VIRY.CZ

Dobrý den, kamarád má problém s velkým množstvím havěti.Přikládám log z RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Pavel at 2014-06-16 17:10:04
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 328 GB (71%) free of 461 GB
Total RAM: 3948 MB (5% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:10:14, on 16.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\YourFileDownloader Updater\YourFileUpdater.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Users\Pavel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe
C:\Windows\SysWOW64\explorer.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\SysWOW64\explorer.exe
C:\Windows\SysWOW64\explorer.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\explorer.exe
C:\Program Files (x86)\TowerTilt\bin\TowerTilt.BrowserAdapter.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Pavel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://badoo.com/startpage/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... 52197FC&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... 52197FC&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... 52197FC&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... 52197FC&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: TowerTilt - {53d1f32a-a4e1-493c-8830-a4f3599a667f} - C:\Program Files (x86)\TowerTilt\010E7420-EDD0-4D64-B110-D253F685966F.dll
O2 - BHO: TheBlockeer - {7BA70368-C7FC-F19D-DCCF-8B2054B1BBA4} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Pavel\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Pavel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Badoo Desktop] C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Pavel\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA] 1
O4 - HKCU\..\Run: [svchost] regsvr32 /s "C:\Temp:01C80A93.dat"
O4 - HKCU\..\Run: [SpeedUpMyComputer] C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as /ss
O4 - HKCU\..\Run: [FixMyRegistry] C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update TowerTilt - Unknown owner - C:\Program Files (x86)\TowerTilt\updateTowerTilt.exe
O23 - Service: Util TowerTilt - Unknown owner - C:\Program Files (x86)\TowerTilt\bin\utilTowerTilt.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe

--
End of file - 14711 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 4242096
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
\??\C:\Windows\system32\conhost.exe "-15905324651565297658-1041806122-7056511271438757572-154537070656959491257996028
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
taskeng.exe {B66D41FA-CDB7-4370-BC51-E31F5552981D}
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"taskhost.exe"
"C:\Program Files (x86)\TowerTilt\updateTowerTilt.exe"
taskeng.exe {AFA6DE13-1AE1-4994-BC73-164F008F0E85}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {5D0EB354-4690-4F4A-A276-9485770337E3}
"C:\Program Files (x86)\YourFileDownloader Updater\YourFileUpdater.exe"
"C:\Program Files (x86)\TowerTilt\bin\utilTowerTilt.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3040
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
C:\Windows\system32\SearchIndexer.exe /Embedding
szndesktop.exe default start
"C:\Users\Pavel\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "1649674532-15938351722011372439272960283-11404197577854700171547406321893734350
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe"
explorer
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
explorer
explorer
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\TowerTilt\bin\TowerTilt.PurBrowse64.exe" /l false /s false /c "TowerTilt" /t "C:\Program Files (x86)\TowerTilt\bin\TEMP" /i "http://apitowertiltcom-a.akamaihd.net/g ... 0000000000" /d {587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64 /p 38812ee2-4e28-421b-afc0-4c5226e97034:chrome
\??\C:\Windows\system32\conhost.exe "-1654882026-1085798465-1596061260-1553759729-794510862925561725-580755688-1349364766
explorer -o stratum+tcp://useast.wafflepool.com:3333 -O 1KJrt1JBTeUV9kuAzx5e6xyjkoEKTyaEe2:d=16 -t 1 -R 1
/c 38812ee2-4e28-421b-afc0-4c5226e97034 /s /z "n=TowerTilt&is=EF23DDCZ&dpt=21"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4032.0.1859658947\1239588201" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3223 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/ --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="4032.2.1617248157\10145145" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/ --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="4032.3.1522351027\2121597644" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/ --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="4032.4.589115771\637073547" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/ --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="4032.5.975576504\1436738844" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/ --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="4032.6.58346352\2090704294" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4032.7.1799837920\1656652111" --ppapi-flash-args --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/ --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="4032.9.1901740950\404239492" /prefetch:673131151
C:\Windows\system32\msiexec.exe /V
"taskhost.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Pavel\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AmiUpdXp.job - C:\Users\Pavel\AppData\Local\SwvUpdater\Updater.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForPavel.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForPavel (null)

=========Mozilla firefox=========

ProfilePath - C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\jdwuczye.default

prefs.js - "browser.search.useDBForOrder" - false

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.125 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.125 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\jdwuczye.default\extensions\
oc_ux15@znakcky-.com
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\jdwuczye.default\searchplugins\
askcom.xml
badoo.xml
bing-avast.xml
Web Search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58910647-E339-AC70-A8E1-CCF49FDC7962}]
DigiiiCOupoin - C:\ProgramData\DigiiiCOupoin\p.x64.dll [2014-02-28 475136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7BA70368-C7FC-F19D-DCCF-8B2054B1BBA4}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-05-10 581824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53d1f32a-a4e1-493c-8830-a4f3599a667f}]
TowerTilt - C:\Program Files (x86)\TowerTilt\0 [2014-06-16 1085]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7BA70368-C7FC-F19D-DCCF-8B2054B1BBA4}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-10 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-01-12 6602856]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-12-21 2480936]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-03-01 615584]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-03-01 379552]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-07-21 8192]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-08-14 172016]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-08-14 399856]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-08-14 442352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-05-27 21720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"cz.seznam.software.autoupdate"=C:\Users\Pavel\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Pavel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224]
"Badoo Desktop"=C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe [2012-12-24 1067232]
"uTorrent"=C:\Users\Pavel\AppData\Roaming\uTorrent\uTorrent.exe [2014-06-02 1272400]
"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"=1 []
"svchost"=regsvr32 /s C:\Temp:01C80A93.dat []
"SpeedUpMyComputer"=C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as /ss []
"FixMyRegistry"=C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-05-20 284440]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-02-01 656920]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-03-05 578944]
"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-08-19 379960]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-06-06 3890208]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-06-27 442880]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi5"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux4"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-06-16 17:10:05 ----D---- C:\Program Files\trend micro
2014-06-16 17:10:04 ----D---- C:\rsit
2014-06-16 11:03:46 ----A---- C:\Windows\system32\drivers\{587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64.sys
2014-06-16 09:59:10 ----D---- C:\Program Files (x86)\TowerTilt
2014-06-16 09:58:10 ----D---- C:\Users\Pavel\AppData\Roaming\YourFileDownloader
2014-06-16 09:58:10 ----D---- C:\Program Files (x86)\YourFileDownloader Updater
2014-06-16 09:58:10 ----D---- C:\Program Files (x86)\YourFileDownloader
2014-06-16 07:28:14 ----D---- C:\ProgramData\RegClean
2014-06-16 07:21:10 ----D---- C:\Program Files (x86)\SmartTweak
2014-06-12 18:43:08 ----D---- C:\Intel
2014-06-12 18:27:59 ----D---- C:\ProgramData\Fighters
2014-06-11 09:22:39 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-06-11 09:22:39 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-06-11 09:22:38 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-06-11 09:22:38 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-06-11 09:22:38 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-06-11 09:22:38 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-06-11 09:22:38 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-06-11 09:22:38 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 09:22:38 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-06-11 09:22:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-06-11 09:22:36 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-06-11 09:22:35 ----A---- C:\Windows\system32\urlmon.dll
2014-06-11 09:22:34 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-06-11 09:22:33 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-06-11 09:22:33 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-06-11 09:22:33 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-06-11 09:22:33 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 09:22:33 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-06-11 09:22:33 ----A---- C:\Windows\system32\dxtmsft.dll
2014-06-11 09:22:32 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-06-11 09:22:32 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-06-11 09:22:32 ----A---- C:\Windows\system32\msfeeds.dll
2014-06-11 09:22:31 ----A---- C:\Windows\system32\iesetup.dll
2014-06-11 09:22:31 ----A---- C:\Windows\system32\ie4uinit.exe
2014-06-11 09:22:30 ----A---- C:\Windows\system32\iertutil.dll
2014-06-11 09:22:29 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-06-11 09:22:29 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-06-11 09:22:29 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-06-11 09:22:29 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-06-11 09:22:29 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-06-11 09:22:28 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-06-11 09:22:28 ----A---- C:\Windows\system32\jsproxy.dll
2014-06-11 09:22:28 ----A---- C:\Windows\system32\iernonce.dll
2014-06-11 09:22:27 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-06-11 09:22:25 ----A---- C:\Windows\system32\dxtrans.dll
2014-06-11 09:22:24 ----A---- C:\Windows\system32\ieui.dll
2014-06-11 09:22:24 ----A---- C:\Windows\system32\ieframe.dll
2014-06-11 09:22:23 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-06-11 09:22:23 ----A---- C:\Windows\system32\mshtmled.dll
2014-06-11 09:22:22 ----A---- C:\Windows\system32\jscript9diag.dll
2014-06-11 09:22:22 ----A---- C:\Windows\system32\jscript9.dll
2014-06-11 09:22:22 ----A---- C:\Windows\system32\ieUnatt.exe
2014-06-11 09:22:21 ----A---- C:\Windows\system32\vbscript.dll
2014-06-11 09:22:20 ----A---- C:\Windows\system32\ieapfltr.dll
2014-06-11 09:22:19 ----A---- C:\Windows\system32\wininet.dll
2014-06-11 09:22:18 ----A---- C:\Windows\system32\msrating.dll
2014-06-11 09:22:17 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 09:22:17 ----A---- C:\Windows\system32\mshtml.dll
2014-06-11 09:20:56 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-06-11 09:20:56 ----A---- C:\Windows\system32\usp10.dll
2014-06-11 09:20:54 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-06-11 09:20:53 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-06-11 09:20:51 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-06-11 09:20:51 ----A---- C:\Windows\system32\msxml6.dll
2014-06-11 09:20:51 ----A---- C:\Windows\system32\msxml3.dll
2014-06-11 09:20:50 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2014-06-11 09:20:50 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-06-11 09:20:50 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-06-11 09:20:50 ----A---- C:\Windows\system32\msxml6r.dll
2014-06-11 09:20:50 ----A---- C:\Windows\system32\msxml3r.dll
2014-06-11 09:15:52 ----A---- C:\Windows\system32\aepdu.dll
2014-06-11 09:15:45 ----A---- C:\Windows\system32\aeinv.dll
2014-06-03 17:19:38 ----AD---- C:\Temp
2014-05-28 13:47:09 ----D---- C:\Users\Pavel\AppData\Roaming\Thinstall
2014-05-25 16:43:00 ----D---- C:\ProgramData\Badoo

======List of files/folders modified in the last 1 month======

2014-06-16 17:10:13 ----D---- C:\Windows\Temp
2014-06-16 17:10:05 ----RD---- C:\Program Files
2014-06-16 17:07:14 ----D---- C:\Windows\system32\config
2014-06-16 17:02:30 ----D---- C:\Users\Pavel\AppData\Roaming\Seznam.cz
2014-06-16 16:59:38 ----D---- C:\Users\Pavel\AppData\Roaming\vlc
2014-06-16 16:59:25 ----A---- C:\Windows\SYSWOW64\log.txt
2014-06-16 16:57:48 ----A---- C:\Windows\win.ini
2014-06-16 16:57:39 ----D---- C:\Users\Pavel\AppData\Roaming\uTorrent
2014-06-16 16:57:36 ----D---- C:\Users\Pavel\AppData\Roaming\Skype
2014-06-16 16:57:07 ----D---- C:\ProgramData\PDFC
2014-06-16 13:22:24 ----D---- C:\Windows\LiveKernelReports
2014-06-16 11:03:46 ----D---- C:\Windows\system32\drivers
2014-06-16 09:59:10 ----RD---- C:\Program Files (x86)
2014-06-16 09:58:11 ----D---- C:\Windows\system32\Tasks
2014-06-16 09:08:01 ----SHD---- C:\Windows\Installer
2014-06-16 09:07:52 ----SHD---- C:\System Volume Information
2014-06-16 09:06:40 ----D---- C:\Windows\System32
2014-06-16 09:06:37 ----D---- C:\Windows\SysWOW64
2014-06-16 08:36:45 ----D---- C:\Windows
2014-06-16 08:36:41 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-06-16 08:31:38 ----D---- C:\Users\Pavel\AppData\Roaming\OpenCandy
2014-06-16 07:28:14 ----HD---- C:\ProgramData
2014-06-16 07:05:49 ----D---- C:\Windows\system32\catroot2
2014-06-15 17:42:06 ----D---- C:\Windows\Prefetch
2014-06-15 10:41:25 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-06-14 15:06:17 ----D---- C:\ProgramData\TrackMania
2014-06-12 19:39:47 ----D---- C:\Program Files (x86)\Intel
2014-06-12 18:47:03 ----D---- C:\Windows\inf
2014-06-12 18:46:27 ----SD---- C:\ProgramData\Microsoft
2014-06-12 18:46:26 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-06-12 18:46:23 ----D---- C:\Program Files (x86)\Common Files
2014-06-12 18:45:18 ----D---- C:\Users\Pavel\AppData\Roaming\SoftGrid Client
2014-06-12 18:36:47 ----D---- C:\Windows\Tasks
2014-06-11 17:26:42 ----D---- C:\Windows\winsxs
2014-06-11 17:23:37 ----D---- C:\Program Files\Internet Explorer
2014-06-11 17:23:35 ----D---- C:\Windows\SYSWOW64\en-US
2014-06-11 17:23:30 ----D---- C:\Windows\system32\en-US
2014-06-11 17:23:26 ----D---- C:\Program Files (x86)\Internet Explorer
2014-06-11 17:23:19 ----D---- C:\Windows\system32\DriverStore
2014-06-11 13:08:42 ----D---- C:\Windows\system32\MRT
2014-06-11 13:05:07 ----A---- C:\Windows\system32\MRT.exe
2014-06-11 13:01:57 ----SD---- C:\Windows\system32\CompatTel
2014-06-11 12:03:32 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-06-11 09:15:04 ----D---- C:\Windows\system32\catroot
2014-06-10 12:02:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-06-08 20:07:01 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-06-02 12:21:51 ----D---- C:\Program Files (x86)\uTorrent
2014-05-30 16:29:59 ----D---- C:\ProgramData\cljaefdoffhbjedmpdclboacfhnjhkhl
2014-05-29 20:24:22 ----SD---- C:\Users\Pavel\AppData\Roaming\Microsoft
2014-05-29 08:28:11 ----D---- C:\Program Files (x86)\Counter-Strike 1.6 Non-Steam
2014-05-28 14:37:50 ----D---- C:\Users\Pavel\AppData\Roaming\.minecraft
2014-05-26 21:31:59 ----D---- C:\Users\Pavel\AppData\Roaming\BSplayer
2014-05-21 09:26:04 ----D---- C:\ProgramData\Skype
2014-05-21 09:25:59 ----RD---- C:\Program Files (x86)\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-05-10 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-05-10 208416]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-05-20 557848]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-05-10 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-05-15 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-05-15 423240]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-05-14 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-05-10 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-05-10 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-05-15 85328]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-03-01 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-08-03 2768384]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-03-01 298656]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-03-01 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-03-01 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-03-01 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-03-01 154272]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-03-01 280224]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2011-02-09 31088]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-06-27 5361920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-01-12 2709224]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-07-01 342528]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-12-31 56344]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-02-15 335464]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-05 436840]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-12-21 1402416]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-05-14 868848]
S1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\adusbser.sys [2006-10-23 93440]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2010-02-22 11776]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RL_MIXAGE_IE_MIDI;Mixage Interface Edition WDM MIDI Device; C:\Windows\system32\drivers\rlmxgiem.sys []
S3 RL_MIXAGE_IE_USB;usb-audio.de driver for Reloop Mixage Interface Edition; C:\Windows\System32\Drivers\rlmxgieu.sys []
S3 RL_MIXAGE_IE_WDM;Mixage Interface Edition WDM Audio; C:\Windows\system32\drivers\rlmxgiea.sys []
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 tap0901;avast! SecureLine TAP Adapter; C:\Windows\system32\DRIVERS\tap0901.sys [2013-04-30 40616]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2010-11-21 32768]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-01 138400]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-03-01 76448]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-05-10 50344]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-03-05 35200]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2010-12-28 1817088]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-31 325656]
R2 NIHardwareService;NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-09-09 5735424]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-11-02 5305696]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-31 2656280]
R2 Update TowerTilt;Update TowerTilt; C:\Program Files (x86)\TowerTilt\updateTowerTilt.exe [2014-06-16 317728]
R2 Util TowerTilt;Util TowerTilt; C:\Program Files (x86)\TowerTilt\bin\utilTowerTilt.exe [2014-06-16 317728]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-04 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-11 262320]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-08-14 279024]
S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-12-17 227936]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-04 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-05-30 111616]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-25 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

JRT LOG...

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Pavel on po 16.06.2014 at 17:29:57,85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\speedupmycomputer
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\Default_Search_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\funmoods
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\simplytech
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smarttweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yourfiledownloader
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\simplytech
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1140734701-3671491540-154073284-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\yourfiledownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bhoclass.bho.bhoclass.bho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\driverscanner
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\driverscanner_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\driverscanner_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\funmoodssetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\funmoodssetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sp global
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sprotector
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_mac-os-x-lion-skin-pack_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_mac-os-x-lion-skin-pack_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_mac-os-x-lion-skin-pack_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_mac-os-x-lion-skin-pack_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A3512CEE-7743-4EA6-9AD5-4666CCCD571A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AA56ECFC-1AAF-4077-86AE-9ABD0397D579}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\pip"



~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\amiupdxp.job
Successfully deleted: [File] C:\Windows\syswow64\sho29ED.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho3924.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho65A9.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho7EA6.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho9147.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho9962.tmp



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\fighters"
Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\ProgramData\thebflix"
Successfully deleted: [Folder] "C:\ProgramData\youtubeadblocker"
Successfully deleted: [Folder] "C:\Users\Pavel\AppData\Roaming\funmoods"
Successfully deleted: [Folder] "C:\Users\Pavel\AppData\Roaming\newnext.me"
Successfully deleted: [Folder] "C:\Users\Pavel\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Pavel\AppData\Roaming\thinstall"
Successfully deleted: [Folder] "C:\Users\Pavel\AppData\Roaming\yourfiledownloader"
Successfully deleted: [Folder] "C:\Users\Pavel\appdata\locallow\simplytech"
Successfully deleted: [Folder] "C:\Users\Pavel\appdata\locallow\thebflix"
Successfully deleted: [Folder] "C:\Program Files (x86)\smarttweak"
Successfully deleted: [Folder] "C:\Program Files (x86)\yourfiledownloader"
Successfully deleted: [Folder] "C:\Users\Pavel\AppData\Roaming\microsoft\windows\start menu\programs\smarttweak software"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Pavel\appdata\local\{0134BB18-1B2F-4454-9558-8F92FF44E45A}
Successfully deleted: [Empty Folder] C:\Users\Pavel\appdata\local\{029A38FC-A735-4D06-AF55-478DD3199D20}
Successfully deleted: [Empty Folder] C:\Users\Pavel\appdata\local\{0A6C5AFA-A08F-404F-8C96-3CB8BABCB4CF}
Successfully deleted: [Empty Folder] C:\Users\Pavel\appdata\local\{12529027-C34E-40AA-A474-9129560A8E0C}
Successfully deleted: [Empty Folder] C:\Users\Pavel\appdata\local\{18C367E3-DF64-4226-A90F-0351007C7EAF}
Successfully deleted: [Empty Folder] C:\Users\Pavel\appdata\local\{1D77075A-1ACD-41FD-9F94-4C193B706DA1}
Successfully deleted: [Empty Folder] C:\Users\Pavel\appdata\local\{22A03E4B-F213-47E4-B8AB-42DDB6AC0892}
Successfully deleted: [Empty Folder] C:\Users\Pavel\appdata\local\{3A7AD31F-BE20-4989-A7B2-7657F12C4FDD}
Successfully deleted: [Empty Folder] C:\Users\Pavel\appdata\local\{4E1132D3-401B-4D55-8554-6343518CCD01}
Successfully deleted: [Empty Folder] C:\Users\Pavel\appdata\local\{6AD291AB-22C1-4D96-9289-D78955360D42}
Successfully deleted: [Empty Folder] C:\Users\Pavel\appdata\local\{6FB55DA5-59B2-48C0-A86F-55CE31931CD8}
Successfully deleted: [Empty Folder] C:\Users\Pavel\appdata\local\{7EFC2F48-4CEA-4802-A599-276DF11707D0}
Successfully deleted: [Empty Folder] C:\Users\Pavel\appdata\local\{9A71DCA1-B815-4409-9B86-BECA980744DE}
Successfully deleted: [Empty Folder] C:\Users\Pavel\appdata\local\{A753182F-8BD4-43E1-AC82-340FAAC851A3}
Successfully deleted: [Empty Folder] C:\Users\Pavel\appdata\local\{B1B7C374-62EC-4ABD-A882-2147B365440B}
Successfully deleted: [Empty Folder] C:\Users\Pavel\appdata\local\{B66286DF-B6C8-40C0-91F7-293FED64E97F}
Successfully deleted: [Empty Folder] C:\Users\Pavel\appdata\local\{CE512EF7-99D9-4E81-93B6-EC85AC9F86A2}
Successfully deleted: [Empty Folder] C:\Users\Pavel\appdata\local\{DF3F0A15-9CEC-41A7-B9B9-9F174F1D2960}
Successfully deleted: [Empty Folder] C:\Users\Pavel\appdata\local\{E0F123EB-17CB-441B-854B-453CA4D5928A}
Successfully deleted: [Empty Folder] C:\Users\Pavel\appdata\local\{F7DE566A-0CBC-47AA-BA32-25BD79463FB7}
Successfully deleted: [Folder] "C:\ProgramData\ask"



~~~ FireFox

Successfully deleted: [File] C:\Users\Pavel\AppData\Roaming\mozilla\firefox\profiles\jdwuczye.default\user.js
Successfully deleted: [File] C:\Users\Pavel\AppData\Roaming\mozilla\firefox\profiles\jdwuczye.default\searchplugins\askcom.xml
Successfully deleted: [File] C:\Users\Pavel\AppData\Roaming\mozilla\firefox\profiles\jdwuczye.default\searchplugins\web search.xml
Successfully deleted the following from C:\Users\Pavel\AppData\Roaming\mozilla\firefox\profiles\jdwuczye.default\prefs.js

user_pref("aol_toolbar.default.homepage.check", false);
user_pref("aol_toolbar.default.search.check", false);
user_pref("extensions.BabylonToolbar.prtkDS", 0);
user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
user_pref("extensions.TgvQrm.url", "hxxp://jpisyncer.info/sync2/?q=hfZ9ofV9CShEAen0pjs9tMqLDe49CNU0n8OMCMlNhd9FrHwGrjUFqda6rjrMBzqUojwHrjsGrHwFrdgHpih7hfs0pihPBMn0rTUHrHC6qTn6
user_pref("extensions.jfk.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorob
user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
user_pref("sweetim.toolbar.previous.keyword.URL", "");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
user_pref("sweetim.toolbar.searchguard.enable", "");
Emptied folder: C:\Users\Pavel\AppData\Roaming\mozilla\firefox\profiles\jdwuczye.default\minidumps [155 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 16.06.2014 at 17:42:25,17
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


adwclean log...

# AdwCleaner v3.212 - Report created 16/06/2014 at 17:48:17
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Pavel - PAVEL-HP
# Running from : C:\Users\Pavel\Downloads\adwcleaner_3.212.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : Update TowerTilt
[#] Service Deleted : Util TowerTilt

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\QuickSet
Folder Deleted : C:\ProgramData\RegClean
Folder Deleted : C:\ProgramData\Uniblue
Folder Deleted : C:\ProgramData\CoheApiMuE
Folder Deleted : C:\ProgramData\DigiiiCOupoin
Folder Deleted : C:\ProgramData\RandomPrice
Folder Deleted : C:\ProgramData\surf anda keep
[!] Folder Deleted : C:\Program Files (x86)\TowerTilt
Folder Deleted : C:\Program Files (x86)\YourFileDownloader Updater
Folder Deleted : C:\Program Files (x86)\surf anda keep
Folder Deleted : C:\Users\Pavel\AppData\Local\apn
Folder Deleted : C:\Users\Pavel\AppData\Local\genienext
Folder Deleted : C:\Users\Pavel\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Pavel\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Pavel\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Pavel\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\Pavel\AppData\Local\Temp\OpenCandy
Folder Deleted : C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\jdwuczye.default\Extensions\oc_ux15@znakcky-.com
File Deleted : C:\Users\Pavel\daemonprocess.txt
File Deleted : C:\Users\Pavel\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Windows\System32\Tasks\Funmoods
File Deleted : C:\Windows\System32\Tasks\YourFile DownloaderUpdate

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\joifgdlkhokekeaenpkaehbnjhncglbh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [FixMyRegistry]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\YoutubeAdblocker.YoutubeAdblocker
Key Deleted : HKLM\SOFTWARE\Classes\YoutubeAdblocker.YoutubeAdblocker.1.0
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{53D1F32A-A4E1-493C-8830-A4F3599A667F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8F097125-21EE-3870-10D6-1861BD620BDF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF850AC2-CB12-C7C3-44B1-0A1746DDF965}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{716347DC-3B2C-494C-8E63-681862B6E122}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3603F80E-BFC2-4EB6-BF31-1ED075CE4DC1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53D1F32A-A4E1-493C-8830-A4F3599A667F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F097125-21EE-3870-10D6-1861BD620BDF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF850AC2-CB12-C7C3-44B1-0A1746DDF965}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{8F097125-21EE-3870-10D6-1861BD620BDF}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EF850AC2-CB12-C7C3-44B1-0A1746DDF965}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{716347DC-3B2C-494C-8E63-681862B6E122}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\TowerTilt
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\TowerTilt
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\YourFileDownloader
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TowerTilt

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]

-\\ Mozilla Firefox v29.0.1 (cs)

[ File : C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\jdwuczye.default\prefs.js ]

Line Deleted : user_pref("extensions.jfk.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.net\")>-1||url.indexOf([...]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : joifgdlkhokekeaenpkaehbnjhncglbh

*************************

AdwCleaner[R0].txt - [9246 octets] - [16/06/2014 17:47:08]
AdwCleaner[S0].txt - [7692 octets] - [16/06/2014 17:48:17]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7752 octets] ##########

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Jaký soft mám použít pokud se Zoek odmítá spustit?

Zkuste jej spustit v nouzovem rezimu

Stále se to nechce spustit.

Dejte log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-06-2014
Ran by Pavel (administrator) on PAVEL-HP on 16-06-2014 19:18:44
Running from C:\Users\Pavel\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Badoo) C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe
() C:\Users\Pavel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
() C:\Users\Pavel\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6602856 2011-01-12] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-21] (Synaptics Incorporated)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-03-01] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-01] (Atheros Commnucations)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [656920 2011-02-01] (PDF Complete Inc)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-06] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-05-27] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1140734701-3671491540-154073284-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-1140734701-3671491540-154073284-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Pavel\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1140734701-3671491540-154073284-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Pavel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-1140734701-3671491540-154073284-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-1140734701-3671491540-154073284-1000\...\Run: [Badoo Desktop] => C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe [1067232 2012-12-24] (Badoo)
HKU\S-1-5-21-1140734701-3671491540-154073284-1000\...\Run: [uTorrent] => C:\Users\Pavel\AppData\Roaming\uTorrent\uTorrent.exe [1272400 2014-06-02] (BitTorrent Inc.)
HKU\S-1-5-21-1140734701-3671491540-154073284-1000\...\Run: [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA] => 1
HKU\S-1-5-21-1140734701-3671491540-154073284-1000\...\Run: [svchost] => regsvr32 /s "C:\Temp:01C80A93.dat"
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://badoo.com/startpage/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKCU - {1AFB4022-2899-4728-86A8-0C8A5B829193} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
SearchScopes: HKCU - {4865D121-028D-4DD2-B805-EBB2F9E5A7D9} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKCU - {6BCE8D53-777F-4B6E-90B5-E9E1A7BD1178} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKCU - {840D665A-B1E0-4288-A515-0DC1B009F821} URL = http://encyklopedie.seznam.cz/search?q= ... arch_16194
SearchScopes: HKCU - {988D89DC-BD5E-4439-A856-DB142376D11F} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKCU - {CC766FA5-A774-46EC-8168-24B523495122} URL = http://www.mapy.cz/?query={searchTerms} ... arch_16194
SearchScopes: HKCU - {ECEE65F1-5BCC-4CDF-8038-66354D00579E} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
SearchScopes: HKCU - {F21DE0B0-53D7-4B13-B2A4-87BB7B0CCA02} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
BHO: DigiiiCOupoin - {58910647-E339-AC70-A8E1-CCF49FDC7962} - C:\ProgramData\DigiiiCOupoin\p.x64.dll No File
BHO: No Name - {7BA70368-C7FC-F19D-DCCF-8B2054B1BBA4} - No File
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: No Name - {7BA70368-C7FC-F19D-DCCF-8B2054B1BBA4} - No File
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.15.1

FireFox:
========
FF ProfilePath: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\jdwuczye.default
FF DefaultSearchEngine: Microsoft (Bing)
FF SearchEngineOrder.1: Microsoft (Bing)
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll ()
FF SearchPlugin: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\jdwuczye.default\searchplugins\badoo.xml
FF SearchPlugin: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\jdwuczye.default\searchplugins\bing-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Seznam lištička - C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\jdwuczye.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-06-06]
FF Extension: TowerTilt - C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\jdwuczye.default\Extensions\{587cb346-a3d8-4884-b39b-f0ed918b6f96}.xpi [2014-06-16]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-11-17]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-11-17]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013-11-17]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-11-17]
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-06-26]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [fbphotozoom@installdaddy.com] - C:\Program Files (x86)\fbphotozoom\fbphotozoom15.xpi
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-05-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-06-26]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: hxxp://www.msn.com/?pc=AV01
CHR RestoreOnStartup: "hxxp://www.google.cz/"
CHR StartupUrls: "hxxp://www.msn.com/?pc=AV01"
CHR Extension: (TheBlockeer) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecjcoanedfmcjnagkmklgnnckmfpmmfi [2014-05-30]
CHR Extension: (Invite All (for Facebook)) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\eopekjehpibhfpjjcokfmhcaeiclddih [2014-03-25]
CHR Extension: (Facebook Friend Inviter) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fojfflomljfbdfdcfmiihnijjfnnakdn [2014-03-03]
CHR Extension: (AdBlock) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-28]
CHR Extension: (Peněženka Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-03]
CHR Extension: (RandomPrice) - C:\ProgramData\cljaefdoffhbjedmpdclboacfhnjhkhl [2013-12-30]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-05-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM-x32\...\Chrome\Extension: [mpieaakhacmfleokhjcjnpcnmnmpfkid] - C:\Program Files (x86)\fbphotozoom\fbphotozoom15.crx [2013-05-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-01] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [76448 2011-03-01] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-10] (AVAST Software)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-12-17] (WildTangent)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2010-12-28] (Realsil Microelectronics Inc.) [File not signed]
R2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [5735424 2011-09-09] (Native Instruments GmbH) [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2012-08-16] (Microsoft Corporation) [File not signed]
S2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-02-25] (Xobni Corporation)

==================== Drivers (Whitelisted) ====================

S3 adusbser; C:\Windows\System32\DRIVERS\adusbser.sys [93440 2006-10-23] (AnyDATA Corporation) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-10] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-10] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-10] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-10] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-14] (DT Soft Ltd)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2012-05-14] (Duplex Secure Ltd.)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R1 {587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64; C:\Windows\System32\drivers\{587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64.sys [61120 2014-06-13] (StdLib)
S3 RL_MIXAGE_IE_MIDI; system32\drivers\rlmxgiem.sys [X]
S3 RL_MIXAGE_IE_USB; System32\Drivers\rlmxgieu.sys [X]
S3 RL_MIXAGE_IE_WDM; system32\drivers\rlmxgiea.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-16 19:18 - 2014-06-16 19:19 - 00021351 _____ () C:\Users\Pavel\Downloads\FRST.txt
2014-06-16 19:15 - 2014-06-16 19:18 - 00000000 ____D () C:\FRST
2014-06-16 19:15 - 2014-06-16 19:15 - 02081280 _____ (Farbar) C:\Users\Pavel\Downloads\FRST64.exe
2014-06-16 18:15 - 2014-06-16 18:50 - 00000002 _____ () C:\runcheck.txt
2014-06-16 18:15 - 2014-06-16 18:15 - 00000000 ____D () C:\zoek_backup
2014-06-16 17:51 - 2014-06-16 17:51 - 00007888 _____ () C:\Users\Pavel\Desktop\AdwCleaner[S0].txt
2014-06-16 17:48 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-16 17:47 - 2014-06-16 17:48 - 00000000 ____D () C:\AdwCleaner
2014-06-16 17:44 - 2014-06-16 17:44 - 00014790 _____ () C:\Users\Pavel\Desktop\JRTa.txt
2014-06-16 17:42 - 2014-06-16 17:42 - 00014790 _____ () C:\Users\Pavel\Desktop\JRT.txt
2014-06-16 17:34 - 2014-06-16 17:35 - 01333465 _____ () C:\Users\Pavel\Downloads\adwcleaner_3.212.exe
2014-06-16 17:29 - 2014-06-16 17:29 - 00000000 ____D () C:\Windows\ERUNT
2014-06-16 17:28 - 2014-06-16 17:29 - 01016261 _____ (Thisisu) C:\Users\Pavel\Downloads\JRT.exe
2014-06-16 17:17 - 2014-06-16 17:17 - 00028380 _____ () C:\Users\Pavel\Desktop\info.txt
2014-06-16 17:10 - 2014-06-16 17:10 - 00000000 ____D () C:\rsit
2014-06-16 17:10 - 2014-06-16 17:10 - 00000000 ____D () C:\Program Files\trend micro
2014-06-16 17:09 - 2014-06-16 17:09 - 01222144 _____ () C:\Users\Pavel\Downloads\RSITx64.exe
2014-06-16 15:09 - 2014-06-16 15:09 - 00000295 _____ () C:\Users\Pavel\Desktop\post.php.txt
2014-06-16 14:44 - 2014-06-16 14:44 - 00046500 _____ () C:\Users\Pavel\Desktop\index.html
2014-06-16 11:03 - 2014-06-13 18:49 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64.sys
2014-06-16 09:59 - 2014-06-16 17:48 - 00000000 ____D () C:\Program Files (x86)\TowerTilt
2014-06-16 09:58 - 2014-06-16 09:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\YourFileDownloader
2014-06-16 08:37 - 2014-06-16 08:37 - 00000000 ____D () C:\Users\Pavel\AppData\Local\AVG
2014-06-16 08:31 - 2014-06-16 08:31 - 00000000 ____D () C:\Users\Pavel\Documents\My Cheat Tables
2014-06-12 18:43 - 2014-06-12 18:43 - 00000000 ____D () C:\Intel
2014-06-11 09:22 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 09:22 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 09:22 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 09:22 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 09:22 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 09:22 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 09:22 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 09:22 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 09:22 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 09:22 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 09:22 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 09:22 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 09:22 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 09:22 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 09:22 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 09:22 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 09:22 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 09:22 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 09:22 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 09:22 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 09:22 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 09:22 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 09:22 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 09:22 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 09:22 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 09:22 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 09:22 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 09:22 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 09:22 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 09:22 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 09:22 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 09:22 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 09:22 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 09:22 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 09:22 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 09:22 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 09:22 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 09:22 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 09:22 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 09:22 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 09:22 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 09:22 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 09:22 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 09:22 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 09:22 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 09:22 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 09:22 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 09:22 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 09:22 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 09:22 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 09:22 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 09:22 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 09:20 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 09:20 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 09:20 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 09:20 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 09:20 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 09:20 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 09:20 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 09:20 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 09:20 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 09:20 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 09:20 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 09:20 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 09:15 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 09:15 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-03 17:19 - 2014-06-16 18:40 - 00000000 ____D () C:\Temp
2014-06-02 12:21 - 2014-06-02 12:21 - 00000813 _____ () C:\Users\Pavel\Desktop\µTorrent.lnk
2014-06-02 12:21 - 2014-06-02 12:21 - 00000793 _____ () C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-05-28 13:51 - 2014-05-28 13:51 - 00000000 __SHD () C:\Users\Pavel\AppData\Local\EmieUserList
2014-05-28 13:51 - 2014-05-28 13:51 - 00000000 __SHD () C:\Users\Pavel\AppData\Local\EmieSiteList
2014-05-25 16:43 - 2014-05-25 16:43 - 00001138 _____ () C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Badoo Desktop.lnk
2014-05-25 16:43 - 2014-05-25 16:43 - 00000984 _____ () C:\Users\Pavel\Desktop\Badoo.Desktop.lnk
2014-05-25 16:43 - 2014-05-25 16:43 - 00000000 ____D () C:\ProgramData\Badoo
2014-05-24 20:21 - 2014-04-02 20:23 - 00000000 ____D () C:\Users\Pavel\Desktop\RICHARD REYNOLDS - 10k Bootleg Pack
2014-05-24 20:21 - 2014-03-31 15:59 - 00000000 ____D () C:\Users\Pavel\Desktop\NAMAAS Mashups pack 2014
2014-05-23 07:11 - 2014-05-23 07:11 - 00044332 _____ () C:\Users\Pavel\Desktop\20140521_235610.jpeg
2014-05-17 22:05 - 2014-05-17 22:05 - 00000000 ____D () C:\Users\Pavel\Downloads\NAMAAS Mashups pack 2014
2014-05-17 13:24 - 2014-05-17 13:24 - 00002536 ____N () C:\Users\Public\Desktop\WildTangent Games App - hp.lnk

==================== One Month Modified Files and Folders =======

2014-06-16 19:19 - 2014-06-16 19:18 - 00021351 _____ () C:\Users\Pavel\Downloads\FRST.txt
2014-06-16 19:19 - 2012-03-24 12:56 - 00000000 ____D () C:\Users\Pavel\AppData\Local\Temp
2014-06-16 19:18 - 2014-06-16 19:15 - 00000000 ____D () C:\FRST
2014-06-16 19:15 - 2014-06-16 19:15 - 02081280 _____ (Farbar) C:\Users\Pavel\Downloads\FRST64.exe
2014-06-16 19:03 - 2012-05-18 11:51 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-16 18:54 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-16 18:54 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-16 18:52 - 2014-02-06 14:12 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Seznam.cz
2014-06-16 18:51 - 2011-09-29 12:09 - 01333459 _____ () C:\Windows\WindowsUpdate.log
2014-06-16 18:50 - 2014-06-16 18:15 - 00000002 _____ () C:\runcheck.txt
2014-06-16 18:48 - 2012-12-12 18:51 - 00000435 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-06-16 18:47 - 2013-06-09 16:51 - 00000035 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini
2014-06-16 18:47 - 2012-03-31 21:08 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\uTorrent
2014-06-16 18:47 - 2011-05-09 16:24 - 00000000 ____D () C:\ProgramData\PDFC
2014-06-16 18:46 - 2012-07-04 23:54 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-16 18:46 - 2010-11-21 05:47 - 00573332 _____ () C:\Windows\PFRO.log
2014-06-16 18:46 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-16 18:46 - 2009-07-14 06:51 - 00349983 _____ () C:\Windows\setupact.log
2014-06-16 18:40 - 2014-06-03 17:19 - 00000000 ____D () C:\Temp
2014-06-16 18:15 - 2014-06-16 18:15 - 00000000 ____D () C:\zoek_backup
2014-06-16 17:51 - 2014-06-16 17:51 - 00007888 _____ () C:\Users\Pavel\Desktop\AdwCleaner[S0].txt
2014-06-16 17:48 - 2014-06-16 17:47 - 00000000 ____D () C:\AdwCleaner
2014-06-16 17:48 - 2014-06-16 09:59 - 00000000 ____D () C:\Program Files (x86)\TowerTilt
2014-06-16 17:48 - 2012-03-24 12:56 - 00000000 ____D () C:\Users\Pavel
2014-06-16 17:48 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-06-16 17:45 - 2012-07-04 23:54 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-16 17:44 - 2014-06-16 17:44 - 00014790 _____ () C:\Users\Pavel\Desktop\JRTa.txt
2014-06-16 17:42 - 2014-06-16 17:42 - 00014790 _____ () C:\Users\Pavel\Desktop\JRT.txt
2014-06-16 17:35 - 2014-06-16 17:34 - 01333465 _____ () C:\Users\Pavel\Downloads\adwcleaner_3.212.exe
2014-06-16 17:29 - 2014-06-16 17:29 - 00000000 ____D () C:\Windows\ERUNT
2014-06-16 17:29 - 2014-06-16 17:28 - 01016261 _____ (Thisisu) C:\Users\Pavel\Downloads\JRT.exe
2014-06-16 17:17 - 2014-06-16 17:17 - 00028380 _____ () C:\Users\Pavel\Desktop\info.txt
2014-06-16 17:10 - 2014-06-16 17:10 - 00000000 ____D () C:\rsit
2014-06-16 17:10 - 2014-06-16 17:10 - 00000000 ____D () C:\Program Files\trend micro
2014-06-16 17:09 - 2014-06-16 17:09 - 01222144 _____ () C:\Users\Pavel\Downloads\RSITx64.exe
2014-06-16 16:59 - 2012-03-26 20:17 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\vlc
2014-06-16 16:57 - 2012-03-24 21:20 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Skype
2014-06-16 15:21 - 2012-03-24 14:59 - 00000000 ____D () C:\Users\Pavel\Documents\Bluetooth Folder
2014-06-16 15:09 - 2014-06-16 15:09 - 00000295 _____ () C:\Users\Pavel\Desktop\post.php.txt
2014-06-16 14:44 - 2014-06-16 14:44 - 00046500 _____ () C:\Users\Pavel\Desktop\index.html
2014-06-16 13:33 - 2013-11-19 21:54 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-16 13:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-06-16 09:58 - 2014-06-16 09:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\YourFileDownloader
2014-06-16 08:37 - 2014-06-16 08:37 - 00000000 ____D () C:\Users\Pavel\AppData\Local\AVG
2014-06-16 08:36 - 2014-01-08 16:44 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-06-16 08:31 - 2014-06-16 08:31 - 00000000 ____D () C:\Users\Pavel\Documents\My Cheat Tables
2014-06-16 07:23 - 2012-03-25 13:24 - 00000000 ____D () C:\Users\Pavel\AppData\Local\CrashDumps
2014-06-15 17:42 - 2012-03-24 13:03 - 00003970 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{3B0C4F1C-819E-48F4-BEBA-5850EA6834C6}
2014-06-15 10:41 - 2012-05-06 10:05 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-06-15 10:41 - 2012-03-25 11:16 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-06-14 15:11 - 2014-02-11 21:30 - 00000000 ____D () C:\Users\Pavel\Documents\TrackMania
2014-06-14 15:06 - 2014-02-11 21:31 - 00000000 ____D () C:\ProgramData\TrackMania
2014-06-14 12:59 - 2012-12-08 18:40 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForPavel
2014-06-14 12:59 - 2012-12-08 18:40 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForPavel.job
2014-06-13 18:49 - 2014-06-16 11:03 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64.sys
2014-06-13 13:56 - 2012-06-28 20:03 - 00000000 ____D () C:\Users\Pavel\Documents\Youcam
2014-06-12 19:39 - 2011-09-29 12:10 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-06-12 19:24 - 2013-12-24 18:52 - 00000000 ____D () C:\Users\Pavel\Desktop\LATINO
2014-06-12 18:54 - 2013-09-12 16:43 - 00000000 ____D () C:\Users\Pavel\AppData\Local\Unity
2014-06-12 18:46 - 2011-05-10 01:48 - 00669116 _____ () C:\Windows\system32\perfh005.dat
2014-06-12 18:46 - 2011-05-10 01:48 - 00141744 _____ () C:\Windows\system32\perfc005.dat
2014-06-12 18:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-12 18:45 - 2012-03-25 21:36 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\SoftGrid Client
2014-06-12 18:43 - 2014-06-12 18:43 - 00000000 ____D () C:\Intel
2014-06-12 18:43 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-12 16:09 - 2012-03-28 10:43 - 00000000 ____D () C:\Users\Pavel\Desktop\Škola
2014-06-11 13:08 - 2013-07-23 01:34 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 13:05 - 2012-03-25 20:39 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 13:01 - 2014-04-30 07:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-11 12:03 - 2012-05-18 11:51 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-11 12:03 - 2012-05-18 11:51 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-11 12:03 - 2012-05-18 11:51 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-10 12:02 - 2009-07-14 07:13 - 01586130 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-08 20:07 - 2013-11-17 14:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-08 11:13 - 2014-06-11 09:15 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-11 09:15 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-05 10:45 - 2009-07-14 07:08 - 00032582 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-02 12:21 - 2014-06-02 12:21 - 00000813 _____ () C:\Users\Pavel\Desktop\µTorrent.lnk
2014-06-02 12:21 - 2014-06-02 12:21 - 00000793 _____ () C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-06-02 12:21 - 2012-03-31 21:09 - 00000000 ____D () C:\Program Files (x86)\uTorrent
2014-05-30 16:33 - 2012-03-24 13:03 - 00000000 ___RD () C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-30 16:29 - 2013-12-30 08:05 - 00000000 ____D () C:\ProgramData\cljaefdoffhbjedmpdclboacfhnjhkhl
2014-05-30 15:52 - 2013-03-03 12:55 - 00000000 ____D () C:\Users\Pavel\Desktop\FL
2014-05-30 12:21 - 2014-06-11 09:22 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:09 - 2013-10-02 11:10 - 00002171 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-30 12:09 - 2012-06-24 23:41 - 00001037 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-30 12:09 - 2012-06-24 23:41 - 00001037 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-30 12:02 - 2014-06-11 09:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-11 09:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-11 09:22 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-11 09:22 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-11 09:22 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-11 09:22 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-11 09:22 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-11 09:22 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-11 09:22 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-11 09:22 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-11 09:22 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-11 09:22 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-11 09:22 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-11 09:22 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-11 09:22 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-11 09:22 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-11 09:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-11 09:22 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-11 09:22 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-11 09:22 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-11 09:22 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-11 09:22 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-11 09:22 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-11 09:22 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-11 09:22 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-11 09:22 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-11 09:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-11 09:22 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-11 09:22 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-11 09:22 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-11 09:22 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-11 09:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-11 09:22 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-11 09:22 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-11 09:22 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-11 09:22 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-11 09:22 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-11 09:22 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-11 09:22 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-11 09:22 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-11 09:22 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-11 09:22 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-11 09:22 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-11 09:22 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-11 09:22 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-11 09:22 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-11 09:22 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-11 09:22 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-11 09:22 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-11 09:22 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-11 09:22 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-29 08:28 - 2013-11-12 00:44 - 00000000 ____D () C:\Program Files (x86)\Counter-Strike 1.6 Non-Steam
2014-05-28 14:37 - 2014-01-07 15:21 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\.minecraft
2014-05-28 13:51 - 2014-05-28 13:51 - 00000000 __SHD () C:\Users\Pavel\AppData\Local\EmieUserList
2014-05-28 13:51 - 2014-05-28 13:51 - 00000000 __SHD () C:\Users\Pavel\AppData\Local\EmieSiteList
2014-05-26 21:31 - 2012-03-28 10:48 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\BSplayer
2014-05-25 16:43 - 2014-05-25 16:43 - 00001138 _____ () C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Badoo Desktop.lnk
2014-05-25 16:43 - 2014-05-25 16:43 - 00000984 _____ () C:\Users\Pavel\Desktop\Badoo.Desktop.lnk
2014-05-25 16:43 - 2014-05-25 16:43 - 00000000 ____D () C:\ProgramData\Badoo
2014-05-23 07:11 - 2014-05-23 07:11 - 00044332 _____ () C:\Users\Pavel\Desktop\20140521_235610.jpeg
2014-05-21 09:26 - 2011-05-09 16:25 - 00000000 ____D () C:\ProgramData\Skype
2014-05-21 09:25 - 2012-03-24 21:20 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-17 22:05 - 2014-05-17 22:05 - 00000000 ____D () C:\Users\Pavel\Downloads\NAMAAS Mashups pack 2014
2014-05-17 13:30 - 2012-06-22 13:18 - 00000000 ____D () C:\Users\Pavel\AppData\Local\Microsoft Games
2014-05-17 13:24 - 2014-05-17 13:24 - 00002536 ____N () C:\Users\Public\Desktop\WildTangent Games App - hp.lnk

Some content of TEMP:
====================
C:\Users\Pavel\AppData\Local\Temp\12345.exe
C:\Users\Pavel\AppData\Local\Temp\20140210113301.998.exe
C:\Users\Pavel\AppData\Local\Temp\22148110isxdl.dll
C:\Users\Pavel\AppData\Local\Temp\22148110mcpx.dll
C:\Users\Pavel\AppData\Local\Temp\22148110ShellExt.dll
C:\Users\Pavel\AppData\Local\Temp\37156uninstall.exe
C:\Users\Pavel\AppData\Local\Temp\7za.exe
C:\Users\Pavel\AppData\Local\Temp\ApnStub.exe
C:\Users\Pavel\AppData\Local\Temp\app.exe
C:\Users\Pavel\AppData\Local\Temp\bassmod.dll
C:\Users\Pavel\AppData\Local\Temp\bdfilters.dll
C:\Users\Pavel\AppData\Local\Temp\bitool.dll
C:\Users\Pavel\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\Pavel\AppData\Local\Temp\cpt_setup.exe
C:\Users\Pavel\AppData\Local\Temp\down.4056.OptimizerProInstaller.exe
C:\Users\Pavel\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Pavel\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Pavel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbcoksu.dll
C:\Users\Pavel\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Pavel\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Pavel\AppData\Local\Temp\DTLite4461-0328.exe
C:\Users\Pavel\AppData\Local\Temp\Extract.exe
C:\Users\Pavel\AppData\Local\Temp\Facebook Hack Password Downloader__3687_i880716670_il400846.exe
C:\Users\Pavel\AppData\Local\Temp\FixMyRegistry.exe
C:\Users\Pavel\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\Pavel\AppData\Local\Temp\GLF6604.tmp.dll
C:\Users\Pavel\AppData\Local\Temp\hijackthis.exe
C:\Users\Pavel\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Pavel\AppData\Local\Temp\htmlayout.dll
C:\Users\Pavel\AppData\Local\Temp\ICReinstall_20140210113301.998.exe
C:\Users\Pavel\AppData\Local\Temp\InfoTrig.exe
C:\Users\Pavel\AppData\Local\Temp\instruct.exe
C:\Users\Pavel\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Pavel\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Pavel\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Pavel\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Pavel\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Pavel\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Pavel\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Pavel\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Pavel\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Pavel\AppData\Local\Temp\KMP_3.3.0.33.exe
C:\Users\Pavel\AppData\Local\Temp\libcurl-4.dll
C:\Users\Pavel\AppData\Local\Temp\listicka-partner-13415-1.1.2-offline.exe
C:\Users\Pavel\AppData\Local\Temp\lowproc.exe
C:\Users\Pavel\AppData\Local\Temp\NirCmd.exe
C:\Users\Pavel\AppData\Local\Temp\Nokia_PC_Suite_cze.exe
C:\Users\Pavel\AppData\Local\Temp\PEVZ.EXE
C:\Users\Pavel\AppData\Local\Temp\pthreadGC2.dll
C:\Users\Pavel\AppData\Local\Temp\Quarantine.exe
C:\Users\Pavel\AppData\Local\Temp\remove.exe
C:\Users\Pavel\AppData\Local\Temp\Resource.exe
C:\Users\Pavel\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Pavel\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Pavel\AppData\Local\Temp\sed.exe
C:\Users\Pavel\AppData\Local\Temp\Setup-a.exe
C:\Users\Pavel\AppData\Local\Temp\Setup2.exe
C:\Users\Pavel\AppData\Local\Temp\shortcut.exe
C:\Users\Pavel\AppData\Local\Temp\SHSetup.exe
C:\Users\Pavel\AppData\Local\Temp\SIntf16.dll
C:\Users\Pavel\AppData\Local\Temp\SIntf32.dll
C:\Users\Pavel\AppData\Local\Temp\SIntfNT.dll
C:\Users\Pavel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Pavel\AppData\Local\Temp\SP52264.exe
C:\Users\Pavel\AppData\Local\Temp\SP52615.exe
C:\Users\Pavel\AppData\Local\Temp\SP53998.exe
C:\Users\Pavel\AppData\Local\Temp\sp54620.exe
C:\Users\Pavel\AppData\Local\Temp\SP54702.exe
C:\Users\Pavel\AppData\Local\Temp\SP54976.exe
C:\Users\Pavel\AppData\Local\Temp\SP54982.exe
C:\Users\Pavel\AppData\Local\Temp\SP55152.exe
C:\Users\Pavel\AppData\Local\Temp\SP56929.exe
C:\Users\Pavel\AppData\Local\Temp\sp58915.exe
C:\Users\Pavel\AppData\Local\Temp\SP60723.exe
C:\Users\Pavel\AppData\Local\Temp\sp64126.exe
C:\Users\Pavel\AppData\Local\Temp\SP64612.exe
C:\Users\Pavel\AppData\Local\Temp\SpeedUpMyComputer.exe
C:\Users\Pavel\AppData\Local\Temp\Sqlite3.dll
C:\Users\Pavel\AppData\Local\Temp\SRLDetectionLibrary4177475099948295610.dll
C:\Users\Pavel\AppData\Local\Temp\stubhelper.dll
C:\Users\Pavel\AppData\Local\Temp\swreg.exe
C:\Users\Pavel\AppData\Local\Temp\swxcacls.exe
C:\Users\Pavel\AppData\Local\Temp\toolbar10448158.exe
C:\Users\Pavel\AppData\Local\Temp\trolatuntSetup.exe
C:\Users\Pavel\AppData\Local\Temp\Tsu87758055.dll
C:\Users\Pavel\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Pavel\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Pavel\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Pavel\AppData\Local\Temp\utt24DA.tmp.exe
C:\Users\Pavel\AppData\Local\Temp\utt3494.tmp.exe
C:\Users\Pavel\AppData\Local\Temp\utt79A9.tmp.exe
C:\Users\Pavel\AppData\Local\Temp\vlc-2.0.2-win32.exe
C:\Users\Pavel\AppData\Local\Temp\wget.exe
C:\Users\Pavel\AppData\Local\Temp\xuninst.exe
C:\Users\Pavel\AppData\Local\Temp\zlib1.dll
C:\Users\Pavel\AppData\Local\Temp\zoek-delete.exe
C:\Users\Pavel\AppData\Local\Temp\_zfo7o5z.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-06 00:44

==================== End Of Log ============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
  HKLM-x32\...\Run: [seznam-listicka-distribuce] => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
  HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-05-27] (Hewlett-Packard)
  Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
  HKU\S-1-5-21-1140734701-3671491540-154073284-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
  HKU\S-1-5-21-1140734701-3671491540-154073284-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Pavel\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
  HKU\S-1-5-21-1140734701-3671491540-154073284-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Pavel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
  HKU\S-1-5-21-1140734701-3671491540-154073284-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
  HKU\S-1-5-21-1140734701-3671491540-154073284-1000\...\Run: [uTorrent] => C:\Users\Pavel\AppData\Roaming\uTorrent\uTorrent.exe [1272400 2014-06-02] (BitTorrent Inc.)
  HKU\S-1-5-21-1140734701-3671491540-154073284-1000\...\Run: [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA] => 1
  HKU\S-1-5-21-1140734701-3671491540-154073284-1000\...\Run: [svchost] => regsvr32 /s "C:\Temp:01C80A93.dat"
  GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
  
  SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKLM-x32 - DefaultScope value is missing.
  BHO: DigiiiCOupoin - {58910647-E339-AC70-A8E1-CCF49FDC7962} - C:\ProgramData\DigiiiCOupoin\p.x64.dll No File
  BHO: No Name - {7BA70368-C7FC-F19D-DCCF-8B2054B1BBA4} - No File
  BHO-x32: No Name - {7BA70368-C7FC-F19D-DCCF-8B2054B1BBA4} - No File
  Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
  Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
  
  FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
  FF HKLM-x32\...\Firefox\Extensions: [fbphotozoom@installdaddy.com] - C:\Program Files (x86)\fbphotozoom\fbphotozoom15.xpi
  FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
  
  CHR Extension: (RandomPrice) - C:\ProgramData\cljaefdoffhbjedmpdclboacfhnjhkhl [2013-12-30]
  CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
  CHR HKLM-x32\...\Chrome\Extension: [mpieaakhacmfleokhjcjnpcnmnmpfkid] - C:\Program Files (x86)\fbphotozoom\fbphotozoom15.crx [2013-05-14]
  CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
  
  S3 RL_MIXAGE_IE_MIDI; system32\drivers\rlmxgiem.sys [X]
  S3 RL_MIXAGE_IE_USB; System32\Drivers\rlmxgieu.sys [X]
  S3 RL_MIXAGE_IE_WDM; system32\drivers\rlmxgiea.sys [X]
  
  2014-06-16 18:15 - 2014-06-16 18:50 - 00000002 _____ () C:\runcheck.txt
  2014-06-16 18:15 - 2014-06-16 18:15 - 00000000 ____D () C:\zoek_backup
  2014-06-16 17:51 - 2014-06-16 17:51 - 00007888 _____ () C:\Users\Pavel\Desktop\AdwCleaner[S0].txt
  2014-06-16 17:48 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
  2014-06-16 17:47 - 2014-06-16 17:48 - 00000000 ____D () C:\AdwCleaner
  2014-06-16 17:44 - 2014-06-16 17:44 - 00014790 _____ () C:\Users\Pavel\Desktop\JRTa.txt
  2014-06-16 17:42 - 2014-06-16 17:42 - 00014790 _____ () C:\Users\Pavel\Desktop\JRT.txt
  2014-06-16 17:34 - 2014-06-16 17:35 - 01333465 _____ () C:\Users\Pavel\Downloads\adwcleaner_3.212.exe
  2014-06-16 17:29 - 2014-06-16 17:29 - 00000000 ____D () C:\Windows\ERUNT
  2014-06-16 17:28 - 2014-06-16 17:29 - 01016261 _____ (Thisisu) C:\Users\Pavel\Downloads\JRT.exe
  2014-06-16 17:17 - 2014-06-16 17:17 - 00028380 _____ () C:\Users\Pavel\Desktop\info.txt
  2014-06-16 17:10 - 2014-06-16 17:10 - 00000000 ____D () C:\rsit
  2014-06-16 17:10 - 2014-06-16 17:10 - 00000000 ____D () C:\Program Files\trend micro
  2014-06-16 17:09 - 2014-06-16 17:09 - 01222144 _____ () C:\Users\Pavel\Downloads\RSITx64.exe
  2014-06-16 08:37 - 2014-06-16 08:37 - 00000000 ____D () C:\Users\Pavel\AppData\Local\AVG
  2014-05-30 16:29 - 2013-12-30 08:05 - 00000000 ____D () C:\ProgramData\cljaefdoffhbjedmpdclboacfhnjhkhl
  C:\Users\Pavel\AppData\Local\Temp\12345.exe
  C:\Users\Pavel\AppData\Local\Temp\20140210113301.998.exe
  C:\Users\Pavel\AppData\Local\Temp\22148110isxdl.dll
  C:\Users\Pavel\AppData\Local\Temp\22148110mcpx.dll
  C:\Users\Pavel\AppData\Local\Temp\22148110ShellExt.dll
  C:\Users\Pavel\AppData\Local\Temp\37156uninstall.exe
  C:\Users\Pavel\AppData\Local\Temp\7za.exe
  C:\Users\Pavel\AppData\Local\Temp\ApnStub.exe
  C:\Users\Pavel\AppData\Local\Temp\app.exe
  C:\Users\Pavel\AppData\Local\Temp\bassmod.dll
  C:\Users\Pavel\AppData\Local\Temp\bdfilters.dll
  C:\Users\Pavel\AppData\Local\Temp\bitool.dll
  C:\Users\Pavel\AppData\Local\Temp\CmdLineExt02.dll
  C:\Users\Pavel\AppData\Local\Temp\cpt_setup.exe
  C:\Users\Pavel\AppData\Local\Temp\down.4056.OptimizerProInstaller.exe
  C:\Users\Pavel\AppData\Local\Temp\drm_dialogs.dll
  C:\Users\Pavel\AppData\Local\Temp\drm_dyndata_7380014.dll
  C:\Users\Pavel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbcoksu.dll
  C:\Users\Pavel\AppData\Local\Temp\DseShExt-x64.dll
  C:\Users\Pavel\AppData\Local\Temp\DseShExt-x86.dll
  C:\Users\Pavel\AppData\Local\Temp\DTLite4461-0328.exe
  C:\Users\Pavel\AppData\Local\Temp\Extract.exe
  C:\Users\Pavel\AppData\Local\Temp\Facebook Hack Password Downloader__3687_i880716670_il400846.exe
  C:\Users\Pavel\AppData\Local\Temp\FixMyRegistry.exe
  C:\Users\Pavel\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
  C:\Users\Pavel\AppData\Local\Temp\GLF6604.tmp.dll
  C:\Users\Pavel\AppData\Local\Temp\hijackthis.exe
  C:\Users\Pavel\AppData\Local\Temp\HPHelpUpdater.exe
  C:\Users\Pavel\AppData\Local\Temp\htmlayout.dll
  C:\Users\Pavel\AppData\Local\Temp\ICReinstall_20140210113301.998.exe
  C:\Users\Pavel\AppData\Local\Temp\InfoTrig.exe
  C:\Users\Pavel\AppData\Local\Temp\instruct.exe
  C:\Users\Pavel\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
  C:\Users\Pavel\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
  C:\Users\Pavel\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
  C:\Users\Pavel\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
  C:\Users\Pavel\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
  C:\Users\Pavel\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
  C:\Users\Pavel\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
  C:\Users\Pavel\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
  C:\Users\Pavel\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
  C:\Users\Pavel\AppData\Local\Temp\KMP_3.3.0.33.exe
  C:\Users\Pavel\AppData\Local\Temp\libcurl-4.dll
  C:\Users\Pavel\AppData\Local\Temp\listicka-partner-13415-1.1.2-offline.exe
  C:\Users\Pavel\AppData\Local\Temp\lowproc.exe
  C:\Users\Pavel\AppData\Local\Temp\NirCmd.exe
  C:\Users\Pavel\AppData\Local\Temp\Nokia_PC_Suite_cze.exe
  C:\Users\Pavel\AppData\Local\Temp\PEVZ.EXE
  C:\Users\Pavel\AppData\Local\Temp\pthreadGC2.dll
  C:\Users\Pavel\AppData\Local\Temp\Quarantine.exe
  C:\Users\Pavel\AppData\Local\Temp\remove.exe
  C:\Users\Pavel\AppData\Local\Temp\Resource.exe
  C:\Users\Pavel\AppData\Local\Temp\SDShelEx-win32.dll
  C:\Users\Pavel\AppData\Local\Temp\SDShelEx-x64.dll
  C:\Users\Pavel\AppData\Local\Temp\sed.exe
  C:\Users\Pavel\AppData\Local\Temp\Setup-a.exe
  C:\Users\Pavel\AppData\Local\Temp\Setup2.exe
  C:\Users\Pavel\AppData\Local\Temp\shortcut.exe
  C:\Users\Pavel\AppData\Local\Temp\SHSetup.exe
  C:\Users\Pavel\AppData\Local\Temp\SIntf16.dll
  C:\Users\Pavel\AppData\Local\Temp\SIntf32.dll
  C:\Users\Pavel\AppData\Local\Temp\SIntfNT.dll
  C:\Users\Pavel\AppData\Local\Temp\SkypeSetup.exe
  C:\Users\Pavel\AppData\Local\Temp\SP52264.exe
  C:\Users\Pavel\AppData\Local\Temp\SP52615.exe
  C:\Users\Pavel\AppData\Local\Temp\SP53998.exe
  C:\Users\Pavel\AppData\Local\Temp\sp54620.exe
  C:\Users\Pavel\AppData\Local\Temp\SP54702.exe
  C:\Users\Pavel\AppData\Local\Temp\SP54976.exe
  C:\Users\Pavel\AppData\Local\Temp\SP54982.exe
  C:\Users\Pavel\AppData\Local\Temp\SP55152.exe
  C:\Users\Pavel\AppData\Local\Temp\SP56929.exe
  C:\Users\Pavel\AppData\Local\Temp\sp58915.exe
  C:\Users\Pavel\AppData\Local\Temp\SP60723.exe
  C:\Users\Pavel\AppData\Local\Temp\sp64126.exe
  C:\Users\Pavel\AppData\Local\Temp\SP64612.exe
  C:\Users\Pavel\AppData\Local\Temp\SpeedUpMyComputer.exe
  C:\Users\Pavel\AppData\Local\Temp\Sqlite3.dll
  C:\Users\Pavel\AppData\Local\Temp\SRLDetectionLibrary4177475099948295610.dll
  C:\Users\Pavel\AppData\Local\Temp\stubhelper.dll
  C:\Users\Pavel\AppData\Local\Temp\swreg.exe
  C:\Users\Pavel\AppData\Local\Temp\swxcacls.exe
  C:\Users\Pavel\AppData\Local\Temp\toolbar10448158.exe
  C:\Users\Pavel\AppData\Local\Temp\trolatuntSetup.exe
  C:\Users\Pavel\AppData\Local\Temp\Tsu87758055.dll
  C:\Users\Pavel\AppData\Local\Temp\UninstallHPSA.exe
  C:\Users\Pavel\AppData\Local\Temp\UninstallHPTCA.exe
  C:\Users\Pavel\AppData\Local\Temp\UpdateCheckerSetup.exe
  C:\Users\Pavel\AppData\Local\Temp\utt24DA.tmp.exe
  C:\Users\Pavel\AppData\Local\Temp\utt3494.tmp.exe
  C:\Users\Pavel\AppData\Local\Temp\utt79A9.tmp.exe
  C:\Users\Pavel\AppData\Local\Temp\vlc-2.0.2-win32.exe
  C:\Users\Pavel\AppData\Local\Temp\wget.exe
  C:\Users\Pavel\AppData\Local\Temp\xuninst.exe
  C:\Users\Pavel\AppData\Local\Temp\zlib1.dll
  C:\Users\Pavel\AppData\Local\Temp\zoek-delete.exe
  C:\Users\Pavel\AppData\Local\Temp\_zfo7o5z.dll
  
  AlternateDataStreams: C:\Temp:01C80A93.dat
  
  Hosts:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-06-2014
Ran by Pavel at 2014-06-16 19:46:51 Run:1
Running from C:\Users\Pavel\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-05-27] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1140734701-3671491540-154073284-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-1140734701-3671491540-154073284-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Pavel\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1140734701-3671491540-154073284-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Pavel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-1140734701-3671491540-154073284-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-1140734701-3671491540-154073284-1000\...\Run: [uTorrent] => C:\Users\Pavel\AppData\Roaming\uTorrent\uTorrent.exe [1272400 2014-06-02] (BitTorrent Inc.)
HKU\S-1-5-21-1140734701-3671491540-154073284-1000\...\Run: [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA] => 1
HKU\S-1-5-21-1140734701-3671491540-154073284-1000\...\Run: [svchost] => regsvr32 /s "C:\Temp:01C80A93.dat"
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: DigiiiCOupoin - {58910647-E339-AC70-A8E1-CCF49FDC7962} - C:\ProgramData\DigiiiCOupoin\p.x64.dll No File
BHO: No Name - {7BA70368-C7FC-F19D-DCCF-8B2054B1BBA4} - No File
BHO-x32: No Name - {7BA70368-C7FC-F19D-DCCF-8B2054B1BBA4} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [fbphotozoom@installdaddy.com] - C:\Program Files (x86)\fbphotozoom\fbphotozoom15.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

CHR Extension: (RandomPrice) - C:\ProgramData\cljaefdoffhbjedmpdclboacfhnjhkhl [2013-12-30]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM-x32\...\Chrome\Extension: [mpieaakhacmfleokhjcjnpcnmnmpfkid] - C:\Program Files (x86)\fbphotozoom\fbphotozoom15.crx [2013-05-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

S3 RL_MIXAGE_IE_MIDI; system32\drivers\rlmxgiem.sys [X]
S3 RL_MIXAGE_IE_USB; System32\Drivers\rlmxgieu.sys [X]
S3 RL_MIXAGE_IE_WDM; system32\drivers\rlmxgiea.sys [X]

2014-06-16 18:15 - 2014-06-16 18:50 - 00000002 _____ () C:\runcheck.txt
2014-06-16 18:15 - 2014-06-16 18:15 - 00000000 ____D () C:\zoek_backup
2014-06-16 17:51 - 2014-06-16 17:51 - 00007888 _____ () C:\Users\Pavel\Desktop\AdwCleaner[S0].txt
2014-06-16 17:48 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-16 17:47 - 2014-06-16 17:48 - 00000000 ____D () C:\AdwCleaner
2014-06-16 17:44 - 2014-06-16 17:44 - 00014790 _____ () C:\Users\Pavel\Desktop\JRTa.txt
2014-06-16 17:42 - 2014-06-16 17:42 - 00014790 _____ () C:\Users\Pavel\Desktop\JRT.txt
2014-06-16 17:34 - 2014-06-16 17:35 - 01333465 _____ () C:\Users\Pavel\Downloads\adwcleaner_3.212.exe
2014-06-16 17:29 - 2014-06-16 17:29 - 00000000 ____D () C:\Windows\ERUNT
2014-06-16 17:28 - 2014-06-16 17:29 - 01016261 _____ (Thisisu) C:\Users\Pavel\Downloads\JRT.exe
2014-06-16 17:17 - 2014-06-16 17:17 - 00028380 _____ () C:\Users\Pavel\Desktop\info.txt
2014-06-16 17:10 - 2014-06-16 17:10 - 00000000 ____D () C:\rsit
2014-06-16 17:10 - 2014-06-16 17:10 - 00000000 ____D () C:\Program Files\trend micro
2014-06-16 17:09 - 2014-06-16 17:09 - 01222144 _____ () C:\Users\Pavel\Downloads\RSITx64.exe
2014-06-16 08:37 - 2014-06-16 08:37 - 00000000 ____D () C:\Users\Pavel\AppData\Local\AVG
2014-05-30 16:29 - 2013-12-30 08:05 - 00000000 ____D () C:\ProgramData\cljaefdoffhbjedmpdclboacfhnjhkhl
C:\Users\Pavel\AppData\Local\Temp\12345.exe
C:\Users\Pavel\AppData\Local\Temp\20140210113301.998.exe
C:\Users\Pavel\AppData\Local\Temp\22148110isxdl.dll
C:\Users\Pavel\AppData\Local\Temp\22148110mcpx.dll
C:\Users\Pavel\AppData\Local\Temp\22148110ShellExt.dll
C:\Users\Pavel\AppData\Local\Temp\37156uninstall.exe
C:\Users\Pavel\AppData\Local\Temp\7za.exe
C:\Users\Pavel\AppData\Local\Temp\ApnStub.exe
C:\Users\Pavel\AppData\Local\Temp\app.exe
C:\Users\Pavel\AppData\Local\Temp\bassmod.dll
C:\Users\Pavel\AppData\Local\Temp\bdfilters.dll
C:\Users\Pavel\AppData\Local\Temp\bitool.dll
C:\Users\Pavel\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\Pavel\AppData\Local\Temp\cpt_setup.exe
C:\Users\Pavel\AppData\Local\Temp\down.4056.OptimizerProInstaller.exe
C:\Users\Pavel\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Pavel\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Pavel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbcoksu.dll
C:\Users\Pavel\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Pavel\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Pavel\AppData\Local\Temp\DTLite4461-0328.exe
C:\Users\Pavel\AppData\Local\Temp\Extract.exe
C:\Users\Pavel\AppData\Local\Temp\Facebook Hack Password Downloader__3687_i880716670_il400846.exe
C:\Users\Pavel\AppData\Local\Temp\FixMyRegistry.exe
C:\Users\Pavel\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\Pavel\AppData\Local\Temp\GLF6604.tmp.dll
C:\Users\Pavel\AppData\Local\Temp\hijackthis.exe
C:\Users\Pavel\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Pavel\AppData\Local\Temp\htmlayout.dll
C:\Users\Pavel\AppData\Local\Temp\ICReinstall_20140210113301.998.exe
C:\Users\Pavel\AppData\Local\Temp\InfoTrig.exe
C:\Users\Pavel\AppData\Local\Temp\instruct.exe
C:\Users\Pavel\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Pavel\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Pavel\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Pavel\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Pavel\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Pavel\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Pavel\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Pavel\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Pavel\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Pavel\AppData\Local\Temp\KMP_3.3.0.33.exe
C:\Users\Pavel\AppData\Local\Temp\libcurl-4.dll
C:\Users\Pavel\AppData\Local\Temp\listicka-partner-13415-1.1.2-offline.exe
C:\Users\Pavel\AppData\Local\Temp\lowproc.exe
C:\Users\Pavel\AppData\Local\Temp\NirCmd.exe
C:\Users\Pavel\AppData\Local\Temp\Nokia_PC_Suite_cze.exe
C:\Users\Pavel\AppData\Local\Temp\PEVZ.EXE
C:\Users\Pavel\AppData\Local\Temp\pthreadGC2.dll
C:\Users\Pavel\AppData\Local\Temp\Quarantine.exe
C:\Users\Pavel\AppData\Local\Temp\remove.exe
C:\Users\Pavel\AppData\Local\Temp\Resource.exe
C:\Users\Pavel\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Pavel\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Pavel\AppData\Local\Temp\sed.exe
C:\Users\Pavel\AppData\Local\Temp\Setup-a.exe
C:\Users\Pavel\AppData\Local\Temp\Setup2.exe
C:\Users\Pavel\AppData\Local\Temp\shortcut.exe
C:\Users\Pavel\AppData\Local\Temp\SHSetup.exe
C:\Users\Pavel\AppData\Local\Temp\SIntf16.dll
C:\Users\Pavel\AppData\Local\Temp\SIntf32.dll
C:\Users\Pavel\AppData\Local\Temp\SIntfNT.dll
C:\Users\Pavel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Pavel\AppData\Local\Temp\SP52264.exe
C:\Users\Pavel\AppData\Local\Temp\SP52615.exe
C:\Users\Pavel\AppData\Local\Temp\SP53998.exe
C:\Users\Pavel\AppData\Local\Temp\sp54620.exe
C:\Users\Pavel\AppData\Local\Temp\SP54702.exe
C:\Users\Pavel\AppData\Local\Temp\SP54976.exe
C:\Users\Pavel\AppData\Local\Temp\SP54982.exe
C:\Users\Pavel\AppData\Local\Temp\SP55152.exe
C:\Users\Pavel\AppData\Local\Temp\SP56929.exe
C:\Users\Pavel\AppData\Local\Temp\sp58915.exe
C:\Users\Pavel\AppData\Local\Temp\SP60723.exe
C:\Users\Pavel\AppData\Local\Temp\sp64126.exe
C:\Users\Pavel\AppData\Local\Temp\SP64612.exe
C:\Users\Pavel\AppData\Local\Temp\SpeedUpMyComputer.exe
C:\Users\Pavel\AppData\Local\Temp\Sqlite3.dll
C:\Users\Pavel\AppData\Local\Temp\SRLDetectionLibrary4177475099948295610.dll
C:\Users\Pavel\AppData\Local\Temp\stubhelper.dll
C:\Users\Pavel\AppData\Local\Temp\swreg.exe
C:\Users\Pavel\AppData\Local\Temp\swxcacls.exe
C:\Users\Pavel\AppData\Local\Temp\toolbar10448158.exe
C:\Users\Pavel\AppData\Local\Temp\trolatuntSetup.exe
C:\Users\Pavel\AppData\Local\Temp\Tsu87758055.dll
C:\Users\Pavel\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Pavel\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Pavel\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Pavel\AppData\Local\Temp\utt24DA.tmp.exe
C:\Users\Pavel\AppData\Local\Temp\utt3494.tmp.exe
C:\Users\Pavel\AppData\Local\Temp\utt79A9.tmp.exe
C:\Users\Pavel\AppData\Local\Temp\vlc-2.0.2-win32.exe
C:\Users\Pavel\AppData\Local\Temp\wget.exe
C:\Users\Pavel\AppData\Local\Temp\xuninst.exe
C:\Users\Pavel\AppData\Local\Temp\zlib1.dll
C:\Users\Pavel\AppData\Local\Temp\zoek-delete.exe
C:\Users\Pavel\AppData\Local\Temp\_zfo7o5z.dll

AlternateDataStreams: C:\Temp:01C80A93.dat

Hosts:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\NCPluginUpdater => value deleted successfully.
'HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui' => Key deleted successfully.
HKU\S-1-5-21-1140734701-3671491540-154073284-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-1140734701-3671491540-154073284-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value deleted successfully.
HKU\S-1-5-21-1140734701-3671491540-154073284-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value deleted successfully.
HKU\S-1-5-21-1140734701-3671491540-154073284-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value deleted successfully.
HKU\S-1-5-21-1140734701-3671491540-154073284-1000\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value deleted successfully.
HKU\S-1-5-21-1140734701-3671491540-154073284-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA => value deleted successfully.
HKU\S-1-5-21-1140734701-3671491540-154073284-1000\Software\Microsoft\Windows\CurrentVersion\Run\\svchost => value deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58910647-E339-AC70-A8E1-CCF49FDC7962}' => Key deleted successfully.
'HKCR\CLSID\{58910647-E339-AC70-A8E1-CCF49FDC7962}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7BA70368-C7FC-F19D-DCCF-8B2054B1BBA4}' => Key deleted successfully.
'HKCR\CLSID\{7BA70368-C7FC-F19D-DCCF-8B2054B1BBA4}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7BA70368-C7FC-F19D-DCCF-8B2054B1BBA4}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{7BA70368-C7FC-F19D-DCCF-8B2054B1BBA4}'=> Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
'HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}'=> Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
'HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}'=> Key not found.
HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\fbphotozoom@installdaddy.com => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value deleted successfully.
C:\ProgramData\cljaefdoffhbjedmpdclboacfhnjhkhl => Moved successfully.
'HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl' => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx => Moved successfully.
'HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid' => Key deleted successfully.
"C:\Program Files (x86)\fbphotozoom\fbphotozoom15.crx" => File/Directory not found.
'HKLM\SOFTWARE\Policies\Google' => Key deleted successfully.
RL_MIXAGE_IE_MIDI => Service deleted successfully.
RL_MIXAGE_IE_USB => Service deleted successfully.
RL_MIXAGE_IE_WDM => Service deleted successfully.
"C:\runcheck.txt" => File/Directory not found.
C:\zoek_backup => Moved successfully.
C:\Users\Pavel\Desktop\AdwCleaner[S0].txt => Moved successfully.
C:\Windows\SysWOW64\sqlite3.dll => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Pavel\Desktop\JRTa.txt => Moved successfully.
C:\Users\Pavel\Desktop\JRT.txt => Moved successfully.
C:\Users\Pavel\Downloads\adwcleaner_3.212.exe => Moved successfully.
C:\Windows\ERUNT => Moved successfully.
C:\Users\Pavel\Downloads\JRT.exe => Moved successfully.
C:\Users\Pavel\Desktop\info.txt => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\Pavel\Downloads\RSITx64.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\AVG => Moved successfully.
"C:\ProgramData\cljaefdoffhbjedmpdclboacfhnjhkhl" => File/Directory not found.
C:\Users\Pavel\AppData\Local\Temp\12345.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\20140210113301.998.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\22148110isxdl.dll => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\22148110mcpx.dll => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\22148110ShellExt.dll => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\37156uninstall.exe => Moved successfully.
"C:\Users\Pavel\AppData\Local\Temp\7za.exe" => File/Directory not found.
C:\Users\Pavel\AppData\Local\Temp\ApnStub.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\app.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\bassmod.dll => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\bdfilters.dll => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\bitool.dll => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\CmdLineExt02.dll => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\cpt_setup.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\down.4056.OptimizerProInstaller.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\drm_dialogs.dll => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\drm_dyndata_7380014.dll => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbcoksu.dll => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\DseShExt-x64.dll => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\DseShExt-x86.dll => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\DTLite4461-0328.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\Extract.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\Facebook Hack Password Downloader__3687_i880716670_il400846.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\FixMyRegistry.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\GLF6604.tmp.dll => Moved successfully.
"C:\Users\Pavel\AppData\Local\Temp\hijackthis.exe" => File/Directory not found.
C:\Users\Pavel\AppData\Local\Temp\HPHelpUpdater.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\htmlayout.dll => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\ICReinstall_20140210113301.998.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\InfoTrig.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\instruct.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\KMP_3.3.0.33.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\libcurl-4.dll => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\listicka-partner-13415-1.1.2-offline.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\lowproc.exe => Moved successfully.
"C:\Users\Pavel\AppData\Local\Temp\NirCmd.exe" => File/Directory not found.
C:\Users\Pavel\AppData\Local\Temp\Nokia_PC_Suite_cze.exe => Moved successfully.
"C:\Users\Pavel\AppData\Local\Temp\PEVZ.EXE" => File/Directory not found.
C:\Users\Pavel\AppData\Local\Temp\pthreadGC2.dll => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\Quarantine.exe => Moved successfully.
"C:\Users\Pavel\AppData\Local\Temp\remove.exe" => File/Directory not found.
C:\Users\Pavel\AppData\Local\Temp\Resource.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\SDShelEx-win32.dll => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\SDShelEx-x64.dll => Moved successfully.
"C:\Users\Pavel\AppData\Local\Temp\sed.exe" => File/Directory not found.
C:\Users\Pavel\AppData\Local\Temp\Setup-a.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\Setup2.exe => Moved successfully.
"C:\Users\Pavel\AppData\Local\Temp\shortcut.exe" => File/Directory not found.
C:\Users\Pavel\AppData\Local\Temp\SHSetup.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\SIntf16.dll => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\SIntf32.dll => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\SIntfNT.dll => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\SkypeSetup.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\SP52264.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\SP52615.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\SP53998.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\sp54620.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\SP54702.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\SP54976.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\SP54982.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\SP55152.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\SP56929.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\sp58915.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\SP60723.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\sp64126.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\SP64612.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\SpeedUpMyComputer.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\Sqlite3.dll => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\SRLDetectionLibrary4177475099948295610.dll => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\stubhelper.dll => Moved successfully.
"C:\Users\Pavel\AppData\Local\Temp\swreg.exe" => File/Directory not found.
"C:\Users\Pavel\AppData\Local\Temp\swxcacls.exe" => File/Directory not found.
C:\Users\Pavel\AppData\Local\Temp\toolbar10448158.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\trolatuntSetup.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\Tsu87758055.dll => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\UninstallHPSA.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\UninstallHPTCA.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\UpdateCheckerSetup.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\utt24DA.tmp.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\utt3494.tmp.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\utt79A9.tmp.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\vlc-2.0.2-win32.exe => Moved successfully.
"C:\Users\Pavel\AppData\Local\Temp\wget.exe" => File/Directory not found.
C:\Users\Pavel\AppData\Local\Temp\xuninst.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\Temp\zlib1.dll => Moved successfully.
"C:\Users\Pavel\AppData\Local\Temp\zoek-delete.exe" => File/Directory not found.
C:\Users\Pavel\AppData\Local\Temp\_zfo7o5z.dll => Moved successfully.
C:\Temp => ":01C80A93.dat" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.


The system needed a reboot.

==== End of Fixlog ====

Jak se chova PC

Jede jako za mlada, díky moc.

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse