gpu-vendor-id=0x1002 --gpu-device-id=0x5b62 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.593.100.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group5 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_93/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --instant-process --disable-html-notifications --enable-software-compositing --channel="5996.1.45388930\811179199" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group5 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_93/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="5996.2.1765378398\1082544419" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group5 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_93/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="5996.3.1395154587\1881163669" /prefetch:673131151
"C:\Windows\system32\wusa.exe" "C:\Users\Koluch\Downloads\Windows6.1-KB947821-v31-x64.msu"
"C:\Windows\system32\wuauclt.exe"
"C:\Windows\system32\wuauclt.exe" /RunHandlerComServer
"C:\Windows\SoftwareDistribution\Download\Install\CheckSURPackage.EXE" /Quiet /WindowsUpdate /DeleteBadCab /pkgversion=22.0 /fixcab=%windir%\CheckSur\v1.0\*.CAB /fixcab=%windir%\CheckSur\*.CAB /pkgdownload
d:\af861697cf543e338b658fd7052e55df\checksurlauncher.exe /Quiet /WindowsUpdate /DeleteBadCab /pkgversion=22.0 /fixcab=%windir%\CheckSur\v1.0\*.CAB /fixcab=%windir%\CheckSur\*.CAB /pkgdownload
d:\af861697cf543e338b658fd7052e55df\checksurlauncher.exe /Quiet /WindowsUpdate /DeleteBadCab /pkgversion=22.0 /fixcab=%windir%\CheckSur\v1.0\*.CAB /fixcab=%windir%\CheckSur\*.CAB /pkgdownload
\??\C:\Windows\system32\conhost.exe "-1003488727-2085631392-180848658-1417281822-1651230022-45773835719523808911785769077
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group5 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_93/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="5996.8.1340420372\680395328" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group5 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_93/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="5996.9.1597671144\1985115234" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Koluch\Downloads\RSITx64 (1).exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\CatalinaGroupUpdateTaskUserS-1-5-21-571814238-2266814070-839756959-1000Core.job
C:\Windows\tasks\CatalinaGroupUpdateTaskUserS-1-5-21-571814238-2266814070-839756959-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\schedule!3036567561.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2AF23388-8637-74AD-9911-B65FD64C4E95}]
DOwnload kaeeeperi - C:\Program Files (x86)\DOwnload kaeeeperi\vByKINJvRn.x64.dll [2013-10-29 326656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-17 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-17 1372864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-10-09 6270336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1F70255-D526-C396-90AC-8945C2D18DDE}]
surrfo and, keEEp - C:\Program Files (x86)\surrfo and, keEEp\lYldtE.x64.dll [2013-11-15 407552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CF733330-6045-5994-3753-85AD6CB1670C}]
DownlOad keoeeppeeR - C:\Program Files (x86)\DownlOad keoeeppeeR\CQx96.x64.dll [2013-10-31 407552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-17 210856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-17 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-17 1138536]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-17 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-17 1372864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-17 1138536]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-02-20 7560296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"=D:\Programy\Samsung Kies\Kies\Kies.exe [2013-02-13 1509232]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-04-11 4288048]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
""=D:\Programy\Samsung Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-02-13 844144]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2013-04-05 59720]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20584608]
"CatalinaGroup Update"=C:\Users\Koluch\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe [2013-12-10 147440]
"BackgroundContainer"=C:\Windows\SysWOW64\Rundll32.exe [2009-07-14 44544]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2014-01-08 2486296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
"KiesTrayAgent"=D:\Programy\Samsung Kies\Kies\KiesTrayAgent.exe [2013-02-13 310128]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
"iTunesHelper"=D:\Programy\itunes\iTunesHelper.exe [2013-09-17 152392]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-01-11 1778640]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2013-11-29 3806544]
"Printsrv"=c:\Windows\System32\Printing_Admin_Scripts\en-US\drvupd.vbs []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-17 3764024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-01-17 20:21:08 ----D---- C:\rsit
2014-01-17 20:21:08 ----D---- C:\Program Files\trend micro
2014-01-17 19:27:08 ----D---- C:\Windows\SoftwareDistribution
2014-01-17 18:46:26 ----D---- C:\Users\Koluch\AppData\Roaming\ParetoLogic
2014-01-17 18:46:26 ----D---- C:\Users\Koluch\AppData\Roaming\DriverCure
2014-01-17 18:46:18 ----D---- C:\ProgramData\ParetoLogic
2014-01-17 18:28:51 ----D---- C:\Program Files\CCleaner
2014-01-17 18:25:10 ----D---- C:\ProgramData\AVG Secure Search
2014-01-17 17:18:06 ----D---- C:\Windows\Migration
2014-01-17 17:10:02 ----A---- C:\Windows\system32\javaws.exe
2014-01-17 17:09:59 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-17 17:09:59 ----A---- C:\Windows\system32\javaw.exe
2014-01-17 17:09:59 ----A---- C:\Windows\system32\java.exe
2014-01-17 17:09:51 ----D---- C:\Program Files\Java
2014-01-17 17:08:12 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-01-17 17:08:09 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-01-17 17:08:09 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-01-17 17:08:09 ----A---- C:\Windows\SYSWOW64\java.exe
2014-01-17 14:43:40 ----D---- C:\Users\Koluch\AppData\Roaming\AVAST Software
2014-01-17 14:43:09 ----A---- C:\Windows\system32\drivers\aswstm.sys
2014-01-17 14:43:08 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-01-17 14:43:08 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-01-17 14:43:07 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-01-17 14:43:05 ----A---- C:\Windows\system32\drivers\aswSP.sys
2014-01-17 14:43:02 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-01-17 14:43:00 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-01-17 14:42:55 ----A---- C:\Windows\system32\aswBoot.exe
2014-01-17 14:42:54 ----A---- C:\Windows\avastSS.scr
2014-01-17 14:40:35 ----D---- C:\Program Files\AVAST Software
2014-01-17 14:39:28 ----D---- C:\ProgramData\AVAST Software
2014-01-16 15:16:54 ----D---- C:\Program Files (x86)\Safari
2014-01-15 21:09:08 ----A---- C:\Windows\system32\win32k.sys
2014-01-15 21:09:08 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2014-01-15 21:09:08 ----A---- C:\Windows\system32\drivers\usbport.sys
2014-01-15 21:09:08 ----A---- C:\Windows\system32\drivers\usbohci.sys
2014-01-15 21:09:08 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-01-15 21:09:08 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-01-15 21:09:08 ----A---- C:\Windows\system32\drivers\usbd.sys
2014-01-15 21:09:08 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2014-01-15 21:09:07 ----A---- C:\Windows\system32\drivers\netio.sys
2014-01-08 20:24:07 ----D---- C:\Program Files (x86)\Minecraft
2014-01-02 19:48:13 ----A---- C:\Users\Koluch\AppData\Roaming\msydvd.dat
2014-01-02 19:48:13 ----A---- C:\Users\Koluch\AppData\Roaming\msikrndw.dat
2014-01-02 19:48:06 ----A---- C:\Users\Koluch\AppData\Roaming\mswvnp.dat
2014-01-02 19:48:06 ----A---- C:\Users\Koluch\AppData\Roaming\msokgxfl.dat
2014-01-02 18:12:03 ----D---- C:\Users\Koluch\AppData\Roaming\.technic
2013-12-26 17:00:36 ----AS---- C:\Windows\SYSWOW64\nircmdc.exe

======List of files/folders modified in the last 1 month======

2014-01-17 20:29:08 ----D---- C:\Windows\Temp
2014-01-17 20:23:22 ----SHD---- C:\System Volume Information
2014-01-17 20:22:42 ----D---- C:\Windows
2014-01-17 20:21:08 ----RD---- C:\Program Files
2014-01-17 20:17:46 ----D---- C:\Users\Koluch\AppData\Roaming\Skype
2014-01-17 20:17:41 ----D---- C:\Windows\system32\config
2014-01-17 20:17:01 ----D---- C:\Windows\system32\Tasks
2014-01-17 20:16:41 ----SHD---- C:\Config.Msi
2014-01-17 20:15:08 ----SHD---- C:\Windows\Installer
2014-01-17 19:46:59 ----D---- C:\Windows\inf
2014-01-17 19:43:55 ----D---- C:\Windows\system32\catroot2
2014-01-17 19:39:14 ----D---- C:\Windows\Tasks
2014-01-17 19:39:14 ----D---- C:\Program Files (x86)\Common Files
2014-01-17 19:39:12 ----RD---- C:\Program Files (x86)
2014-01-17 19:34:53 ----D---- C:\Program Files (x86)\WinZipper
2014-01-17 19:34:52 ----D---- C:\Program Files (x86)\Desk 365
2014-01-17 19:00:20 ----D---- C:\Windows\debug
2014-01-17 18:58:52 ----D---- C:\Windows\Panther
2014-01-17 18:58:52 ----D---- C:\Windows\Downloaded Program Files
2014-01-17 18:58:52 ----D---- C:\Users\Koluch\AppData\Roaming\Sony
2014-01-17 18:46:18 ----HD---- C:\ProgramData
2014-01-17 18:36:20 ----D---- C:\Users\Koluch\AppData\Roaming\uTorrent
2014-01-17 18:35:57 ----D---- C:\Windows\Logs
2014-01-17 18:24:36 ----D---- C:\Windows\winsxs
2014-01-17 18:17:20 ----D---- C:\ProgramData\BRiowssE2osavuee
2014-01-17 18:17:00 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2014-01-17 18:15:08 ----D---- C:\ProgramData\SSearcchy-NewTab
2014-01-17 18:13:48 ----D---- C:\ProgramData\InstallMate
2014-01-17 18:10:38 ----D---- C:\ProgramData\Tarma Installer
2014-01-17 17:48:03 ----D---- C:\Windows\Microsoft.NET
2014-01-17 17:18:30 ----D---- C:\Windows\SysWOW64
2014-01-17 17:18:30 ----D---- C:\Windows\System32
2014-01-17 17:18:17 ----D---- C:\Windows\SYSWOW64\en-US
2014-01-17 17:18:17 ----D---- C:\Windows\system32\en-US
2014-01-17 17:18:06 ----SD---- C:\ProgramData\Microsoft
2014-01-17 17:08:14 ----D---- C:\ProgramData\Oracle
2014-01-17 17:03:03 ----D---- C:\Users\Koluch\AppData\Roaming\vlc
2014-01-17 16:58:31 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-01-17 16:54:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-17 15:19:55 ----D---- C:\ProgramData\BasicServe
2014-01-17 15:19:52 ----D---- C:\ProgramData\surrfo and, keEEp
2014-01-17 15:19:12 ----D---- C:\ProgramData\DownlOad keoeeppeeR
2014-01-17 14:50:34 ----D---- C:\Program Files (x86)\WebSearch
2014-01-17 14:47:43 ----D---- C:\Program Files (x86)\ss helper
2014-01-17 14:47:21 ----D---- C:\Program Files (x86)\SimpleSpeedy
2014-01-17 14:47:16 ----D---- C:\Program Files (x86)\BrowseToSave
2014-01-17 14:47:15 ----D---- C:\Program Files (x86)\BasicServe
2014-01-17 14:45:43 ----D---- C:\Windows\system32\drivers
2014-01-17 14:43:00 ----D---- C:\Program Files (x86)\Internet Explorer
2014-01-17 14:41:51 ----D---- C:\ProgramData\MFAData
2014-01-17 14:39:28 ----D---- C:\Windows\SYSWOW64\drivers
2014-01-17 14:33:19 ----D---- C:\Windows\Prefetch
2014-01-16 10:19:50 ----D---- C:\Windows\system32\DriverStore
2014-01-15 21:58:20 ----D---- C:\Windows\system32\MRT
2014-01-15 21:57:06 ----A---- C:\Windows\system32\MRT.exe
2014-01-15 21:09:04 ----D---- C:\Windows\system32\catroot
2014-01-08 20:24:35 ----AD---- C:\Windows\bitstreams
2014-01-08 17:32:47 ----D---- C:\Program Files (x86)\AVG Secure Search
2014-01-07 16:40:36 ----D---- C:\Users\Koluch\AppData\Roaming\ftblauncher
2014-01-02 19:51:28 ----D---- C:\Program Files (x86)\DownlOad keoeeppeeR
2014-01-02 19:51:27 ----D---- C:\Program Files (x86)\surrfo and, keEEp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-01-17 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-01-17 207904]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2014-01-17 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-01-17 1034464]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-01-17 422216]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-11-10 46368]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-01-17 78648]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-11-03 130536]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-11-03 395752]
R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-01-17 79672]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 5352960]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-02-20 4718952]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-02-20 677480]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-02-06 102936]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 netr28ux;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-02-06 203544]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-01-11 166352]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 952320]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-17 50344]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 desksvc;Desk 365 service; C:\Program Files (x86)\Desk 365\deskSvc.exe [2013-09-04 424016]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-11-29 2210640]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2013-10-11 377104]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [2014-01-08 1771544]
R2 winzipersvc;WinZiper service; C:\Program Files (x86)\WinZipper\winzipersvc.exe [2013-08-25 424104]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-09-17 641352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-20 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-17 257928]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-03-04 1436424]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-20 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-12-11 569768]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-02-20 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Koluch on p  17.01.2014 at 20:44:52,71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?

Value Name Type Value Data
========================================================================================
BackgroundContainer REG_SZ "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Koluch\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun




~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\viprotocol.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\powerpack
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\webcakeupdater
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\basicserve
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\desksvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\esafeseccontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installiq
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetup.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optimizerpro_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optimizerpro_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sp global
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sprotector
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT1750559
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B96D97-00FD-4BE7-B398-048016AD6227}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] "hkey_current_user\software\askpartnernetwork"
Successfully deleted: [Registry Key] "hkey_local_machine\software\askpartnernetwork"



~~~ Files

Successfully deleted: [File] "C:\end"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\basicserve"
Successfully deleted: [Folder] "C:\ProgramData\esafe"
Successfully deleted: [Folder] "C:\ProgramData\softsafe"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\Koluch\AppData\Roaming\drivercure"
Successfully deleted: [Folder] "C:\Users\Koluch\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Koluch\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\basicserve"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\desk 365"
Successfully deleted: [Folder] "C:\Program Files (x86)\optimizer pro"
Successfully deleted: [Folder] "C:\Program Files (x86)\simplespeedy"
Successfully deleted: [Folder] "C:\Program Files (x86)\websearch"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Folder] "C:\ProgramData\AskPartnerNetwork"
Successfully deleted: [Folder] "C:\Program Files (x86)\askpartnernetwork"



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]
Successfully deleted: [Folder] C:\Users\Koluch\appdata\local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p  17.01.2014 at 20:49:45,04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.017 - Report created 17/01/2014 at 20:51:24
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Koluch - PC-INTEL-I3
# Running from : C:\Users\Koluch\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : APNMCP
[#] Service Deleted : desksvc
Service Deleted : vToolbarUpdater17.3.0
Service Deleted : winzipersvc

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\QuickSet
Folder Deleted : C:\ProgramData\WinterSoft
Folder Deleted : C:\ProgramData\BRiowssE2osavuee
Folder Deleted : C:\ProgramData\DDownload Keeper
Folder Deleted : C:\ProgramData\DDownlooaD KeepEr
Folder Deleted : C:\ProgramData\DoOwNloAd ukEEeeper
Folder Deleted : C:\ProgramData\DOwnload kaeeeperi
Folder Deleted : C:\ProgramData\DOwnLoad keePer
Folder Deleted : C:\ProgramData\DownlOad keoeeppeeR
Folder Deleted : C:\ProgramData\Download. keeper
Folder Deleted : C:\ProgramData\SSearcchy-NewTab
Folder Deleted : C:\ProgramData\surrfo and, keEEp
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\BrowseToSave
Folder Deleted : C:\Program Files (x86)\ss helper
Folder Deleted : C:\Program Files (x86)\WinZipper
Folder Deleted : C:\Program Files (x86)\DOwnload kaeeeperi
Folder Deleted : C:\Program Files (x86)\DownlOad keoeeppeeR
Folder Deleted : C:\Program Files (x86)\surrfo and, keEEp
Folder Deleted : C:\Program Files (x86)\BS_Player_ControlBar
Folder Deleted : C:\Program Files (x86)\Common Files\337
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Koluch\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Koluch\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Koluch\AppData\LocalLow\DDownload Keeper
Folder Deleted : C:\Users\Koluch\AppData\LocalLow\DDownlooaD KeepEr
Folder Deleted : C:\Users\Koluch\AppData\LocalLow\DOwnLoad keePer
Folder Deleted : C:\Users\Koluch\AppData\LocalLow\BS_Player_ControlBar
Folder Deleted : C:\Users\Koluch\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\Koluch\AppData\Roaming\WinZipper
File Deleted : C:\Users\Koluch\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
File Deleted : C:\Windows\System32\Tasks\BackgroundContainer Startup Task
File Deleted : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Koluch\Desktop\veci z plochy\Google Chrome – zástupce.lnk
Shortcut Disinfected : C:\Users\Koluch\Desktop\veci z plochy\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Koluch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Koluch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Koluch\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Koluch\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainer]
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\BS_Player_ControlBar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player_ControlBar Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{055DD326-956C-4827-9467-A172509E81B3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{055DD326-956C-4827-9467-A172509E81B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0C395DC3-0252-4448-8EC5-7EB559152A6B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C958A884-43DA-4AF2-B801-9DD4E83A7F33}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\V9
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player_ControlBar
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\delta-homesSoftware
Key Deleted : HKLM\Software\hdcode
Key Deleted : HKLM\Software\Myfree Codec
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\V9
Key Deleted : HKLM\Software\winzipersvc
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BasicServe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v32.0.1700.76

[ File : C:\Users\Koluch\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [11027 octets] - [17/01/2014 20:50:58]
AdwCleaner[S0].txt - [9508 octets] - [17/01/2014 20:51:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9568 octets] ##########

Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-01-2014 02
Ran by Koluch (administrator) on PC-INTEL-I3 on 17-01-2014 20:59:44
Running from C:\Users\Koluch\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung) D:\Programy\Samsung Kies\Kies\Kies.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Samsung) D:\Programy\Samsung Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Catalina Group Ltd.) C:\Users\Koluch\AppData\Local\CatalinaGroup\Update\1.3.25.203\CatalinaCrashHandler.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Samsung Electronics Co., Ltd.) D:\Programy\Samsung Kies\Kies\KiesTrayAgent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) D:\Programy\itunes\iTunesHelper.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Koluch\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7560296 2013-02-20] (Realtek Semiconductor)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2010-02-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] - D:\Programy\Samsung Kies\Kies\KiesTrayAgent.exe [310128 2013-02-13] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - D:\Programy\itunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
HKLM-x32\...\Run: [Printsrv] - c:\Windows\SysWOW64\Printing_Admin_Scripts\en-US\drvupd.vbs [568 2014-01-08] ()
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-17] (AVAST Software)
HKCU\...\Run: [KiesPreload] - D:\Programy\Samsung Kies\Kies\Kies.exe [1509232 2013-02-13] (Samsung)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4288048 2013-04-11] ()
HKCU\...\Run: [] - D:\Programy\Samsung Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-02-13] (Samsung)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [CatalinaGroup Update] - C:\Users\Koluch\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe [147440 2013-12-10] (Catalina Group Ltd.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - A4DD957B86DE445DAD4BA61E75EAE2AB URL = http://search.delta-homes.com/web/?utm_ ... earchTerms}
SearchScopes: HKCU - {47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF} URL = http://www.basicserve.com/?prt=bscsrvli ... earchTerms}
BHO: DOwnload kaeeeperi - {2AF23388-8637-74AD-9911-B65FD64C4E95} - C:\Program Files (x86)\DOwnload kaeeeperi\vByKINJvRn.x64.dll No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: surrfo and, keEEp - {C1F70255-D526-C396-90AC-8945C2D18DDE} - C:\Program Files (x86)\surrfo and, keEEp\lYldtE.x64.dll No File
BHO: DownlOad keoeeppeeR - {CF733330-6045-5994-3753-85AD6CB1670C} - C:\Program Files (x86)\DownlOad keoeeppeeR\CQx96.x64.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://www.asus.com/support/asusTek_sys_ctrl3.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Chrome:
=======
CHR HomePage:
CHR Extension: (DownlOad keoeeppeeR) - C:\Users\Koluch\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejglefnhobgnioaelkfhgdkpokdngbae [2013-10-31]
CHR Extension: (avast! Online Security) - C:\Users\Koluch\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-17]
CHR Extension: (Skype Click to Call) - C:\Users\Koluch\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-09-27]
CHR Extension: (Pen\u011B\u017Eenka Google) - C:\Users\Koluch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-01-17]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKLM-x32\...\Chrome\Extension: [pljcgbedjplidkdjahbaalanadmjfgop] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx [2013-10-09]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-17] (AVAST Software)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-01-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-01-17] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2014-01-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2014-01-17] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2014-01-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-17] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-10] (AVG Technologies)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-17 20:59 - 2014-01-17 21:00 - 00011072 _____ C:\Users\Koluch\Desktop\FRST.txt
2014-01-17 20:59 - 2014-01-17 20:59 - 00000000 ____D C:\FRST
2014-01-17 20:58 - 2014-01-17 20:58 - 00112640 _____ (forum.viry.cz) C:\Users\Koluch\Downloads\Nepotvrzeno 745340.crdownload
2014-01-17 20:58 - 2014-01-17 20:58 - 00112640 _____ (forum.viry.cz) C:\Users\Koluch\Desktop\FRSTLauncher.exe
2014-01-17 20:57 - 2014-01-17 20:57 - 02075648 _____ (Farbar) C:\Users\Koluch\Downloads\FRST64 (1).exe
2014-01-17 20:57 - 2014-01-17 20:57 - 02075648 _____ (Farbar) C:\Users\Koluch\Desktop\FRST64.exe
2014-01-17 20:51 - 2014-01-17 20:51 - 00000088 _____ C:\Users\Koluch\Desktop\8057628979111411553.log
2014-01-17 20:51 - 2014-01-17 20:51 - 00000088 _____ C:\Users\Koluch\Desktop\4623187886874750276.log
2014-01-17 20:51 - 2014-01-17 20:51 - 00000088 _____ C:\Users\Koluch\Desktop\10732479909837936071.log
2014-01-17 20:50 - 2014-01-17 20:51 - 00000000 ____D C:\AdwCleaner
2014-01-17 20:50 - 2014-01-17 20:50 - 00000088 _____ C:\Users\Koluch\Desktop\5760634325740994302.log
2014-01-17 20:50 - 2014-01-17 20:50 - 00000088 _____ C:\Users\Koluch\Desktop\1729215383578447873.log
2014-01-17 20:49 - 2014-01-17 20:49 - 00009366 _____ C:\Users\Koluch\Desktop\JRT.txt
2014-01-17 20:44 - 2014-01-17 20:44 - 00000000 ____D C:\Windows\ERUNT
2014-01-17 20:43 - 2014-01-17 20:44 - 01236282 _____ C:\Users\Koluch\Desktop\adwcleaner.exe
2014-01-17 20:43 - 2014-01-17 20:43 - 01037068 _____ (Thisisu) C:\Users\Koluch\Desktop\JRT.exe
2014-01-17 20:28 - 2014-01-17 20:28 - 00935175 _____ C:\Users\Koluch\Downloads\RSITx64 (1).exe
2014-01-17 20:21 - 2014-01-17 20:29 - 00000000 ____D C:\Program Files\trend micro
2014-01-17 20:21 - 2014-01-17 20:21 - 00000000 ____D C:\rsit
2014-01-17 20:20 - 2014-01-17 20:21 - 00935175 _____ C:\Users\Koluch\Downloads\RSITx64.exe
2014-01-17 19:57 - 2014-01-17 19:57 - 00347816 _____ (Microsoft Corporation) C:\Users\Koluch\Downloads\MicrosoftFixit.wu.MATSKB.Run.exe
2014-01-17 19:56 - 2014-01-17 19:56 - 00347816 _____ (Microsoft Corporation) C:\Users\Koluch\Downloads\MicrosoftFixit.wu.LB.7313411930342033.2.1.Run.exe
2014-01-17 19:55 - 2014-01-17 19:55 - 00347816 _____ (Microsoft Corporation) C:\Users\Koluch\Downloads\MicrosoftFixit.wu.RNP.7313411930342033.1.2.Run.exe
2014-01-17 19:52 - 2014-01-17 19:52 - 00347816 _____ (Microsoft Corporation) C:\Users\Koluch\Downloads\MicrosoftFixit.wu.RNP.7313411930342033.1.1.Run.exe
2014-01-17 19:49 - 2014-01-17 19:49 - 05856060 _____ C:\Users\Koluch\Downloads\Windows6.1-KB2660649-x64.msu
2014-01-17 19:49 - 2014-01-17 19:49 - 03737398 _____ C:\Users\Koluch\Downloads\Windows6.1-KB2660649-x86 (1).msu
2014-01-17 19:47 - 2014-01-17 19:47 - 03737398 _____ C:\Users\Koluch\Downloads\Windows6.1-KB2660649-x86.msu
2014-01-17 19:32 - 2014-01-17 20:57 - 00757294 _____ C:\Windows\WindowsUpdate.log
2014-01-17 19:31 - 2014-01-17 20:52 - 00009478 _____ C:\Windows\PFRO.log
2014-01-17 19:31 - 2014-01-17 20:52 - 00000336 _____ C:\Windows\setupact.log
2014-01-17 19:31 - 2014-01-17 19:31 - 00000000 _____ C:\Windows\setuperr.log
2014-01-17 19:26 - 2014-01-17 19:26 - 00280204 _____ C:\Users\Koluch\Downloads\WindowsUpdateDiagnostic (2).diagcab
2014-01-17 18:52 - 2014-01-17 18:55 - 07723004 _____ C:\Users\Koluch\Downloads\ParetoLogic.RegCure.Pro.3.1.7.0.rar
2014-01-17 18:45 - 2014-01-17 18:46 - 05162600 _____ (ParetoLogic, Inc.) C:\Users\Koluch\Downloads\Repair-tool.exe
2014-01-17 18:43 - 2014-01-17 18:43 - 00280204 _____ C:\Users\Koluch\Downloads\WindowsUpdateDiagnostic (1).diagcab
2014-01-17 18:41 - 2014-01-17 18:41 - 00280204 _____ C:\Users\Koluch\Downloads\WindowsUpdateDiagnostic.diagcab
2014-01-17 18:28 - 2014-01-17 18:28 - 11063632 _____ C:\Users\Koluch\Downloads\cc-setup.exe
2014-01-17 18:28 - 2014-01-17 18:28 - 00002774 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-01-17 18:28 - 2014-01-17 18:28 - 00000828 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-17 18:28 - 2014-01-17 18:28 - 00000000 ____D C:\Program Files\CCleaner
2014-01-17 17:59 - 2014-01-17 18:05 - 457019995 _____ C:\Users\Koluch\Downloads\Windows6.1-KB947821-v31-x64.msu
2014-01-17 17:10 - 2014-01-17 17:09 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-17 17:09 - 2014-01-17 17:09 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-17 17:09 - 2014-01-17 17:09 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-17 17:09 - 2014-01-17 17:09 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-17 17:09 - 2014-01-17 17:09 - 00000000 ____D C:\Program Files\Java
2014-01-17 17:08 - 2014-01-17 17:09 - 30796712 _____ (Oracle Corporation) C:\Users\Koluch\Downloads\jre-7u51-windows-x64.exe
2014-01-17 17:08 - 2014-01-17 17:08 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-17 17:08 - 2014-01-17 17:08 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-17 17:08 - 2014-01-17 17:08 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-17 17:08 - 2014-01-17 17:08 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-17 17:06 - 2014-01-17 17:06 - 29141928 _____ (Oracle Corporation) C:\Users\Koluch\Downloads\jre-7u51-windows-i586.exe
2014-01-17 17:03 - 2014-01-17 17:03 - 00001072 _____ C:\Users\Public\Desktop\VLC media player.lnk
2014-01-17 16:40 - 2014-01-17 16:40 - 00052656 _____ C:\Users\Koluch\Downloads\unassoc_1_4.zip
2014-01-17 14:43 - 2014-01-17 14:43 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-17 14:43 - 2014-01-17 14:43 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-17 14:43 - 2014-01-17 14:43 - 00001972 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-17 14:43 - 2014-01-17 14:43 - 00000000 ____D C:\Users\Koluch\AppData\Roaming\AVAST Software
2014-01-17 14:43 - 2014-01-17 14:42 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-17 14:43 - 2014-01-17 14:42 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-17 14:43 - 2014-01-17 14:42 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-17 14:43 - 2014-01-17 14:42 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-01-17 14:43 - 2014-01-17 14:42 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-17 14:43 - 2014-01-17 14:42 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2014-01-17 14:42 - 2014-01-17 14:42 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-17 14:42 - 2014-01-17 14:42 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-17 14:40 - 2014-01-17 14:40 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-17 14:39 - 2014-01-17 14:39 - 04689480 _____ (AVAST Software) C:\Users\Koluch\Downloads\avast_free_antivirus_setup_online.exe
2014-01-17 14:39 - 2014-01-17 14:39 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-16 19:43 - 2014-01-16 19:43 - 00109422 _____ C:\Users\Koluch\Downloads\XRayInstaller_WithFly.jar
2014-01-16 19:43 - 2014-01-16 19:43 - 00100274 _____ C:\Users\Koluch\Downloads\[1.7.2] XRay_WithFly.zip
2014-01-16 18:49 - 2014-01-16 18:49 - 00149504 _____ C:\Users\Koluch\Downloads\Minecraft (1).exe
2014-01-16 15:16 - 2014-01-16 15:16 - 00002491 _____ C:\Users\Public\Desktop\Safari.lnk
2014-01-16 15:16 - 2014-01-16 15:16 - 00000000 ____D C:\Program Files (x86)\Safari
2014-01-15 21:09 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 21:09 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 21:09 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 21:09 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 21:09 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 21:09 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 21:09 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 21:09 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 21:09 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 16:12 - 2014-01-15 16:12 - 00000000 ____D C:\Users\Koluch\Desktop\versions
2014-01-15 16:12 - 2014-01-15 16:12 - 00000000 ____D C:\Users\Koluch\Desktop\libraries
2014-01-15 16:12 - 2014-01-15 16:12 - 00000000 ____D C:\Users\Koluch\Desktop\assets
2014-01-15 16:11 - 2014-01-15 16:12 - 00000000 ____D C:\Users\Koluch\Desktop\Futurecraft
2014-01-14 21:14 - 2014-01-14 21:14 - 00408240 _____ C:\Users\Koluch\Downloads\Zans-Minimap-Mod-1.6.4.zip
2014-01-14 20:46 - 2014-01-14 20:46 - 00400355 _____ C:\Users\Koluch\Downloads\zanMap164h (3).zip
2014-01-14 19:23 - 2014-01-14 19:39 - 29045872 _____ C:\Users\Koluch\Downloads\SixtyGig_Alpha_64x_MC17.zip
2014-01-14 19:14 - 2014-01-14 19:15 - 48936137 _____ C:\Users\Koluch\Downloads\Minecraft Enhanced v1.6 128x.zip
2014-01-14 18:47 - 2014-01-14 18:48 - 38959866 _____ C:\Users\Koluch\Downloads\ChromaHills-64x_1.7_1.0.6.zip
2014-01-14 18:05 - 2014-01-14 18:07 - 76900772 _____ C:\Users\Koluch\Downloads\128 (1).zip
2014-01-14 17:52 - 2014-01-14 17:57 - 140432984 _____ C:\Users\Koluch\Downloads\modpacks^Unleashed^1_1_7^Unleashed-server.zip
2014-01-14 16:29 - 2013-12-10 22:25 - 00005453 ____S C:\Windows\SysWOW64\msopjees.vbe
2014-01-14 16:29 - 2013-12-10 22:25 - 00001645 ____S C:\Windows\SysWOW64\msssuxr.vbe
2014-01-14 16:28 - 2014-01-14 16:29 - 01025233 _____ ( ) C:\Users\Koluch\Downloads\Feed-The-Beast-FTB-launcher-cracked-(-warez-)-1.3.0-by-Racad.exe
2014-01-14 15:44 - 2014-01-14 15:44 - 01106756 _____ C:\Users\Koluch\Downloads\KeiNett-Launcher.exe
2014-01-12 16:27 - 2014-01-12 16:27 - 00791309 _____ C:\Users\Koluch\Downloads\OptiFine_1.7.2_HD_U_B2.jar
2014-01-11 15:17 - 2014-01-11 15:18 - 20838036 _____ C:\Users\Koluch\Downloads\Soartex_Fanver.zip
2014-01-11 09:50 - 2014-01-11 09:56 - 81033362 _____ C:\Users\Koluch\Downloads\Minecraft-1.4.7-+-Optifine-HD-Ultra-+-55-módů---XCustomBuild10x.zip
2014-01-10 16:18 - 2014-01-10 16:18 - 00095796 _____ C:\Users\Koluch\Downloads\OptiFine-pro-minecraft-1.4.7.zip
2014-01-08 20:34 - 2014-01-08 20:34 - 00278561 _____ C:\Users\Koluch\Downloads\Minecraft---1.5.2-launcher.exe
2014-01-08 20:28 - 2013-12-10 22:25 - 00005453 ____S C:\Windows\SysWOW64\msydkknr.vbe
2014-01-08 20:28 - 2013-12-10 22:25 - 00001645 ____S C:\Windows\SysWOW64\msguef.vbe
2014-01-08 20:24 - 2014-01-08 20:24 - 00000000 ____D C:\Program Files (x86)\Minecraft
2014-01-07 18:46 - 2014-01-07 18:46 - 01717022 _____ C:\Users\Koluch\Downloads\Blocksmith+Hybrid+v1.6b.zip
2014-01-04 15:44 - 2014-01-04 15:44 - 05759618 _____ C:\Users\Koluch\Downloads\Faithful Texture Pack 64x64 1.6.zip
2014-01-02 19:48 - 2014-01-07 10:01 - 00000027 _____ C:\Users\Koluch\AppData\Roaming\mswvnp.dat
2014-01-02 19:48 - 2014-01-07 10:01 - 00000027 _____ C:\Users\Koluch\AppData\Roaming\msokgxfl.dat
2014-01-02 19:48 - 2014-01-02 19:48 - 00001675 _____ C:\Users\Koluch\AppData\Roaming\msydvd.dat
2014-01-02 19:48 - 2014-01-02 19:48 - 00001654 _____ C:\Users\Koluch\AppData\Roaming\msikrndw.dat
2014-01-02 18:23 - 2014-01-17 20:51 - 00000000 ____D C:\Users\Koluch\Desktop\veci z plochy
2014-01-02 18:12 - 2014-01-02 18:12 - 00000000 ____D C:\Users\Koluch\AppData\Roaming\.technic
2014-01-02 15:28 - 2014-01-02 15:28 - 12254180 _____ C:\Users\Koluch\Downloads\_1.7__R3D.CRAFT_Default_Realism_64x_v0.1.2.zip
2014-01-02 15:19 - 2014-01-02 15:19 - 10967374 _____ C:\Users\Koluch\Downloads\_1.7__R3D.CRAFT_Smooth_Realism_64x_v0.1.2.zip
2013-12-31 18:08 - 2013-12-31 18:09 - 64709236 _____ C:\Users\Koluch\Downloads\privatepacks^Futurecraft^1^FuturecraftServer.zip
2013-12-31 11:51 - 2013-12-31 11:51 - 30694824 _____ (Oracle Corporation) C:\Users\Koluch\Downloads\jre-7u45-windows-x64.exe
2013-12-31 10:19 - 2013-12-31 10:19 - 01028388 _____ ( ) C:\Users\Koluch\Downloads\Feed-The-Beast-FTB-launcher-cracked-(-warez-)-1.3.2-by-Racad.exe
2013-12-31 10:19 - 2013-12-10 22:25 - 00005453 ____S C:\Windows\SysWOW64\mswvnp.vbe
2013-12-31 10:19 - 2013-12-10 22:25 - 00001645 ____S C:\Windows\SysWOW64\msikrndw.vbe
2013-12-27 16:08 - 2013-12-27 16:08 - 16439432 _____ C:\Users\Koluch\Downloads\David's Detailed 64x64.zip
2013-12-27 15:35 - 2013-12-27 15:35 - 16219948 _____ C:\Users\Koluch\Downloads\Guruths Graphics Pack 7.1.zip
2013-12-26 17:00 - 2013-12-10 22:25 - 00005453 ____S C:\Windows\SysWOW64\msokgxfl.vbe
2013-12-26 17:00 - 2013-12-10 22:25 - 00001645 ____S C:\Windows\SysWOW64\msydvd.vbe
2013-12-26 17:00 - 2013-08-11 15:40 - 00043520 ____S (NirSoft) C:\Windows\SysWOW64\nircmdc.exe
2013-12-26 16:41 - 2013-12-26 16:41 - 01881451 _____ C:\Users\Koluch\Downloads\PacSteam.rar
2013-12-24 13:18 - 2013-12-24 13:43 - 226034296 _____ C:\Users\Koluch\Downloads\PedrosGame_MCLP_120_dil.rar
2013-12-23 19:00 - 2013-12-23 19:03 - 80401726 _____ C:\Users\Koluch\Downloads\Nargbox.1.4.7.Beta6 (1).zip
2013-12-22 16:58 - 2013-12-22 16:58 - 35624744 _____ (Apple Inc.) C:\Users\Koluch\Downloads\SafariSetup.exe
2013-12-21 13:38 - 2013-08-25 15:57 - 00002576 _____ C:\Users\Koluch\Downloads\Google Chrome (1).lnk
2013-12-20 15:08 - 2013-12-20 15:09 - 34022382 _____ C:\Users\Koluch\Downloads\Ovos Rustic Redemption v1.1.2 - 1.7.X .zip
2013-12-20 13:51 - 2013-12-20 13:52 - 32917114 _____ C:\Users\Koluch\Downloads\Ovos Rustic Redemption v1.1.0 - 1.7.X .zip
2013-12-19 20:17 - 2013-12-19 20:30 - 115388459 _____ (TeamExtreme ) C:\Users\Koluch\Downloads\Minecraft-1.7.4---Cracked-Launcher---UPDATED-[TeamExtreme].exe
2013-12-18 21:52 - 2013-12-18 21:52 - 00400355 _____ C:\Users\Koluch\Downloads\zanMap164h (2).zip

==================== One Month Modified Files and Folders =======

2014-01-17 21:00 - 2014-01-17 20:59 - 00011072 _____ C:\Users\Koluch\Desktop\FRST.txt
2014-01-17 21:00 - 2013-04-11 12:57 - 00000000 ____D C:\Users\Koluch\AppData\Local\PMB Files
2014-01-17 20:59 - 2014-01-17 20:59 - 00000000 ____D C:\FRST
2014-01-17 20:59 - 2009-07-14 05:45 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-17 20:59 - 2009-07-14 05:45 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-17 20:58 - 2014-01-17 20:58 - 00112640 _____ (forum.viry.cz) C:\Users\Koluch\Downloads\Nepotvrzeno 745340.crdownload
2014-01-17 20:58 - 2014-01-17 20:58 - 00112640 _____ (forum.viry.cz) C:\Users\Koluch\Desktop\FRSTLauncher.exe
2014-01-17 20:57 - 2014-01-17 20:57 - 02075648 _____ (Farbar) C:\Users\Koluch\Downloads\FRST64 (1).exe
2014-01-17 20:57 - 2014-01-17 20:57 - 02075648 _____ (Farbar) C:\Users\Koluch\Desktop\FRST64.exe
2014-01-17 20:57 - 2014-01-17 19:32 - 00757294 _____ C:\Windows\WindowsUpdate.log
2014-01-17 20:54 - 2013-09-27 15:52 - 00000000 ____D C:\Users\Koluch\AppData\Roaming\Skype
2014-01-17 20:53 - 2013-11-20 18:32 - 00000000 ____D C:\Users\Koluch\AppData\Local\LogMeIn Hamachi
2014-01-17 20:53 - 2013-02-20 21:44 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-17 20:52 - 2014-01-17 19:31 - 00009478 _____ C:\Windows\PFRO.log
2014-01-17 20:52 - 2014-01-17 19:31 - 00000336 _____ C:\Windows\setupact.log
2014-01-17 20:52 - 2013-03-24 10:07 - 00000418 ____H C:\Windows\Tasks\schedule!3036567561.job
2014-01-17 20:52 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-17 20:51 - 2014-01-17 20:51 - 00000088 _____ C:\Users\Koluch\Desktop\8057628979111411553.log
2014-01-17 20:51 - 2014-01-17 20:51 - 00000088 _____ C:\Users\Koluch\Desktop\4623187886874750276.log
2014-01-17 20:51 - 2014-01-17 20:51 - 00000088 _____ C:\Users\Koluch\Desktop\10732479909837936071.log
2014-01-17 20:51 - 2014-01-17 20:50 - 00000000 ____D C:\AdwCleaner
2014-01-17 20:51 - 2014-01-02 18:23 - 00000000 ____D C:\Users\Koluch\Desktop\veci z plochy
2014-01-17 20:51 - 2013-02-20 19:50 - 00000977 _____ C:\Users\Koluch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-17 20:50 - 2014-01-17 20:50 - 00000088 _____ C:\Users\Koluch\Desktop\5760634325740994302.log
2014-01-17 20:50 - 2014-01-17 20:50 - 00000088 _____ C:\Users\Koluch\Desktop\1729215383578447873.log
2014-01-17 20:49 - 2014-01-17 20:49 - 00009366 _____ C:\Users\Koluch\Desktop\JRT.txt
2014-01-17 20:44 - 2014-01-17 20:44 - 00000000 ____D C:\Windows\ERUNT
2014-01-17 20:44 - 2014-01-17 20:43 - 01236282 _____ C:\Users\Koluch\Desktop\adwcleaner.exe
2014-01-17 20:44 - 2013-12-10 14:39 - 00000942 _____ C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-571814238-2266814070-839756959-1000UA.job
2014-01-17 20:43 - 2014-01-17 20:43 - 01037068 _____ (Thisisu) C:\Users\Koluch\Desktop\JRT.exe
2014-01-17 20:29 - 2014-01-17 20:21 - 00000000 ____D C:\Program Files\trend micro
2014-01-17 20:28 - 2014-01-17 20:28 - 00935175 _____ C:\Users\Koluch\Downloads\RSITx64 (1).exe
2014-01-17 20:21 - 2014-01-17 20:21 - 00000000 ____D C:\rsit
2014-01-17 20:21 - 2014-01-17 20:20 - 00935175 _____ C:\Users\Koluch\Downloads\RSITx64.exe
2014-01-17 20:15 - 2013-02-20 21:44 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-17 19:57 - 2014-01-17 19:57 - 00347816 _____ (Microsoft Corporation) C:\Users\Koluch\Downloads\MicrosoftFixit.wu.MATSKB.Run.exe
2014-01-17 19:56 - 2014-01-17 19:56 - 00347816 _____ (Microsoft Corporation) C:\Users\Koluch\Downloads\MicrosoftFixit.wu.LB.7313411930342033.2.1.Run.exe
2014-01-17 19:55 - 2014-01-17 19:55 - 00347816 _____ (Microsoft Corporation) C:\Users\Koluch\Downloads\MicrosoftFixit.wu.RNP.7313411930342033.1.2.Run.exe
2014-01-17 19:52 - 2014-01-17 19:52 - 00347816 _____ (Microsoft Corporation) C:\Users\Koluch\Downloads\MicrosoftFixit.wu.RNP.7313411930342033.1.1.Run.exe
2014-01-17 19:49 - 2014-01-17 19:49 - 05856060 _____ C:\Users\Koluch\Downloads\Windows6.1-KB2660649-x64.msu
2014-01-17 19:49 - 2014-01-17 19:49 - 03737398 _____ C:\Users\Koluch\Downloads\Windows6.1-KB2660649-x86 (1).msu
2014-01-17 19:47 - 2014-01-17 19:47 - 03737398 _____ C:\Users\Koluch\Downloads\Windows6.1-KB2660649-x86.msu
2014-01-17 19:31 - 2014-01-17 19:31 - 00000000 _____ C:\Windows\setuperr.log
2014-01-17 19:26 - 2014-01-17 19:26 - 00280204 _____ C:\Users\Koluch\Downloads\WindowsUpdateDiagnostic (2).diagcab
2014-01-17 19:02 - 2013-02-21 20:32 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-17 18:58 - 2013-08-18 12:40 - 00000000 ____D C:\Users\Koluch\minecraft
2014-01-17 18:58 - 2013-08-13 18:35 - 00000000 ____D C:\Users\Koluch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PacSteamT
2014-01-17 18:58 - 2013-05-03 20:58 - 00000000 ____D C:\Users\Koluch\Documents\SelfMV
2014-01-17 18:58 - 2013-05-03 20:56 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2014-01-17 18:58 - 2013-03-24 09:03 - 00000000 ____D C:\Users\Koluch\AppData\Roaming\Sony
2014-01-17 18:58 - 2013-02-20 19:43 - 00000000 ____D C:\Windows\Panther
2014-01-17 18:55 - 2014-01-17 18:52 - 07723004 _____ C:\Users\Koluch\Downloads\ParetoLogic.RegCure.Pro.3.1.7.0.rar
2014-01-17 18:46 - 2014-01-17 18:45 - 05162600 _____ (ParetoLogic, Inc.) C:\Users\Koluch\Downloads\Repair-tool.exe
2014-01-17 18:43 - 2014-01-17 18:43 - 00280204 _____ C:\Users\Koluch\Downloads\WindowsUpdateDiagnostic (1).diagcab
2014-01-17 18:41 - 2014-01-17 18:41 - 00280204 _____ C:\Users\Koluch\Downloads\WindowsUpdateDiagnostic.diagcab
2014-01-17 18:36 - 2013-07-30 10:08 - 00000000 ____D C:\Users\Koluch\AppData\Roaming\uTorrent
2014-01-17 18:35 - 2013-04-16 21:25 - 00000000 ____D C:\Users\Koluch\AppData\Local\CrashDumps
2014-01-17 18:28 - 2014-01-17 18:28 - 11063632 _____ C:\Users\Koluch\Downloads\cc-setup.exe
2014-01-17 18:28 - 2014-01-17 18:28 - 00002774 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-01-17 18:28 - 2014-01-17 18:28 - 00000828 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-17 18:28 - 2014-01-17 18:28 - 00000000 ____D C:\Program Files\CCleaner
2014-01-17 18:13 - 2013-03-24 10:06 - 00000000 ____D C:\ProgramData\InstallMate
2014-01-17 18:05 - 2014-01-17 17:59 - 457019995 _____ C:\Users\Koluch\Downloads\Windows6.1-KB947821-v31-x64.msu
2014-01-17 17:09 - 2014-01-17 17:10 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-17 17:09 - 2014-01-17 17:09 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-17 17:09 - 2014-01-17 17:09 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-17 17:09 - 2014-01-17 17:09 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-17 17:09 - 2014-01-17 17:09 - 00000000 ____D C:\Program Files\Java
2014-01-17 17:09 - 2014-01-17 17:08 - 30796712 _____ (Oracle Corporation) C:\Users\Koluch\Downloads\jre-7u51-windows-x64.exe
2014-01-17 17:08 - 2014-01-17 17:08 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-17 17:08 - 2014-01-17 17:08 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-17 17:08 - 2014-01-17 17:08 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-17 17:08 - 2014-01-17 17:08 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-17 17:08 - 2013-11-16 14:31 - 00000000 ____D C:\ProgramData\Oracle
2014-01-17 17:06 - 2014-01-17 17:06 - 29141928 _____ (Oracle Corporation) C:\Users\Koluch\Downloads\jre-7u51-windows-i586.exe
2014-01-17 17:03 - 2014-01-17 17:03 - 00001072 _____ C:\Users\Public\Desktop\VLC media player.lnk
2014-01-17 17:03 - 2013-07-30 21:06 - 00000000 ____D C:\Users\Koluch\AppData\Roaming\vlc
2014-01-17 17:01 - 2013-02-21 20:02 - 00000000 ____D C:\Users\Koluch\AppData\Local\Adobe
2014-01-17 16:58 - 2013-02-21 20:32 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-17 16:58 - 2013-02-21 20:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-17 16:58 - 2013-02-21 20:32 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-17 16:54 - 2009-07-14 16:18 - 01976566 _____ C:\Windows\system32\perfh005.dat
2014-01-17 16:54 - 2009-07-14 16:18 - 00582970 _____ C:\Windows\system32\perfc005.dat
2014-01-17 16:54 - 2009-07-14 06:13 - 00006256 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-17 16:40 - 2014-01-17 16:40 - 00052656 _____ C:\Users\Koluch\Downloads\unassoc_1_4.zip
2014-01-17 14:44 - 2013-12-10 14:39 - 00000890 _____ C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-571814238-2266814070-839756959-1000Core.job
2014-01-17 14:43 - 2014-01-17 14:43 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-17 14:43 - 2014-01-17 14:43 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-17 14:43 - 2014-01-17 14:43 - 00001972 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-17 14:43 - 2014-01-17 14:43 - 00000000 ____D C:\Users\Koluch\AppData\Roaming\AVAST Software
2014-01-17 14:42 - 2014-01-17 14:43 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-17 14:42 - 2014-01-17 14:43 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-17 14:42 - 2014-01-17 14:43 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-17 14:42 - 2014-01-17 14:43 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-01-17 14:42 - 2014-01-17 14:43 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-17 14:42 - 2014-01-17 14:43 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2014-01-17 14:42 - 2014-01-17 14:42 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-17 14:42 - 2014-01-17 14:42 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-17 14:41 - 2013-02-21 19:56 - 00000000 ____D C:\ProgramData\MFAData
2014-01-17 14:40 - 2014-01-17 14:40 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-17 14:39 - 2014-01-17 14:39 - 04689480 _____ (AVAST Software) C:\Users\Koluch\Downloads\avast_free_antivirus_setup_online.exe
2014-01-17 14:39 - 2014-01-17 14:39 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-16 19:43 - 2014-01-16 19:43 - 00109422 _____ C:\Users\Koluch\Downloads\XRayInstaller_WithFly.jar
2014-01-16 19:43 - 2014-01-16 19:43 - 00100274 _____ C:\Users\Koluch\Downloads\[1.7.2] XRay_WithFly.zip
2014-01-16 18:49 - 2014-01-16 18:49 - 00149504 _____ C:\Users\Koluch\Downloads\Minecraft (1).exe
2014-01-16 15:16 - 2014-01-16 15:16 - 00002491 _____ C:\Users\Public\Desktop\Safari.lnk
2014-01-16 15:16 - 2014-01-16 15:16 - 00000000 ____D C:\Program Files (x86)\Safari
2014-01-16 10:21 - 2009-07-14 05:45 - 00491424 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-16 10:19 - 2009-07-14 06:08 - 00032546 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-15 21:58 - 2013-08-15 20:50 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 21:57 - 2013-02-20 20:50 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 16:12 - 2014-01-15 16:12 - 00000000 ____D C:\Users\Koluch\Desktop\versions
2014-01-15 16:12 - 2014-01-15 16:12 - 00000000 ____D C:\Users\Koluch\Desktop\libraries
2014-01-15 16:12 - 2014-01-15 16:12 - 00000000 ____D C:\Users\Koluch\Desktop\assets
2014-01-15 16:12 - 2014-01-15 16:11 - 00000000 ____D C:\Users\Koluch\Desktop\Futurecraft
2014-01-14 21:14 - 2014-01-14 21:14 - 00408240 _____ C:\Users\Koluch\Downloads\Zans-Minimap-Mod-1.6.4.zip
2014-01-14 20:46 - 2014-01-14 20:46 - 00400355 _____ C:\Users\Koluch\Downloads\zanMap164h (3).zip
2014-01-14 19:39 - 2014-01-14 19:23 - 29045872 _____ C:\Users\Koluch\Downloads\SixtyGig_Alpha_64x_MC17.zip
2014-01-14 19:15 - 2014-01-14 19:14 - 48936137 _____ C:\Users\Koluch\Downloads\Minecraft Enhanced v1.6 128x.zip
2014-01-14 18:48 - 2014-01-14 18:47 - 38959866 _____ C:\Users\Koluch\Downloads\ChromaHills-64x_1.7_1.0.6.zip
2014-01-14 18:07 - 2014-01-14 18:05 - 76900772 _____ C:\Users\Koluch\Downloads\128 (1).zip
2014-01-14 17:57 - 2014-01-14 17:52 - 140432984 _____ C:\Users\Koluch\Downloads\modpacks^Unleashed^1_1_7^Unleashed-server.zip
2014-01-14 16:29 - 2014-01-14 16:28 - 01025233 _____ ( ) C:\Users\Koluch\Downloads\Feed-The-Beast-FTB-launcher-cracked-(-warez-)-1.3.0-by-Racad.exe
2014-01-14 15:44 - 2014-01-14 15:44 - 01106756 _____ C:\Users\Koluch\Downloads\KeiNett-Launcher.exe
2014-01-12 16:27 - 2014-01-12 16:27 - 00791309 _____ C:\Users\Koluch\Downloads\OptiFine_1.7.2_HD_U_B2.jar
2014-01-11 15:18 - 2014-01-11 15:17 - 20838036 _____ C:\Users\Koluch\Downloads\Soartex_Fanver.zip
2014-01-11 09:56 - 2014-01-11 09:50 - 81033362 _____ C:\Users\Koluch\Downloads\Minecraft-1.4.7-+-Optifine-HD-Ultra-+-55-módů---XCustomBuild10x.zip
2014-01-10 16:18 - 2014-01-10 16:18 - 00095796 _____ C:\Users\Koluch\Downloads\OptiFine-pro-minecraft-1.4.7.zip
2014-01-08 20:34 - 2014-01-08 20:34 - 00278561 _____ C:\Users\Koluch\Downloads\Minecraft---1.5.2-launcher.exe
2014-01-08 20:24 - 2014-01-08 20:24 - 00000000 ____D C:\Program Files (x86)\Minecraft
2014-01-08 20:24 - 2013-12-05 21:23 - 00000000 ____D C:\Windows\bitstreams
2014-01-07 18:46 - 2014-01-07 18:46 - 01717022 _____ C:\Users\Koluch\Downloads\Blocksmith+Hybrid+v1.6b.zip
2014-01-07 16:40 - 2013-08-15 11:20 - 00000000 ____D C:\Users\Koluch\AppData\Roaming\ftblauncher
2014-01-07 10:01 - 2014-01-02 19:48 - 00000027 _____ C:\Users\Koluch\AppData\Roaming\mswvnp.dat
2014-01-07 10:01 - 2014-01-02 19:48 - 00000027 _____ C:\Users\Koluch\AppData\Roaming\msokgxfl.dat
2014-01-04 15:44 - 2014-01-04 15:44 - 05759618 _____ C:\Users\Koluch\Downloads\Faithful Texture Pack 64x64 1.6.zip
2014-01-03 13:40 - 2013-07-30 10:15 - 00000000 ____D C:\Users\Koluch\Downloads\Gta 4
2014-01-02 19:48 - 2014-01-02 19:48 - 00001675 _____ C:\Users\Koluch\AppData\Roaming\msydvd.dat
2014-01-02 19:48 - 2014-01-02 19:48 - 00001654 _____ C:\Users\Koluch\AppData\Roaming\msikrndw.dat
2014-01-02 18:12 - 2014-01-02 18:12 - 00000000 ____D C:\Users\Koluch\AppData\Roaming\.technic
2014-01-02 15:28 - 2014-01-02 15:28 - 12254180 _____ C:\Users\Koluch\Downloads\_1.7__R3D.CRAFT_Default_Realism_64x_v0.1.2.zip
2014-01-02 15:19 - 2014-01-02 15:19 - 10967374 _____ C:\Users\Koluch\Downloads\_1.7__R3D.CRAFT_Smooth_Realism_64x_v0.1.2.zip
2013-12-31 18:09 - 2013-12-31 18:08 - 64709236 _____ C:\Users\Koluch\Downloads\privatepacks^Futurecraft^1^FuturecraftServer.zip
2013-12-31 11:51 - 2013-12-31 11:51 - 30694824 _____ (Oracle Corporation) C:\Users\Koluch\Downloads\jre-7u45-windows-x64.exe
2013-12-31 10:19 - 2013-12-31 10:19 - 01028388 _____ ( ) C:\Users\Koluch\Downloads\Feed-The-Beast-FTB-launcher-cracked-(-warez-)-1.3.2-by-Racad.exe
2013-12-27 16:08 - 2013-12-27 16:08 - 16439432 _____ C:\Users\Koluch\Downloads\David's Detailed 64x64.zip
2013-12-27 15:35 - 2013-12-27 15:35 - 16219948 _____ C:\Users\Koluch\Downloads\Guruths Graphics Pack 7.1.zip
2013-12-26 16:41 - 2013-12-26 16:41 - 01881451 _____ C:\Users\Koluch\Downloads\PacSteam.rar
2013-12-24 13:43 - 2013-12-24 13:18 - 226034296 _____ C:\Users\Koluch\Downloads\PedrosGame_MCLP_120_dil.rar
2013-12-23 19:03 - 2013-12-23 19:00 - 80401726 _____ C:\Users\Koluch\Downloads\Nargbox.1.4.7.Beta6 (1).zip
2013-12-22 16:58 - 2013-12-22 16:58 - 35624744 _____ (Apple Inc.) C:\Users\Koluch\Downloads\SafariSetup.exe
2013-12-20 15:09 - 2013-12-20 15:08 - 34022382 _____ C:\Users\Koluch\Downloads\Ovos Rustic Redemption v1.1.2 - 1.7.X .zip
2013-12-20 13:52 - 2013-12-20 13:51 - 32917114 _____ C:\Users\Koluch\Downloads\Ovos Rustic Redemption v1.1.0 - 1.7.X .zip
2013-12-19 20:30 - 2013-12-19 20:17 - 115388459 _____ (TeamExtreme ) C:\Users\Koluch\Downloads\Minecraft-1.7.4---Cracked-Launcher---UPDATED-[TeamExtreme].exe
2013-12-18 21:52 - 2013-12-18 21:52 - 00400355 _____ C:\Users\Koluch\Downloads\zanMap164h (2).zip

Some content of TEMP:
====================
C:\Users\Koluch\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-09 14:34




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (System) (Fixed) (Total:93.05 GB) (Free:23.63 GB) NTFS
Drive d: (Data) (Fixed) (Total:838.36 GB) (Free:601.72 GB) NTFS

Available physical RAM: 2150.1 MB
Total physical RAM: 4077.26 MB
Percentage of memory in use: 47%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 5FA4C850)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=93 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=838 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-571814238-2266814070-839756959-1000Core.job => C:\Users\Koluch\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe
Task: C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-571814238-2266814070-839756959-1000UA.job => C:\Users\Koluch\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\schedule!3036567561.job => C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe <==== ATTENTION

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Koluch\Desktop" je 4286 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
  HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [KiesTrayAgent] - D:\Programy\Samsung Kies\Kies\KiesTrayAgent.exe [310128 2013-02-13] (Samsung Electronics Co., Ltd.)
  HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
  HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
  HKLM-x32\...\Run: [iTunesHelper] - D:\Programy\itunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
  HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
  HKLM-x32\...\Run: [Printsrv] - c:\Windows\SysWOW64\Printing_Admin_Scripts\en-US\drvupd.vbs [568 2014-01-08] ()
  HKCU\...\Run: [KiesPreload] - D:\Programy\Samsung Kies\Kies\Kies.exe [1509232 2013-02-13] (Samsung)
  HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4288048 2013-04-11] ()
  HKCU\...\Run: [] - D:\Programy\Samsung Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-02-13] (Samsung)
  HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
  HKCU\...\Run: [CatalinaGroup Update] - C:\Users\Koluch\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe [147440 2013-12-10] (Catalina Group Ltd.)
  
  HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
  HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
  StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
  SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
  SearchScopes: HKCU - A4DD957B86DE445DAD4BA61E75EAE2AB URL = http://search.delta-homes.com/web/?utm_ ... default&q={searchTerms}
  SearchScopes: HKCU - {47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF} URL = http://www.basicserve.com/?prt=bscsrvli ... &keywords={searchTerms}
  BHO: surrfo and, keEEp - {C1F70255-D526-C396-90AC-8945C2D18DDE} - C:\Program Files (x86)\surrfo and, keEEp\lYldtE.x64.dll No File
  
  CHR HKLM-x32\...\Chrome\Extension: [pljcgbedjplidkdjahbaalanadmjfgop] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx [2013-10-09]
  
  
  C:\Program Files (x86)\surrfo and, keEEp
  C:\ProgramData\AskPartnerNetwork
  2014-01-17 20:58 - 2014-01-17 20:58 - 00112640 _____ (forum.viry.cz) C:\Users\Koluch\Downloads\Nepotvrzeno 745340.crdownload
  2014-01-17 20:58 - 2014-01-17 20:58 - 00112640 _____ (forum.viry.cz) C:\Users\Koluch\Desktop\FRSTLauncher.exe
  2014-01-17 20:57 - 2014-01-17 20:57 - 02075648 _____ (Farbar) C:\Users\Koluch\Downloads\FRST64 (1).exe
  2014-01-17 20:43 - 2014-01-17 20:44 - 01236282 _____ C:\Users\Koluch\Desktop\adwcleaner.exe
  2014-01-17 20:43 - 2014-01-17 20:43 - 01037068 _____ (Thisisu) C:\Users\Koluch\Desktop\JRT.exe
  2014-01-17 20:28 - 2014-01-17 20:28 - 00935175 _____ C:\Users\Koluch\Downloads\RSITx64 (1).exe
  2014-01-17 20:20 - 2014-01-17 20:21 - 00935175 _____ C:\Users\Koluch\Downloads\RSITx64.exe
  2014-01-17 19:26 - 2014-01-17 19:26 - 00280204 _____ C:\Users\Koluch\Downloads\WindowsUpdateDiagnostic (2).diagcab
  2014-01-17 18:52 - 2014-01-17 18:55 - 07723004 _____ C:\Users\Koluch\Downloads\ParetoLogic.RegCure.Pro.3.1.7.0.rar
  2014-01-17 18:45 - 2014-01-17 18:46 - 05162600 _____ (ParetoLogic, Inc.) C:\Users\Koluch\Downloads\Repair-tool.exe
  2014-01-17 18:43 - 2014-01-17 18:43 - 00280204 _____ C:\Users\Koluch\Downloads\WindowsUpdateDiagnostic (1).diagcab
  2014-01-17 18:41 - 2014-01-17 18:41 - 00280204 _____ C:\Users\Koluch\Downloads\WindowsUpdateDiagnostic.diagcab
  2014-01-17 18:28 - 2014-01-17 18:28 - 11063632 _____ C:\Users\Koluch\Downloads\cc-setup.exe
  2013-12-31 10:19 - 2013-12-10 22:25 - 00005453 ____S C:\Windows\SysWOW64\mswvnp.vbe
  2013-12-31 10:19 - 2013-12-10 22:25 - 00001645 ____S C:\Windows\SysWOW64\msikrndw.vbe
  C:\ProgramData\BetterSoft
  
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-571814238-2266814070-839756959-1000Core.job => C:\Users\Koluch\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe
  Task: C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-571814238-2266814070-839756959-1000UA.job => C:\Users\Koluch\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\schedule!3036567561.job => C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe <==== ATTENTION
  
  Hosts:
  
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-01-2014 02
Ran by Koluch at 2014-01-17 21:23:07 Run:1
Running from C:\Users\Koluch\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] - D:\Programy\Samsung Kies\Kies\KiesTrayAgent.exe [310128 2013-02-13] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - D:\Programy\itunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
HKLM-x32\...\Run: [Printsrv] - c:\Windows\SysWOW64\Printing_Admin_Scripts\en-US\drvupd.vbs [568 2014-01-08] ()
HKCU\...\Run: [KiesPreload] - D:\Programy\Samsung Kies\Kies\Kies.exe [1509232 2013-02-13] (Samsung)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4288048 2013-04-11] ()
HKCU\...\Run: [] - D:\Programy\Samsung Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-02-13] (Samsung)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [CatalinaGroup Update] - C:\Users\Koluch\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe [147440 2013-12-10] (Catalina Group Ltd.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - A4DD957B86DE445DAD4BA61E75EAE2AB URL = http://search.delta-homes.com/web/?utm_ ... default&q={searchTerms}
SearchScopes: HKCU - {47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF} URL = http://www.basicserve.com/?prt=bscsrvli ... &keywords={searchTerms}
BHO: surrfo and, keEEp - {C1F70255-D526-C396-90AC-8945C2D18DDE} - C:\Program Files (x86)\surrfo and, keEEp\lYldtE.x64.dll No File

CHR HKLM-x32\...\Chrome\Extension: [pljcgbedjplidkdjahbaalanadmjfgop] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx [2013-10-09]


C:\Program Files (x86)\surrfo and, keEEp
C:\ProgramData\AskPartnerNetwork
2014-01-17 20:58 - 2014-01-17 20:58 - 00112640 _____ (forum.viry.cz) C:\Users\Koluch\Downloads\Nepotvrzeno 745340.crdownload
2014-01-17 20:58 - 2014-01-17 20:58 - 00112640 _____ (forum.viry.cz) C:\Users\Koluch\Desktop\FRSTLauncher.exe
2014-01-17 20:57 - 2014-01-17 20:57 - 02075648 _____ (Farbar) C:\Users\Koluch\Downloads\FRST64 (1).exe
2014-01-17 20:43 - 2014-01-17 20:44 - 01236282 _____ C:\Users\Koluch\Desktop\adwcleaner.exe
2014-01-17 20:43 - 2014-01-17 20:43 - 01037068 _____ (Thisisu) C:\Users\Koluch\Desktop\JRT.exe
2014-01-17 20:28 - 2014-01-17 20:28 - 00935175 _____ C:\Users\Koluch\Downloads\RSITx64 (1).exe
2014-01-17 20:20 - 2014-01-17 20:21 - 00935175 _____ C:\Users\Koluch\Downloads\RSITx64.exe
2014-01-17 19:26 - 2014-01-17 19:26 - 00280204 _____ C:\Users\Koluch\Downloads\WindowsUpdateDiagnostic (2).diagcab
2014-01-17 18:52 - 2014-01-17 18:55 - 07723004 _____ C:\Users\Koluch\Downloads\ParetoLogic.RegCure.Pro.3.1.7.0.rar
2014-01-17 18:45 - 2014-01-17 18:46 - 05162600 _____ (ParetoLogic, Inc.) C:\Users\Koluch\Downloads\Repair-tool.exe
2014-01-17 18:43 - 2014-01-17 18:43 - 00280204 _____ C:\Users\Koluch\Downloads\WindowsUpdateDiagnostic (1).diagcab
2014-01-17 18:41 - 2014-01-17 18:41 - 00280204 _____ C:\Users\Koluch\Downloads\WindowsUpdateDiagnostic.diagcab
2014-01-17 18:28 - 2014-01-17 18:28 - 11063632 _____ C:\Users\Koluch\Downloads\cc-setup.exe
2013-12-31 10:19 - 2013-12-10 22:25 - 00005453 ____S C:\Windows\SysWOW64\mswvnp.vbe
2013-12-31 10:19 - 2013-12-10 22:25 - 00001645 ____S C:\Windows\SysWOW64\msikrndw.vbe
C:\ProgramData\BetterSoft

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-571814238-2266814070-839756959-1000Core.job => C:\Users\Koluch\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe
Task: C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-571814238-2266814070-839756959-1000UA.job => C:\Users\Koluch\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\schedule!3036567561.job => C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe <==== ATTENTION

Hosts:

End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\KiesTrayAgent => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\APSDaemon => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LogMeIn Hamachi Ui => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Printsrv => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\KiesPreload => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Pando Media Booster => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\CatalinaGroup Update => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\A4DD957B86DE445DAD4BA61E75EAE2AB => Key deleted successfully.
HKCR\CLSID\A4DD957B86DE445DAD4BA61E75EAE2AB => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF} => Key deleted successfully.
HKCR\CLSID\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1F70255-D526-C396-90AC-8945C2D18DDE} => Key deleted successfully.
HKCR\CLSID\{C1F70255-D526-C396-90AC-8945C2D18DDE} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pljcgbedjplidkdjahbaalanadmjfgop => Key deleted successfully.
"C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx" => File/Directory not found.
"C:\Program Files (x86)\surrfo and, keEEp" => File/Directory not found.
"C:\ProgramData\AskPartnerNetwork" => File/Directory not found.
C:\Users\Koluch\Downloads\Nepotvrzeno 745340.crdownload => Moved successfully.
C:\Users\Koluch\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\Koluch\Downloads\FRST64 (1).exe => Moved successfully.
C:\Users\Koluch\Desktop\adwcleaner.exe => Moved successfully.
C:\Users\Koluch\Desktop\JRT.exe => Moved successfully.
C:\Users\Koluch\Downloads\RSITx64 (1).exe => Moved successfully.
C:\Users\Koluch\Downloads\RSITx64.exe => Moved successfully.
C:\Users\Koluch\Downloads\WindowsUpdateDiagnostic (2).diagcab => Moved successfully.
C:\Users\Koluch\Downloads\ParetoLogic.RegCure.Pro.3.1.7.0.rar => Moved successfully.
C:\Users\Koluch\Downloads\Repair-tool.exe => Moved successfully.
C:\Users\Koluch\Downloads\WindowsUpdateDiagnostic (1).diagcab => Moved successfully.
C:\Users\Koluch\Downloads\WindowsUpdateDiagnostic.diagcab => Moved successfully.
C:\Users\Koluch\Downloads\cc-setup.exe => Moved successfully.
C:\Windows\SysWOW64\mswvnp.vbe => Moved successfully.
C:\Windows\SysWOW64\msikrndw.vbe => Moved successfully.
"C:\ProgramData\BetterSoft" => File/Directory not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-571814238-2266814070-839756959-1000Core.job => Moved successfully.
C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-571814238-2266814070-839756959-1000UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\schedule!3036567561.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

Jak se chova PC???

Uz to vypada dobre predtim tam byly nejake viry co odstranil avast, ale jelo to nejak divne, ale ted je to asi OK. Takze diky

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel èistiè

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse