Kontrola logu 1.7

Zpráva

krystof37 · #1 Příspěvek od **krystof37** » 01 črc 2014 10:16

Dobrý den, poprosil bych o preventivní kontrolu logu.

Děkuji

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-06-2014
Ran by Kryštof (administrator) on DV9 on 01-07-2014 10:59:38
Running from C:\Users\Kryštof\Desktop
Platform: Windows 8 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\3dsMAX\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVG) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Users\Kryštof\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
() C:\Users\Kryštof\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
() C:\Program Files (x86)\Opera\22.0.1471.70\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe
(forum.viry.cz) C:\Users\Kryštof\Desktop\FRSTLauncher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [656896 2012-09-20] (Synaptics)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-09-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-09-14] (Realtek Semiconductor)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-08-10] (Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2012-12-21] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2012-12-21] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-06] (Autodesk, Inc.)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-16] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-07-26] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1627032 2014-02-05] (Autodesk, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Kryštof\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Kryštof\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Kryštof\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Policies\Explorer: []
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Policies\Explorer: [HideSCAHealth] 0
AppInit_DLLs: c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs: C:\PROGRA~3\ASSIST~1\ASSIST~2.DLL => C:\ProgramData\Assistant\Assistant_x64.dll [4319744 2014-04-03] ()
AppInit_DLLs: ,C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\progra~3\assist~1\assist~1.dll => "c:\progra~3\assist~1\assist~1.dll" File Not Found
AppInit_DLLs-x32: ,C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_k ... 3&tsp=5290
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.google.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {5BB9523B-5BA1-4E0E-9DB2-F016609D3FA4} URL = http://www.buenosearch.com/?babsrc=SP_k ... rms}&r=595
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTe ... l&tsp=5290
SearchScopes: HKCU - {0EDD5A1A-21C0-4C0A-A96B-8524A192D7F4} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKCU - {4C44EDDA-95E7-48BB-94D4-A9BF568BC334} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKCU - {50F90C0E-F9F5-4EF6-8746-654E1A023091} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKCU - {5BB9523B-5BA1-4E0E-9DB2-F016609D3FA4} URL = http://www.buenosearch.com/?babsrc=SP_k ... rms}&r=595
SearchScopes: HKCU - {7D552393-2E41-4D47-8E21-82D6EA465697} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
SearchScopes: HKCU - {8EA35406-84C7-4852-ABAA-17A84927B07A} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {BE150135-7E7B-46F1-A003-D4C9120F1767} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {CA50F9B2-A2D7-419C-8CD9-3F68DB16B83F} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKCU - {D7B8CC6F-B8BD-4156-BC21-0FCDFAA02617} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
BHO: Torntv V9.0 - {11111111-1111-1111-1111-110511131190} - C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho64.dll (installdaddy)
BHO: HD-V1.4 - {11111111-1111-1111-1111-110511831162} - C:\Program Files (x86)\HD-V1.4\HD-V1.4-bho64.dll (HD-V1.4)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Torntv V9.0 - {11111111-1111-1111-1111-110511131190} - C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho.dll (installdaddy)
BHO-x32: HD-V1.4 - {11111111-1111-1111-1111-110511831162} - C:\Program Files (x86)\HD-V1.4\HD-V1.4-bho.dll (HD-V1.4)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.6.1

FireFox:
========
FF ProfilePath: C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: hxxp://isearch.avg.com?pid=avg&sg=&cid=%7Bc58c6e00-fc21-4588-b9a9-1cc9641b8afe%7D&mid=5121e368cc2d4d5c8a5e43ad2ac00db2-524e73b24fbf7a92b2e93783d85fba7125e39ed9&ds=tt014&coid=avgtbdistt&cmpid=&v=18.1.7.644&lang=en&pr=sa&d=2014-04-18%2012%3A30%3A17&sap=hp
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @parallelgraphics.com/Cortona - C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll (ParallelGraphics)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default\user.js
FF SearchPlugin: C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default\searchplugins\buenosearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: HD-V1.4 - C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default\Extensions\508d4e2f-a469-421d-a294-135dbb84fe1b@f7b17943-cc9e-4d4a-b223-0bd1e7cfc871.com [2014-06-25]
FF Extension: Torntv V9.0 - C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com [2014-06-26]
FF Extension: EPUBReader - C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2014-06-28]
FF Extension: Adblock Plus - C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-14]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-05-10]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HomePage: hxxp://www.buenosearch.com/?babsrc=HP_kms&tt=n ... 3&tsp=5290
CHR StartupUrls: "hxxp://www.buenosearch.com/?babsrc=HP_kms&tt=n ... 3&tsp=5290"
CHR NewTab: "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSearchKeyword: buenosearch.com
CHR DefaultSearchProvider: Bueno Search
CHR DefaultSearchURL: http://www.buenosearch.com/?q={searchTe ... l&tsp=5290
CHR DefaultNewTabURL:
CHR Extension: (Dokumenty Google) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-27]
CHR Extension: (Disk Google) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-27]
CHR Extension: (HD-V1.4) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\beoldljceodklpdmkgelhbdllhhciinh [2014-06-29]
CHR Extension: (YouTube) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-27]
CHR Extension: (GeoGebra) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2014-02-27]
CHR Extension: (McAfee Security Scan+) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-05-18]
CHR Extension: (Photo Downloader for Instagram™) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckjednilicaopeimldnhnlhojcpgelfe [2014-02-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-27]
CHR Extension: (Peněženka Google) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-14]
CHR Extension: (Instagram Vyhledávání) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeofhjjmgagmjigkfgghbnjjeibokcik [2014-05-05]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-03-14]
CHR Extension: (Instagram for Chrome) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2014-02-27]
CHR Extension: (Gmail) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [gdnafjfahbdfphihncgadbegiaebehio] - C:\Program Files (x86)\SquirrelWeb\gdnafjfahbdfphihncgadbegiaebehio.crx [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-02-27]

==================== Services (Whitelisted) =================

R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2227992 2012-10-01] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [957816 2012-10-22] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2279608 2014-05-21] (Microsoft Corporation)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-26] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-26] (globalUpdate) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-08-16] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 mi-raysat_3dsmax2014_64; C:\3dsMAX\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [86016 2011-09-15] () [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2140984 2014-04-15] (TuneUp Software)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [169240 2012-10-01] (Broadcom Corporation.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-12-14] (Disc Soft Ltd)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-20] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8229264 2012-09-28] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-09-17] (Synaptics Incorporated)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-10] (Windows (R) Win 7 DDK provider)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-10] (Windows (R) Win 7 DDK provider)
R1 {2635ac50-5488-40bf-9bfd-accb158f8f3f}w64; C:\Windows\System32\drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys [61120 2014-06-23] (StdLib)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-07-01 11:03 - 2014-07-01 11:03 - 01222144 _____ () C:\Users\Kryštof\Downloads\RSITx64.exe
2014-07-01 10:59 - 2014-07-01 11:03 - 00032109 _____ () C:\Users\Kryštof\Desktop\FRST.txt
2014-07-01 10:53 - 2014-07-01 11:03 - 3567063038 _____ () C:\Users\Kryštof\Desktop\Desktop.rar
2014-07-01 10:53 - 2014-07-01 10:53 - 00112640 _____ (forum.viry.cz) C:\Users\Kryštof\Desktop\FRSTLauncher.exe
2014-07-01 10:51 - 2014-07-01 10:52 - 00000000 ____D () C:\Users\Kryštof\Desktop\Docs
2014-07-01 10:50 - 2014-07-01 10:50 - 02083328 _____ (Farbar) C:\Users\Kryštof\Desktop\FRST64.exe
2014-07-01 10:48 - 2014-07-01 10:48 - 00000000 ___SH () C:\DkHyperbootSync
2014-06-30 21:35 - 2014-06-30 21:44 - 157630209 _____ () C:\Users\Kryštof\Downloads\The-Big-Bang-Theory.S02E10.The-Vartabedian-Conundrum.mkv
2014-06-29 13:38 - 2014-06-29 22:30 - 00000000 ____D () C:\windows\SysWOW64\NV
2014-06-29 13:38 - 2014-06-29 22:30 - 00000000 ____D () C:\windows\system32\NV
2014-06-29 13:36 - 2014-06-29 13:36 - 00000000 ____D () C:\windows\LastGood
2014-06-29 13:34 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\windows\system32\nvcompiler.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 18531568 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcompiler.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 16003912 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2014-06-29 13:34 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvenc.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvenc.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6433788.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6433788.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 00492376 _____ (NVIDIA Corporation) C:\windows\system32\nvEncodeAPI64.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 00416712 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvEncodeAPI.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 00382240 _____ (NVIDIA Corporation) C:\windows\system32\NvIFROpenGL.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\windows\system32\nvoglshim64.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 00335704 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFROpenGL.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglshim32.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 00032544 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvpciflt.sys
2014-06-28 17:29 - 2014-06-28 17:29 - 00001104 _____ () C:\Users\Public\Desktop\EPUB File Reader.lnk
2014-06-28 17:29 - 2014-06-28 17:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPUB File Reader
2014-06-28 17:29 - 2014-06-28 17:29 - 00000000 ____D () C:\Program Files (x86)\EPUB File Reader
2014-06-28 17:25 - 2014-07-01 10:25 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\Software Informer
2014-06-28 17:25 - 2014-06-28 17:25 - 00000000 ____D () C:\ProgramData\Informer Technologies, Inc
2014-06-26 16:13 - 2014-06-23 18:47 - 00061120 _____ (StdLib) C:\windows\system32\Drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys
2014-06-26 15:26 - 2014-06-26 15:26 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\OpenCandy
2014-06-26 15:12 - 2014-07-01 10:23 - 00001426 _____ () C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-5.job
2014-06-26 15:12 - 2014-07-01 10:23 - 00001330 _____ () C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-2.job
2014-06-26 15:12 - 2014-06-26 15:22 - 00004430 _____ () C:\windows\System32\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-5
2014-06-26 15:12 - 2014-06-26 15:22 - 00001444 _____ () C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-5_user.job
2014-06-26 15:12 - 2014-06-26 15:21 - 00004334 _____ () C:\windows\System32\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-2
2014-06-26 15:12 - 2014-06-26 15:12 - 00000000 ____D () C:\ProgramData\DSearchLink
2014-06-26 15:11 - 2014-07-01 10:31 - 00001482 _____ () C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-7.job
2014-06-26 15:11 - 2014-07-01 10:23 - 00003812 _____ () C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-11.job
2014-06-26 15:11 - 2014-07-01 10:23 - 00002314 _____ () C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-4.job
2014-06-26 15:11 - 2014-07-01 10:23 - 00001558 _____ () C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-1.job
2014-06-26 15:11 - 2014-07-01 10:23 - 00001548 _____ () C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-6.job
2014-06-26 15:11 - 2014-06-26 15:21 - 00006816 _____ () C:\windows\System32\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-11
2014-06-26 15:11 - 2014-06-26 15:21 - 00005318 _____ () C:\windows\System32\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-4
2014-06-26 15:11 - 2014-06-26 15:21 - 00004562 _____ () C:\windows\System32\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-1
2014-06-26 15:11 - 2014-06-26 15:21 - 00004552 _____ () C:\windows\System32\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-6
2014-06-26 15:11 - 2014-06-26 15:21 - 00004486 _____ () C:\windows\System32\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-7
2014-06-26 15:11 - 2014-06-26 15:12 - 00000000 ____D () C:\Program Files (x86)\Torntv V9.0
2014-06-25 12:57 - 2014-06-25 12:57 - 00000000 ____D () C:\Program Files (x86)\Acoustica MP3 CD Burner
2014-06-25 12:55 - 2014-07-01 10:23 - 00002206 _____ () C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-4.job
2014-06-25 12:55 - 2014-07-01 10:23 - 00001530 _____ () C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-1.job
2014-06-25 12:55 - 2014-07-01 10:23 - 00001440 _____ () C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-5.job
2014-06-25 12:55 - 2014-07-01 10:23 - 00001352 _____ () C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-2.job
2014-06-25 12:55 - 2014-06-25 12:55 - 00005210 _____ () C:\windows\System32\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-4
2014-06-25 12:55 - 2014-06-25 12:55 - 00004534 _____ () C:\windows\System32\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-1
2014-06-25 12:55 - 2014-06-25 12:55 - 00004444 _____ () C:\windows\System32\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-5
2014-06-25 12:55 - 2014-06-25 12:55 - 00004356 _____ () C:\windows\System32\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-2
2014-06-25 12:55 - 2014-06-25 12:55 - 00001454 _____ () C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-5_user.job
2014-06-25 12:55 - 2014-06-25 12:55 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\QuickScan
2014-06-25 12:54 - 2014-07-01 10:59 - 00001468 _____ () C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-7.job
2014-06-25 12:54 - 2014-07-01 10:23 - 00003804 _____ () C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-11.job
2014-06-25 12:54 - 2014-07-01 10:23 - 00002434 _____ () C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-3.job
2014-06-25 12:54 - 2014-07-01 10:23 - 00001528 _____ () C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-6.job
2014-06-25 12:54 - 2014-07-01 10:23 - 00000952 _____ () C:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-06-25 12:54 - 2014-06-30 21:26 - 00000956 _____ () C:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-06-25 12:54 - 2014-06-26 15:21 - 00003928 _____ () C:\windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-06-25 12:54 - 2014-06-26 15:21 - 00003692 _____ () C:\windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-06-25 12:54 - 2014-06-25 20:53 - 00000000 ____D () C:\Users\Kryštof\AppData\Local\Mobogenie
2014-06-25 12:54 - 2014-06-25 12:55 - 00000000 ____D () C:\Program Files (x86)\HD-V1.4
2014-06-25 12:54 - 2014-06-25 12:54 - 00006808 _____ () C:\windows\System32\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-11
2014-06-25 12:54 - 2014-06-25 12:54 - 00005438 _____ () C:\windows\System32\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-3
2014-06-25 12:54 - 2014-06-25 12:54 - 00004532 _____ () C:\windows\System32\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-6
2014-06-25 12:54 - 2014-06-25 12:54 - 00004472 _____ () C:\windows\System32\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-7
2014-06-25 12:54 - 2014-06-25 12:54 - 00000000 ____D () C:\Users\Kryštof\Documents\Mobogenie
2014-06-25 12:54 - 2014-06-25 12:54 - 00000000 ____D () C:\Users\Kryštof\AppData\Local\globalUpdate
2014-06-25 12:54 - 2014-06-25 12:54 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-06-25 12:51 - 2014-06-30 10:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dBpowerAMP Music Converter
2014-06-25 12:51 - 2014-06-25 12:51 - 00130048 _____ () C:\windows\SysWOW64\SpoonUninstall.exe
2014-06-25 12:49 - 2014-06-25 20:56 - 00000000 ____D () C:\Program Files (x86)\SlySoft
2014-06-25 12:49 - 2014-06-25 12:49 - 00000041 ___SH () C:\ProgramData\.zreglib
2014-06-24 14:22 - 2014-06-28 14:11 - 00013735 _____ () C:\Users\Kryštof\Desktop\Sešit1.xlsx
2014-06-13 19:42 - 2014-06-13 19:42 - 00001671 _____ () C:\Users\Guest\Desktop\Skyrim (SKSE).lnk
2014-06-13 15:20 - 2014-06-13 15:20 - 00000000 ____D () C:\Users\Kryštof\Documents\My Games
2014-06-13 15:20 - 2014-06-13 15:20 - 00000000 ____D () C:\Users\Kryštof\AppData\Local\Skyrim
2014-06-11 09:26 - 2014-05-24 04:48 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-06-11 09:26 - 2014-05-24 04:47 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-06-11 09:26 - 2014-05-24 04:47 - 01366016 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-06-11 09:26 - 2014-05-24 04:47 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-06-11 09:26 - 2014-05-24 04:47 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-06-11 09:26 - 2014-05-24 04:46 - 19290112 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-06-11 09:26 - 2014-05-24 04:46 - 15368704 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-06-11 09:26 - 2014-05-24 04:46 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-06-11 09:26 - 2014-05-24 04:46 - 02650112 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-06-11 09:26 - 2014-05-24 04:46 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-06-11 09:26 - 2014-05-24 04:46 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-06-11 09:26 - 2014-05-24 04:46 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-06-11 09:26 - 2014-05-24 04:46 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-06-11 09:26 - 2014-05-24 04:46 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-06-11 09:26 - 2014-05-24 04:46 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-06-11 09:26 - 2014-05-24 04:46 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-06-11 09:26 - 2014-05-24 04:46 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-06-11 09:26 - 2014-05-24 04:45 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-06-11 09:26 - 2014-05-24 04:45 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-06-11 09:26 - 2014-05-24 04:45 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-06-11 09:26 - 2014-05-24 03:26 - 14365696 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-06-11 09:26 - 2014-05-24 03:26 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-06-11 09:26 - 2014-05-24 03:26 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-06-11 09:26 - 2014-05-24 03:26 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-06-11 09:26 - 2014-05-24 03:26 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-06-11 09:26 - 2014-05-24 03:26 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-06-11 09:26 - 2014-05-24 03:26 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-06-11 09:26 - 2014-05-24 03:25 - 13731328 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-06-11 09:26 - 2014-05-24 03:25 - 02862080 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-06-11 09:26 - 2014-05-24 03:25 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-06-11 09:26 - 2014-05-24 03:25 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-06-11 09:26 - 2014-05-24 03:25 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-06-11 09:26 - 2014-05-24 03:25 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-06-11 09:26 - 2014-05-24 03:25 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-06-11 09:26 - 2014-05-24 03:25 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-06-11 09:26 - 2014-05-24 03:25 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-06-11 09:26 - 2014-05-24 03:25 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-06-11 09:26 - 2014-05-24 03:25 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-06-11 09:26 - 2014-05-24 03:09 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-06-11 09:26 - 2014-05-24 03:03 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-06-11 09:26 - 2014-05-24 00:37 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-06-11 09:26 - 2014-05-03 07:47 - 03246592 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-06-11 09:26 - 2014-05-03 05:34 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2014-06-11 09:26 - 2014-04-30 00:32 - 01301504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-06-11 09:26 - 2014-04-30 00:22 - 01023488 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-06-11 09:26 - 2014-04-03 13:19 - 00328024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2014-06-11 09:26 - 2014-04-03 05:44 - 00619008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2014-06-11 09:26 - 2014-04-01 00:08 - 00387268 _____ () C:\windows\system32\ApnDatabase.xml
2014-06-11 09:26 - 2014-03-25 01:42 - 00305152 _____ (Microsoft Corporation) C:\windows\SysWOW64\wusa.exe
2014-06-11 09:26 - 2014-03-25 00:56 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\wusa.exe
2014-06-11 09:25 - 2014-04-03 13:22 - 02233176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-06-11 09:25 - 2014-03-07 02:47 - 01419264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-06-11 09:25 - 2014-03-07 02:08 - 01845760 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-06-08 12:52 - 2014-06-08 12:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-08 12:52 - 2014-06-08 12:52 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-04 19:09 - 2014-06-18 11:09 - 00000000 ____D () C:\Users\Kryštof\Desktop\fa
2014-06-03 20:43 - 2014-06-18 20:43 - 00003818 _____ () C:\windows\System32\Tasks\Opera scheduled Autoupdate 1400187844
2014-06-02 22:12 - 2014-05-30 01:07 - 01715176 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll
2014-06-02 22:12 - 2014-05-30 01:07 - 01291232 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll
2014-06-02 22:12 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys
2014-06-02 22:12 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll

==================== One Month Modified Files and Folders =======

2014-07-01 11:03 - 2014-07-01 11:03 - 01222144 _____ () C:\Users\Kryštof\Downloads\RSITx64.exe
2014-07-01 11:03 - 2014-07-01 10:59 - 00032109 _____ () C:\Users\Kryštof\Desktop\FRST.txt
2014-07-01 11:03 - 2014-07-01 10:53 - 3567063038 _____ () C:\Users\Kryštof\Desktop\Desktop.rar
2014-07-01 11:02 - 2013-11-12 09:16 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-07-01 11:00 - 2014-04-17 13:17 - 00000000 ____D () C:\FRST
2014-07-01 11:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-07-01 10:59 - 2014-06-25 12:54 - 00001468 _____ () C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-7.job
2014-07-01 10:53 - 2014-07-01 10:53 - 00112640 _____ (forum.viry.cz) C:\Users\Kryštof\Desktop\FRSTLauncher.exe
2014-07-01 10:52 - 2014-07-01 10:51 - 00000000 ____D () C:\Users\Kryštof\Desktop\Docs
2014-07-01 10:52 - 2013-11-15 13:47 - 00000000 ____D () C:\Users\Kryštof\Desktop\vsb
2014-07-01 10:51 - 2014-03-19 20:55 - 00000000 ____D () C:\Users\Kryštof\Desktop\Nová složka
2014-07-01 10:50 - 2014-07-01 10:50 - 02083328 _____ (Farbar) C:\Users\Kryštof\Desktop\FRST64.exe
2014-07-01 10:48 - 2014-07-01 10:48 - 00000000 ___SH () C:\DkHyperbootSync
2014-07-01 10:43 - 2013-12-27 21:35 - 00000000 ____D () C:\ProgramData\Ashampoo
2014-07-01 10:43 - 2013-12-27 21:35 - 00000000 ____D () C:\Ashampoo Movie Studio
2014-07-01 10:43 - 2013-12-22 18:34 - 00000000 ____D () C:\Program Files\KMSpico
2014-07-01 10:43 - 2012-12-21 07:40 - 01759403 _____ () C:\windows\WindowsUpdate.log
2014-07-01 10:41 - 2013-11-14 09:49 - 00000000 ____D () C:\Users\Kryštof
2014-07-01 10:38 - 2014-05-07 19:40 - 00000000 ____D () C:\ProgramData\Apple
2014-07-01 10:35 - 2014-05-07 19:40 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-01 10:31 - 2014-06-26 15:11 - 00001482 _____ () C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-7.job
2014-07-01 10:28 - 2013-11-14 10:00 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1001773883-2206983416-447035505-1002
2014-07-01 10:25 - 2014-06-28 17:25 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\Software Informer
2014-07-01 10:23 - 2014-06-26 15:12 - 00001426 _____ () C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-5.job
2014-07-01 10:23 - 2014-06-26 15:12 - 00001330 _____ () C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-2.job
2014-07-01 10:23 - 2014-06-26 15:11 - 00003812 _____ () C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-11.job
2014-07-01 10:23 - 2014-06-26 15:11 - 00002314 _____ () C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-4.job
2014-07-01 10:23 - 2014-06-26 15:11 - 00001558 _____ () C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-1.job
2014-07-01 10:23 - 2014-06-26 15:11 - 00001548 _____ () C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-6.job
2014-07-01 10:23 - 2014-06-25 12:55 - 00002206 _____ () C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-4.job
2014-07-01 10:23 - 2014-06-25 12:55 - 00001530 _____ () C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-1.job
2014-07-01 10:23 - 2014-06-25 12:55 - 00001440 _____ () C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-5.job
2014-07-01 10:23 - 2014-06-25 12:55 - 00001352 _____ () C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-2.job
2014-07-01 10:23 - 2014-06-25 12:54 - 00003804 _____ () C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-11.job
2014-07-01 10:23 - 2014-06-25 12:54 - 00002434 _____ () C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-3.job
2014-07-01 10:23 - 2014-06-25 12:54 - 00001528 _____ () C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-6.job
2014-07-01 10:23 - 2014-06-25 12:54 - 00000952 _____ () C:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-07-01 10:23 - 2014-04-17 20:00 - 00000964 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-30 23:15 - 2014-04-17 20:00 - 00000968 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-30 21:57 - 2013-11-23 13:08 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-30 21:56 - 2013-12-07 21:27 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\vlc
2014-06-30 21:44 - 2014-06-30 21:35 - 157630209 _____ () C:\Users\Kryštof\Downloads\The-Big-Bang-Theory.S02E10.The-Vartabedian-Conundrum.mkv
2014-06-30 21:26 - 2014-06-25 12:54 - 00000956 _____ () C:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-06-30 10:12 - 2014-06-25 12:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dBpowerAMP Music Converter
2014-06-29 22:30 - 2014-06-29 13:38 - 00000000 ____D () C:\windows\SysWOW64\NV
2014-06-29 22:30 - 2014-06-29 13:38 - 00000000 ____D () C:\windows\system32\NV
2014-06-29 13:38 - 2012-12-21 06:56 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-29 13:36 - 2014-06-29 13:36 - 00000000 ____D () C:\windows\LastGood
2014-06-28 17:29 - 2014-06-28 17:29 - 00001104 _____ () C:\Users\Public\Desktop\EPUB File Reader.lnk
2014-06-28 17:29 - 2014-06-28 17:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPUB File Reader
2014-06-28 17:29 - 2014-06-28 17:29 - 00000000 ____D () C:\Program Files (x86)\EPUB File Reader
2014-06-28 17:25 - 2014-06-28 17:25 - 00000000 ____D () C:\ProgramData\Informer Technologies, Inc
2014-06-28 14:11 - 2014-06-24 14:22 - 00013735 _____ () C:\Users\Kryštof\Desktop\Sešit1.xlsx
2014-06-26 16:13 - 2012-07-26 07:26 - 00000269 _____ () C:\windows\win.ini
2014-06-26 15:26 - 2014-06-26 15:26 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\OpenCandy
2014-06-26 15:22 - 2014-06-26 15:12 - 00004430 _____ () C:\windows\System32\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-5
2014-06-26 15:22 - 2014-06-26 15:12 - 00001444 _____ () C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-5_user.job
2014-06-26 15:21 - 2014-06-26 15:12 - 00004334 _____ () C:\windows\System32\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-2
2014-06-26 15:21 - 2014-06-26 15:11 - 00006816 _____ () C:\windows\System32\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-11
2014-06-26 15:21 - 2014-06-26 15:11 - 00005318 _____ () C:\windows\System32\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-4
2014-06-26 15:21 - 2014-06-26 15:11 - 00004562 _____ () C:\windows\System32\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-1
2014-06-26 15:21 - 2014-06-26 15:11 - 00004552 _____ () C:\windows\System32\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-6
2014-06-26 15:21 - 2014-06-26 15:11 - 00004486 _____ () C:\windows\System32\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-7
2014-06-26 15:21 - 2014-06-25 12:54 - 00003928 _____ () C:\windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-06-26 15:21 - 2014-06-25 12:54 - 00003692 _____ () C:\windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-06-26 15:12 - 2014-06-26 15:12 - 00000000 ____D () C:\ProgramData\DSearchLink
2014-06-26 15:12 - 2014-06-26 15:11 - 00000000 ____D () C:\Program Files (x86)\Torntv V9.0
2014-06-25 21:59 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\rescache
2014-06-25 20:57 - 2012-10-10 01:08 - 00058308 _____ () C:\windows\PFRO.log
2014-06-25 20:57 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-25 20:56 - 2014-06-25 12:49 - 00000000 ____D () C:\Program Files (x86)\SlySoft
2014-06-25 20:56 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-06-25 20:53 - 2014-06-25 12:54 - 00000000 ____D () C:\Users\Kryštof\AppData\Local\Mobogenie
2014-06-25 20:51 - 2014-02-27 22:19 - 00002252 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-25 12:57 - 2014-06-25 12:57 - 00000000 ____D () C:\Program Files (x86)\Acoustica MP3 CD Burner
2014-06-25 12:55 - 2014-06-25 12:55 - 00005210 _____ () C:\windows\System32\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-4
2014-06-25 12:55 - 2014-06-25 12:55 - 00004534 _____ () C:\windows\System32\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-1
2014-06-25 12:55 - 2014-06-25 12:55 - 00004444 _____ () C:\windows\System32\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-5
2014-06-25 12:55 - 2014-06-25 12:55 - 00004356 _____ () C:\windows\System32\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-2
2014-06-25 12:55 - 2014-06-25 12:55 - 00001454 _____ () C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-5_user.job
2014-06-25 12:55 - 2014-06-25 12:55 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\QuickScan
2014-06-25 12:55 - 2014-06-25 12:54 - 00000000 ____D () C:\Program Files (x86)\HD-V1.4
2014-06-25 12:54 - 2014-06-25 12:54 - 00006808 _____ () C:\windows\System32\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-11
2014-06-25 12:54 - 2014-06-25 12:54 - 00005438 _____ () C:\windows\System32\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-3
2014-06-25 12:54 - 2014-06-25 12:54 - 00004532 _____ () C:\windows\System32\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-6
2014-06-25 12:54 - 2014-06-25 12:54 - 00004472 _____ () C:\windows\System32\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-7
2014-06-25 12:54 - 2014-06-25 12:54 - 00000000 ____D () C:\Users\Kryštof\Documents\Mobogenie
2014-06-25 12:54 - 2014-06-25 12:54 - 00000000 ____D () C:\Users\Kryštof\AppData\Local\globalUpdate
2014-06-25 12:54 - 2014-06-25 12:54 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-06-25 12:51 - 2014-06-25 12:51 - 00130048 _____ () C:\windows\SysWOW64\SpoonUninstall.exe
2014-06-25 12:49 - 2014-06-25 12:49 - 00000041 ___SH () C:\ProgramData\.zreglib
2014-06-24 14:39 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-06-24 10:35 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-06-23 18:47 - 2014-06-26 16:13 - 00061120 _____ (StdLib) C:\windows\system32\Drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys
2014-06-20 11:10 - 2014-02-27 22:19 - 00003940 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-20 11:10 - 2014-02-27 22:19 - 00003704 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-19 14:41 - 2013-11-16 22:09 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-06-18 20:43 - 2014-06-03 20:43 - 00003818 _____ () C:\windows\System32\Tasks\Opera scheduled Autoupdate 1400187844
2014-06-18 20:43 - 2014-05-15 23:04 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-06-18 11:09 - 2014-06-04 19:09 - 00000000 ____D () C:\Users\Kryštof\Desktop\fa
2014-06-14 22:50 - 2014-02-18 10:53 - 00000000 ____D () C:\Users\Kryštof\Desktop\fyzika
2014-06-13 19:42 - 2014-06-13 19:42 - 00001671 _____ () C:\Users\Guest\Desktop\Skyrim (SKSE).lnk
2014-06-13 15:20 - 2014-06-13 15:20 - 00000000 ____D () C:\Users\Kryštof\Documents\My Games
2014-06-13 15:20 - 2014-06-13 15:20 - 00000000 ____D () C:\Users\Kryštof\AppData\Local\Skyrim
2014-06-11 11:21 - 2012-07-26 09:59 - 00000000 ____D () C:\windows\CbsTemp
2014-06-11 11:20 - 2013-12-26 14:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-11 11:20 - 2013-11-15 09:59 - 00000000 ____D () C:\windows\system32\MRT
2014-06-11 11:18 - 2013-11-15 09:59 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-06-08 12:52 - 2014-06-08 12:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-08 12:52 - 2014-06-08 12:52 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-08 12:52 - 2014-05-17 12:26 - 00001942 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-08 12:52 - 2014-05-17 12:26 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-06 13:38 - 2013-12-21 15:41 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\TS3Client
2014-06-03 14:13 - 2012-12-21 07:42 - 01791370 _____ () C:\windows\system32\perfh005.dat
2014-06-03 14:13 - 2012-12-21 07:42 - 00489730 _____ () C:\windows\system32\perfc005.dat
2014-06-03 14:13 - 2012-07-26 09:28 - 00005640 _____ () C:\windows\system32\PerfStringBackup.INI
2014-06-02 22:12 - 2012-12-21 06:55 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-02 22:12 - 2012-07-26 09:21 - 00039539 _____ () C:\windows\setupact.log

Some content of TEMP:
====================
C:\Users\Kryštof\AppData\Local\Temp\6_Offer_6.exe
C:\Users\Kryštof\AppData\Local\Temp\acufutls.dll
C:\Users\Kryštof\AppData\Local\Temp\Bb7010.exe
C:\Users\Kryštof\AppData\Local\Temp\buenosearch.exe
C:\Users\Kryštof\AppData\Local\Temp\f.exe
C:\Users\Kryštof\AppData\Local\Temp\ins.exe
C:\Users\Kryštof\AppData\Local\Temp\uninst1.exe
C:\Users\Kryštof\AppData\Local\Temp\UNINSTALL.EXE

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-1.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe <==== ATTENTION
Task: C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-11.job => C:\Program Files (x86)\Torntv V9.0\89de0a78-ee09-4b46-8d35-5da525647f29-11.exe <==== ATTENTION
Task: C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-2.job => C:\Program Files (x86)\Torntv V9.0\89de0a78-ee09-4b46-8d35-5da525647f29-2.exe <==== ATTENTION
Task: C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-4.job => C:\Program Files (x86)\Torntv V9.0\89de0a78-ee09-4b46-8d35-5da525647f29-4.exe <==== ATTENTION
Task: C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-5.job => C:\Program Files (x86)\Torntv V9.0\89de0a78-ee09-4b46-8d35-5da525647f29-5.exe <==== ATTENTION
Task: C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-5_user.job => C:\Program Files (x86)\Torntv V9.0\89de0a78-ee09-4b46-8d35-5da525647f29-5.exe <==== ATTENTION
Task: C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-6.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-novainstaller.exe <==== ATTENTION
Task: C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-7.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-nova.exe <==== ATTENTION
Task: C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-1.job => C:\Program Files (x86)\HD-V1.4\HD-V1.4-codedownloader.exe
Task: C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-11.job => C:\Program Files (x86)\HD-V1.4\8febae80-638a-4f48-a798-81e9dabc140f-11.exe
Task: C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-2.job => C:\Program Files (x86)\HD-V1.4\8febae80-638a-4f48-a798-81e9dabc140f-2.exe
Task: C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-3.job => C:\Program Files (x86)\HD-V1.4\8febae80-638a-4f48-a798-81e9dabc140f-3.exe
Task: C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-4.job => C:\Program Files (x86)\HD-V1.4\8febae80-638a-4f48-a798-81e9dabc140f-4.exe
Task: C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-5.job => C:\Program Files (x86)\HD-V1.4\8febae80-638a-4f48-a798-81e9dabc140f-5.exe
Task: C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-5_user.job => C:\Program Files (x86)\HD-V1.4\8febae80-638a-4f48-a798-81e9dabc140f-5.exe
Task: C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-6.job => C:\Program Files (x86)\HD-V1.4\HD-V1.4-novainstaller.exe
Task: C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-7.job => C:\Program Files (x86)\HD-V1.4\HD-V1.4-nova.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Kry�tof\Desktop" je 3704 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

krystof37 · #2 Příspěvek od **krystof37** » 01 črc 2014 10:17

Logfile of random's system information tool 1.10 (written by random/random)
Run by Kryštof at 2014-07-01 11:07:53
Microsoft Windows 8
System drive C: has 555 GB (61%) free of 905 GB
Total RAM: 8058 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:08:17, on 1. 7. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16921)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Kryštof\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
C:\Program Files (x86)\Opera\22.0.1471.70\opera_crashreporter.exe
C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
C:\Program Files\trend micro\Kryštof.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_k ... 3&tsp=5290
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: CrossriderApp0051390 - {11111111-1111-1111-1111-110511131190} - C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho.dll
O2 - BHO: CrossriderApp0058362 - {11111111-1111-1111-1111-110511831162} - C:\Program Files (x86)\HD-V1.4\HD-V1.4-bho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Kryštof\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Kryštof\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Kryštof\AppData\Local\Akamai\netsession_win.exe"
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll c:\progra~3\assist~1\assist~1.dll,C:\windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: @oem46.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service (BcmBtRSupport) - Unknown owner - C:\windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: ExpressCache - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: mental ray Satellite for Autodesk 3ds Max 2014 64-bit (mi-raysat_3dsmax2014_64) - Unknown owner - C:\3dsMAX\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 13939 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 438079141408
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
C:\windows\system32\BtwRSupportService.exe
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
dashost.exe {da9fe49f-d601-4d52-adee269ebe0b4f97}
"C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\3dsMAX\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe"
"C:\Program Files\Windows Defender\MsMpEng.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 3591b8f9-56ad-4cde-8d0f-a180c731bd0a 1
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-76cdefec-a2b4-4dda-b65e-55dcfa5c6835 -SystemEventPortName:HostProcess-56717df8-1599-4d9f-be68-5b93af6b04c7 -IoCancelEventPortName:HostProcess-76ee9ad3-14fa-4bdc-8112-e5c95f2eb1bc -NonStateChangingEventPortName:HostProcess-37ea5423-4f1a-43fd-8b31-6216703fe97b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0d194d75-45d4-4519-ac9c-429c4f409fe1 -DeviceGroupId:WudfDefaultDevicePool
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\wbem\WmiApSrv.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\System32\WinLogon.exe -SpecialSession
"LogonUI.exe" /flags:0x0
-hiberboot
"C:\windows\system32\nvvsvc.exe"

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session
taskhostex.exe
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe" /TUStart /pid:1832
C:\windows\Explorer.EXE
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe" /m
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
szndesktop.exe default start
"C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe"
"C:\Users\Kryštof\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe" --ran-launcher /crash-reporter-parent-id=8944
"C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe" --type=gpu-process --channel="8944.0.1815216700\278756938" --crash-reporter-pid=11204 --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,15 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3412 --crash-reporter-pid=11204 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --disable-client-side-phishing-detection --with-feature:enhanced-autofill --crash-reporter-pid=11204 --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8944.2.1679963799\1701301762" /prefetch:673131151
"C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --extension-process --disable-client-side-phishing-detection --with-feature:enhanced-autofill --crash-reporter-pid=11204 --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8944.3.136493409\1826590954" /prefetch:673131151
"C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --extension-process --disable-client-side-phishing-detection --with-feature:enhanced-autofill --crash-reporter-pid=11204 --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8944.5.472379516\1312518717" /prefetch:673131151
"C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --extension-process --disable-client-side-phishing-detection --with-feature:enhanced-autofill --crash-reporter-pid=11204 --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8944.6.944778899\1403047536" /prefetch:673131151
"C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe" --type=plugin --plugin-path="C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll" --lang=cs --channel="8944.14.2126911163\941380768" --crash-reporter-pid=11204 /prefetch:-390060480
"C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --disable-client-side-phishing-detection --with-feature:enhanced-autofill --crash-reporter-pid=11204 --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8944.26.1866749667\348338222" /prefetch:673131151
"C:\Program Files\WinRAR\WinRAR.exe" a -ep1 -scul -r0 -iext -- . C:\Documents\zalozene
C:\windows\System32\svchost.exe -k swprv
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe130_ Global\UsGthrCtrlFltPipeMssGthrPipe130 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 564 568 576 65536 572
C:\windows\system32\wbem\wmiprvse.exe
"C:\Users\Kryštof\Desktop\RSITx64.exe"
taskeng.exe {59B3AFFE-AF0A-4C99-A5C3-24F4165D33E8}
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe" /update SCHEDULEDTASK displaylevel=False

======Scheduled tasks folder======

C:\windows\tasks\89de0a78-ee09-4b46-8d35-5da525647f29-1.job - C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe /iuncmp /txOoXqSx=task /uNUQj='Torntv V9.0' /LkszZVb=51390 /iyjAEP='001602' /RRXUSom='0' /LDwAN='0' /ZPwgjtSqk=965157F2990940EDB5217D414FC12681IE /LnauV=1c9f7d97487f8d062b1c5f4133e0b2b1 /nyfGLXX=1_34_06_10 /jmlrXlcTR=1.34.6.10 /xSWue=1403788900 /MXBgxFq=http://stats.democlientnet.com /LpnhaF=http://errors.democlientnet.com /dxSOrqCxT=http://cr.install-daddy.com /aVKqEyy=opera /fyoQjVWv='Torntv V9.0' /yriDUNEa=http://cr.install-daddy.com /aqqlvgdWk /deTdvBZC='{"asw":[0, 12583237, 0]}' /ydCavcxoZ='http://update.democlientnet.com/ie_code ... pdate.json' /txOoXqSx='task' /GaqfLF=''
C:\windows\tasks\89de0a78-ee09-4b46-8d35-5da525647f29-11.job - C:\Program Files (x86)\Torntv V9.0\89de0a78-ee09-4b46-8d35-5da525647f29-11.exe /dswgOlCWY=dWyb98rza4DlPPE/XFJmU988Cti6ukNLt6lRIxZAw4sxItDkHLpwBmqzevoiIiLq6vB55kqJtN4MZRCIq9dmvq5nPs6Jw3nggTn4UClpfzbDQfviLvBYqpA68e4SDM6ZsTWtQrCEN+LP6QB4D86iDojiDde7Xq/QmvkcTnVUs+t153jNPqXuHIwzJOqw7Ln1Qv8aEnbLwpJJiiETtHtsqDwKiVID0j7DGlxBahEKmZTfixWPAfaiYn4AzdGM7OcRmSWEbu+Gy36W/kSPCQeL/P8dr4S+3cn+RZkFM6lG76A0BlbJRoi079GIEn187hMCY4hLB5x/b7Ok8OF34bOgUQtRzTtuWkRA9mtWnncQXSF6c3Tw/DbTFgtyV6J6+aVIdjAsRylaNa0eYpruLEaSe2agmsVVAjzKSH3USx2qTdEIr2fFI2Txx3cDT3s9F++e5v8nNMKtqOIAtOL7B3CHWoiMY26uc0+Nq+qfampUnyUjtlJInZQNFLzbPFim9YZ5T2ZWgwnooOn5Wf7OTkVKO1jWLSWHjVIYkgP9BYCC/zE/UqtyMSxrJIGLiW7Q7GobjYeI1fX+8tmj42wafwLUM7ciNwvXq0cw0EgnGzBvoecXa/VfmrNkfJaBPycvs+HOuy83DyZGKbfK8XnsmPx+DYe+YrnzxRfgY0DmXCkh7Gsh8eZZ0D7IuOujKGatwKuz84Lx3PrIohYIY3pIopt/kBl3L4uzpU12vpRG/yTE9cUOMbifzQ7j8kItgy4uLERs1kuYLi3+5IDdBUXzFsDaeF8E3SB9rUKgX3ps9VMa7FJ89d6+xBW0WB0PBLdU2yiNOfPYEwQBcjnzcQ5+35BdkQNENLx5Xyy4tqbSawTvWvrxVgsvT4OsPe4es+/y3jeAHe2cethPDGoa02SkBEQkmX7VxHNMfaQLYuOyqnWbB7uzvCsXKVrgmD3eERlcFqxYM1DmGNYQ/eEDBYLCuXsBdWaMBlbIqg7Zdruuv97vDQmk4B0kj2WLd5nsocIg5x3LO7H+dlbqTOtLiu0c5lh6Fq5VZGsOpohRh29ct3ZK35kXOyUGLon6cbBlv4JtG9iFrgd7Pc44CfaW1rXfMgc0QBOTvtmy+m/hfAOjjbHyz8R3Yx93zfgwIKjtTjHZkjdJ0JW9ptqRwmJSnG+Q5TusSI9IQTqe6tm+40fBEx45tmtm+DnRAwuXAuaUNAG649qYPJfLtypWYBr8wPMMHjyv0MpCp1lFOv2YMl/XZYkxtrDQYbpkLv91CykH9u8xxSZXIUN92LWpxyehJjvfJG0PJ3lpKjRKdOca6jvb6M87OGSUNOoVa0DMnydF0zjX0uxVWH7x9j5/Mkx1wNXScFqcJTyFqJO+6OONIAnPWbehGwS3EOSkYuqvH+EwQ7/h+xHfq+ulybX69jJ9P3HLMdLs7ZwgnUerElabXOaO6aKDLHbHpy1NwF7omemPteH7cKxGck7wggxNsRdBFovUhbddN6duFXM5PwMecAfSYAKWksaQ9EycuFuMeAGYjjrel+JuCqZXOyVsIC6CmHFsaFh+NoHoktgJZBR/P2Vj1H3O0effXYYTVSIaWQLjnUKzkkRRbadsBHlTNB6pLC5aqHD3IcPmDhthygbArfBmbtGPfskIICQOIgUUPGTIkG/KWUyd/xccJ43ncPrKsey4NW1onqnD991GdforphVD0qM3rI8=
C:\windows\tasks\89de0a78-ee09-4b46-8d35-5da525647f29-2.job - C:\Program Files (x86)\Torntv V9.0\89de0a78-ee09-4b46-8d35-5da525647f29-2.exe /dZlISRxq /uNUQj='Torntv V9.0' /LkszZVb=51390 /iyjAEP='001602' /RRXUSom='0' /LDwAN='0' /ZPwgjtSqk=965157F2990940EDB5217D414FC12681IE /LnauV=1c9f7d97487f8d062b1c5f4133e0b2b1 /nyfGLXX=1_34_06_10 /xSWue=1403788900 /MXBgxFq=http://stats.democlientnet.com /LpnhaF=http://errors.democlientnet.com /ALzJV=11111111-1111-1111-1111-110511131190 /aVKqEyy=opera /aqqlvgdWk /ydCavcxoZ='http://update.democlientnet.com/ie_enab ... pdate.json' /txOoXqSx='task' /GaqfLF=''
C:\windows\tasks\89de0a78-ee09-4b46-8d35-5da525647f29-4.job - C:\Program Files (x86)\Torntv V9.0\89de0a78-ee09-4b46-8d35-5da525647f29-4.exe /SAQKJD /uNUQj='Torntv V9.0' /wIpuuT='C:\Program Files (x86)\Torntv V9.0\51390.xpi' /LkszZVb=51390 /iyjAEP='001602' /RRXUSom='0' /LDwAN='0' /ZPwgjtSqk=965157F2990940EDB5217D414FC12681IE /LnauV=1c9f7d97487f8d062b1c5f4133e0b2b1 /nyfGLXX=1_34_06_10 /jmlrXlcTR=1.34.6.10 /xSWue=1403788900 /MXBgxFq=http://stats.democlientnet.com /LpnhaF=http://errors.democlientnet.com /nmhXn=300 /SqNazsX=5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com /xoRMqY=0.94 /sUCgcGkr=a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390 /zKdfmf=https://w9u6a2p6.ssl.hwcdn.net/plugin/f ... /51390.rdf /jpbxrQtsX='Torntv V9.0' /dKSnf='The must-have App extensions for Television fans! Watch free TV channels, live sports and more' /eNqfeeVf='installdaddy' /aVKqEyy=opera /deTdvBZC='{"asw":[0, 12583237, 0]}' /aqqlvgdWk /XHhuuE /DvYkPxq /ydCavcxoZ='http://update.democlientnet.com/ff_agen ... pdate.json' /txOoXqSx='task' /GaqfLF=''
C:\windows\tasks\89de0a78-ee09-4b46-8d35-5da525647f29-5.job - C:\Program Files (x86)\Torntv V9.0\89de0a78-ee09-4b46-8d35-5da525647f29-5.exe /PjrgSjlX /uNUQj='Torntv V9.0' /LkszZVb=51390 /iyjAEP='001602' /RRXUSom='0' /LDwAN='0' /ZPwgjtSqk=965157F2990940EDB5217D414FC12681IE /LnauV=1c9f7d97487f8d062b1c5f4133e0b2b1 /nyfGLXX=1_34_06_10 /xSWue=1403788900 /MXBgxFq=http://stats.democlientnet.com /LpnhaF=http://errors.democlientnet.com /rYUAHiA=http://ipgeoapi.com/ /fUCcRx=http://update.democlientnet.com /RGnBM=2 /iKCGdXrXR=http://logs.democlientnet.com /ydCavcxoZ='http://update.democlientnet.com/updater ... pdate.json' /txOoXqSx='task' /GaqfLF=''
C:\windows\tasks\89de0a78-ee09-4b46-8d35-5da525647f29-5_user.job - C:\Program Files (x86)\Torntv V9.0\89de0a78-ee09-4b46-8d35-5da525647f29-5.exe /PjrgSjlX /uNUQj='Torntv V9.0' /LkszZVb=51390 /iyjAEP='001602' /RRXUSom='0' /LDwAN='0' /ZPwgjtSqk=965157F2990940EDB5217D414FC12681IE /LnauV=1c9f7d97487f8d062b1c5f4133e0b2b1 /nyfGLXX=1_34_06_10 /xSWue=1403788900 /MXBgxFq=http://stats.democlientnet.com /LpnhaF=http://errors.democlientnet.com /rYUAHiA=http://ipgeoapi.com/ /fUCcRx=http://update.democlientnet.com /RGnBM=2 /iKCGdXrXR=http://logs.democlientnet.com /ydCavcxoZ='http://update.democlientnet.com/updater ... pdate.json' /AcpjiXQ /txOoXqSx='task' /GaqfLF=''
C:\windows\tasks\89de0a78-ee09-4b46-8d35-5da525647f29-6.job - C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-novainstaller.exe /gBclbg /uNUQj='Torntv V9.0' /LkszZVb=51390 /iyjAEP='001602' /RRXUSom='0' /LDwAN='0' /ZPwgjtSqk=965157F2990940EDB5217D414FC12681IE /LnauV=1c9f7d97487f8d062b1c5f4133e0b2b1 /nyfGLXX=1_34_06_10 /jmlrXlcTR=1.34.6.10 /xSWue=1403788900 /MXBgxFq=http://stats.democlientnet.com /LpnhaF=http://errors.democlientnet.com /dxSOrqCxT=http://cr.install-daddy.com /aVKqEyy=opera /aaSrIa /fyoQjVWv=Torntv V9.0 /zYvAf='nova' /yriDUNEa=http://cr.install-daddy.com /deTdvBZC='{"asw":[0, 12583237, 0]}' /txOoXqSx=task /ydCavcxoZ='http://update.democlientnet.com/novacod ... pdate.json' /txOoXqSx='task' /GaqfLF=''
C:\windows\tasks\89de0a78-ee09-4b46-8d35-5da525647f29-7.job - C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-nova.exe /uNUQj='Torntv V9.0' /LkszZVb=51390 /iyjAEP='001602' /RRXUSom='0' /LDwAN='0' /ZPwgjtSqk=965157F2990940EDB5217D414FC12681IE /LnauV=1c9f7d97487f8d062b1c5f4133e0b2b1 /nyfGLXX=1_34_06_10 /jmlrXlcTR=1.34.6.10 /xSWue=1403788900 /MXBgxFq=http://stats.democlientnet.com /LpnhaF=http://errors.democlientnet.com /dxSOrqCxT=http://cr.install-daddy.com /aVKqEyy=opera /aaSrIa /fyoQjVWv=Torntv V9.0 /zYvAf='nova' /yriDUNEa=http://cr.install-daddy.com /deTdvBZC='{"asw":[0, 12583237, 0]}' /ydCavcxoZ='http://update.democlientnet.com/novarun ... pdate.json' /txOoXqSx='task' /GaqfLF=''
C:\windows\tasks\8febae80-638a-4f48-a798-81e9dabc140f-1.job - C:\Program Files (x86)\HD-V1.4\HD-V1.4-codedownloader.exe /whROIIhE /wAnCBb=task /JBENPOh='HD-V1.4' /OnTGu=58362 /hdUDUTNWx='001692' /FxwOHuWq='0' /IdbQhGte='0' /GSrJeacc=965157F2990940EDB5217D414FC12681IE /oiWZcogN=1c9f7d97487f8d062b1c5f4133e0b2b1 /PBeuuyD=1_34_06_10 /NpmjhCgF=1.34.6.10 /scdfJVx=1403693662 /CkunelJaL=http://stats.democlientnet.com /lODwJSNmE=http://errors.democlientnet.com /EKCkefRpI=http://js.democlientnet.com /BlvaU=opera /QqcxO='HD-V1.4' /SaEqY=http://js.clientdemocloud.com /aAPLSxgv /aVjfP='{"asw":[0, 325, 32768]}' /tGFnAOuI='http://update.democlientnet.com/ie_code ... pdate.json' /wAnCBb='task' /SrKjige=''
C:\windows\tasks\8febae80-638a-4f48-a798-81e9dabc140f-11.job - C:\Program Files (x86)\HD-V1.4\8febae80-638a-4f48-a798-81e9dabc140f-11.exe /WQgtJJbSx=dic3ThHzNKYVxxzWX4uKOsb0126uG/GbvhU6aFdH4IzWnm1BsOvOlBgqo7KuHhjU0DJ8IWwUPD3Ch6u8HefRQbmjVBYNiNjZQdWS8Co17flKu14Qvs6t9ia0wCquw9SgPgxVBOCcGsw10GefyUdrCi3OFrzDDth3LY9eglM2qgNYkxmwqtzFh/kqaoO9QJnLZSdkTV8gEpUcXxS0SsT9q5kREEdAqwCh152Nma53a6M36pfnDkMJ2hvWV64gLwdtRzsdRgYKM1XO9S6L+DN8VOgLxJxBf/g+xbiyc8zxaQ5yzzimNcWUXKU4YBgozSOj/o/yRFNodqKq29/+bDLo9rrjJ9d06dH9HTJkShPQDUVmPXK9EN1DQVpfcj61azoNlKsRZ2ApCieQsxhOub2mxykbGRui4DvRwUIRPilJLOUSyzYDV8UYRr78FA6x/9tPL1qs1TnN0XtN0WlK02+G1iTlkSBPhPBJEkXT7EPxotUQ66sgHJ8svnWBCrVOk22LsF2q43hpwQb9C7XvyarJYGzOd0OECPIDiOS9mkmwSnhTwpxLltuAWH4VdK/HR0gg2d8duc2seid1N8Wen6ujDZA4u63ORhUrp6kAwKG2wsRZYwDohmxlwDofkCE1OZoLv4TlU4M4cUu1rvgXRZFS5iDuj1gE+H03m2qVXoq4jf1sfkBwad//qWFD7XrXGVEIHsOmtuTuR49IF0teaDkWYicJ+HMNg1SrSoOkmhVYlr1Dhjf+rX9Qayr24RnjKC7aVA07X0iCf5uFiHAeyC2HrieP9abAsjU38YHs3qFUTqcADhjxy9JQ4xa5RMkr1KWO579ERuFNsGxDZtVcUhbolTj+Yvd2gTnN5QA80S49fIqGbViXooKlrU1pUG0sShoJM+VY1OtYJoCGsNX6PHY+edgORz+uUkJl52iZUuf98oCiyiNDXg8Xm2lzup3oQGWFj6TV/HLXKmSkeAkiyLwRSoPfkDCR8JED1a170esHY3Hq9Y/gMDE+IAZX6TVdHEO6oiqfR3XmwqWHmUzTo/IyatQJmNVtDv7q4RxBlvsASaII4D5FfGVSViDyito3n5hPkb5qsmD1QQRo7hcVIn5xX5rvM1OvmMqtBczkobi3zZeNegwvlC4XMJSSP2+UoSgGVK2c9OwiUF5sWgqFTedRHZ4pso4QZzkobBLCSljeK7O5j9jOvCERbxGB72yLbsZkd1A1Nbtvy7ZnD1rc4Oc4F9/PVEPoCPWxqttkg0eWrQ1+g+/grYVR+gmc/Cfo8crU7cWndZ/Y0V2ijuDrR1r3dpMCK7NpcwzLbdYpNloa2Qu86a6mhmC8ykey1/jguEa47cZkQ1x7LW/VLNLoXJs+9FfrimJYu8WVez1kCAY7OpDCofUVX1+XMfFGZZTbw1TdN27FvmU61pZQPmU1zoGaYYEakGIifPsNXWspPqF0vpLAlbwN5ajhiGRTG3y0rWQMbe53GFRVpyiXvXQF0hANmbu8sxKavqWIv05qRlD4cz5N9B0g4VUa6yyafTttdnxAlxIu8xxeNl1Wq6n2hT2HEmASzqk3EU27OXI2wxCsPXVKN35entr2qiI76/v9ehokCTFasZF5VzSjmFF8K3Ij+bcM7rAi6/N9A89I6v/eyhrEaB5s6IEB1xh76/n3l5qx2iprj26A/C9/RxHscSNyGEL+j3AGr1x5mObaW0WA+I8=
C:\windows\tasks\8febae80-638a-4f48-a798-81e9dabc140f-2.job - C:\Program Files (x86)\HD-V1.4\8febae80-638a-4f48-a798-81e9dabc140f-2.exe /iPSXRbZ /JBENPOh='HD-V1.4' /OnTGu=58362 /hdUDUTNWx='001692' /FxwOHuWq='0' /IdbQhGte='0' /GSrJeacc=965157F2990940EDB5217D414FC12681IE /oiWZcogN=1c9f7d97487f8d062b1c5f4133e0b2b1 /PBeuuyD=1_34_06_10 /scdfJVx=1403693662 /CkunelJaL=http://stats.democlientnet.com /lODwJSNmE=http://errors.democlientnet.com /QBGKZT=11111111-1111-1111-1111-110511831162 /BlvaU=opera /PVBkss /aAPLSxgv /tGFnAOuI='http://update.democlientnet.com/ie_enab ... pdate.json' /wAnCBb='task' /SrKjige=''
C:\windows\tasks\8febae80-638a-4f48-a798-81e9dabc140f-3.job - C:\Program Files (x86)\HD-V1.4\8febae80-638a-4f48-a798-81e9dabc140f-3.exe /WQgtJJbSx=kjEodc8IDbiR6Efu3jo5zh0aCAUvSSBBUvt0Svd/d5A3O59ZjYM8QqB/vETEvAkrn2GNGOU7XtxkfAeSeJJjRgq+QvJZkSlPj2ffIP0P3adgud2unpHpBHZI6pk4jvLdsqq/Whx8K0kh2J+UKmT1c1lzRN/BflhLfyfGbJGUJfhEcL6zgMx7Ti8rMQM4MRVHu51Vj9mejaqSfnNicv2pR2EmuMMu9mfex2RNeKdb6aWgXw2Hofg31DEAudqdsrwcP5lCyvh9/aGjDTdRWXp1Y4sgkQvHRqNuiTKeybKU1so9lcNWPl4Fmp4f8r4m3VhSalswYcgsyHvy97ntF34S+JrhoiHvegAp+2sH3XJIuvOEWpQMsj7PCjzFZulgMK4g6jr10W9CtSpxbQz4rYu0XX2GQCfNVgT0mrwl11t6cupl0keTeIfZL1UOFFPMJb2yGI3HWxFJ0hcx4UZucSc1dhF/4A9s1V6NX+PnJHqsOIGttBw05H8l2p2bW15etEA1XC0201HzJwNaGdtiqmlSNVkigXcN55CSohu7S6HnS6lRdvb/e18f6ixsW88Tiek5HrF91iTi1C+YtcNPbj6fvx9AhAjXpQxeguXjlKXI5QIi6EJRQFiGc7M65zFbKRDHyPxuEaTaQCxQEftvpmWkbq3XogrR3VlwoUEbi//h4RJ58ZlHv3Y0fKc8fPQjVnCOLdVDghGDLyjA1Y8e0nY25WJ0NJC4HhMXMiIkvHhZAmNYTvdbBsvdvMwGAhWE5z/Y6IxxyuylI3HjhXNo1mFdQx297GitWyKhUcgSTlHwBJuz6JmJuYA52SNoLZzbVok8eykK58exQ94r8Q5lOhQ2+XCOB6YFvDsMJoEC688Jwiwj+ga9eyY+lJPvRNXmEd0xPl/EpCkBx57qiuVS2hTU6MI933r+flpgB4jitLN4gYAF/x5unQdS+lK3k5d/oPIKBNj6aU+rT2Hf+L/8Xmm9WWVsOGfPACBDzvep0onUFgNQytiJjj4tjpdhklhyKfbI
C:\windows\tasks\8febae80-638a-4f48-a798-81e9dabc140f-4.job - C:\Program Files (x86)\HD-V1.4\8febae80-638a-4f48-a798-81e9dabc140f-4.exe /GfoHJzjR /JBENPOh='HD-V1.4' /KnvUXz='C:\Program Files (x86)\HD-V1.4\58362.xpi' /OnTGu=58362 /hdUDUTNWx='001692' /FxwOHuWq='0' /IdbQhGte='0' /GSrJeacc=965157F2990940EDB5217D414FC12681IE /oiWZcogN=1c9f7d97487f8d062b1c5f4133e0b2b1 /PBeuuyD=1_34_06_10 /NpmjhCgF=1.34.6.10 /scdfJVx=1403693662 /CkunelJaL=http://stats.democlientnet.com /lODwJSNmE=http://errors.democlientnet.com /KzIavP=300 /OqpVkmuAN=508d4e2f-a469-421d-a294-135dbb84fe1b@f7b17943-cc9e-4d4a-b223-0bd1e7cfc871.com /sKZAJlIt=0.94 /NMXHl=a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362 /ULZFuis=https://w9u6a2p6.ssl.hwcdn.net/plugin/f ... /58362.rdf /KDmfxj='HD-V1.4' /CWdagTtBr='Turn YouTube videos to High Definition by default' /cDlKVVzM='HD-V1.4' /BlvaU=opera /aVjfP='{"asw":[0, 325, 32768]}' /aAPLSxgv /BXozatBb /GPhfC /tGFnAOuI='http://update.democlientnet.com/ff_agen ... pdate.json' /wAnCBb='task' /SrKjige=''
C:\windows\tasks\8febae80-638a-4f48-a798-81e9dabc140f-5.job - C:\Program Files (x86)\HD-V1.4\8febae80-638a-4f48-a798-81e9dabc140f-5.exe /VCdiqWPv /JBENPOh='HD-V1.4' /OnTGu=58362 /hdUDUTNWx='001692' /FxwOHuWq='0' /IdbQhGte='0' /GSrJeacc=965157F2990940EDB5217D414FC12681IE /oiWZcogN=1c9f7d97487f8d062b1c5f4133e0b2b1 /PBeuuyD=1_34_06_10 /scdfJVx=1403693662 /CkunelJaL=http://stats.democlientnet.com /lODwJSNmE=http://errors.democlientnet.com /hllbMr=http://ipgeoapi.com/ /zNWbHA=http://update.democlientnet.com /nWZhSPxv=2 /RfHEsNRd=http://logs.democlientnet.com /tGFnAOuI='http://update.democlientnet.com/updater ... pdate.json' /wAnCBb='task' /SrKjige=''
C:\windows\tasks\8febae80-638a-4f48-a798-81e9dabc140f-5_user.job - C:\Program Files (x86)\HD-V1.4\8febae80-638a-4f48-a798-81e9dabc140f-5.exe /VCdiqWPv /JBENPOh='HD-V1.4' /OnTGu=58362 /hdUDUTNWx='001692' /FxwOHuWq='0' /IdbQhGte='0' /GSrJeacc=965157F2990940EDB5217D414FC12681IE /oiWZcogN=1c9f7d97487f8d062b1c5f4133e0b2b1 /PBeuuyD=1_34_06_10 /scdfJVx=1403693662 /CkunelJaL=http://stats.democlientnet.com /lODwJSNmE=http://errors.democlientnet.com /hllbMr=http://ipgeoapi.com/ /zNWbHA=http://update.democlientnet.com /nWZhSPxv=2 /RfHEsNRd=http://logs.democlientnet.com /tGFnAOuI='http://update.democlientnet.com/updater ... pdate.json' /GvIlU /wAnCBb='task' /SrKjige=''
C:\windows\tasks\8febae80-638a-4f48-a798-81e9dabc140f-6.job - C:\Program Files (x86)\HD-V1.4\HD-V1.4-novainstaller.exe /oGOOH /JBENPOh='HD-V1.4' /OnTGu=58362 /hdUDUTNWx='001692' /FxwOHuWq='0' /IdbQhGte='0' /GSrJeacc=965157F2990940EDB5217D414FC12681IE /oiWZcogN=1c9f7d97487f8d062b1c5f4133e0b2b1 /PBeuuyD=1_34_06_10 /NpmjhCgF=1.34.6.10 /scdfJVx=1403693662 /CkunelJaL=http://stats.democlientnet.com /lODwJSNmE=http://errors.democlientnet.com /EKCkefRpI=http://js.democlientnet.com /BlvaU=opera /PLJnXIpJ /QqcxO=HD-V1.4 /YqAwEqFFf='nova' /SaEqY=http://js.clientdemocloud.com /aVjfP='{"asw":[0, 325, 32768]}' /wAnCBb=task /tGFnAOuI='http://update.democlientnet.com/novacod ... pdate.json' /wAnCBb='task' /SrKjige=''
C:\windows\tasks\8febae80-638a-4f48-a798-81e9dabc140f-7.job - C:\Program Files (x86)\HD-V1.4\HD-V1.4-nova.exe /JBENPOh='HD-V1.4' /OnTGu=58362 /hdUDUTNWx='001692' /FxwOHuWq='0' /IdbQhGte='0' /GSrJeacc=965157F2990940EDB5217D414FC12681IE /oiWZcogN=1c9f7d97487f8d062b1c5f4133e0b2b1 /PBeuuyD=1_34_06_10 /NpmjhCgF=1.34.6.10 /scdfJVx=1403693662 /CkunelJaL=http://stats.democlientnet.com /lODwJSNmE=http://errors.democlientnet.com /EKCkefRpI=http://js.democlientnet.com /BlvaU=opera /PLJnXIpJ /QqcxO=HD-V1.4 /YqAwEqFFf='nova' /SaEqY=http://js.clientdemocloud.com /aVjfP='{"asw":[0, 325, 32768]}' /tGFnAOuI='http://update.democlientnet.com/novarun ... pdate.json' /wAnCBb='task' /SrKjige=''
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default

prefs.js - "browser.startup.homepage" - "http://isearch.avg.com?pid=avg&sg=&cid= ... A17&sap=hp"
prefs.js - "keyword.URL" - ""

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@parallelgraphics.com/Cortona]
"Description"=Cortona VRML Plugin
"Path"=C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default\extensions\
508d4e2f-a469-421d-a294-135dbb84fe1b@f7b17943-cc9e-4d4a-b223-0bd1e7cfc871.com
5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com
{5384767E-00D9-40E9-B72F-9CC39D655D6F}

C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default\searchplugins\
buenosearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511131190}]
Torntv V9.0 - C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho64.dll [2014-06-26 820608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511831162}]
HD-V1.4 - C:\Program Files (x86)\HD-V1.4\HD-V1.4-bho64.dll [2014-06-25 782144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-06-19 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-06-19 2335960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511131190}]
Torntv V9.0 - C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho.dll [2014-06-26 606592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511831162}]
HD-V1.4 - C:\Program Files (x86)\HD-V1.4\HD-V1.4-bho.dll [2014-06-25 578368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynLenovoGestureMgr"=C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [2012-09-20 656896]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-09-14 12921488]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-09-14 1214608]
"OnekeyStudio"=C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-08-10 4196432]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-12-21 17080376]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-12-21 191544]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-06 415680]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2014-05-30 1279480]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-05-30 2352072]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2014-01-25 391128]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2014-01-25 771544]
"Persistence"=C:\windows\system32\igfxpers.exe [2014-01-25 770520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Kryštof\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Kryštof\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"Akamai NetSession Interface"=C:\Users\Kryštof\AppData\Local\Akamai\netsession_win.exe [2014-04-17 4672920]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-08-23 56128]
"Dolby Home Theater v4"=C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-07-26 508656]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2012-07-27 167024]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2012-04-19 217088]
"RemoteControl10"=C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"ADSK DLMSession"=C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [2014-02-05 1627032]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\windows\system32\nvinitx.dll C:\PROGRA~3\ASSIST~1\ASSIST~2.DLL,C:\windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2014-01-25 624640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"TaskbarNoNotification"=0
"HideSCAHealth"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"TaskbarNoNotification"=0
"HideSCAHealth"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-07-01 11:07:54 ----D---- C:\Program Files\trend micro
2014-07-01 11:07:53 ----D---- C:\rsit
2014-07-01 10:30:42 ----SHD---- C:\Config.Msi
2014-06-29 13:38:10 ----D---- C:\windows\SYSWOW64\NV
2014-06-29 13:38:10 ----D---- C:\windows\system32\NV
2014-06-29 13:36:06 ----D---- C:\windows\LastGood
2014-06-29 13:34:23 ----A---- C:\windows\SYSWOW64\nvwgf2um.dll
2014-06-29 13:34:23 ----A---- C:\windows\SYSWOW64\nvopencl.dll
2014-06-29 13:34:23 ----A---- C:\windows\SYSWOW64\nvoglv32.dll
2014-06-29 13:34:23 ----A---- C:\windows\SYSWOW64\nvoglshim32.dll
2014-06-29 13:34:23 ----A---- C:\windows\SYSWOW64\NvIFROpenGL.dll
2014-06-29 13:34:23 ----A---- C:\windows\SYSWOW64\NvIFR.dll
2014-06-29 13:34:23 ----A---- C:\windows\SYSWOW64\NvFBC.dll
2014-06-29 13:34:23 ----A---- C:\windows\SYSWOW64\nvEncodeAPI.dll
2014-06-29 13:34:23 ----A---- C:\windows\SYSWOW64\nvcuvid.dll
2014-06-29 13:34:23 ----A---- C:\windows\SYSWOW64\nvcuvenc.dll
2014-06-29 13:34:23 ----A---- C:\windows\SYSWOW64\nvcuda.dll
2014-06-29 13:34:23 ----A---- C:\windows\SYSWOW64\nvcompiler.dll
2014-06-29 13:34:23 ----A---- C:\windows\system32\nvwgf2umx.dll
2014-06-29 13:34:23 ----A---- C:\windows\system32\nvopencl.dll
2014-06-29 13:34:23 ----A---- C:\windows\system32\nvoglv64.dll
2014-06-29 13:34:23 ----A---- C:\windows\system32\nvoglshim64.dll
2014-06-29 13:34:23 ----A---- C:\windows\system32\NvIFROpenGL.dll
2014-06-29 13:34:23 ----A---- C:\windows\system32\NvIFR64.dll
2014-06-29 13:34:23 ----A---- C:\windows\system32\NvFBC64.dll
2014-06-29 13:34:23 ----A---- C:\windows\system32\nvEncodeAPI64.dll
2014-06-29 13:34:23 ----A---- C:\windows\system32\nvdispgenco6433788.dll
2014-06-29 13:34:23 ----A---- C:\windows\system32\nvdispco6433788.dll
2014-06-29 13:34:23 ----A---- C:\windows\system32\nvd3dumx.dll
2014-06-29 13:34:23 ----A---- C:\windows\system32\nvcuvid.dll
2014-06-29 13:34:23 ----A---- C:\windows\system32\nvcuvenc.dll
2014-06-29 13:34:23 ----A---- C:\windows\system32\nvcuda.dll
2014-06-29 13:34:23 ----A---- C:\windows\system32\nvcompiler.dll
2014-06-29 13:34:23 ----A---- C:\windows\system32\drivers\nvpciflt.sys
2014-06-29 13:34:23 ----A---- C:\windows\system32\drivers\nvlddmkm.sys
2014-06-28 17:29:54 ----D---- C:\Program Files (x86)\EPUB File Reader
2014-06-28 17:25:28 ----D---- C:\ProgramData\Informer Technologies, Inc
2014-06-28 17:25:12 ----D---- C:\Users\Kryštof\AppData\Roaming\Software Informer
2014-06-26 16:13:46 ----A---- C:\windows\system32\drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys
2014-06-26 15:26:17 ----D---- C:\Users\Kryštof\AppData\Roaming\OpenCandy
2014-06-26 15:12:54 ----D---- C:\ProgramData\DSearchLink
2014-06-26 15:11:39 ----D---- C:\Program Files (x86)\Torntv V9.0
2014-06-25 12:57:22 ----D---- C:\Program Files (x86)\Acoustica MP3 CD Burner
2014-06-25 12:55:25 ----D---- C:\Users\Kryštof\AppData\Roaming\QuickScan
2014-06-25 12:54:32 ----D---- C:\Program Files (x86)\globalUpdate
2014-06-25 12:54:26 ----D---- C:\Program Files (x86)\HD-V1.4
2014-06-25 12:51:05 ----A---- C:\windows\SYSWOW64\SpoonUninstall.exe
2014-06-25 12:49:25 ----D---- C:\Program Files (x86)\SlySoft
2014-06-11 09:26:55 ----A---- C:\windows\system32\rdpudd.dll
2014-06-11 09:26:55 ----A---- C:\windows\system32\rdpcorets.dll
2014-06-11 09:26:51 ----A---- C:\windows\system32\wusa.exe
2014-06-11 09:26:51 ----A---- C:\windows\system32\drivers\srv2.sys
2014-06-11 09:26:51 ----A---- C:\windows\system32\drivers\Classpnp.sys
2014-06-11 09:26:50 ----A---- C:\windows\SYSWOW64\wusa.exe
2014-06-11 09:26:44 ----A---- C:\windows\SYSWOW64\gdi32.dll
2014-06-11 09:26:44 ----A---- C:\windows\system32\gdi32.dll
2014-06-11 09:26:42 ----A---- C:\windows\SYSWOW64\UXInit.dll
2014-06-11 09:26:42 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-06-11 09:26:42 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-06-11 09:26:42 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2014-06-11 09:26:42 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-06-11 09:26:42 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-06-11 09:26:42 ----A---- C:\windows\system32\urlmon.dll
2014-06-11 09:26:42 ----A---- C:\windows\system32\msrating.dll
2014-06-11 09:26:42 ----A---- C:\windows\system32\iesysprep.dll
2014-06-11 09:26:42 ----A---- C:\windows\system32\iernonce.dll
2014-06-11 09:26:42 ----A---- C:\windows\system32\ie4uinit.exe
2014-06-11 09:26:41 ----A---- C:\windows\SYSWOW64\uxtheme.dll
2014-06-11 09:26:41 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-06-11 09:26:41 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-06-11 09:26:41 ----A---- C:\windows\system32\UXInit.dll
2014-06-11 09:26:39 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-06-11 09:26:39 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-06-11 09:26:39 ----A---- C:\windows\system32\uxtheme.dll
2014-06-11 09:26:39 ----A---- C:\windows\system32\msfeeds.dll
2014-06-11 09:26:39 ----A---- C:\windows\system32\iesetup.dll
2014-06-11 09:26:37 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-06-11 09:26:37 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-06-11 09:26:37 ----A---- C:\windows\system32\jsproxy.dll
2014-06-11 09:26:37 ----A---- C:\windows\system32\ieframe.dll
2014-06-11 09:26:37 ----A---- C:\windows\system32\dxtrans.dll
2014-06-11 09:26:36 ----A---- C:\windows\system32\wininet.dll
2014-06-11 09:26:35 ----A---- C:\windows\system32\jscript.dll
2014-06-11 09:26:35 ----A---- C:\windows\system32\dxtmsft.dll
2014-06-11 09:26:34 ----A---- C:\windows\system32\mshtmled.dll
2014-06-11 09:26:33 ----A---- C:\windows\system32\mshtml.dll
2014-06-11 09:26:24 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-06-11 09:26:24 ----A---- C:\windows\SYSWOW64\jscript.dll
2014-06-11 09:26:24 ----A---- C:\windows\system32\jscript9.dll
2014-06-11 09:26:24 ----A---- C:\windows\system32\iertutil.dll
2014-06-11 09:26:23 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-06-11 09:26:20 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-06-11 09:26:18 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-06-11 09:25:49 ----A---- C:\windows\system32\msxml3.dll
2014-06-11 09:25:49 ----A---- C:\windows\system32\drivers\tcpip.sys
2014-06-11 09:25:48 ----A---- C:\windows\SYSWOW64\msxml3.dll
2014-06-08 12:52:02 ----D---- C:\Program Files\McAfee Security Scan
2014-06-02 22:12:17 ----A---- C:\windows\SYSWOW64\nvspbridge.dll
2014-06-02 22:12:17 ----A---- C:\windows\system32\nvspbridge64.dll
2014-06-02 22:12:00 ----A---- C:\windows\SYSWOW64\nvaudcap32v.dll
2014-06-02 22:12:00 ----A---- C:\windows\system32\drivers\nvvad64v.sys

======List of files/folders modified in the last 1 month======

2014-07-01 11:08:08 ----D---- C:\windows\Prefetch
2014-07-01 11:07:54 ----RD---- C:\Program Files
2014-07-01 11:06:18 ----D---- C:\Documents
2014-07-01 11:05:44 ----D---- C:\FRST
2014-07-01 11:04:37 ----AD---- C:\Windows
2014-07-01 11:00:03 ----D---- C:\windows\system32\sru
2014-07-01 10:43:33 ----D---- C:\Program Files\KMSpico
2014-07-01 10:43:32 ----D---- C:\windows\system32\Tasks
2014-07-01 10:43:24 ----HD---- C:\ProgramData
2014-07-01 10:43:20 ----D---- C:\ProgramData\Ashampoo
2014-07-01 10:43:13 ----D---- C:\Ashampoo Movie Studio
2014-07-01 10:42:52 ----SHD---- C:\windows\Installer
2014-07-01 10:42:52 ----D---- C:\windows\Temp
2014-07-01 10:42:51 ----D---- C:\Program Files (x86)\Common Files
2014-07-01 10:42:46 ----D---- C:\windows\Microsoft.NET
2014-07-01 10:42:38 ----RSD---- C:\windows\assembly
2014-07-01 10:42:35 ----RSD---- C:\windows\Fonts
2014-07-01 10:41:51 ----RD---- C:\Program Files (x86)
2014-07-01 10:38:23 ----D---- C:\ProgramData\Apple
2014-07-01 10:35:39 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-01 10:33:50 ----DC---- C:\windows\system32\DRVSTORE
2014-07-01 10:33:50 ----D---- C:\windows\SysWOW64
2014-07-01 10:33:50 ----D---- C:\windows\system32\Drivers
2014-07-01 10:33:50 ----AD---- C:\windows\System32
2014-07-01 10:32:42 ----D---- C:\windows\system32\DriverStore
2014-07-01 10:32:42 ----D---- C:\windows\Inf
2014-07-01 10:32:42 ----D---- C:\Program Files\Common Files
2014-07-01 10:30:30 ----SHD---- C:\System Volume Information
2014-06-30 21:57:48 ----D---- C:\Program Files (x86)\Steam
2014-06-30 21:56:43 ----D---- C:\Users\Kryštof\AppData\Roaming\vlc
2014-06-29 13:38:08 ----D---- C:\ProgramData\NVIDIA
2014-06-26 16:13:45 ----A---- C:\windows\win.ini
2014-06-26 15:22:07 ----D---- C:\windows\Tasks
2014-06-25 21:59:26 ----D---- C:\windows\rescache
2014-06-25 21:00:08 ----A---- C:\windows\SYSWOW64\log.txt
2014-06-25 12:49:27 ----D---- C:\windows\SYSWOW64\drivers
2014-06-24 10:35:19 ----D---- C:\windows\AUInstallAgent
2014-06-24 10:34:53 ----HD---- C:\Program Files\WindowsApps
2014-06-19 14:43:09 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-06-19 14:41:52 ----D---- C:\Program Files\Microsoft Office 15
2014-06-18 20:43:43 ----D---- C:\Program Files (x86)\Opera
2014-06-18 15:34:51 ----D---- C:\windows\system32\config
2014-06-17 14:16:08 ----D---- C:\windows\WinSxS
2014-06-17 14:12:20 ----D---- C:\windows\system32\catroot2
2014-06-12 13:52:57 ----D---- C:\windows\SYSWOW64\en-US
2014-06-12 13:52:57 ----D---- C:\windows\SYSWOW64\cs-CZ
2014-06-12 13:52:57 ----D---- C:\windows\system32\en-US
2014-06-12 13:52:57 ----D---- C:\windows\system32\cs-CZ
2014-06-12 13:52:57 ----D---- C:\Program Files\Internet Explorer
2014-06-12 13:52:57 ----D---- C:\Program Files (x86)\Internet Explorer
2014-06-11 11:21:21 ----D---- C:\windows\CbsTemp
2014-06-11 11:20:54 ----D---- C:\ProgramData\Microsoft Help
2014-06-11 11:20:21 ----D---- C:\windows\system32\MRT
2014-06-11 11:18:55 ----A---- C:\windows\system32\MRT.exe
2014-06-08 12:52:04 ----D---- C:\ProgramData\McAfee Security Scan
2014-06-06 13:38:14 ----D---- C:\Users\Kryštof\AppData\Roaming\TS3Client
2014-06-03 14:13:45 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-06-02 22:12:00 ----D---- C:\Program Files\NVIDIA Corporation

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 excsd;ExpressCache Storage Filter Driver; C:\windows\system32\DRIVERS\excsd.sys [2012-03-30 95024]
R0 iaStorA;iaStorA; C:\windows\System32\drivers\iaStorA.sys [2012-08-16 645952]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2012-12-21 39008]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2014-05-20 32544]
R1 dtsoftbus01;@oem63.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\windows\System32\drivers\dtsoftbus01.sys [2013-12-14 283064]
R1 excfs;ExpressCache File System Filter Driver; C:\windows\system32\DRIVERS\excfs.sys [2012-03-30 23344]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R3 ACPIVPC;@oem55.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2012-12-21 33560]
R3 bcbtums;@oem46.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\windows\system32\drivers\bcbtums.sys [2012-10-01 169240]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\windows\System32\drivers\BthEnum.sys [2013-01-09 51712]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2013-01-09 74752]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\windows\system32\drivers\btwampfl.sys [2012-10-16 161144]
R3 btwaudio;@oem41.inf,%btaudio.SvcDesc%;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2012-10-09 185208]
R3 btwavdt;@oem43.inf,%btwavdt.SvcDesc%;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2012-10-09 225144]
R3 btwl2cap;@oem44.inf,%btwl2cap.SVCDESC%;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2012-07-27 40248]
R3 btwrchid;btwrchid; C:\windows\System32\drivers\btwrchid.sys [2012-10-09 20856]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-01-25 4221440]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2012-09-14 4083600]
R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iwdbus;@oem52.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2012-10-10 25568]
R3 JMCR;JMCR; C:\windows\System32\drivers\jmcr.sys [2012-06-22 174176]
R3 L1C;@oem6.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C63x64.sys [2012-07-19 110744]
R3 MEIx64;@oem7.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 NETwNe64;@oem50.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew00.sys [2012-08-20 4273192]
R3 nvlddmkm;nvlddmkm; C:\windows\system32\DRIVERS\nvlddmkm.sys [2014-05-20 12688328]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-05-30 20256]
R3 nvvad_WaveExtensible;@oem73.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2013-03-01 156672]
R3 rtsuvc;@oem27.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\windows\system32\DRIVERS\rtsuvc.sys [2012-09-28 8229264]
R3 SmbDrvI;SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-09-17 43832]
R3 SynTP;@oem48.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2012-09-17 457528]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [2013-08-21 14112]
R3 usb3Hub;@oem53.inf,%usb3Hub.SVCDESC%;USB-IF USB 3.0 Hub; C:\windows\System32\drivers\usb3Hub.sys [2012-10-10 47072]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2013-03-01 1175040]
S3 e1iexpress;@net1ic64.inf,%E1IExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2012-06-02 333824]
S3 intaud_WaveExtensible;@oem51.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2012-10-10 35296]
S3 NETwNs64;@netwns64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2012-06-02 8604672]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-02 43008]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2013-07-06 210560]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 BcmBtRSupport;@oem46.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service; C:\windows\system32\BtwRSupportService.exe [2012-10-01 2227992]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2012-10-22 957816]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-05-21 2279608]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-07-18 627504]
R2 ExpressCache;ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [2012-03-30 79664]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-08-16 7168]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-21 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 277824]
R2 mi-raysat_3dsmax2014_64;mental ray Satellite for Autodesk 3ds Max 2014 64-bit; C:\3dsMAX\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [2011-09-15 86016]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-05-30 1631008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-05-30 21055432]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-07-18 149296]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2014-04-15 2140984]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 365376]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-26 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-27 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-17 257712]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-01-25 279000]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-02-06 1471352]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-26 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-27 116648]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-10 119408]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-07-18 272176]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-10-17 150600]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-05-29 543424]
S3 SwitchBoard;Adobe SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

-----------------EOF-----------------

krystof37 · #3 Příspěvek od **krystof37** » 01 črc 2014 10:18

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16921
Run by Kryštof at 11:11:04 on 2014-07-01
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.8058.4008 [GMT 2:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\windows\system32\BtwRSupportService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\windows\system32\dashost.exe
C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\3dsMAX\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\wbem\WmiApSrv.exe
C:\windows\System32\LogonUI.exe
C:\windows\System32\dwm.exe
C:\windows\system32\nvvsvc.exe
C:\windows\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\nvvsvc.exe
C:\windows\system32\taskhostex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
C:\windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
C:\Windows\System32\igfxtray.exe
C:\windows\system32\igfxsrvc.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Users\Kryštof\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Users\Kryštof\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
C:\Program Files (x86)\Opera\22.0.1471.70\opera_crashreporter.exe
C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Users\Kryštof\Desktop\dds.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.buenosearch.com/?babsrc=HP_kms&tt=n ... 3&tsp=5290
uDefault_Page_URL = hxxp://lenovo13.msn.com
mStart Page = hxxp://www.google.com
uProxyOverride = <local>;*.local
mWinlogon: Userinit = userinit.exe,
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
BHO: Torntv V9.0: {11111111-1111-1111-1111-110511131190} - C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho.dll
BHO: HD-V1.4: {11111111-1111-1111-1111-110511831162} - C:\Program Files (x86)\HD-V1.4\HD-V1.4-bho.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
uRun: [cz.seznam.software.autoupdate] "C:\Users\Kryštof\AppData\Roaming\Seznam.cz\szninstall.exe" -c
uRun: [cz.seznam.software.szndesktop] "C:\Users\Kryštof\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Akamai NetSession Interface] "C:\Users\Kryštof\AppData\Local\Akamai\netsession_win.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
mRun: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
mRun: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
mRun: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
mRun: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\BLUETO~1.LNK - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
uPolicies-Explorer: TaskbarNoNotification = dword:0
uPolicies-Explorer: HideSCAHealth = dword:0
mPolicies-Explorer: TaskbarNoNotification = dword:0
mPolicies-Explorer: HideSCAHealth = dword:0
mPolicies-Explorer: TaskbarNoNotification = dword:0
mPolicies-Explorer: HideSCAHealth = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - LocalServer32 - <no file>
TCP: NameServer = 192.168.6.1
TCP: Interfaces\{4E587755-0EE1-4892-B4BD-BF4DF43B119F} : DHCPNameServer = 10.106.8.5
TCP: Interfaces\{992C7134-93AA-4CAA-AB3C-3BA437CF324E} : DHCPNameServer = 192.168.6.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
AppInit_DLLs= c:\windows\syswow64\nvinit.dll c:\progra~3\assist~1\assist~1.dll,C:\windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Torntv V9.0: {11111111-1111-1111-1111-110511131190} - C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho64.dll
x64-BHO: HD-V1.4: {11111111-1111-1111-1111-110511831162} - C:\Program Files (x86)\HD-V1.4\HD-V1.4-bho64.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [SynLenovoGestureMgr] "C:\Program Files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" /m
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
x64-Run: [OnekeyStudio] C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
x64-Run: [ShadowPlay] C:\windows\System32\rundll32.exe C:\windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
x64-Run: [IgfxTray] "C:\windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\windows\System32\igfxpers.exe"
x64-mPolicies-Explorer: TaskbarNoNotification = dword:0
x64-mPolicies-Explorer: HideSCAHealth = dword:0
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - LocalServer32 - <no file>
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default\
.
============= SERVICES / DRIVERS ===============
.
R0 excsd;ExpressCache Storage Filter Driver;C:\windows\System32\Drivers\excsd.sys [2012-12-21 95024]
R0 iaStorA;iaStorA;C:\windows\System32\Drivers\iaStorA.sys [2012-12-21 645952]
R0 LHDmgr;LHDmgr;C:\windows\System32\Drivers\LhdX64.sys [2012-12-21 39008]
R0 nvpciflt;nvpciflt;C:\windows\System32\Drivers\nvpciflt.sys [2014-6-29 32544]
R1 {2635ac50-5488-40bf-9bfd-accb158f8f3f}w64;{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64;C:\windows\System32\Drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys [2014-6-26 61120]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\System32\Drivers\dtsoftbus01.sys [2013-12-14 283064]
R1 excfs;ExpressCache File System Filter Driver;C:\windows\System32\Drivers\excfs.sys [2012-12-21 23344]
R2 Autodesk Content Service;Autodesk Content Service;C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-1-31 19232]
R2 BcmBtRSupport;Bluetooth Radio Control Service;C:\windows\System32\BtwRSupportService.exe [2012-12-21 2227992]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-3-19 2279608]
R2 ExpressCache;ExpressCache;C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [2012-3-30 79664]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-12-21 7168]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-21 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-12-21 166720]
R2 mi-raysat_3dsmax2014_64;mental ray Satellite for Autodesk 3ds Max 2014 64-bit;C:\3dsMAX\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [2011-9-15 86016]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-2 1631008]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-11-16 21055432]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2014-4-15 2140984]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-12-21 365376]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-7-18 2699568]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\System32\Drivers\AcpiVpc.sys [2012-5-15 33560]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\windows\System32\Drivers\bcbtums.sys [2012-12-21 169240]
R3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;C:\windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]
R3 btwampfl;btwampfl Bluetooth filter driver;C:\windows\System32\Drivers\btwampfl.sys [2012-12-21 161144]
R3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\Drivers\btwl2cap.sys [2012-12-21 40248]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\Drivers\IntcDAud.sys [2012-8-31 342528]
R3 iwdbus;IWD Bus Enumerator;C:\windows\System32\Drivers\iwdbus.sys [2012-10-10 25568]
R3 JMCR;JMCR;C:\windows\System32\Drivers\jmcr.sys [2012-7-19 174176]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\windows\System32\Drivers\L1C63x64.sys [2012-8-22 110744]
R3 NETwNe64;@oem50.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\windows\System32\Drivers\NETwew00.sys [2012-8-20 4273192]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-6-2 20256]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\windows\System32\Drivers\nvvad64v.sys [2014-6-2 40392]
R3 rtsuvc;Lenovo EasyCamera;C:\windows\System32\Drivers\rtsuvc.sys [2012-12-21 8229264]
R3 SmbDrvI;SmbDrvI;C:\windows\System32\Drivers\Smb_driver_Intel.sys [2012-11-13 43832]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [2013-8-21 14112]
R3 usb3Hub;USB-IF USB 3.0 Hub;C:\windows\System32\Drivers\usb3Hub.sys [2012-10-10 47072]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
R3 XHCIPort;USB-IF xHCI USB Host Controller;C:\windows\System32\Drivers\xHCIPort.sys [2012-10-10 188896]
S2 globalUpdate;globalUpdate Update Service (globalUpdate);C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-6-25 68608]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-11-16 1471352]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem);C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-6-25 68608]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\System32\Drivers\intelaud.sys [2012-10-10 35296]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-4-9 289256]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-7-18 272176]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;C:\windows\System32\svchost.exe -k ICService [2012-10-11 29696]
S3 wsvd;wsvd;C:\windows\System32\Drivers\wsvd.sys [2012-12-21 102376]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile=C:\windows\System32\notepad.exe "%1"
ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2014-07-01 09:11:04 -------- d-----w- C:\Users\KryÜtof\AppData\Local\Microsoft
2014-07-01 09:07:54 -------- d-----w- C:\Program Files\trend micro
2014-07-01 08:26:54 10779000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7C9CFE58-E8C7-40D6-9DD0-94896C1445CF}\mpengine.dll
2014-06-30 07:58:55 10779000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-06-29 11:38:10 -------- d-----w- C:\windows\SysWow64\NV
2014-06-29 11:38:10 -------- d-----w- C:\windows\System32\NV
2014-06-28 15:29:54 -------- d-----w- C:\Program Files (x86)\EPUB File Reader
2014-06-28 15:25:28 -------- d-----w- C:\ProgramData\Informer Technologies, Inc
2014-06-28 15:25:12 -------- d-----w- C:\Users\Kryštof\AppData\Roaming\Software Informer
2014-06-26 14:13:46 61120 ----a-w- C:\windows\System32\drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys
2014-06-26 13:26:17 -------- d-----w- C:\Users\Kryštof\AppData\Roaming\OpenCandy
2014-06-26 13:12:54 -------- d-----w- C:\ProgramData\DSearchLink
2014-06-26 13:11:39 -------- d-----w- C:\Program Files (x86)\Torntv V9.0
2014-06-25 10:57:22 -------- d-----w- C:\Program Files (x86)\Acoustica MP3 CD Burner
2014-06-25 10:55:25 -------- d-----w- C:\Users\Kryštof\AppData\Roaming\QuickScan
2014-06-25 10:54:32 -------- d-----w- C:\Program Files (x86)\globalUpdate
2014-06-25 10:54:26 -------- d-----w- C:\Program Files (x86)\HD-V1.4
2014-06-25 10:51:05 130048 ----a-w- C:\windows\SysWow64\SpoonUninstall.exe
2014-06-25 10:49:25 -------- d-----w- C:\Program Files (x86)\SlySoft
2014-06-11 07:25:49 2233176 ----a-w- C:\windows\System32\drivers\tcpip.sys
2014-06-11 07:25:49 1845760 ----a-w- C:\windows\System32\msxml3.dll
2014-06-11 07:25:48 1419264 ----a-w- C:\windows\SysWow64\msxml3.dll
2014-06-08 10:52:02 -------- d-----w- C:\Program Files\McAfee Security Scan
2014-06-02 20:12:17 1715176 ----a-w- C:\windows\System32\nvspbridge64.dll
2014-06-02 20:12:17 1291232 ----a-w- C:\windows\SysWow64\nvspbridge.dll
2014-06-02 20:12:00 40392 ----a-w- C:\windows\System32\drivers\nvvad64v.sys
2014-06-02 20:12:00 34760 ----a-w- C:\windows\SysWow64\nvaudcap32v.dll
.
==================== Find3M ====================
.
2014-05-31 05:16:07 703992 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2014-05-31 05:16:07 105464 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-29 23:07:51 1122312 ----a-w- C:\windows\SysWow64\nvspcap.dll
2014-05-29 23:07:38 1279480 ----a-w- C:\windows\System32\nvspcap64.dll
2014-05-24 02:47:54 2239488 ----a-w- C:\windows\System32\wininet.dll
2014-05-24 02:47:45 915968 ----a-w- C:\windows\System32\uxtheme.dll
2014-05-24 02:47:44 53760 ----a-w- C:\windows\System32\UXInit.dll
2014-05-24 02:46:15 3958784 ----a-w- C:\windows\System32\jscript9.dll
2014-05-24 02:46:07 67072 ----a-w- C:\windows\System32\iesetup.dll
2014-05-24 02:46:07 136704 ----a-w- C:\windows\System32\iesysprep.dll
2014-05-24 02:45:26 1508864 ----a-w- C:\windows\System32\inetcpl.cpl
2014-05-24 01:26:54 1766400 ----a-w- C:\windows\SysWow64\wininet.dll
2014-05-24 01:26:46 44032 ----a-w- C:\windows\SysWow64\UXInit.dll
2014-05-24 01:25:52 2862080 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-05-24 01:25:49 61440 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-05-24 01:25:49 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll
2014-05-24 01:25:25 1440768 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2014-05-24 01:09:41 2706432 ----a-w- C:\windows\System32\mshtml.tlb
2014-05-24 01:03:36 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-05-23 22:37:13 534528 ----a-w- C:\windows\SysWow64\uxtheme.dll
2014-05-20 01:25:42 6769096 ----a-w- C:\windows\System32\nvcpl.dll
2014-05-20 01:25:42 3514144 ----a-w- C:\windows\System32\nvsvc64.dll
2014-05-20 01:25:39 927520 ----a-w- C:\windows\System32\nvvsvc.exe
2014-05-20 01:25:38 76064 ----a-w- C:\windows\System32\nv3dappshextr.dll
2014-05-20 01:25:38 62808 ----a-w- C:\windows\System32\nvshext.dll
2014-05-20 01:25:38 610592 ----a-w- C:\windows\SysWow64\oemdspif.dll
2014-05-20 01:25:38 387528 ----a-w- C:\windows\System32\nvmctray.dll
2014-05-20 01:25:38 2560968 ----a-w- C:\windows\System32\nvsvcr.dll
2014-05-20 01:25:38 1078616 ----a-w- C:\windows\System32\nv3dappshext.dll
2014-05-14 23:49:42 3774821 ----a-w- C:\windows\System32\nvcoproc.bin
2014-05-03 05:47:22 3246592 ----a-w- C:\windows\System32\rdpcorets.dll
2014-05-03 03:34:54 235520 ----a-w- C:\windows\System32\rdpudd.dll
2014-04-29 22:32:07 1301504 ----a-w- C:\windows\System32\gdi32.dll
2014-04-29 22:22:23 1023488 ----a-w- C:\windows\SysWow64\gdi32.dll
2014-04-21 19:53:51 119512 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys
2014-04-19 09:39:36 628024 ----a-w- C:\windows\System32\NotificationUI.exe
2014-04-19 08:45:39 693760 ----a-w- C:\windows\System32\WSShared.dll
2014-04-19 08:45:39 163840 ----a-w- C:\windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 06:57:49 566784 ----a-w- C:\windows\SysWow64\WSShared.dll
2014-04-19 06:57:49 124928 ----a-w- C:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-15 13:59:24 40760 ----a-w- C:\windows\System32\TURegOpt.exe
2014-04-15 13:59:16 43320 ----a-w- C:\windows\System32\uxtuneup.dll
2014-04-15 13:59:16 36152 ----a-w- C:\windows\SysWow64\uxtuneup.dll
2014-04-15 13:59:16 29496 ----a-w- C:\windows\System32\authuitu.dll
2014-04-15 13:59:16 25400 ----a-w- C:\windows\SysWow64\authuitu.dll
2014-04-12 09:27:03 172888 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2014-04-12 09:10:31 578048 ----a-w- C:\windows\System32\winlogon.exe
2014-04-12 09:09:43 208896 ----a-w- C:\windows\System32\wdigest.dll
2014-04-12 09:09:39 1043968 ----a-w- C:\windows\System32\usercpl.dll
2014-04-12 09:09:34 94720 ----a-w- C:\windows\System32\TSpkg.dll
2014-04-12 09:09:19 588288 ----a-w- C:\windows\System32\SHCore.dll
2014-04-12 09:08:37 318464 ----a-w- C:\windows\System32\msv1_0.dll
2014-04-12 09:08:17 439808 ----a-w- C:\windows\System32\lsm.dll
2014-04-12 09:08:17 1281536 ----a-w- C:\windows\System32\lsasrv.dll
2014-04-12 09:08:10 827904 ----a-w- C:\windows\System32\kerberos.dll
2014-04-12 09:07:36 20480 ----a-w- C:\windows\System32\credssp.dll
2014-04-12 07:23:59 178688 ----a-w- C:\windows\SysWow64\wdigest.dll
2014-04-12 07:23:52 961536 ----a-w- C:\windows\SysWow64\usercpl.dll
2014-04-12 07:23:49 76800 ----a-w- C:\windows\SysWow64\TSpkg.dll
2014-04-12 07:23:40 452608 ----a-w- C:\windows\SysWow64\SHCore.dll
2014-04-12 07:23:14 273920 ----a-w- C:\windows\SysWow64\msv1_0.dll
2014-04-12 07:22:58 666624 ----a-w- C:\windows\SysWow64\kerberos.dll
2014-04-12 07:22:33 17408 ----a-w- C:\windows\SysWow64\credssp.dll
2014-04-12 06:58:06 14848 ----a-w- C:\windows\System32\workerdd.dll
2014-04-03 11:19:16 328024 ----a-w- C:\windows\System32\drivers\Classpnp.sys
2014-04-03 03:44:10 619008 ----a-w- C:\windows\System32\drivers\srv2.sys
.
============= FINISH: 11:12:19,67 ===============

#4 Příspěvek od **vyosek** » 01 črc 2014 21:51

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

krystof37 · #5 Příspěvek od **krystof37** » 02 črc 2014 11:08

# AdwCleaner v3.214 - Report created 02/07/2014 at 12:05:16
# Updated 29/06/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Kryštof - DV9
# Running from : C:\Users\Kryštof\Desktop\adwcleaner_3.214.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Assistant
Folder Deleted : C:\ProgramData\DSearchLink
Folder Deleted : C:\ProgramData\SoftWarehouse
Folder Deleted : C:\ProgramData\BietSSavoer
Folder Deleted : C:\Program Files (x86)\Amazon\ABB
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\Torntv V9.0
Folder Deleted : C:\Program Files\PCDApp
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\KRYTOF~1\AppData\Local\Temp\WebSpades
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Kryštof\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Kryštof\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Kryštof\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default\Extensions\508d4e2f-a469-421d-a294-135dbb84fe1b@f7b17943-cc9e-4d4a-b223-0bd1e7cfc871.com
Folder Deleted : C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com
Folder Deleted : C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpfopanihfhnnkgdboafmmoooofjcmkk
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpfopanihfhnnkgdboafmmoooofjcmkk
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpfopanihfhnnkgdboafmmoooofjcmkk
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhpjljnljkldopoicgglnmjnnndeechi
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhpjljnljkldopoicgglnmjnnndeechi
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhpjljnljkldopoicgglnmjnnndeechi
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihbiogfmnfogmmpakgoehmlcimjognbf
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihbiogfmnfogmmpakgoehmlcimjognbf
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihbiogfmnfogmmpakgoehmlcimjognbf
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fanombefgbmflfnfnjbhglhpnllgdkee
File Deleted : C:\Users\KRYTOF~1\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Kryštof\daemonprocess.txt
File Deleted : C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default\searchplugins\buenosearch.xml
File Deleted : C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default\user.js
File Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_continuetosave.info_0.localstorage-journal
File Deleted : C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.buenosearch.com_0.localstorage
File Deleted : C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.buenosearch.com_0.localstorage-journal
File Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
File Deleted : C:\windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
File Deleted : C:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job
File Deleted : C:\windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
File Deleted : C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-1.job
File Deleted : C:\windows\System32\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-1
File Deleted : C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-11.job
File Deleted : C:\windows\System32\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-11
File Deleted : C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-2.job
File Deleted : C:\windows\System32\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-2
File Deleted : C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-4.job
File Deleted : C:\windows\System32\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-4
File Deleted : C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-5.job
File Deleted : C:\windows\System32\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-5
File Deleted : C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-5_user.job
File Deleted : C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-6.job
File Deleted : C:\windows\System32\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-6
File Deleted : C:\windows\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-7.job
File Deleted : C:\windows\System32\Tasks\89de0a78-ee09-4b46-8d35-5da525647f29-7
File Deleted : C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-1.job
File Deleted : C:\windows\System32\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-1
File Deleted : C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-11.job
File Deleted : C:\windows\System32\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-11
File Deleted : C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-2.job
File Deleted : C:\windows\System32\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-2
File Deleted : C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-3.job
File Deleted : C:\windows\System32\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-3
File Deleted : C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-4.job
File Deleted : C:\windows\System32\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-4
File Deleted : C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-5.job
File Deleted : C:\windows\System32\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-5
File Deleted : C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-5_user.job
File Deleted : C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-6.job
File Deleted : C:\windows\System32\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-6
File Deleted : C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-7.job
File Deleted : C:\windows\System32\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-7

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051390.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051390.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051390.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051390.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0058362.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0058362.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0058362.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0058362.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511131190}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511831162}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522132290}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522832262}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555135590}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555835562}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566136690}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566836662}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544134490}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544834462}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511131190}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511831162}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511131190}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511831162}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522132290}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522832262}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555135590}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555835562}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566136690}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566836662}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511131190}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511831162}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\Software\installedbrowserextensions
Key Deleted : [x64] HKLM\SOFTWARE\installedbrowserextensions
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\assist~1\assist~1.dll,C:\windows\SysWOW64\nvinit.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\ASSIST~1\ASSIST~2.DLL,C:\windows\system32\nvinitx.dll

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16921

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v29.0.1 (cs)

[ File : C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default\prefs.js ]

Line Deleted : user_pref("avg.install.extHomepage", "hxxp://isearch.avg.com?pid=avg&sg=&cid=%7B305ff55a-6e00-4e5e-8c6b-8cd820b8b8af%7D&mid=5121e368cc2d4d5c8a5e43ad2ac00db2-524e73b24fbf7a92b2e93783d85fba7125e39ed9&ds[...]
Line Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\18.1.7.644");
Line Deleted : user_pref("avg.userPreferences.URLBarFocus.whiteList", "bing\\.com|google\\.\\w+|yahoo\\.\\w+|gmail\\.\\w+|hotmail\\.\\w+|live\\.\\w+|isearch\\.avg\\.com|mysearch\\.avg\\.com");
Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://isearch.avg.com?pid=avg&sg=&cid=%7Bc58c6e00-fc21-4588-b9a9-1cc9641b8afe%7D&mid=5121e368cc2d4d5c8a5e43ad2ac00db2-524e73b24fbf7a92b2e93783d85fba7125e39ed9&d[...]
Line Deleted : user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Line Deleted : user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Line Deleted : user_pref("extensions.buenosearch.admin", false);
Line Deleted : user_pref("extensions.buenosearch.aflt", "babsst");
Line Deleted : user_pref("extensions.buenosearch.appId", "{37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}");
Line Deleted : user_pref("extensions.buenosearch.autoRvrt", "false");
Line Deleted : user_pref("extensions.buenosearch.dfltLng", "cs");
Line Deleted : user_pref("extensions.buenosearch.excTlbr", false);
Line Deleted : user_pref("extensions.buenosearch.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.buenosearch.id", "802fac380000000000009c4e3690c0d1");
Line Deleted : user_pref("extensions.buenosearch.instlDay", "16247");
Line Deleted : user_pref("extensions.buenosearch.instlRef", "sst");
Line Deleted : user_pref("extensions.buenosearch.newTab", false);
Line Deleted : user_pref("extensions.buenosearch.prdct", "buenosearch");
Line Deleted : user_pref("extensions.buenosearch.prtnrId", "buenosearch");
Line Deleted : user_pref("extensions.buenosearch.rvrt", "false");
Line Deleted : user_pref("extensions.buenosearch.smplGrp", "none");
Line Deleted : user_pref("extensions.buenosearch.tb_url", "hxxp://www.buenosearch.com/?q={searchTerms}&ba ... l&tsp=5290");
Line Deleted : user_pref("extensions.buenosearch.tlbrId", "base");
Line Deleted : user_pref("extensions.buenosearch.tlbrSrchUrl", "hxxp://www.buenosearch.com/?q={searchTerms}&ba ... l&tsp=5290");
Line Deleted : user_pref("extensions.buenosearch.vrsn", "1.8.28.7");
Line Deleted : user_pref("extensions.buenosearch.vrsnTs", "1.8.28.715:13:03");
Line Deleted : user_pref("extensions.buenosearch.vrsni", "1.8.28.7");
Line Deleted : user_pref("extensions.crossrider.bic", "146e31683081bd34aa1440ca4767fbfc");

-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : cpfopanihfhnnkgdboafmmoooofjcmkk
Deleted [Extension] : fanombefgbmflfnfnjbhglhpnllgdkee
Deleted [Extension] : hhpjljnljkldopoicgglnmjnnndeechi
Deleted [Extension] : ihbiogfmnfogmmpakgoehmlcimjognbf
Deleted [Extension] : mkndcbhcgphcfkkddanakjiepeknbgle

[ File : C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Startup_urls] : hxxp://www.buenosearch.com/?babsrc=HP_kms&tt=n ... 3&tsp=5290
Deleted [Homepage] : hxxp://www.buenosearch.com/?babsrc=HP_kms&tt=n ... 3&tsp=5290
Deleted [Extension] : acfoobbgoakpihljnfedbcfaipcdlfhk
Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh
Deleted [Extension] : cpfopanihfhnnkgdboafmmoooofjcmkk
Deleted [Extension] : fanombefgbmflfnfnjbhglhpnllgdkee
Deleted [Extension] : ihbiogfmnfogmmpakgoehmlcimjognbf

*************************

AdwCleaner[R0].txt - [4668 octets] - [17/04/2014 12:46:00]
AdwCleaner[R1].txt - [18930 octets] - [02/07/2014 12:04:33]
AdwCleaner[S0].txt - [4361 octets] - [17/04/2014 12:53:27]
AdwCleaner[S1].txt - [16951 octets] - [02/07/2014 12:05:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [17012 octets] ##########

#6 Příspěvek od **vyosek** » 02 črc 2014 12:48

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

krystof37 · #7 Příspěvek od **krystof37** » 02 črc 2014 15:53

Zoek.exe v5.0.0.0 Updated 30-06-2014
Tool run by Kryçtof on st 02. 07. 2014 at 13:52:06,32.
Microsoft Windows 8 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Kryštof\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

2. 7. 2014 13:53:36 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1001773883-2206983416-447035505-1002\Software\Microsoft\Internet Explorer\SearchScopes\{5BB9523B-5BA1-4E0E-9DB2-F016609D3FA4} deleted successfully
HKEY_USERS\S-1-5-21-1001773883-2206983416-447035505-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully
HKEY_USERS\S-1-5-21-1001773883-2206983416-447035505-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully
HKEY_USERS\S-1-5-21-1001773883-2206983416-447035505-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_USERS\S-1-5-21-1001773883-2206983416-447035505-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{09930098-B1D3-B3AD-C74E-5146C20796CA} deleted successfully
HKEY_USERS\S-1-5-21-1001773883-2206983416-447035505-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{09930098-B1D3-B3AD-C74E-5146C20796CA} deleted successfully
HKEY_USERS\S-1-5-21-1001773883-2206983416-447035505-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2984E34A-BB16-F86A-FA54-4007BC8C00C3} deleted successfully
HKEY_USERS\S-1-5-21-1001773883-2206983416-447035505-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2984E34A-BB16-F86A-FA54-4007BC8C00C3} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{09930098-B1D3-B3AD-C74E-5146C20796CA} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2984E34A-BB16-F86A-FA54-4007BC8C00C3} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\KRYTOF~1\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default\prefs.js:
user_pref("keyword.URL", "");

Added to C:\Users\KRYTOF~1\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\KRYTOF~1\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default

user.js not found
---- Lines Torntv removed from prefs.js ----
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.testingGaq.value", "%22https%3A//extclick
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.name", "Torntv V9.0");
---- Lines a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362 removed from prefs.js ----
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.active", true);
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.addressbar", "NA");
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.addressbarenhanced", "");
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.asyncdb.was_copied", "true");
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.asyncdb_dbWasSet", true);
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.asyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.asyncinternaldb.was_copied", "true");
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.asyncinternaldb_dbWasSet", true);
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.asyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.backgroundver", 1);
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.certdomaininstaller", "");
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.cookie.InstallationTime.expiration", "Fri Feb 01
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.cookie.InstallationTime.value", "%221403693662%2
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.cookie.InstallerParams.expiration", "Fri Feb 01
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.cookie.InstallerParams.value", "%7B%22source_id%
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.description", "Turn YouTube videos to High Defin
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.domain", "");
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.enablesearch", false);
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.homepage", "");
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.changeprevious", false);
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.iframe", false);
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.InstallationThankYouPage", true);
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.InstallationTime", 1403693662);
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.__defualt_browser__.expiration", "Fri
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.__defualt_browser__.value", "%22opera
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb._installer_additional_info.expiration
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb._installer_additional_info.value", "%
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.installer.expiration", "Fri Feb 01 20
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.installer.value", "%7B%22InstallerIde
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.InstallerIdentifiers.expiration", "Fr
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.InstallerIdentifiers.value", "%7B%22i
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.InstallerParams.expiration", "Fri Feb
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.InstallerParams.value", "%7B%22source
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.InstallerParamsCache.expiration", "Fr
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.InstallerParamsCache.value", "%7B%22s
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.InstallerUserIdentifiersCache.expirat
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.InstallerUserIdentifiersCache.value",
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.monetization_plugin_bundledUrls.expir
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.monetization_plugin_bundledWithHash.e
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.monetization_plugin_bundledWithHash.v
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.monetization_plugin_last_executable_r
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.monetization_plugin_last_executable_r
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.monetization_plugin_notBundledArr_.ex
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.monetization_plugin_notBundledArr_.va
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.Resources_appVer.expiration", "Fri Fe
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.Resources_appVer.value", "47");
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.Resources_lastVersion.expiration", "F
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.Resources_lastVersion.value", "1");
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.Resources_meta.expiration", "Fri Feb
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.Resources_nextCheck.expiration", "Sat
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.Resources_queue.expiration", "Fri Feb
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.lastDailyReport", "1403969242274");
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.lastUpdate", "1403969240122");
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.manifesturl", "");
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.name", "Plus-HD-V1.4");
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.newtab", "");
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.opensearch", "");
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.pluginsurl", "http://js.democlientnet.com/plugin
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.pluginsversion", 38);
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.publisher", "Plus HD");
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.searchstatus", 0);
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.setnewtab", false);
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.thankyou", "");
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.updateinterval", 360);
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.58362.ver", 47);
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.apps", "58362");
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.bic", "146e31683081bd34aa1440ca4767fbfc");
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.cid", 58362);
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.firstrun", false);
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.hadappinstalled", true);
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.installationdate", 1403969242);
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.installerAdditionalInfo", "{\"asw\":[0, 325, 32768]}")
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.modetype", "production");
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.reportInstall", true);
user_pref("extensions.a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362.statsDailyCounter", 1);
---- Lines a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390 removed from prefs.js ----
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.active", true);
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.addressbar", "NA");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.addressbarenhanced", "");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.asyncdb.was_copied", "true");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.asyncdb_dbWasSet", true);
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.asyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.asyncinternaldb.was_copied", "true");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.asyncinternaldb_dbWasSet", true);
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.asyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.backgroundver", 5);
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.certdomaininstaller", "");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.au.expiration", "Fri Feb 01 2030 00:00:00
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.au.value", "%222014-6-28%22");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.cnt.expiration", "Fri Feb 01 2030 00:00:0
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.cnt.value", "%22CZ%22");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.first_run.expiration", "Fri Feb 01 2030 0
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.first_run.value", "%221%22");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.install.expiration", "Fri Feb 01 2030 00:
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.install.value", "%222014-6-28%22");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.InstallationTime.expiration", "Fri Feb 01
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.InstallationTime.value", "%221403788293%2
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.InstallerParams.expiration", "Fri Feb 01
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.InstallerParams.value", "%7B%22source_id%
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.testingGaq.expiration", "Fri Feb 01 2030
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.description", "The must-have App extensions for
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.domain", "");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.enablesearch", false);
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.homepage", "");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.changeprevious", false);
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.iframe", false);
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.InstallationThankYouPage", true);
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.InstallationTime", 1403788293);
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.__defualt_browser__.expiration", "Fri
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.__defualt_browser__.value", "%22opera
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb._installer_additional_info.expiration
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb._installer_additional_info.value", "%
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.installer.expiration", "Fri Feb 01 20
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.installer.value", "%7B%22InstallerIde
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.InstallerIdentifiers.expiration", "Fr
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.InstallerIdentifiers.value", "%7B%22i
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.InstallerParams.expiration", "Fri Feb
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.InstallerParams.value", "%7B%22source
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.InstallerParamsCache.expiration", "Fr
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.InstallerParamsCache.value", "%7B%22s
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.InstallerUserIdentifiersCache.expirat
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.InstallerUserIdentifiersCache.value",
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.monetization_plugin_bundledUrls.expir
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.monetization_plugin_bundledWithHash.e
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.monetization_plugin_bundledWithHash.v
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.monetization_plugin_last_executable_r
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.monetization_plugin_last_executable_r
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.monetization_plugin_notBundledArr_.ex
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.monetization_plugin_notBundledArr_.va
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_appVer.expiration", "Fri Fe
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_appVer.value", "78");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_lastVersion.expiration", "F
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_lastVersion.value", "2");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_meta.expiration", "Fri Feb
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_nextCheck.expiration", "Sat
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_queue.expiration", "Fri Feb
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.lastDailyReport", "1403969244802");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.lastUpdate", "1403969244798");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.manifesturl", "");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.newtab", "");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.opensearch", "");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.pluginsurl", "http://js.democlientnet.com/plugin
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.pluginsversion", 70);
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.publisher", "installdaddy");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.searchstatus", 0);
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.setnewtab", false);
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.thankyou", "");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.updateinterval", 360);
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.ver", 78);
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.apps", "51390");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.bic", "146e31683081bd34aa1440ca4767fbfc");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.cid", 51390);
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.firstrun", false);
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.hadappinstalled", true);
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.installationdate", 1403969242);
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.installerAdditionalInfo", "{\"asw\":[0, 12583237, 0]}"
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.modetype", "production");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.reportInstall", true);
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.statsDailyCounter", 1);
---- FireFox user.js and prefs.js backups ----

prefs_201402.07._1401_.backup

==== Deleting Files \ Folders ======================

C:\Users\Kryštof\.android not found
C:\Users\Kryštof\AppData\Local\cache not found
C:\Users\Kryštof\Searches not found
"C:\Users\Kryštof\AppData\Roaming" not found
C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted
C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted
C:\PROGRA~3\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} deleted
C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow\{8FAB5165-691E-F165-6C82-D55731885ECD} deleted
C:\windows\SysNative\config\systemprofile\AppData\Local\Packages\windows_ie_ac_001\AC\{8FAB5165-691E-F165-6C82-D55731885ECD} deleted
C:\PROGRA~3\BlockTeheAdAppp deleted
C:\PROGRA~3\InstallMate deleted
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted
C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\windows\SysNative\drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys deleted
"C:\PROGRA~3\ofmolbfmpfnjffibgoaoocpkikggbiep\ofmolbfmpfnjffibgoaoocpkikggbiep.crx" deleted
"C:\PROGRA~3\ofmolbfmpfnjffibgoaoocpkikggbiep\update.xml" deleted
"C:\PROGRA~3\ofmolbfmpfnjffibgoaoocpkikggbiep" deleted

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04. 04. 2014 12:36]

==== Firefox Extensions ======================

ProfilePath: C:\Users\KRYTOF~1\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default
- Undetermined - C:\Users\KryĹˇtof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com
- Undetermined - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.7.644
- Undetermined - C:\Users\KryĹˇtof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default\extensions\508d4e2f-a469-421d-a294-135dbb84fe1b@f7b17943-cc9e-4d4a-b223-0bd1e7cfc871.com
- Undetermined - C:\Users\KryĹˇtof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
- EPUBReader - %ProfilePath%\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gdnafjfahbdfphihncgadbegiaebehio - C:\Program Files (x86)\SquirrelWeb\gdnafjfahbdfphihncgadbegiaebehio.crx[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[]

YoutubeAdblocker - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpfopanihfhnnkgdboafmmoooofjcmkk
YTBookiMark - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hhpjljnljkldopoicgglnmjnnndeechi
grueAtsiaveR - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihbiogfmnfogmmpakgoehmlcimjognbf
Best Buyer - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kpifmiaadiihnkolggaepacodfmgceki
Best Buyer - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpifmiaadiihnkolggaepacodfmgceki
YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpfopanihfhnnkgdboafmmoooofjcmkk
YTBookiMark - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hhpjljnljkldopoicgglnmjnnndeechi
grueAtsiaveR - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihbiogfmnfogmmpakgoehmlcimjognbf
Best Buyer - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kpifmiaadiihnkolggaepacodfmgceki
YoutubeAdblocker - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpfopanihfhnnkgdboafmmoooofjcmkk
YTBookiMark - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hhpjljnljkldopoicgglnmjnnndeechi
grueAtsiaveR - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihbiogfmnfogmmpakgoehmlcimjognbf
Best Buyer - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kpifmiaadiihnkolggaepacodfmgceki
Seznam Li\u0161ti\u010Dka - Email - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam Li\u0161ti\u010Dka - Slovn\u00EDk - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
GeoGebra - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee
Click me while surfing on Instagram - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckjednilicaopeimldnhnlhojcpgelfe
Best Buyer - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpifmiaadiihnkolggaepacodfmgceki
Into The Mist - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh
Seznam LiĹˇtiÄŤka - RychlĂˇ volba - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
Instagram for Chrome - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb
YoutubeAdblocker - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpfopanihfhnnkgdboafmmoooofjcmkk
YTBookiMark - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hhpjljnljkldopoicgglnmjnnndeechi
grueAtsiaveR - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihbiogfmnfogmmpakgoehmlcimjognbf
Best Buyer - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kpifmiaadiihnkolggaepacodfmgceki
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpfopanihfhnnkgdboafmmoooofjcmkk
YTBookiMark - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hhpjljnljkldopoicgglnmjnnndeechi
grueAtsiaveR - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihbiogfmnfogmmpakgoehmlcimjognbf
Best Buyer - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kpifmiaadiihnkolggaepacodfmgceki
Best Buyer - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpifmiaadiihnkolggaepacodfmgceki
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpfopanihfhnnkgdboafmmoooofjcmkk
YTBookiMark - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hhpjljnljkldopoicgglnmjnnndeechi
grueAtsiaveR - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihbiogfmnfogmmpakgoehmlcimjognbf
Best Buyer - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kpifmiaadiihnkolggaepacodfmgceki
SquirrelWeb - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdnafjfahbdfphihncgadbegiaebehio
BlockTeheAdAppp - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofmolbfmpfnjffibgoaoocpkikggbiep

==== Chrome Fix ======================

C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage deleted successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdnafjfahbdfphihncgadbegiaebehio deleted successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofmolbfmpfnjffibgoaoocpkikggbiep deleted successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ofmolbfmpfnjffibgoaoocpkikggbiep_0.localstorage deleted successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ofmolbfmpfnjffibgoaoocpkikggbiep_0.localstorage-journal deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpfopanihfhnnkgdboafmmoooofjcmkk deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpfopanihfhnnkgdboafmmoooofjcmkk deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpfopanihfhnnkgdboafmmoooofjcmkk deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpfopanihfhnnkgdboafmmoooofjcmkk deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpfopanihfhnnkgdboafmmoooofjcmkk deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpfopanihfhnnkgdboafmmoooofjcmkk deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cpfopanihfhnnkgdboafmmoooofjcmkk deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpfopanihfhnnkgdboafmmoooofjcmkk deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cpfopanihfhnnkgdboafmmoooofjcmkk deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cpfopanihfhnnkgdboafmmoooofjcmkk_0.localstorage deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cpfopanihfhnnkgdboafmmoooofjcmkk_0.localstorage-journal deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cpfopanihfhnnkgdboafmmoooofjcmkk deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hhpjljnljkldopoicgglnmjnnndeechi deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhpjljnljkldopoicgglnmjnnndeechi deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hhpjljnljkldopoicgglnmjnnndeechi deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hhpjljnljkldopoicgglnmjnnndeechi deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhpjljnljkldopoicgglnmjnnndeechi deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hhpjljnljkldopoicgglnmjnnndeechi deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hhpjljnljkldopoicgglnmjnnndeechi deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhpjljnljkldopoicgglnmjnnndeechi deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hhpjljnljkldopoicgglnmjnnndeechi deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihbiogfmnfogmmpakgoehmlcimjognbf deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihbiogfmnfogmmpakgoehmlcimjognbf deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihbiogfmnfogmmpakgoehmlcimjognbf deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihbiogfmnfogmmpakgoehmlcimjognbf deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihbiogfmnfogmmpakgoehmlcimjognbf deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihbiogfmnfogmmpakgoehmlcimjognbf deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihbiogfmnfogmmpakgoehmlcimjognbf deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihbiogfmnfogmmpakgoehmlcimjognbf deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihbiogfmnfogmmpakgoehmlcimjognbf deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ihbiogfmnfogmmpakgoehmlcimjognbf_0.localstorage deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ihbiogfmnfogmmpakgoehmlcimjognbf_0.localstorage-journal deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ihbiogfmnfogmmpakgoehmlcimjognbf deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kpifmiaadiihnkolggaepacodfmgceki deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpifmiaadiihnkolggaepacodfmgceki deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kpifmiaadiihnkolggaepacodfmgceki deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kpifmiaadiihnkolggaepacodfmgceki deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpifmiaadiihnkolggaepacodfmgceki deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kpifmiaadiihnkolggaepacodfmgceki deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kpifmiaadiihnkolggaepacodfmgceki deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpifmiaadiihnkolggaepacodfmgceki deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kpifmiaadiihnkolggaepacodfmgceki deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kpifmiaadiihnkolggaepacodfmgceki_0.localstorage deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kpifmiaadiihnkolggaepacodfmgceki_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{0EDD5A1A-21C0-4C0A-A96B-8524A192D7F4} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_13415"
{10F251FB-1A3F-4493-8B01-73AABFD6AB32} Bing Url="http://www.bing.com/search?FORM=UP97DF& ... -SearchBox"
{4C44EDDA-95E7-48BB-94D4-A9BF568BC334} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_13415"
{50F90C0E-F9F5-4EF6-8746-654E1A023091} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_13415"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"
{7D552393-2E41-4D47-8E21-82D6EA465697} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415"
{8EA35406-84C7-4852-ABAA-17A84927B07A} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13415"
{BE150135-7E7B-46F1-A003-D4C9120F1767} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13415"
{CA50F9B2-A2D7-419C-8CD9-3F68DB16B83F} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_13415"
{D7B8CC6F-B8BD-4156-BC21-0FCDFAA02617} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_13415"

==== Reset Google Chrome ======================

C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gdnafjfahbdfphihncgadbegiaebehio deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Torntv V9.0 deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Kryštof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=204 folders=81 1096958 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Guest\AppData\Local\Temp emptied successfully
C:\Users\Kryštof\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\KRYTOF~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on st 02. 07. 2014 at 16:50:45,34 ======================

#8 Příspěvek od **vyosek** » 02 črc 2014 17:15

Poprosim o novy log z FRST

krystof37 · #9 Příspěvek od **krystof37** » 02 črc 2014 17:46

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by Kryštof (administrator) on DV9 on 02-07-2014 18:43:51
Running from C:\Users\Kryštof\Desktop
Platform: Windows 8 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\3dsMAX\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AVG) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Users\Kryštof\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Kryštof\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
() C:\Program Files (x86)\Opera\22.0.1471.70\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(forum.viry.cz) C:\Users\Kryštof\Desktop\FRST-OlderVersion\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [656896 2012-09-20] (Synaptics)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-09-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-09-14] (Realtek Semiconductor)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-08-10] (Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2012-12-21] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2012-12-21] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-06] (Autodesk, Inc.)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-16] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-07-26] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1627032 2014-02-05] (Autodesk, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Kryštof\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Kryštof\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Kryštof\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Policies\Explorer: []
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Policies\Explorer: [HideSCAHealth] 0
AppInit_DLLs: c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.google.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {0EDD5A1A-21C0-4C0A-A96B-8524A192D7F4} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKCU - {4C44EDDA-95E7-48BB-94D4-A9BF568BC334} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKCU - {50F90C0E-F9F5-4EF6-8746-654E1A023091} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {7D552393-2E41-4D47-8E21-82D6EA465697} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
SearchScopes: HKCU - {8EA35406-84C7-4852-ABAA-17A84927B07A} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {BE150135-7E7B-46F1-A003-D4C9120F1767} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {CA50F9B2-A2D7-419C-8CD9-3F68DB16B83F} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKCU - {D7B8CC6F-B8BD-4156-BC21-0FCDFAA02617} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.6.1

FireFox:
========
FF ProfilePath: C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @parallelgraphics.com/Cortona - C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll (ParallelGraphics)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: EPUBReader - C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2014-06-28]
FF Extension: Adblock Plus - C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-14]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-05-10]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR NewTab: "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSearchKeyword: buenosearch.com
CHR DefaultSearchProvider: Bueno Search
CHR DefaultSearchURL: http://www.buenosearch.com/?q={searchTe ... l&tsp=5290
CHR DefaultNewTabURL:
CHR Extension: (Dokumenty Google) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-27]
CHR Extension: (Disk Google) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-27]
CHR Extension: (HD-V1.4) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\beoldljceodklpdmkgelhbdllhhciinh [2014-06-29]
CHR Extension: (YouTube) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-27]
CHR Extension: (GeoGebra) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2014-02-27]
CHR Extension: (Photo Downloader for Instagram™) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckjednilicaopeimldnhnlhojcpgelfe [2014-02-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-27]
CHR Extension: (Peněženka Google) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-14]
CHR Extension: (Instagram Vyhledávání) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeofhjjmgagmjigkfgghbnjjeibokcik [2014-05-05]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-03-14]
CHR Extension: (Instagram for Chrome) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2014-02-27]
CHR Extension: (Gmail) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-27]

==================== Services (Whitelisted) =================

R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2227992 2012-10-01] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [957816 2012-10-22] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2279608 2014-05-21] (Microsoft Corporation)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-08-16] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 mi-raysat_3dsmax2014_64; C:\3dsMAX\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [86016 2011-09-15] () [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2140984 2014-04-15] (TuneUp Software)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [169240 2012-10-01] (Broadcom Corporation.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-12-14] (Disc Soft Ltd)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-20] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8229264 2012-09-28] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-09-17] (Synaptics Incorporated)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-10] (Windows (R) Win 7 DDK provider)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-10] (Windows (R) Win 7 DDK provider)
S1 {2635ac50-5488-40bf-9bfd-accb158f8f3f}w64; system32\drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-07-02 18:43 - 2014-07-02 18:44 - 00027257 _____ () C:\Users\Kryštof\Desktop\FRST.txt
2014-07-02 18:43 - 2014-07-02 18:43 - 00029696 _____ () C:\Users\Kryštof\AppData\Local\MSGBOX.EXE
2014-07-02 18:43 - 2014-07-02 18:43 - 00015327 _____ () C:\Users\Kryštof\Desktop\LM.bat
2014-07-02 18:43 - 2014-07-02 18:43 - 00000000 ____D () C:\Users\Kryštof\Desktop\FRST-OlderVersion
2014-07-02 16:51 - 2014-07-02 16:51 - 00049155 _____ () C:\Users\Kryštof\Desktop\zoek-results.txt
2014-07-02 14:03 - 2014-07-02 14:03 - 00000000 ____D () C:\Users\KryÜtof\AppData\Roaming\Macromedia
2014-07-02 14:03 - 2014-07-02 13:52 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-07-02 13:53 - 2014-07-02 16:50 - 00049155 _____ () C:\zoek-results.log
2014-07-02 13:52 - 2014-07-02 14:02 - 00000000 ____D () C:\zoek_backup
2014-07-02 13:51 - 2014-07-02 13:51 - 01285120 _____ () C:\Users\Kryštof\Desktop\zoek.exe
2014-07-02 12:57 - 2014-07-02 13:06 - 157218358 _____ () C:\Users\Kryštof\Downloads\The-Big-Bang-Theory.S02E13.The-Friendship-Algorithm.mkv
2014-07-02 12:07 - 2014-07-02 12:07 - 00017157 _____ () C:\Users\Kryštof\Desktop\AdwCleaner[S1].txt
2014-07-02 12:04 - 2014-07-02 12:04 - 01346519 _____ () C:\Users\Kryštof\Desktop\adwcleaner_3.214.exe
2014-07-02 12:04 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-07-01 22:13 - 2014-07-01 22:21 - 157366088 _____ () C:\Users\Kryštof\Downloads\The-Big-Bang-Theory.S02E12.The-Killer-Robot-Instability.mkv
2014-07-01 15:08 - 2014-07-01 15:10 - 00000000 ____D () C:\Zaloha
2014-07-01 11:12 - 2014-07-01 11:12 - 00026982 _____ () C:\Users\Kryštof\Desktop\dds.txt
2014-07-01 11:12 - 2014-07-01 11:12 - 00012177 _____ () C:\Users\Kryštof\Desktop\Addition.rar
2014-07-01 11:12 - 2014-07-01 11:12 - 00008545 _____ () C:\Users\Kryštof\Desktop\attach.txt
2014-07-01 11:11 - 2014-07-01 11:11 - 00000000 ____D () C:\Users\KryÜtof
2014-07-01 11:09 - 2014-07-01 11:10 - 00688992 ____R (Swearware) C:\Users\Kryštof\Desktop\dds.exe
2014-07-01 11:08 - 2014-07-01 11:08 - 00044623 _____ () C:\Users\Kryštof\Desktop\info.txt
2014-07-01 11:07 - 2014-07-01 11:09 - 00000000 ____D () C:\rsit
2014-07-01 11:07 - 2014-07-01 11:08 - 00000000 ____D () C:\Program Files\trend micro
2014-07-01 11:04 - 2014-07-01 11:04 - 00068609 _____ () C:\Users\Kryštof\Desktop\FRST3333.txt
2014-07-01 11:03 - 2014-07-01 11:03 - 01222144 _____ () C:\Users\Kryštof\Desktop\RSITx64.exe
2014-07-01 10:51 - 2014-07-01 10:52 - 00000000 ____D () C:\Users\Kryštof\Desktop\Docs
2014-07-01 10:50 - 2014-07-02 18:43 - 02083840 _____ (Farbar) C:\Users\Kryštof\Desktop\FRST64.exe
2014-06-30 21:35 - 2014-06-30 21:44 - 157630209 _____ () C:\Users\Kryštof\Downloads\The-Big-Bang-Theory.S02E10.The-Vartabedian-Conundrum.mkv
2014-06-29 13:38 - 2014-06-29 22:30 - 00000000 ____D () C:\windows\SysWOW64\NV
2014-06-29 13:38 - 2014-06-29 22:30 - 00000000 ____D () C:\windows\system32\NV
2014-06-29 13:36 - 2014-06-29 13:36 - 00000000 ____D () C:\windows\LastGood.Tmp
2014-06-29 13:34 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\windows\system32\nvcompiler.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 18531568 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcompiler.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 16003912 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2014-06-29 13:34 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvenc.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvenc.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6433788.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6433788.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 00492376 _____ (NVIDIA Corporation) C:\windows\system32\nvEncodeAPI64.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 00416712 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvEncodeAPI.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 00382240 _____ (NVIDIA Corporation) C:\windows\system32\NvIFROpenGL.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\windows\system32\nvoglshim64.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 00335704 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFROpenGL.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglshim32.dll
2014-06-29 13:34 - 2014-05-20 04:44 - 00032544 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvpciflt.sys
2014-06-28 17:29 - 2014-06-28 17:29 - 00001104 _____ () C:\Users\Public\Desktop\EPUB File Reader.lnk
2014-06-28 17:29 - 2014-06-28 17:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPUB File Reader
2014-06-28 17:29 - 2014-06-28 17:29 - 00000000 ____D () C:\Program Files (x86)\EPUB File Reader
2014-06-28 17:25 - 2014-07-01 10:25 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\Software Informer
2014-06-28 17:25 - 2014-06-28 17:25 - 00000000 ____D () C:\ProgramData\Informer Technologies, Inc
2014-06-25 12:57 - 2014-06-25 12:57 - 00000000 ____D () C:\Program Files (x86)\Acoustica MP3 CD Burner
2014-06-25 12:55 - 2014-06-25 12:55 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\QuickScan
2014-06-25 12:54 - 2014-06-25 12:55 - 00000000 ____D () C:\Program Files (x86)\HD-V1.4
2014-06-25 12:51 - 2014-06-30 10:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dBpowerAMP Music Converter
2014-06-25 12:51 - 2014-06-25 12:51 - 00130048 _____ () C:\windows\SysWOW64\SpoonUninstall.exe
2014-06-25 12:49 - 2014-06-25 20:56 - 00000000 ____D () C:\Program Files (x86)\SlySoft
2014-06-25 12:49 - 2014-06-25 12:49 - 00000041 ___SH () C:\ProgramData\.zreglib
2014-06-24 14:22 - 2014-07-01 21:54 - 00014087 _____ () C:\Users\Kryštof\Desktop\Sešit1.xlsx
2014-06-13 19:42 - 2014-06-13 19:42 - 00001671 _____ () C:\Users\Guest\Desktop\Skyrim (SKSE).lnk
2014-06-13 15:20 - 2014-06-13 15:20 - 00000000 ____D () C:\Users\Kryštof\AppData\Local\Skyrim
2014-06-11 09:26 - 2014-05-24 04:48 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-06-11 09:26 - 2014-05-24 04:47 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-06-11 09:26 - 2014-05-24 04:47 - 01366016 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-06-11 09:26 - 2014-05-24 04:47 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-06-11 09:26 - 2014-05-24 04:47 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-06-11 09:26 - 2014-05-24 04:46 - 19290112 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-06-11 09:26 - 2014-05-24 04:46 - 15368704 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-06-11 09:26 - 2014-05-24 04:46 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-06-11 09:26 - 2014-05-24 04:46 - 02650112 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-06-11 09:26 - 2014-05-24 04:46 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-06-11 09:26 - 2014-05-24 04:46 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-06-11 09:26 - 2014-05-24 04:46 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-06-11 09:26 - 2014-05-24 04:46 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-06-11 09:26 - 2014-05-24 04:46 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-06-11 09:26 - 2014-05-24 04:46 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-06-11 09:26 - 2014-05-24 04:46 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-06-11 09:26 - 2014-05-24 04:46 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-06-11 09:26 - 2014-05-24 04:45 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-06-11 09:26 - 2014-05-24 04:45 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-06-11 09:26 - 2014-05-24 04:45 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-06-11 09:26 - 2014-05-24 03:26 - 14365696 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-06-11 09:26 - 2014-05-24 03:26 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-06-11 09:26 - 2014-05-24 03:26 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-06-11 09:26 - 2014-05-24 03:26 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-06-11 09:26 - 2014-05-24 03:26 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-06-11 09:26 - 2014-05-24 03:26 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-06-11 09:26 - 2014-05-24 03:26 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-06-11 09:26 - 2014-05-24 03:25 - 13731328 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-06-11 09:26 - 2014-05-24 03:25 - 02862080 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-06-11 09:26 - 2014-05-24 03:25 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-06-11 09:26 - 2014-05-24 03:25 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-06-11 09:26 - 2014-05-24 03:25 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-06-11 09:26 - 2014-05-24 03:25 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-06-11 09:26 - 2014-05-24 03:25 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-06-11 09:26 - 2014-05-24 03:25 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-06-11 09:26 - 2014-05-24 03:25 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-06-11 09:26 - 2014-05-24 03:25 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-06-11 09:26 - 2014-05-24 03:25 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-06-11 09:26 - 2014-05-24 03:09 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-06-11 09:26 - 2014-05-24 03:03 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-06-11 09:26 - 2014-05-24 00:37 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-06-11 09:26 - 2014-05-03 07:47 - 03246592 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-06-11 09:26 - 2014-05-03 05:34 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2014-06-11 09:26 - 2014-04-30 00:32 - 01301504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-06-11 09:26 - 2014-04-30 00:22 - 01023488 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-06-11 09:26 - 2014-04-03 13:19 - 00328024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2014-06-11 09:26 - 2014-04-03 05:44 - 00619008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2014-06-11 09:26 - 2014-04-01 00:08 - 00387268 _____ () C:\windows\system32\ApnDatabase.xml
2014-06-11 09:26 - 2014-03-25 01:42 - 00305152 _____ (Microsoft Corporation) C:\windows\SysWOW64\wusa.exe
2014-06-11 09:26 - 2014-03-25 00:56 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\wusa.exe
2014-06-11 09:25 - 2014-04-03 13:22 - 02233176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-06-11 09:25 - 2014-03-07 02:47 - 01419264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-06-11 09:25 - 2014-03-07 02:08 - 01845760 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-06-08 12:52 - 2014-06-08 12:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-08 12:52 - 2014-06-08 12:52 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-04 19:09 - 2014-06-18 11:09 - 00000000 ____D () C:\Users\Kryštof\Desktop\fa
2014-06-03 20:43 - 2014-06-18 20:43 - 00003818 _____ () C:\windows\System32\Tasks\Opera scheduled Autoupdate 1400187844
2014-06-02 22:12 - 2014-05-30 01:07 - 01715176 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll
2014-06-02 22:12 - 2014-05-30 01:07 - 01291232 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll
2014-06-02 22:12 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys
2014-06-02 22:12 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll

==================== One Month Modified Files and Folders =======

2014-07-02 18:44 - 2014-07-02 18:43 - 00027257 _____ () C:\Users\Kryštof\Desktop\FRST.txt
2014-07-02 18:43 - 2014-07-02 18:43 - 00029696 _____ () C:\Users\Kryštof\AppData\Local\MSGBOX.EXE
2014-07-02 18:43 - 2014-07-02 18:43 - 00015327 _____ () C:\Users\Kryštof\Desktop\LM.bat
2014-07-02 18:43 - 2014-07-02 18:43 - 00000000 ____D () C:\Users\Kryštof\Desktop\FRST-OlderVersion
2014-07-02 18:43 - 2014-07-01 10:50 - 02083840 _____ (Farbar) C:\Users\Kryštof\Desktop\FRST64.exe
2014-07-02 18:43 - 2014-04-17 13:17 - 00000000 ____D () C:\FRST
2014-07-02 18:43 - 2013-11-14 10:00 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1001773883-2206983416-447035505-1002
2014-07-02 18:43 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-07-02 16:51 - 2014-07-02 16:51 - 00049155 _____ () C:\Users\Kryštof\Desktop\zoek-results.txt
2014-07-02 16:51 - 2014-04-17 20:00 - 00000964 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-02 16:50 - 2014-07-02 13:53 - 00049155 _____ () C:\zoek-results.log
2014-07-02 16:50 - 2012-10-10 01:08 - 00072676 _____ () C:\windows\PFRO.log
2014-07-02 16:50 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-02 15:15 - 2014-04-17 20:00 - 00000968 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-02 15:02 - 2013-11-12 09:16 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-07-02 14:03 - 2014-07-02 14:03 - 00000000 ____D () C:\Users\KryÜtof\AppData\Roaming\Macromedia
2014-07-02 14:02 - 2014-07-02 13:52 - 00000000 ____D () C:\zoek_backup
2014-07-02 13:52 - 2014-07-02 14:03 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-07-02 13:51 - 2014-07-02 13:51 - 01285120 _____ () C:\Users\Kryštof\Desktop\zoek.exe
2014-07-02 13:50 - 2013-12-07 21:27 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\vlc
2014-07-02 13:44 - 2012-12-21 07:40 - 01866013 _____ () C:\windows\WindowsUpdate.log
2014-07-02 13:06 - 2014-07-02 12:57 - 157218358 _____ () C:\Users\Kryštof\Downloads\The-Big-Bang-Theory.S02E13.The-Friendship-Algorithm.mkv
2014-07-02 12:48 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-07-02 12:13 - 2012-12-21 07:42 - 01805022 _____ () C:\windows\system32\perfh005.dat
2014-07-02 12:13 - 2012-12-21 07:42 - 00494130 _____ () C:\windows\system32\perfc005.dat
2014-07-02 12:13 - 2012-07-26 09:28 - 00005640 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-02 12:07 - 2014-07-02 12:07 - 00017157 _____ () C:\Users\Kryštof\Desktop\AdwCleaner[S1].txt
2014-07-02 12:06 - 2014-04-20 15:21 - 05125856 _____ () C:\windows\system32\FNTCACHE.DAT
2014-07-02 12:05 - 2014-04-17 12:45 - 00000000 ____D () C:\AdwCleaner
2014-07-02 12:05 - 2013-11-14 09:49 - 00000000 ____D () C:\Users\Kryštof
2014-07-02 12:05 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-07-02 12:04 - 2014-07-02 12:04 - 01346519 _____ () C:\Users\Kryštof\Desktop\adwcleaner_3.214.exe
2014-07-01 22:21 - 2014-07-01 22:13 - 157366088 _____ () C:\Users\Kryštof\Downloads\The-Big-Bang-Theory.S02E12.The-Killer-Robot-Instability.mkv
2014-07-01 21:54 - 2014-06-24 14:22 - 00014087 _____ () C:\Users\Kryštof\Desktop\Sešit1.xlsx
2014-07-01 15:13 - 2013-11-23 13:08 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-01 15:10 - 2014-07-01 15:08 - 00000000 ____D () C:\Zaloha
2014-07-01 11:12 - 2014-07-01 11:12 - 00026982 _____ () C:\Users\Kryštof\Desktop\dds.txt
2014-07-01 11:12 - 2014-07-01 11:12 - 00012177 _____ () C:\Users\Kryštof\Desktop\Addition.rar
2014-07-01 11:12 - 2014-07-01 11:12 - 00008545 _____ () C:\Users\Kryštof\Desktop\attach.txt
2014-07-01 11:11 - 2014-07-01 11:11 - 00000000 ____D () C:\Users\KryÜtof
2014-07-01 11:10 - 2014-07-01 11:09 - 00688992 ____R (Swearware) C:\Users\Kryštof\Desktop\dds.exe
2014-07-01 11:09 - 2014-07-01 11:07 - 00000000 ____D () C:\rsit
2014-07-01 11:08 - 2014-07-01 11:08 - 00044623 _____ () C:\Users\Kryštof\Desktop\info.txt
2014-07-01 11:08 - 2014-07-01 11:07 - 00000000 ____D () C:\Program Files\trend micro
2014-07-01 11:04 - 2014-07-01 11:04 - 00068609 _____ () C:\Users\Kryštof\Desktop\FRST3333.txt
2014-07-01 11:03 - 2014-07-01 11:03 - 01222144 _____ () C:\Users\Kryštof\Desktop\RSITx64.exe
2014-07-01 10:52 - 2014-07-01 10:51 - 00000000 ____D () C:\Users\Kryštof\Desktop\Docs
2014-07-01 10:52 - 2013-11-15 13:47 - 00000000 ____D () C:\Users\Kryštof\Desktop\vsb
2014-07-01 10:51 - 2014-03-19 20:55 - 00000000 ____D () C:\Users\Kryštof\Desktop\Nová složka
2014-07-01 10:43 - 2013-12-27 21:35 - 00000000 ____D () C:\ProgramData\Ashampoo
2014-07-01 10:43 - 2013-12-27 21:35 - 00000000 ____D () C:\Ashampoo Movie Studio
2014-07-01 10:43 - 2013-12-22 18:34 - 00000000 ____D () C:\Program Files\KMSpico
2014-07-01 10:38 - 2014-05-07 19:40 - 00000000 ____D () C:\ProgramData\Apple
2014-07-01 10:35 - 2014-05-07 19:40 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-01 10:25 - 2014-06-28 17:25 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\Software Informer
2014-06-30 21:44 - 2014-06-30 21:35 - 157630209 _____ () C:\Users\Kryštof\Downloads\The-Big-Bang-Theory.S02E10.The-Vartabedian-Conundrum.mkv
2014-06-30 10:12 - 2014-06-25 12:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dBpowerAMP Music Converter
2014-06-29 22:30 - 2014-06-29 13:38 - 00000000 ____D () C:\windows\SysWOW64\NV
2014-06-29 22:30 - 2014-06-29 13:38 - 00000000 ____D () C:\windows\system32\NV
2014-06-29 13:38 - 2012-12-21 06:56 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-29 13:36 - 2014-06-29 13:36 - 00000000 ____D () C:\windows\LastGood.Tmp
2014-06-28 17:29 - 2014-06-28 17:29 - 00001104 _____ () C:\Users\Public\Desktop\EPUB File Reader.lnk
2014-06-28 17:29 - 2014-06-28 17:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPUB File Reader
2014-06-28 17:29 - 2014-06-28 17:29 - 00000000 ____D () C:\Program Files (x86)\EPUB File Reader
2014-06-28 17:25 - 2014-06-28 17:25 - 00000000 ____D () C:\ProgramData\Informer Technologies, Inc
2014-06-26 16:13 - 2012-07-26 07:26 - 00000269 _____ () C:\windows\win.ini
2014-06-25 21:59 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\rescache
2014-06-25 20:56 - 2014-06-25 12:49 - 00000000 ____D () C:\Program Files (x86)\SlySoft
2014-06-25 20:51 - 2014-02-27 22:19 - 00002252 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-25 12:57 - 2014-06-25 12:57 - 00000000 ____D () C:\Program Files (x86)\Acoustica MP3 CD Burner
2014-06-25 12:55 - 2014-06-25 12:55 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\QuickScan
2014-06-25 12:55 - 2014-06-25 12:54 - 00000000 ____D () C:\Program Files (x86)\HD-V1.4
2014-06-25 12:51 - 2014-06-25 12:51 - 00130048 _____ () C:\windows\SysWOW64\SpoonUninstall.exe
2014-06-25 12:49 - 2014-06-25 12:49 - 00000041 ___SH () C:\ProgramData\.zreglib
2014-06-24 10:35 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-06-20 11:10 - 2014-02-27 22:19 - 00003940 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-20 11:10 - 2014-02-27 22:19 - 00003704 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-19 14:41 - 2013-11-16 22:09 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-06-18 20:43 - 2014-06-03 20:43 - 00003818 _____ () C:\windows\System32\Tasks\Opera scheduled Autoupdate 1400187844
2014-06-18 20:43 - 2014-05-15 23:04 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-06-18 11:09 - 2014-06-04 19:09 - 00000000 ____D () C:\Users\Kryštof\Desktop\fa
2014-06-14 22:50 - 2014-02-18 10:53 - 00000000 ____D () C:\Users\Kryštof\Desktop\fyzika
2014-06-13 19:42 - 2014-06-13 19:42 - 00001671 _____ () C:\Users\Guest\Desktop\Skyrim (SKSE).lnk
2014-06-13 15:20 - 2014-06-13 15:20 - 00000000 ____D () C:\Users\Kryštof\AppData\Local\Skyrim
2014-06-11 11:21 - 2012-07-26 09:59 - 00000000 ____D () C:\windows\CbsTemp
2014-06-11 11:20 - 2013-12-26 14:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-11 11:20 - 2013-11-15 09:59 - 00000000 ____D () C:\windows\system32\MRT
2014-06-11 11:18 - 2013-11-15 09:59 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-06-08 12:52 - 2014-06-08 12:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-08 12:52 - 2014-06-08 12:52 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-08 12:52 - 2014-05-17 12:26 - 00001942 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-08 12:52 - 2014-05-17 12:26 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-06 13:38 - 2013-12-21 15:41 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\TS3Client
2014-06-02 22:12 - 2012-12-21 06:55 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-02 22:12 - 2012-07-26 09:21 - 00039539 _____ () C:\windows\setupact.log

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-06-30 10:51

==================== End Of Log ============================

#10 Příspěvek od **vyosek** » 02 črc 2014 17:52

Odinstalujte McAfee Security Scan

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1627032 2014-02-05] (Autodesk, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Kryštof\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Kryštof\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Kryštof\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Policies\Explorer: []
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Policies\Explorer: [HideSCAHealth] 0
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-05-10]

CHR NewTab: "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSearchKeyword: buenosearch.com
CHR DefaultSearchProvider: Bueno Search
CHR DefaultSearchURL: http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=802F9C4E3690C0D1&affID=128403&tt=260614_ctrl&tsp=5290
CHR DefaultNewTabURL: 
CHR Extension: (HD-V1.4) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\beoldljceodklpdmkgelhbdllhhciinh [2014-06-29]

S1 {2635ac50-5488-40bf-9bfd-accb158f8f3f}w64; system32\drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys [X]

2014-07-02 18:43 - 2014-07-02 18:44 - 00027257 _____ () C:\Users\Kryštof\Desktop\FRST.txt
2014-07-02 18:43 - 2014-07-02 18:43 - 00029696 _____ () C:\Users\Kryštof\AppData\Local\MSGBOX.EXE
2014-07-02 18:43 - 2014-07-02 18:43 - 00015327 _____ () C:\Users\Kryštof\Desktop\LM.bat
2014-07-02 18:43 - 2014-07-02 18:43 - 00000000 ____D () C:\Users\Kryštof\Desktop\FRST-OlderVersion
2014-07-02 16:51 - 2014-07-02 16:51 - 00049155 _____ () C:\Users\Kryštof\Desktop\zoek-results.txt
2014-07-02 14:03 - 2014-07-02 13:52 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-07-02 13:53 - 2014-07-02 16:50 - 00049155 _____ () C:\zoek-results.log
2014-07-02 13:52 - 2014-07-02 14:02 - 00000000 ____D () C:\zoek_backup
2014-07-02 13:51 - 2014-07-02 13:51 - 01285120 _____ () C:\Users\Kryštof\Desktop\zoek.exe
2014-07-02 12:07 - 2014-07-02 12:07 - 00017157 _____ () C:\Users\Kryštof\Desktop\AdwCleaner[S1].txt
2014-07-02 12:04 - 2014-07-02 12:04 - 01346519 _____ () C:\Users\Kryštof\Desktop\adwcleaner_3.214.exe
2014-07-02 12:04 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-07-01 11:12 - 2014-07-01 11:12 - 00026982 _____ () C:\Users\Kryštof\Desktop\dds.txt
2014-07-01 11:12 - 2014-07-01 11:12 - 00012177 _____ () C:\Users\Kryštof\Desktop\Addition.rar
2014-07-01 11:12 - 2014-07-01 11:12 - 00008545 _____ () C:\Users\Kryštof\Desktop\attach.txt
2014-07-01 11:09 - 2014-07-01 11:10 - 00688992 ____R (Swearware) C:\Users\Kryštof\Desktop\dds.exe
2014-07-01 11:08 - 2014-07-01 11:08 - 00044623 _____ () C:\Users\Kryštof\Desktop\info.txt
2014-07-01 11:07 - 2014-07-01 11:09 - 00000000 ____D () C:\rsit
2014-07-01 11:07 - 2014-07-01 11:08 - 00000000 ____D () C:\Program Files\trend micro
2014-07-01 11:04 - 2014-07-01 11:04 - 00068609 _____ () C:\Users\Kryštof\Desktop\FRST3333.txt
2014-07-01 11:03 - 2014-07-01 11:03 - 01222144 _____ () C:\Users\Kryštof\Desktop\RSITx64.exe
2014-06-25 12:54 - 2014-06-25 12:55 - 00000000 ____D () C:\Program Files (x86)\HD-V1.4
2014-06-08 12:52 - 2014-06-08 12:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-08 12:52 - 2014-06-08 12:52 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-08 12:52 - 2014-05-17 12:26 - 00001942 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-08 12:52 - 2014-05-17 12:26 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
C:\Program Files (x86)\Torntv V9.0

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-6.job => C:\Program Files (x86)\HD-V1.4\HD-V1.4-novainstaller.exe
Task: C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-7.job => C:\Program Files (x86)\HD-V1.4\HD-V1.4-nova.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-1.job => C:\Program Files (x86)\HD-V1.4\HD-V1.4-codedownloader.exe

Hosts:
Reboot:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

krystof37 · #11 Příspěvek od **krystof37** » 02 črc 2014 19:19

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-07-2014
Ran by Kryštof at 2014-07-02 20:15:16 Run:2
Running from C:\Users\Kryštof\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1627032 2014-02-05] (Autodesk, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Kryštof\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Kryštof\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Kryštof\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Policies\Explorer: []
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Policies\Explorer: [HideSCAHealth] 0
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-05-10]

CHR NewTab: "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSearchKeyword: buenosearch.com
CHR DefaultSearchProvider: Bueno Search
CHR DefaultSearchURL: http://www.buenosearch.com/?q={searchTe ... l&tsp=5290
CHR DefaultNewTabURL:
CHR Extension: (HD-V1.4) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\beoldljceodklpdmkgelhbdllhhciinh [2014-06-29]

S1 {2635ac50-5488-40bf-9bfd-accb158f8f3f}w64; system32\drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys [X]

2014-07-02 18:43 - 2014-07-02 18:44 - 00027257 _____ () C:\Users\Kryštof\Desktop\FRST.txt
2014-07-02 18:43 - 2014-07-02 18:43 - 00029696 _____ () C:\Users\Kryštof\AppData\Local\MSGBOX.EXE
2014-07-02 18:43 - 2014-07-02 18:43 - 00015327 _____ () C:\Users\Kryštof\Desktop\LM.bat
2014-07-02 18:43 - 2014-07-02 18:43 - 00000000 ____D () C:\Users\Kryštof\Desktop\FRST-OlderVersion
2014-07-02 16:51 - 2014-07-02 16:51 - 00049155 _____ () C:\Users\Kryštof\Desktop\zoek-results.txt
2014-07-02 14:03 - 2014-07-02 13:52 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-07-02 13:53 - 2014-07-02 16:50 - 00049155 _____ () C:\zoek-results.log
2014-07-02 13:52 - 2014-07-02 14:02 - 00000000 ____D () C:\zoek_backup
2014-07-02 13:51 - 2014-07-02 13:51 - 01285120 _____ () C:\Users\Kryštof\Desktop\zoek.exe
2014-07-02 12:07 - 2014-07-02 12:07 - 00017157 _____ () C:\Users\Kryštof\Desktop\AdwCleaner[S1].txt
2014-07-02 12:04 - 2014-07-02 12:04 - 01346519 _____ () C:\Users\Kryštof\Desktop\adwcleaner_3.214.exe
2014-07-02 12:04 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-07-01 11:12 - 2014-07-01 11:12 - 00026982 _____ () C:\Users\Kryštof\Desktop\dds.txt
2014-07-01 11:12 - 2014-07-01 11:12 - 00012177 _____ () C:\Users\Kryštof\Desktop\Addition.rar
2014-07-01 11:12 - 2014-07-01 11:12 - 00008545 _____ () C:\Users\Kryštof\Desktop\attach.txt
2014-07-01 11:09 - 2014-07-01 11:10 - 00688992 ____R (Swearware) C:\Users\Kryštof\Desktop\dds.exe
2014-07-01 11:08 - 2014-07-01 11:08 - 00044623 _____ () C:\Users\Kryštof\Desktop\info.txt
2014-07-01 11:07 - 2014-07-01 11:09 - 00000000 ____D () C:\rsit
2014-07-01 11:07 - 2014-07-01 11:08 - 00000000 ____D () C:\Program Files\trend micro
2014-07-01 11:04 - 2014-07-01 11:04 - 00068609 _____ () C:\Users\Kryštof\Desktop\FRST3333.txt
2014-07-01 11:03 - 2014-07-01 11:03 - 01222144 _____ () C:\Users\Kryštof\Desktop\RSITx64.exe
2014-06-25 12:54 - 2014-06-25 12:55 - 00000000 ____D () C:\Program Files (x86)\HD-V1.4
2014-06-08 12:52 - 2014-06-08 12:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-08 12:52 - 2014-06-08 12:52 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-08 12:52 - 2014-05-17 12:26 - 00001942 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-08 12:52 - 2014-05-17 12:26 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
C:\Program Files (x86)\Torntv V9.0

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-6.job => C:\Program Files (x86)\HD-V1.4\HD-V1.4-novainstaller.exe
Task: C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-7.job => C:\Program Files (x86)\HD-V1.4\HD-V1.4-nova.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-1.job => C:\Program Files (x86)\HD-V1.4\HD-V1.4-codedownloader.exe

Hosts:
Reboot:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvBackend => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\BCSSync => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GShortCut => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\RemoteControl10 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ADSK DLMSession => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\TaskbarNoNotification => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\TaskbarNoNotification => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value deleted successfully.
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value deleted successfully.
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value deleted successfully.
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value deleted successfully.
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value deleted successfully.
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\TaskbarNoNotification => value deleted successfully.
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value deleted successfully.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive1'=> Key not found.
'HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive2'=> Key not found.
'HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive3'=> Key not found.
'HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive1'=> Key not found.
'HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive2'=> Key not found.
'HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive3'=> Key not found.
'HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}'=> Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\First Home Page => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi => Moved successfully.
CHR DefaultSearchKeyword: buenosearch.com ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchProvider: Bueno Search ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: http://www.buenosearch.com/?q={searchTe ... l&tsp=5290 ==> The Chrome "Settings" can be used to fix the entry.
C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\beoldljceodklpdmkgelhbdllhhciinh => Moved successfully.
{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64 => Service deleted successfully.
C:\Users\Kryštof\Desktop\FRST.txt => Moved successfully.
"C:\Users\Kryštof\AppData\Local\MSGBOX.EXE" => File/Directory not found.
"C:\Users\Kryštof\Desktop\LM.bat" => File/Directory not found.
C:\Users\Kryštof\Desktop\FRST-OlderVersion => Moved successfully.
C:\Users\Kryštof\Desktop\zoek-results.txt => Moved successfully.
C:\windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Kryštof\Desktop\zoek.exe => Moved successfully.
C:\Users\Kryštof\Desktop\AdwCleaner[S1].txt => Moved successfully.
C:\Users\Kryštof\Desktop\adwcleaner_3.214.exe => Moved successfully.
C:\windows\SysWOW64\sqlite3.dll => Moved successfully.
C:\Users\Kryštof\Desktop\dds.txt => Moved successfully.
C:\Users\Kryštof\Desktop\Addition.rar => Moved successfully.
C:\Users\Kryštof\Desktop\attach.txt => Moved successfully.
C:\Users\Kryštof\Desktop\dds.exe => Moved successfully.
C:\Users\Kryštof\Desktop\info.txt => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\Kryštof\Desktop\FRST3333.txt => Moved successfully.
C:\Users\Kryštof\Desktop\RSITx64.exe => Moved successfully.
C:\Program Files (x86)\HD-V1.4 => Moved successfully.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus" => File/Directory not found.
"C:\Program Files\McAfee Security Scan" => File/Directory not found.
"C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk" => File/Directory not found.
"C:\ProgramData\McAfee Security Scan" => File/Directory not found.
"C:\Program Files (x86)\Torntv V9.0" => File/Directory not found.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-6.job not found.
C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-7.job not found.
C:\windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\windows\Tasks\8febae80-638a-4f48-a798-81e9dabc140f-1.job not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

The system needed a reboot.

==== End of Fixlog ====

#12 Příspěvek od **vyosek** » 02 črc 2014 20:39

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

krystof37 · #13 Příspěvek od **krystof37** » 02 črc 2014 21:49

Děkuji převelice

#14 Příspěvek od **vyosek** » 03 črc 2014 04:10

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

Kontrola logu 1.7

Kontrola logu 1.7

Re: Kontrola logu 1.7

Re: Kontrola logu 1.7

Re: Kontrola logu 1.7

Re: Kontrola logu 1.7

Re: Kontrola logu 1.7

Re: Kontrola logu 1.7

Re: Kontrola logu 1.7

Re: Kontrola logu 1.7

Re: Kontrola logu 1.7

Re: Kontrola logu 1.7

Re: Kontrola logu 1.7

Re: Kontrola logu 1.7

Re: Kontrola logu 1.7