VIRY.CZ

Zdravím, prosím o kontrolu logu. Začalymi vyskakovat v mozille reklamy a zpomaluje mi to celý pc i net. Díky

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:26:04, on 3. 7. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\BitTorrent Sync\BTSync.exe
C:\Users\Martina\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Scientific Software\ATLASti\Program\atlasti.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\Users\Martina\Downloads\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (file missing)
O2 - BHO: CrossriderApp0057050 - {11111111-1111-1111-1111-110511701150} - C:\Program Files (x86)\SavePass\SavePass-bho.dll
O2 - BHO: CostMin - {23BCBFDE-AB65-F752-9C7D-C17FC03979F5} - C:\Program Files (x86)\CostMin\n2jzl.dll
O2 - BHO: TowerTilt - {53d1f32a-a4e1-493c-8830-a4f3599a667f} - C:\Program Files (x86)\TowerTilt\TowerTiltbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Martina\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll (file missing)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331STI.EXE
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [Philips Device Listener] "C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\c40ccc70-6a07-40a0-9f40-5476b72da3bc.exe /check
O4 - HKLM\..\Run: [YourFile DownloaderInstaller Starter] "C:\Users\Martina\AppData\Local\Temp\install747170717.exe" -startup
O4 - HKCU\..\Run: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN23L510P405PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Google Update] "C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [BitTorrent Sync] "C:\Program Files (x86)\BitTorrent Sync\BTSync.exe" /MINIMIZED
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Martina\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Martina\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [UycuBinqa] regsvr32.exe "C:\ProgramData\UycuBinqa.dat"
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Martina\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~2\suppor~1\suppor~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update TowerTilt - Unknown owner - C:\Program Files (x86)\TowerTilt\updateTowerTilt.exe
O23 - Service: Util TowerTilt - Unknown owner - C:\Program Files (x86)\TowerTilt\bin\utilTowerTilt.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 12943 bytes

Zdravim

Dejte log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=130786

HJT je jiz nekolik let nedostatecne

Logfile of random's system information tool 1.06 (written by random/random)
Run by Martina at 2014-07-03 17:25:30
Microsoft Windows 8
System drive C: has 3 GB (1%) free of 428 GB
Total RAM: 3962 MB (23% free)

HijackThis download failed

======Scheduled tasks folder======

C:\windows\tasks\9ace90aa-3e4d-4c59-9d72-0db3da3612c4-1.job
C:\windows\tasks\9ace90aa-3e4d-4c59-9d72-0db3da3612c4-10.job
C:\windows\tasks\9ace90aa-3e4d-4c59-9d72-0db3da3612c4-11.job
C:\windows\tasks\9ace90aa-3e4d-4c59-9d72-0db3da3612c4-2.job
C:\windows\tasks\9ace90aa-3e4d-4c59-9d72-0db3da3612c4-4.job
C:\windows\tasks\9ace90aa-3e4d-4c59-9d72-0db3da3612c4-5.job
C:\windows\tasks\9ace90aa-3e4d-4c59-9d72-0db3da3612c4-5_user.job
C:\windows\tasks\9ace90aa-3e4d-4c59-9d72-0db3da3612c4-6.job
C:\windows\tasks\9ace90aa-3e4d-4c59-9d72-0db3da3612c4-7.job
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\AutoKMS.job
C:\windows\tasks\globalUpdateUpdateTaskMachineCore.job
C:\windows\tasks\globalUpdateUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001Core1ceb8a123e7bf34.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001UA1cec44decc40ac7.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511701150}]
SavePass - C:\Program Files (x86)\SavePass\SavePass-bho.dll [2014-07-01 529944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23BCBFDE-AB65-F752-9C7D-C17FC03979F5}]
CostMin - C:\Program Files (x86)\CostMin\n2jzl.dll [2013-07-01 509952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53d1f32a-a4e1-493c-8830-a4f3599a667f}]
TowerTilt - C:\Program Files (x86)\TowerTilt\TowerTiltbho.dll [2014-07-01 249632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-26 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}]
Rich Media Downloader - C:\Users\Martina\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-26 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
Locked

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Dolby Advanced Audio v2"=C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-07-26 508656]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331STI.EXE [2012-05-02 548864]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2012-07-27 167024]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2012-04-19 217088]
"Intel AppUp(SM) center"=C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [2012-07-12 155488]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"Philips Device Listener"=C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [2012-02-15 380416]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe []
"20131121"=C:\Program Files\AVAST Software\Avast\setup\emupdate\c40ccc70-6a07-40a0-9f40-5476b72da3bc.exe /check []
"YourFile DownloaderInstaller Starter"=C:\Users\Martina\AppData\Local\Temp\install747170717.exe [2014-07-01 6608200]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Deskjet 3050A J611 series (NET)"=C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Google Update"=C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe /c []
"BitTorrent"=C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe [2014-04-29 1240664]
"BitTorrent Sync"=C:\Program Files (x86)\BitTorrent Sync\BTSync.exe [2013-11-26 1651304]
"EA Core"=C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent []
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"cz.seznam.software.autoupdate"=C:\Users\Martina\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Martina\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"UycuBinqa"=regsvr32.exe C:\ProgramData\UycuBinqa.dat []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\progra~2\suppor~1\suppor~1.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmartcardSimulator]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VirtualSmartcardReader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wcmsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"EnableUIADesktopToggle"=0
"EnableCursorSuppression"=1
"ConsentPromptBehaviorUser"=3
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=
"NoActiveDesktopChanges"=
"NoActiveDesktop"=
"NoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{29cf524e-91a1-11e3-becb-2cd05a349e8e}]
shell\AutoRun\command - "G:\Autorun.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8341029c-197f-11e3-be96-2cd05a349e8e}]
shell\AutoRun\command - "H:\Setup.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{da1bb614-dc23-11e2-be7a-2cd05a349e8e}]
shell\AutoRun\command - "F:\Setup.part01.exe"


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2014-07-03 17:23:49 ----D---- C:\rsit
2014-07-03 15:15:52 ----SHD---- C:\Config.Msi
2014-07-02 16:24:38 ----D---- C:\Users\Martina\AppData\Roaming\SuperAdBlocker.com
2014-07-02 16:24:06 ----D---- C:\windows\system32\URTTemp
2014-07-02 16:24:03 ----D---- C:\Program Files (x86)\SuperAdBlocker.com
2014-07-02 14:04:38 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-01 11:07:43 ----D---- C:\Program Files (x86)\globalUpdate
2014-07-01 11:07:36 ----D---- C:\Program Files (x86)\SavePass
2014-07-01 11:06:32 ----D---- C:\Program Files (x86)\Supporter
2014-07-01 11:06:15 ----D---- C:\ProgramData\8bc289f24dbc9e3b
2014-07-01 11:06:11 ----D---- C:\ProgramData\CostMin
2014-07-01 11:06:07 ----D---- C:\Program Files (x86)\CostMin
2014-07-01 11:05:43 ----D---- C:\Program Files (x86)\TowerTilt
2014-07-01 11:05:16 ----D---- C:\Users\Martina\AppData\Roaming\GoforFiles
2014-07-01 11:05:16 ----D---- C:\Program Files (x86)\GoforFiles Updater
2014-06-26 16:30:26 ----D---- C:\Program Files (x86)\CZ-Doc2Txt
2014-06-26 13:30:39 ----D---- C:\Users\Martina\AppData\Roaming\7-PDFMaker
2014-06-26 13:30:38 ----D---- C:\Program Files (x86)\7-PDF
2014-06-24 22:06:21 ----D---- C:\ProgramData\Steam
2014-06-24 20:09:16 ----D---- C:\Program Files (x86)\The Elder Scrolls V Skyrim - Legendary Edition
2014-06-24 16:21:13 ----D---- C:\Users\Martina\AppData\Roaming\Scientific Software
2014-06-24 16:20:44 ----D---- C:\ProgramData\Scientific Software
2014-06-24 16:20:44 ----D---- C:\Program Files (x86)\Scientific Software
2014-06-22 19:27:17 ----D---- C:\windows\Minidump
2014-06-11 13:49:19 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 3 months======

2014-07-03 17:24:27 ----D---- C:\Users\Martina\AppData\Roaming\BitTorrent
2014-07-03 17:23:54 ----D---- C:\windows\Prefetch
2014-07-03 17:14:44 ----A---- C:\windows\win.ini
2014-07-03 17:09:07 ----D---- C:\Users\Martina\AppData\Roaming\BitTorrent Sync
2014-07-03 15:27:01 ----D---- C:\windows\Temp
2014-07-03 15:22:49 ----D---- C:\windows\Microsoft.NET
2014-07-03 15:17:32 ----SHD---- C:\windows\Installer
2014-07-03 15:17:31 ----D---- C:\Program Files (x86)\Common Files
2014-07-03 15:17:31 ----AD---- C:\Windows
2014-07-03 15:16:21 ----HD---- C:\ProgramData
2014-07-03 15:14:13 ----D---- C:\Users\Martina\AppData\Roaming\Seznam.cz
2014-07-03 15:11:21 ----D---- C:\windows\System32
2014-07-03 15:11:21 ----D---- C:\windows\Inf
2014-07-02 19:30:05 ----D---- C:\windows\Tasks
2014-07-02 16:24:06 ----D---- C:\windows\SysWOW64
2014-07-02 16:24:03 ----RD---- C:\Program Files (x86)
2014-07-02 16:23:41 ----SHD---- C:\System Volume Information
2014-07-01 11:51:24 ----D---- C:\windows\AUInstallAgent
2014-07-01 11:07:50 ----D---- C:\Program Files (x86)\Google
2014-07-01 11:06:06 ----D---- C:\windows\system32\GroupPolicy
2014-07-01 11:06:00 ----AD---- C:\Users
2014-07-01 10:45:33 ----D---- C:\windows\WinSxS
2014-06-25 15:34:35 ----D---- C:\windows\CbsTemp
2014-06-22 19:29:33 ----A---- C:\windows\system32\log.txt
2014-06-11 12:48:53 ----D---- C:\Users\Martina\AppData\Roaming\Atheros
2014-05-27 23:11:42 ----D---- C:\Program Files (x86)\The Witcher 2 (CZ)
2014-05-22 20:15:04 ----D---- C:\Users\Martina\AppData\Roaming\vlc
2014-05-22 20:01:34 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-05-22 20:01:34 ----D---- C:\Program Files (x86)\Electronic Arts
2014-05-04 19:54:44 ----SD---- C:\Users\Martina\AppData\Roaming\Microsoft

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by Martina on p  04. 07. 2014 at 11:47:11,34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{262D5B5F-7C1B-468B-9E19-1F8CCB6B892C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23BCBFDE-AB65-F752-9C7D-C17FC03979F5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{23BCBFDE-AB65-F752-9C7D-C17FC03979F5}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{23BCBFDE-AB65-F752-9C7D-C17FC03979F5}



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Martina\AppData\Roaming\mozilla\firefox\profiles\u60ghvfv.default\minidumps [31 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p  04. 07. 2014 at 11:53:13,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.214 - Report created 04/07/2014 at 11:56:01
# Updated 29/06/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Martina - IDEA-PC
# Running from : C:\Users\Martina\Downloads\adwcleaner_3.214.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\Software\TowerTilt

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v30.0 (cs)

[ File : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default\prefs.js ]

Line Deleted : user_pref("extensions.gBpG2Ae.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo[...]

-\\ Google Chrome v

[ File : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [14538 octets] - [04/07/2014 11:16:00]
AdwCleaner[R1].txt - [1249 octets] - [04/07/2014 11:55:31]
AdwCleaner[S0].txt - [12466 octets] - [04/07/2014 11:17:35]
AdwCleaner[S1].txt - [1174 octets] - [04/07/2014 11:56:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1234 octets] ##########

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Zoek.exe v5.0.0.0 Updated 30-06-2014
Tool run by Martina on p 04. 07. 2014 at 13:28:27,41.
Microsoft Windows 8 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Martina\AppData\Local\Temp\Rar$EXa0.341\zoek.exe [Scan all users] [Script inserted]

===== Runcheck 13:28:46,84 =====

--- Create Environment Variables 13:28:48,43
--- Create System Restore Point 13:28:56,99
--- Checking Input 13:29:14,83
--- Reset Hosts File 13:29:18,79
--- AU AppData Check 13:29:19,67
--- Remove From Windows Installer 13:29:23,85
--- IE Startpage Check 13:30:04,66
--- Program Files DB Check 13:30:44,30
--- C:\Users\Default\AppData\Roaming DB Check 13:31:27,13
--- C:\Users\Default User\AppData\Roaming DB Check 13:31:27,13
--- C:\Users\Martina\AppData\Roaming DB Check 13:31:27,13
--- C:\windows\SysNative\config\systemprofile\AppData\Roaming DB Check 13:31:27,13
--- C:\windows\sysWoW64\config\systemprofile\AppData\Roaming DB Check 13:31:27,13
--- C:\windows\serviceprofiles\networkservice\AppData\Roaming DB Check 13:31:27,13
--- C:\windows\serviceprofiles\Localservice\AppData\Roaming DB Check 13:31:27,13

Nechte zoek dobehnout do konce, pak se PC restartujte a da log zoek_results.txt, ten sem dejte

Zoek.exe v5.0.0.0 Updated 30-06-2014
Tool run by Martina on p  04. 07. 2014 at 13:28:27,41.
Microsoft Windows 8 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Martina\AppData\Local\Temp\Rar$EXa0.341\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

4. 7. 2014 13:29:13 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{23BCBFDE-AB65-F752-9C7D-C17FC03979F5} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{23BCBFDE-AB65-F752-9C7D-C17FC03979F5} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{23BCBFDE-AB65-F752-9C7D-C17FC03979F5} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{23BCBFDE-AB65-F752-9C7D-C17FC03979F5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23BCBFDE-AB65-F752-9C7D-C17FC03979F5} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default\prefs.js:
user_pref("browser.startup.homepage", "seznam.cz");

Added to C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default\prefs.js:

Deleted from C:\Users\Martina\AppData\Roaming\Philips-Songbird\Profiles\qxqlp484.default\prefs.js:

Added to C:\Users\Martina\AppData\Roaming\Philips-Songbird\Profiles\qxqlp484.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_201404.07._1339_.backup

ProfilePath: C:\Users\Martina\AppData\Roaming\Philips-Songbird\Profiles\qxqlp484.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_201404.07._1339_.backup

==== Deleting Files \ Folders ======================

C:\Users\Martina\AppData\LocalLow\{23BCBFDE-AB65-F752-9C7D-C17FC03979F5} deleted
C:\Users\Martina\AppData\Local\Packages\windows_ie_ac_001\AC\{23BCBFDE-AB65-F752-9C7D-C17FC03979F5} deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\pref.js deleted
C:\PROGRA~3\UycuBinqa.dat deleted
C:\Users\Martina\AppData\Local\cache deleted
C:\Users\Martina\Searches deleted
C:\Users\Martina\Downloads\bsplayer_installer.exe deleted
C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted
C:\windows\wininit.ini deleted
C:\windows\SysNative\drivers\{587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64.sys deleted
C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default\extensions\gld4-gwt@ldi-bztndg.com deleted
"C:\PROGRA~3\8bc289f24dbc9e3b\{2F5F003B-C71B-72E3-42B4-DE51AB079EB2}.20140701110615" deleted
"C:\PROGRA~3\8bc289f24dbc9e3b" deleted
"C:\Users\Martina\AppData\Roaming\Philips" deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\Martina\AppData\Roaming\Philips-Songbird\Profiles\qxqlp484.default
- Artwork Extras - C:\Program Files (x86)\Philips\Philips Songbird\extensions\albumart@songbirdnest.com
- CD Rip Support - C:\Program Files (x86)\Philips\Philips Songbird\extensions\cd-rip@songbirdnest.com
- AAC Decoding Support - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewaacdec@songbirdnest.com
- H.264 Video Decoding Support - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewh264dec@songbirdnest.com
- MP3 Encoding Support - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewmp3enc@songbirdnest.com
- MPEG-4 Video Decoding Support - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewmpeg4dec@songbirdnest.com
- File association - C:\Program Files (x86)\Philips\Philips Songbird\extensions\fileassociation@philips.com
- Philips GoGear Device Manager - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gogear@songbirdnest.com
- gonzo - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gonzo@songbirdnest.com
- Fornecedor da pesquisa de metadados Gracenote - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gracenote@songbirdnest.com
- Czech cs Language Pack - C:\Program Files (x86)\Philips\Philips Songbird\extensions\langpack-cs@songbirdnest.com
- mashTape - C:\Program Files (x86)\Philips\Philips Songbird\extensions\mashTape@songbirdnest.com
- MSC Device Support - C:\Program Files (x86)\Philips\Philips Songbird\extensions\msc@songbirdnest.com
- MTP Device Support - C:\Program Files (x86)\Philips\Philips Songbird\extensions\mtp@songbirdnest.com
- Philips addon manager - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-addon-manager@philips.com
- Philips Branding - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-branding@philips.com
- LikeMusic - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-likemusic@philips.com
- Philips auto msc-mtp switch - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-msc-mtp-switch@philips.com
- Philips Promotions - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-promotions@philips.com
- Philips Skin - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-skin@philips.com
- Philips UI - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-ui@philips.com
- Purple Rain - C:\Program Files (x86)\Philips\Philips Songbird\extensions\purplerain@songbirdnest.com
- Windows Media Playback - C:\Program Files (x86)\Philips\Philips Songbird\extensions\windowsmedia@songbirdnest.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default
A58DE0A570148AF5FF3512B2A340D09F - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash
0C0C5C207121C7A78414A8250E8E099A - C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll - Shockwave for Director / Shockwave for Director
D7324EB1EDCB8990F8522DE0311359E9 - C:\windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17
3A57A288F098188E92C6B0309CBC50B2 - C:\windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System


==== Chrome Look ======================

CostMin - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\efhdcbnmpcnkokngehmojfeakbchhhco
CostMin - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\efhdcbnmpcnkokngehmojfeakbchhhco
CostMin - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\efhdcbnmpcnkokngehmojfeakbchhhco
CostMin - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\efhdcbnmpcnkokngehmojfeakbchhhco
CostMin - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\efhdcbnmpcnkokngehmojfeakbchhhco
CostMin - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\efhdcbnmpcnkokngehmojfeakbchhhco
CostMin - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\efhdcbnmpcnkokngehmojfeakbchhhco
CostMin - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\efhdcbnmpcnkokngehmojfeakbchhhco
CostMin - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\efhdcbnmpcnkokngehmojfeakbchhhco
CostMin - Martina\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\efhdcbnmpcnkokngehmojfeakbchhhco
CostMin - Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\efhdcbnmpcnkokngehmojfeakbchhhco
CostMin - Martina\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\efhdcbnmpcnkokngehmojfeakbchhhco

==== Chrome Fix ======================

C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\efhdcbnmpcnkokngehmojfeakbchhhco deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\efhdcbnmpcnkokngehmojfeakbchhhco deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\efhdcbnmpcnkokngehmojfeakbchhhco deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\efhdcbnmpcnkokngehmojfeakbchhhco deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\efhdcbnmpcnkokngehmojfeakbchhhco deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\efhdcbnmpcnkokngehmojfeakbchhhco deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\efhdcbnmpcnkokngehmojfeakbchhhco deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\efhdcbnmpcnkokngehmojfeakbchhhco deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\efhdcbnmpcnkokngehmojfeakbchhhco deleted successfully
C:\Users\Martina\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\efhdcbnmpcnkokngehmojfeakbchhhco deleted successfully
C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\efhdcbnmpcnkokngehmojfeakbchhhco deleted successfully
C:\Users\Martina\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\efhdcbnmpcnkokngehmojfeakbchhhco deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/?clid=13415"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/?clid=13415"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{24AB7B16-6C04-4E62-BADB-A3AF9C7BA5B2} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13415"
{28DBDC09-CD74-4291-80D1-789ACD6F9883} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_13415"
{3B1E141A-EEAB-4017-B1B0-52F649082AB3} Unknown Url="Not_Found"
{4E0C853B-1E34-451A-B946-3B8D7C8BCE5D} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13415"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"
{6BC336E0-0860-4AFD-B849-E13CABFBD077} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_13415"
{764482F2-C192-4032-B5B2-7848E6928461} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415"
{8C35819E-0D88-4E0F-8946-73D1764A9500} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_13415"
{A82AFC07-BDDB-4D91-91BD-B3D6AB1E5B87} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_13415"
{CFDE9E19-18B2-4AC6-9F1E-14BD87C69D29} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_13415"

==== Reset Google Chrome ======================

C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\SearchScopes\{3B1E141A-EEAB-4017-B1B0-52F649082AB3} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Martina\AppData\Local\Mozilla\Firefox\Profiles\u60ghvfv.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=364 folders=52 18307694 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Martina\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\Martina\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on p  04. 07. 2014 at 13:51:48,59 ======================

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-07-2014
Ran by Martina (administrator) on IDEA-PC on 04-07-2014 14:18:30
Running from C:\Users\Martina\Downloads
Platform: Windows 8 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(BitTorrent Inc.) C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe
(BitTorrent, Inc.) C:\Program Files (x86)\BitTorrent Sync\BTSync.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
() C:\Users\Martina\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Martina\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
() C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-15] (Conexant Systems, Inc.)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-09-30] ()
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2013-02-08] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2013-02-08] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-07-26] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-05-02] (Vimicro)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Philips Device Listener] => C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [380416 2012-02-15] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [20131121] => C:\Program Files\AVAST Software\Avast\setup\emupdate\c40ccc70-6a07-40a0-9f40-5476b72da3bc.exe /check
HKLM-x32\...\Run: [YourFile DownloaderInstaller Starter] => "C:\Users\Martina\AppData\Local\Temp\install747170717.exe" -startup
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Common Files\Symantec Shared <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVG <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVG <====== ATTENTION
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [Google Update] => "C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [BitTorrent] => C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe [1240664 2014-04-29] (BitTorrent Inc.)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [BitTorrent Sync] => C:\Program Files (x86)\BitTorrent Sync\BTSync.exe [1651304 2013-11-26] (BitTorrent, Inc.)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Martina\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Martina\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [UycuBinqa] => regsvr32.exe "C:\ProgramData\UycuBinqa.dat"
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {29cf524e-91a1-11e3-becb-2cd05a349e8e} - "G:\Autorun.exe"
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {6a843982-84fe-11e3-bec9-2cd05a349e8e} - "F:\Setup.exe"
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {8341029c-197f-11e3-be96-2cd05a349e8e} - "H:\Setup.exe"
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {da1bb614-dc23-11e2-be7a-2cd05a349e8e} - "F:\Setup.part01.exe"
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mysearch.avg.com/?cid={17A0EB00- ... 2013-08-10 17:45:26&v=15.4.0.5&pid=safeguard&sg=0&sap=hp
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {24AB7B16-6C04-4E62-BADB-A3AF9C7BA5B2} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {28DBDC09-CD74-4291-80D1-789ACD6F9883} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKCU - {4E0C853B-1E34-451A-B946-3B8D7C8BCE5D} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6BC336E0-0860-4AFD-B849-E13CABFBD077} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKCU - {764482F2-C192-4032-B5B2-7848E6928461} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
SearchScopes: HKCU - {8C35819E-0D88-4E0F-8946-73D1764A9500} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKCU - {A82AFC07-BDDB-4D91-91BD-B3D6AB1E5B87} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKCU - {CFDE9E19-18B2-4AC6-9F1E-14BD87C69D29} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.10.10.10

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Martina\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Martina\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Seznam lištička - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-06-04]
FF Extension: Adblock Plus - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-03]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-11]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-23]
CHR Extension: (Disk Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-23]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-23]
CHR Extension: (Vyhledávání Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-23]
CHR Extension: (Peněženka Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-23]
CHR Extension: (Gmail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-23]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-30] (Qualcomm Atheros Commnucations)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-30] (Atheros) [File not signed]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

==================== Drivers (Whitelisted) ====================

R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-30] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-01-24] (Disc Soft Ltd)
S3 GEARAspiWDM; C:\Windows\SysWOW64\Drivers\GEARAspiWDM.sys [15664 2011-07-15] (GEAR Software Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-27] (Synaptics Incorporated)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [975104 2012-08-24] (Vimicro Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S1 SABKUTIL; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.sys [X]
S3 SABProcEnum; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys [X]
S1 {587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64; system32\drivers\{587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-04 14:18 - 2014-07-04 14:18 - 00021204 _____ () C:\Users\Martina\Downloads\FRST.txt
2014-07-04 14:17 - 2014-07-04 14:18 - 00000000 ____D () C:\FRST
2014-07-04 14:17 - 2014-07-04 14:17 - 02083840 _____ (Farbar) C:\Users\Martina\Downloads\FRST64.exe
2014-07-04 14:16 - 2014-07-04 14:16 - 01073664 _____ (Farbar) C:\Users\Martina\Downloads\FRST.exe
2014-07-04 13:43 - 2014-07-04 13:27 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-07-04 13:28 - 2014-07-04 13:51 - 00018049 _____ () C:\zoek-results.log
2014-07-04 13:27 - 2014-07-04 13:41 - 00000000 ____D () C:\zoek_backup
2014-07-04 13:27 - 2014-07-04 13:27 - 01285120 _____ () C:\Users\Martina\Downloads\zoek.exe
2014-07-04 11:53 - 2014-07-04 11:53 - 00001330 _____ () C:\Users\Martina\Desktop\JRT.txt
2014-07-04 11:16 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-07-04 11:15 - 2014-07-04 11:56 - 00000000 ____D () C:\AdwCleaner
2014-07-04 11:15 - 2014-07-04 11:15 - 01346519 _____ () C:\Users\Martina\Downloads\adwcleaner_3.214.exe
2014-07-04 11:15 - 2014-07-04 11:15 - 00000000 ____D () C:\windows\ERUNT
2014-07-04 11:14 - 2014-07-04 11:14 - 01016261 _____ (Thisisu) C:\Users\Martina\Downloads\JRT.exe
2014-07-03 17:25 - 2014-07-03 17:25 - 00781909 _____ () C:\Users\Martina\Downloads\RSIT.exe
2014-07-03 17:25 - 2014-07-03 17:25 - 00081309 _____ () C:\Users\Martina\Downloads\Martina.exe
2014-07-03 17:24 - 2014-07-03 17:25 - 00832273 _____ () C:\Users\Martina\Downloads\RSITx64(2).exe
2014-07-03 17:23 - 2014-07-03 17:23 - 01222144 _____ () C:\Users\Martina\Downloads\RSITx64(1).exe
2014-07-03 17:23 - 2014-07-03 17:23 - 00000000 ____D () C:\rsit
2014-07-03 16:26 - 2014-07-03 16:26 - 00012945 _____ () C:\Users\Martina\Downloads\hijackthis.log
2014-07-03 16:25 - 2014-07-03 16:25 - 00388608 _____ (Trend Micro Inc.) C:\Users\Martina\Downloads\hijackthis.exe
2014-07-03 15:16 - 2014-07-04 13:40 - 00269720 _____ (Microsoft Corporation) C:\ProgramData\UycuBinqa.dat
2014-07-02 20:41 - 2014-07-02 20:41 - 00055959 _____ () C:\Users\Martina\Downloads\teleport 4_6_1-8535-4-6-1.zip
2014-07-02 16:24 - 2014-07-02 16:28 - 00000000 ____D () C:\Program Files (x86)\SuperAdBlocker.com
2014-07-02 16:24 - 2014-07-02 16:24 - 00000000 ____D () C:\windows\SysWOW64\URTTemp
2014-07-02 16:24 - 2014-07-02 16:24 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\SuperAdBlocker.com
2014-07-02 16:22 - 2014-07-02 16:22 - 06322200 _____ () C:\Users\Martina\Downloads\SuperAdBlocker.exe
2014-07-02 14:04 - 2014-07-02 14:04 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-02 14:04 - 2014-07-02 14:04 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-02 14:04 - 2014-07-02 14:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-02 14:03 - 2014-07-02 14:03 - 29677080 _____ (Mozilla) C:\Users\Martina\Downloads\Firefox Setup 30.0.exe
2014-07-02 14:03 - 2014-07-02 14:03 - 00921600 _____ () C:\Users\Martina\Downloads\centrumie-1.1.2.0.msi
2014-07-02 14:02 - 2014-07-02 14:02 - 00733432 _____ () C:\Users\Martina\Downloads\mozilla-firefox-lista-centrumcz-pro-internet-explorer.exe
2014-07-01 17:38 - 2014-07-01 18:59 - 1355292708 _____ () C:\Users\Martina\Downloads\De-Behandeling.avi
2014-07-01 14:04 - 2014-07-01 14:04 - 00036987 _____ () C:\Users\Martina\Downloads\Lockpick Pro v3-219-3.zip
2014-07-01 11:08 - 2014-07-01 11:08 - 07785280 _____ (http://www.goforfiles.com/) C:\Users\Martina\Downloads\Serial_Number_Atlas_Ti_7_downloader.exe
2014-07-01 11:07 - 2014-07-01 11:08 - 00000000 ____D () C:\Program Files (x86)\SavePass
2014-07-01 11:07 - 2014-07-01 11:07 - 00003094 _____ () C:\windows\System32\Tasks\{C48480B4-8E3A-413B-ACAA-BB531D8DA11C}
2014-07-01 11:06 - 2014-07-01 11:06 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-07-01 11:06 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\Martina\AppData\Local\Comodo
2014-07-01 11:06 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-01 11:06 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-01 11:06 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-01 11:06 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-07-01 11:06 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-07-01 11:06 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\Guest
2014-07-01 11:06 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-01 11:06 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-01 11:06 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\Administrator
2014-07-01 11:05 - 2014-07-01 11:05 - 00000000 ____D () C:\Program Files (x86)\GoforFiles Updater
2014-07-01 11:05 - 2014-06-29 15:47 - 00312560 _____ () C:\Users\Martina\Downloads\tmps_5011.exe
2014-07-01 11:04 - 2014-07-01 11:04 - 07785272 _____ (http://www.goforfiles.com/) C:\Users\Martina\Downloads\Atlas_Ti_7_Crack_downloader.exe
2014-07-01 11:04 - 2014-07-01 11:04 - 03114448 _____ (Technology Island, Inc.) C:\Users\Martina\Downloads\Atlas_Ti_7_Keygen_downloader.exe
2014-07-01 10:57 - 2014-07-01 10:57 - 06608200 _____ (http://yourfiledownloader.com) C:\Users\Martina\Downloads\Atlas_Ti_7_Serial_Number_downloader.exe
2014-06-30 12:34 - 2014-06-30 13:15 - 731668538 _____ () C:\Users\Martina\Downloads\Anna-[2013]-HDRip-XViD-juggs[ETRG].avi
2014-06-26 22:16 - 2014-06-26 22:17 - 00000000 ____D () C:\Users\Martina\Desktop\dd
2014-06-26 16:30 - 2014-06-26 16:30 - 00949281 _____ ( ) C:\Users\Martina\Downloads\czd2t1.exe
2014-06-26 16:30 - 2014-06-26 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CZ-Doc2Txt Demo 4.0
2014-06-26 16:30 - 2014-06-26 16:30 - 00000000 ____D () C:\Program Files (x86)\CZ-Doc2Txt
2014-06-26 16:29 - 2014-06-26 16:29 - 00008519 _____ () C:\Users\Martina\Downloads\Doc2txt-0.1-cz.zip
2014-06-26 16:29 - 2014-06-26 16:29 - 00001241 _____ () C:\Users\Martina\Downloads\doc2txt-2013-02-16.7z
2014-06-26 16:25 - 2014-06-26 16:28 - 56071680 _____ () C:\Users\Martina\Downloads\calibre-1.41.0.msi
2014-06-26 16:05 - 2014-06-26 16:05 - 05060729 _____ () C:\Users\Martina\Downloads\QAKonference_2014_ATLAS_ti.pptx
2014-06-26 13:30 - 2014-06-26 13:30 - 00001036 _____ () C:\Users\Public\Desktop\7-PDF Maker.lnk
2014-06-26 13:30 - 2014-06-26 13:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\7-PDFMaker
2014-06-26 13:30 - 2014-06-26 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-PDF
2014-06-26 13:30 - 2014-06-26 13:30 - 00000000 ____D () C:\Program Files (x86)\7-PDF
2014-06-26 13:28 - 2014-06-26 13:30 - 63627678 _____ (7-PDF, Germany ) C:\Users\Martina\Downloads\7p10.exe
2014-06-26 13:23 - 2014-06-26 13:23 - 05177938 _____ (XSoft ) C:\Users\Martina\Downloads\WordToPDF_setup.exe
2014-06-26 13:14 - 2014-06-26 13:19 - 88783199 _____ () C:\Users\Martina\Downloads\Atlas_ti_V6.zip
2014-06-25 15:31 - 2014-07-04 11:19 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-06-25 15:31 - 2014-07-04 11:19 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-06-25 15:31 - 2014-07-04 11:19 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-06-25 15:31 - 2014-07-04 11:19 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-06-25 15:31 - 2014-07-04 11:18 - 03286528 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-06-25 15:31 - 2014-07-04 11:18 - 01623040 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-06-25 15:31 - 2014-07-04 11:18 - 00773632 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-06-25 15:31 - 2014-07-04 11:18 - 00629248 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-06-25 15:31 - 2014-07-04 11:18 - 00253440 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2014-06-25 15:31 - 2014-07-04 11:18 - 00176640 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2014-06-25 15:31 - 2014-07-04 11:18 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-06-25 15:31 - 2014-07-04 11:18 - 00086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-06-25 15:31 - 2014-07-04 11:18 - 00059416 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-06-24 22:18 - 2014-06-24 22:53 - 310364271 _____ () C:\Users\Martina\Downloads\Skyrim-1.9.32.8.0-update-+-CZ-na-vsechny-DLC,-neoficialni-patche-v-CZ.rar
2014-06-24 22:18 - 2014-06-24 22:19 - 09246407 _____ () C:\Users\Martina\Downloads\The-Elder-Scrolls-V-Skyrim-Legendary-Edition---Cestina.rar
2014-06-24 22:06 - 2014-06-24 22:06 - 00000000 ____D () C:\Users\Martina\Documents\My Games
2014-06-24 22:06 - 2014-06-24 22:06 - 00000000 ____D () C:\Users\Martina\AppData\Local\Skyrim
2014-06-24 22:06 - 2014-06-24 22:06 - 00000000 ____D () C:\ProgramData\Steam
2014-06-24 20:09 - 2014-06-26 22:19 - 00000000 ____D () C:\Program Files (x86)\The Elder Scrolls V Skyrim - Legendary Edition
2014-06-24 16:21 - 2014-06-24 16:21 - 00000000 ____D () C:\Users\Martina\Documents\Scientific Software
2014-06-24 16:21 - 2014-06-24 16:21 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Scientific Software
2014-06-24 16:20 - 2014-06-24 16:20 - 00002212 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATLAS.ti.lnk
2014-06-24 16:20 - 2014-06-24 16:20 - 00002200 _____ () C:\Users\Public\Desktop\ATLAS.ti.lnk
2014-06-24 16:20 - 2014-06-24 16:20 - 00000000 ____D () C:\Users\Public\Documents\Scientific Software
2014-06-24 16:20 - 2014-06-24 16:20 - 00000000 ____D () C:\ProgramData\Scientific Software
2014-06-24 16:20 - 2014-06-24 16:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scientific Software
2014-06-24 16:20 - 2014-06-24 16:20 - 00000000 ____D () C:\Program Files (x86)\Scientific Software
2014-06-24 15:46 - 2014-06-24 15:49 - 85278720 _____ () C:\Users\Martina\Downloads\a7setup.msi
2014-06-22 19:27 - 2014-06-22 19:27 - 00497576 _____ () C:\windows\Minidump\062214-39812-01.dmp
2014-06-22 19:27 - 2014-06-22 19:27 - 00000000 ____D () C:\windows\Minidump
2014-06-19 12:29 - 2014-06-20 02:37 - 00000000 ____D () C:\Users\Martina\Downloads\The Elder Scrolls V Skyrim – Legendary Edition Black Box
2014-06-16 17:55 - 2014-05-27 20:49 - 15180800 _____ () C:\Users\Martina\Desktop\Maligní měkké 2014.ppt
2014-06-16 17:55 - 2014-05-27 20:48 - 09161728 _____ () C:\Users\Martina\Desktop\Benigní měkké 2014.ppt
2014-06-11 13:49 - 2014-07-02 14:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-10 09:49 - 2014-07-04 13:51 - 00002900 _____ () C:\windows\System32\Tasks\AutoKMS
2014-06-09 23:43 - 2014-06-09 23:43 - 00000283 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Koš (10).lnk
2014-06-04 19:36 - 2014-06-04 19:36 - 00013587 _____ () C:\Users\Martina\Desktop\Systémový lupus erythematodes.odt
2014-06-04 14:25 - 2014-06-04 15:42 - 728186880 _____ () C:\Users\Martina\Downloads\Nepritomnost-Absentia-2011-cesky-dabing.avi

==================== One Month Modified Files and Folders =======

2014-07-04 14:18 - 2014-07-04 14:18 - 00021204 _____ () C:\Users\Martina\Downloads\FRST.txt
2014-07-04 14:18 - 2014-07-04 14:17 - 00000000 ____D () C:\FRST
2014-07-04 14:17 - 2014-07-04 14:17 - 02083840 _____ (Farbar) C:\Users\Martina\Downloads\FRST64.exe
2014-07-04 14:16 - 2014-07-04 14:16 - 01073664 _____ (Farbar) C:\Users\Martina\Downloads\FRST.exe
2014-07-04 14:15 - 2013-11-26 21:58 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\BitTorrent
2014-07-04 14:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-07-04 13:59 - 2013-06-26 00:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Seznam.cz
2014-07-04 13:54 - 2013-11-26 21:59 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\BitTorrent Sync
2014-07-04 13:53 - 2013-10-08 19:43 - 00000986 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001UA1cec44decc40ac7.job
2014-07-04 13:53 - 2013-08-13 22:28 - 01352210 _____ () C:\windows\WindowsUpdate.log
2014-07-04 13:51 - 2014-07-04 13:28 - 00018049 _____ () C:\zoek-results.log
2014-07-04 13:51 - 2014-06-10 09:49 - 00002900 _____ () C:\windows\System32\Tasks\AutoKMS
2014-07-04 13:51 - 2013-12-16 22:02 - 00000290 _____ () C:\windows\Tasks\AutoKMS.job
2014-07-04 13:50 - 2013-10-29 18:14 - 00000966 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-04 13:50 - 2013-08-22 11:58 - 00352740 _____ () C:\windows\PFRO.log
2014-07-04 13:50 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-04 13:44 - 2013-10-29 18:14 - 00000970 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-04 13:41 - 2014-07-04 13:27 - 00000000 ____D () C:\zoek_backup
2014-07-04 13:40 - 2014-07-03 15:16 - 00269720 _____ (Microsoft Corporation) C:\ProgramData\UycuBinqa.dat
2014-07-04 13:40 - 2013-06-18 11:30 - 00000000 ____D () C:\Users\Martina
2014-07-04 13:39 - 2013-06-19 22:29 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-07-04 13:36 - 2013-09-10 13:14 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-07-04 13:27 - 2014-07-04 13:43 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-07-04 13:27 - 2014-07-04 13:27 - 01285120 _____ () C:\Users\Martina\Downloads\zoek.exe
2014-07-04 12:42 - 2013-06-19 09:07 - 13380608 ___SH () C:\Users\Martina\Desktop\Thumbs.db
2014-07-04 12:26 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\rescache
2014-07-04 11:56 - 2014-07-04 11:15 - 00000000 ____D () C:\AdwCleaner
2014-07-04 11:56 - 2013-09-23 23:09 - 00000934 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001Core1ceb8a123e7bf34.job
2014-07-04 11:56 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-07-04 11:53 - 2014-07-04 11:53 - 00001330 _____ () C:\Users\Martina\Desktop\JRT.txt
2014-07-04 11:19 - 2014-06-25 15:31 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-07-04 11:19 - 2014-06-25 15:31 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-07-04 11:19 - 2014-06-25 15:31 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-07-04 11:19 - 2014-06-25 15:31 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-07-04 11:19 - 2012-07-26 09:59 - 00000000 ____D () C:\windows\CbsTemp
2014-07-04 11:18 - 2014-06-25 15:31 - 03286528 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-07-04 11:18 - 2014-06-25 15:31 - 01623040 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-07-04 11:18 - 2014-06-25 15:31 - 00773632 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-07-04 11:18 - 2014-06-25 15:31 - 00629248 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-07-04 11:18 - 2014-06-25 15:31 - 00253440 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2014-07-04 11:18 - 2014-06-25 15:31 - 00176640 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2014-07-04 11:18 - 2014-06-25 15:31 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-07-04 11:18 - 2014-06-25 15:31 - 00086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-07-04 11:18 - 2014-06-25 15:31 - 00059416 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-07-04 11:17 - 2013-02-08 13:23 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-07-04 11:15 - 2014-07-04 11:15 - 01346519 _____ () C:\Users\Martina\Downloads\adwcleaner_3.214.exe
2014-07-04 11:15 - 2014-07-04 11:15 - 00000000 ____D () C:\windows\ERUNT
2014-07-04 11:14 - 2014-07-04 11:14 - 01016261 _____ (Thisisu) C:\Users\Martina\Downloads\JRT.exe
2014-07-04 11:10 - 2013-02-08 13:38 - 00727488 _____ () C:\windows\system32\perfh005.dat
2014-07-04 11:10 - 2013-02-08 13:38 - 00148006 _____ () C:\windows\system32\perfc005.dat
2014-07-04 11:10 - 2012-07-26 09:28 - 01714430 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-04 11:08 - 2012-07-26 07:26 - 00000269 _____ () C:\windows\win.ini
2014-07-03 17:25 - 2014-07-03 17:25 - 00781909 _____ () C:\Users\Martina\Downloads\RSIT.exe
2014-07-03 17:25 - 2014-07-03 17:25 - 00081309 _____ () C:\Users\Martina\Downloads\Martina.exe
2014-07-03 17:25 - 2014-07-03 17:24 - 00832273 _____ () C:\Users\Martina\Downloads\RSITx64(2).exe
2014-07-03 17:23 - 2014-07-03 17:23 - 01222144 _____ () C:\Users\Martina\Downloads\RSITx64(1).exe
2014-07-03 17:23 - 2014-07-03 17:23 - 00000000 ____D () C:\rsit
2014-07-03 17:23 - 2013-08-10 17:55 - 00000000 ____D () C:\Program Files\trend micro
2014-07-03 16:26 - 2014-07-03 16:26 - 00012945 _____ () C:\Users\Martina\Downloads\hijackthis.log
2014-07-03 16:25 - 2014-07-03 16:25 - 00388608 _____ (Trend Micro Inc.) C:\Users\Martina\Downloads\hijackthis.exe
2014-07-03 16:25 - 2013-06-18 11:32 - 00000000 ____D () C:\Users\Martina\AppData\Local\VirtualStore
2014-07-02 20:41 - 2014-07-02 20:41 - 00055959 _____ () C:\Users\Martina\Downloads\teleport 4_6_1-8535-4-6-1.zip
2014-07-02 16:28 - 2014-07-02 16:24 - 00000000 ____D () C:\Program Files (x86)\SuperAdBlocker.com
2014-07-02 16:24 - 2014-07-02 16:24 - 00000000 ____D () C:\windows\SysWOW64\URTTemp
2014-07-02 16:24 - 2014-07-02 16:24 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\SuperAdBlocker.com
2014-07-02 16:22 - 2014-07-02 16:22 - 06322200 _____ () C:\Users\Martina\Downloads\SuperAdBlocker.exe
2014-07-02 14:04 - 2014-07-02 14:04 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-02 14:04 - 2014-07-02 14:04 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-02 14:04 - 2014-07-02 14:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-02 14:04 - 2014-06-11 13:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-02 14:03 - 2014-07-02 14:03 - 29677080 _____ (Mozilla) C:\Users\Martina\Downloads\Firefox Setup 30.0.exe
2014-07-02 14:03 - 2014-07-02 14:03 - 00921600 _____ () C:\Users\Martina\Downloads\centrumie-1.1.2.0.msi
2014-07-02 14:02 - 2014-07-02 14:02 - 00733432 _____ () C:\Users\Martina\Downloads\mozilla-firefox-lista-centrumcz-pro-internet-explorer.exe
2014-07-01 18:59 - 2014-07-01 17:38 - 1355292708 _____ () C:\Users\Martina\Downloads\De-Behandeling.avi
2014-07-01 14:04 - 2014-07-01 14:04 - 00036987 _____ () C:\Users\Martina\Downloads\Lockpick Pro v3-219-3.zip
2014-07-01 11:51 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-07-01 11:08 - 2014-07-01 11:08 - 07785280 _____ (http://www.goforfiles.com/) C:\Users\Martina\Downloads\Serial_Number_Atlas_Ti_7_downloader.exe
2014-07-01 11:08 - 2014-07-01 11:07 - 00000000 ____D () C:\Program Files (x86)\SavePass
2014-07-01 11:08 - 2013-09-23 23:06 - 00002447 _____ () C:\Users\Martina\Desktop\Google Chrome.lnk
2014-07-01 11:07 - 2014-07-01 11:07 - 00003094 _____ () C:\windows\System32\Tasks\{C48480B4-8E3A-413B-ACAA-BB531D8DA11C}
2014-07-01 11:07 - 2013-06-18 22:15 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-01 11:06 - 2014-07-01 11:06 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-07-01 11:06 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\Martina\AppData\Local\Comodo
2014-07-01 11:06 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-01 11:06 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-01 11:06 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-01 11:06 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-07-01 11:06 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-07-01 11:06 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\Guest
2014-07-01 11:06 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-01 11:06 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-01 11:06 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\Administrator
2014-07-01 11:06 - 2013-06-18 22:15 - 00000000 ____D () C:\Users\Martina\AppData\Local\Google
2014-07-01 11:06 - 2012-07-26 10:12 - 00000000 ___HD () C:\windows\system32\GroupPolicy
2014-07-01 11:06 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\SysWOW64\GroupPolicy
2014-07-01 11:05 - 2014-07-01 11:05 - 00000000 ____D () C:\Program Files (x86)\GoforFiles Updater
2014-07-01 11:04 - 2014-07-01 11:04 - 07785272 _____ (http://www.goforfiles.com/) C:\Users\Martina\Downloads\Atlas_Ti_7_Crack_downloader.exe
2014-07-01 11:04 - 2014-07-01 11:04 - 03114448 _____ (Technology Island, Inc.) C:\Users\Martina\Downloads\Atlas_Ti_7_Keygen_downloader.exe
2014-07-01 10:57 - 2014-07-01 10:57 - 06608200 _____ (http://yourfiledownloader.com) C:\Users\Martina\Downloads\Atlas_Ti_7_Serial_Number_downloader.exe
2014-06-30 13:15 - 2014-06-30 12:34 - 731668538 _____ () C:\Users\Martina\Downloads\Anna-[2013]-HDRip-XViD-juggs[ETRG].avi
2014-06-29 15:47 - 2014-07-01 11:05 - 00312560 _____ () C:\Users\Martina\Downloads\tmps_5011.exe
2014-06-26 22:19 - 2014-06-24 20:09 - 00000000 ____D () C:\Program Files (x86)\The Elder Scrolls V Skyrim - Legendary Edition
2014-06-26 22:17 - 2014-06-26 22:16 - 00000000 ____D () C:\Users\Martina\Desktop\dd
2014-06-26 16:30 - 2014-06-26 16:30 - 00949281 _____ ( ) C:\Users\Martina\Downloads\czd2t1.exe
2014-06-26 16:30 - 2014-06-26 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CZ-Doc2Txt Demo 4.0
2014-06-26 16:30 - 2014-06-26 16:30 - 00000000 ____D () C:\Program Files (x86)\CZ-Doc2Txt
2014-06-26 16:29 - 2014-06-26 16:29 - 00008519 _____ () C:\Users\Martina\Downloads\Doc2txt-0.1-cz.zip
2014-06-26 16:29 - 2014-06-26 16:29 - 00001241 _____ () C:\Users\Martina\Downloads\doc2txt-2013-02-16.7z
2014-06-26 16:28 - 2014-06-26 16:25 - 56071680 _____ () C:\Users\Martina\Downloads\calibre-1.41.0.msi
2014-06-26 16:05 - 2014-06-26 16:05 - 05060729 _____ () C:\Users\Martina\Downloads\QAKonference_2014_ATLAS_ti.pptx
2014-06-26 13:30 - 2014-06-26 13:30 - 00001036 _____ () C:\Users\Public\Desktop\7-PDF Maker.lnk
2014-06-26 13:30 - 2014-06-26 13:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\7-PDFMaker
2014-06-26 13:30 - 2014-06-26 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-PDF
2014-06-26 13:30 - 2014-06-26 13:30 - 00000000 ____D () C:\Program Files (x86)\7-PDF
2014-06-26 13:30 - 2014-06-26 13:28 - 63627678 _____ (7-PDF, Germany ) C:\Users\Martina\Downloads\7p10.exe
2014-06-26 13:23 - 2014-06-26 13:23 - 05177938 _____ (XSoft ) C:\Users\Martina\Downloads\WordToPDF_setup.exe
2014-06-26 13:19 - 2014-06-26 13:14 - 88783199 _____ () C:\Users\Martina\Downloads\Atlas_ti_V6.zip
2014-06-24 22:53 - 2014-06-24 22:18 - 310364271 _____ () C:\Users\Martina\Downloads\Skyrim-1.9.32.8.0-update-+-CZ-na-vsechny-DLC,-neoficialni-patche-v-CZ.rar
2014-06-24 22:19 - 2014-06-24 22:18 - 09246407 _____ () C:\Users\Martina\Downloads\The-Elder-Scrolls-V-Skyrim-Legendary-Edition---Cestina.rar
2014-06-24 22:06 - 2014-06-24 22:06 - 00000000 ____D () C:\Users\Martina\Documents\My Games
2014-06-24 22:06 - 2014-06-24 22:06 - 00000000 ____D () C:\Users\Martina\AppData\Local\Skyrim
2014-06-24 22:06 - 2014-06-24 22:06 - 00000000 ____D () C:\ProgramData\Steam
2014-06-24 20:07 - 2013-06-18 11:30 - 00001133 _____ () C:\Users\Martina\Desktop\Cyberlink Power2Go.lnk
2014-06-24 16:21 - 2014-06-24 16:21 - 00000000 ____D () C:\Users\Martina\Documents\Scientific Software
2014-06-24 16:21 - 2014-06-24 16:21 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Scientific Software
2014-06-24 16:20 - 2014-06-24 16:20 - 00002212 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATLAS.ti.lnk
2014-06-24 16:20 - 2014-06-24 16:20 - 00002200 _____ () C:\Users\Public\Desktop\ATLAS.ti.lnk
2014-06-24 16:20 - 2014-06-24 16:20 - 00000000 ____D () C:\Users\Public\Documents\Scientific Software
2014-06-24 16:20 - 2014-06-24 16:20 - 00000000 ____D () C:\ProgramData\Scientific Software
2014-06-24 16:20 - 2014-06-24 16:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scientific Software
2014-06-24 16:20 - 2014-06-24 16:20 - 00000000 ____D () C:\Program Files (x86)\Scientific Software
2014-06-24 15:49 - 2014-06-24 15:46 - 85278720 _____ () C:\Users\Martina\Downloads\a7setup.msi
2014-06-24 11:48 - 2013-10-08 19:43 - 00003936 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001UA1cec44decc40ac7
2014-06-24 11:48 - 2013-09-23 23:09 - 00003556 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001Core1ceb8a123e7bf34
2014-06-23 11:39 - 2013-10-29 18:14 - 00003942 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-23 11:39 - 2013-10-29 18:14 - 00003706 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-22 19:27 - 2014-06-22 19:27 - 00497576 _____ () C:\windows\Minidump\062214-39812-01.dmp
2014-06-22 19:27 - 2014-06-22 19:27 - 00000000 ____D () C:\windows\Minidump
2014-06-20 02:37 - 2014-06-19 12:29 - 00000000 ____D () C:\Users\Martina\Downloads\The Elder Scrolls V Skyrim – Legendary Edition Black Box
2014-06-19 13:31 - 2013-08-10 17:04 - 00000000 ____D () C:\Users\Martina\Desktop\Složky
2014-06-19 13:31 - 2013-07-23 23:16 - 00000000 ____D () C:\Users\Martina\Desktop\Filmy
2014-06-19 12:14 - 2013-06-22 19:10 - 00000566 _____ () C:\Users\Martina\Desktop\filmy.txt
2014-06-18 08:30 - 2013-10-07 23:22 - 00000646 ____H () C:\Users\Martina\Documents\.picasa.ini
2014-06-18 08:30 - 2013-10-07 22:48 - 01110528 ___SH () C:\Users\Martina\Documents\Thumbs.db
2014-06-11 12:48 - 2013-06-18 11:35 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Atheros
2014-06-10 22:28 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\FxsTmp
2014-06-09 23:43 - 2014-06-09 23:43 - 00000283 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Koš (10).lnk
2014-06-04 19:36 - 2014-06-04 19:36 - 00013587 _____ () C:\Users\Martina\Desktop\Systémový lupus erythematodes.odt
2014-06-04 15:42 - 2014-06-04 14:25 - 728186880 _____ () C:\Users\Martina\Downloads\Nepritomnost-Absentia-2011-cesky-dabing.avi
2014-06-04 00:10 - 2014-06-03 22:33 - 897355227 _____ () C:\Users\Martina\Downloads\Hruza.v.Connecticutu.2.Duch.Georgie.2013.BRRip.XviD.CZ.avi.rar

Files to move or delete:
====================
C:\ProgramData\UycuBinqa.dat


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-26 14:33

==================== End Of Log ============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
  HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [20131121] => C:\Program Files\AVAST Software\Avast\setup\emupdate\c40ccc70-6a07-40a0-9f40-5476b72da3bc.exe /check
  HKLM-x32\...\Run: [YourFile DownloaderInstaller Starter] => "C:\Users\Martina\AppData\Local\Temp\install747170717.exe" -startup
  HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION
  HKLM Group Policy restriction on software: C:\Program Files\Trend Micro <====== ATTENTION
  HKLM Group Policy restriction on software: C:\Program Files (x86)\Common Files\Symantec Shared <====== ATTENTION
  HKLM Group Policy restriction on software: C:\Program Files\Trend Micro <====== ATTENTION
  HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVG <====== ATTENTION
  HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
  HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
  HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ATTENTION
  HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVG <====== ATTENTION
  HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [Google Update] => "C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe" /c
  HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [BitTorrent] => C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe [1240664 2014-04-29] (BitTorrent Inc.)
  HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [BitTorrent Sync] => C:\Program Files (x86)\BitTorrent Sync\BTSync.exe [1651304 2013-11-26] (BitTorrent, Inc.)
  HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
  HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
  HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Martina\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
  HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Martina\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
  HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [UycuBinqa] => regsvr32.exe "C:\ProgramData\UycuBinqa.dat"
  HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {29cf524e-91a1-11e3-becb-2cd05a349e8e} - "G:\Autorun.exe"
  HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {6a843982-84fe-11e3-bec9-2cd05a349e8e} - "F:\Setup.exe"
  HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {8341029c-197f-11e3-be96-2cd05a349e8e} - "H:\Setup.exe"
  HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {da1bb614-dc23-11e2-be7a-2cd05a349e8e} - "F:\Setup.part01.exe"
  ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
  GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
  
  HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
  HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mysearch.avg.com/?cid={17A0EB00-C9DC-4A5E-AA8C-006BF3B643EF}&mid=04bc502537ee47d39d30fd991cd0777d-8a78130d4b8d42338d3c7f693769f582cf6c0ca7&lang=en&ds=co011&pr=sa&d=2013-08-10 17:45:26&v=15.4.0.5&pid=safeguard&sg=0&sap=hp
  HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
  SearchScopes: HKLM - DefaultScope value is missing.
  SearchScopes: HKLM-x32 - DefaultScope value is missing.
  
  FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
  FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
  
  CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
  
  S1 {587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64; system32\drivers\{587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64.sys [X]
  
  C:\windows\AutoKMS
  C:\ProgramData\UycuBinqa.dat
  C:\Users\Martina\AppData\Local\Temp\install747170717.exe
  2014-07-04 14:16 - 2014-07-04 14:16 - 01073664 _____ (Farbar) C:\Users\Martina\Downloads\FRST.exe
  2014-07-04 13:43 - 2014-07-04 13:27 - 00024064 _____ () C:\windows\zoek-delete.exe
  2014-07-04 13:28 - 2014-07-04 13:51 - 00018049 _____ () C:\zoek-results.log
  2014-07-04 13:27 - 2014-07-04 13:41 - 00000000 ____D () C:\zoek_backup
  2014-07-04 13:27 - 2014-07-04 13:27 - 01285120 _____ () C:\Users\Martina\Downloads\zoek.exe
  2014-07-04 11:53 - 2014-07-04 11:53 - 00001330 _____ () C:\Users\Martina\Desktop\JRT.txt
  2014-07-04 11:16 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
  2014-07-04 11:15 - 2014-07-04 11:56 - 00000000 ____D () C:\AdwCleaner
  2014-07-04 11:15 - 2014-07-04 11:15 - 01346519 _____ () C:\Users\Martina\Downloads\adwcleaner_3.214.exe
  2014-07-04 11:15 - 2014-07-04 11:15 - 00000000 ____D () C:\windows\ERUNT
  2014-07-04 11:14 - 2014-07-04 11:14 - 01016261 _____ (Thisisu) C:\Users\Martina\Downloads\JRT.exe
  2014-07-03 17:25 - 2014-07-03 17:25 - 00781909 _____ () C:\Users\Martina\Downloads\RSIT.exe
  2014-07-03 17:25 - 2014-07-03 17:25 - 00081309 _____ () C:\Users\Martina\Downloads\Martina.exe
  2014-07-03 17:24 - 2014-07-03 17:25 - 00832273 _____ () C:\Users\Martina\Downloads\RSITx64(2).exe
  2014-07-03 17:23 - 2014-07-03 17:23 - 01222144 _____ () C:\Users\Martina\Downloads\RSITx64(1).exe
  2014-07-03 17:23 - 2014-07-03 17:23 - 00000000 ____D () C:\rsit
  2014-07-03 16:26 - 2014-07-03 16:26 - 00012945 _____ () C:\Users\Martina\Downloads\hijackthis.log
  2014-07-03 16:25 - 2014-07-03 16:25 - 00388608 _____ (Trend Micro Inc.) C:\Users\Martina\Downloads\hijackthis.exe
  2014-07-03 15:16 - 2014-07-04 13:40 - 00269720 _____ (Microsoft Corporation) C:\ProgramData\UycuBinqa.dat
  
  Task: {13D50001-E5FC-4787-BB58-AF7484B64F82} - \9ace90aa-3e4d-4c59-9d72-0db3da3612c4-10 No Task File <==== ATTENTION
  Task: {13F34021-4841-40DB-87F3-68A118A4F161} - \9ace90aa-3e4d-4c59-9d72-0db3da3612c4-5 No Task File <==== ATTENTION
  Task: {168E2E46-A724-4669-8478-4EFC7E8D0CDE} - \9ace90aa-3e4d-4c59-9d72-0db3da3612c4-1 No Task File <==== ATTENTION
  Task: {5A48C525-7BBD-49D7-8E06-66D687BA611F} - \GoforFilesUpdate No Task File <==== ATTENTION
  Task: {5FD2644B-5C29-495B-9287-650CFBF50A1E} - \9ace90aa-3e4d-4c59-9d72-0db3da3612c4-4 No Task File <==== ATTENTION
  Task: {77CE5349-ABFC-4142-8104-7373CF32C90C} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
  Task: {7CA7B86E-9D1F-4EF6-B9EF-0B9C0D6A6FF5} - \9ace90aa-3e4d-4c59-9d72-0db3da3612c4-11 No Task File <==== ATTENTION
  Task: {7EAF30AA-465B-4082-A1EE-C78AE6E74006} - \9ace90aa-3e4d-4c59-9d72-0db3da3612c4-7 No Task File <==== ATTENTION
  Task: {9215CFDD-CBC4-4C38-9695-1FD70D0224A3} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
  Task: {9C6C680D-0BCC-4130-9B84-8A87E02E64BC} - \9ace90aa-3e4d-4c59-9d72-0db3da3612c4-5_user No Task File <==== ATTENTION
  Task: {B834E164-59E2-4522-86EC-ECDD8F246D38} - \9ace90aa-3e4d-4c59-9d72-0db3da3612c4-6 No Task File <==== ATTENTION
  Task: {DE392077-DB05-49D8-A6EB-10B8D0FE367F} - \9ace90aa-3e4d-4c59-9d72-0db3da3612c4-2 No Task File <==== ATTENTION
  
  Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\windows\Tasks\AutoKMS.job => C:\windows\AutoKMS\AutoKMS.exe
  Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001Core1ceb8a123e7bf34.job => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001UA1cec44decc40ac7.job => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe
  
  Hosts:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-07-2014
Ran by Martina at 2014-07-04 18:30:40 Run:1
Running from C:\Users\Martina\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [20131121] => C:\Program Files\AVAST Software\Avast\setup\emupdate\c40ccc70-6a07-40a0-9f40-5476b72da3bc.exe /check
HKLM-x32\...\Run: [YourFile DownloaderInstaller Starter] => "C:\Users\Martina\AppData\Local\Temp\install747170717.exe" -startup
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Common Files\Symantec Shared <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVG <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVG <====== ATTENTION
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [Google Update] => "C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [BitTorrent] => C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe [1240664 2014-04-29] (BitTorrent Inc.)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [BitTorrent Sync] => C:\Program Files (x86)\BitTorrent Sync\BTSync.exe [1651304 2013-11-26] (BitTorrent, Inc.)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Martina\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Martina\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [UycuBinqa] => regsvr32.exe "C:\ProgramData\UycuBinqa.dat"
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {29cf524e-91a1-11e3-becb-2cd05a349e8e} - "G:\Autorun.exe"
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {6a843982-84fe-11e3-bec9-2cd05a349e8e} - "F:\Setup.exe"
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {8341029c-197f-11e3-be96-2cd05a349e8e} - "H:\Setup.exe"
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {da1bb614-dc23-11e2-be7a-2cd05a349e8e} - "F:\Setup.part01.exe"
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mysearch.avg.com/?cid={17A0EB00- ... 2013-08-10 17:45:26&v=15.4.0.5&pid=safeguard&sg=0&sap=hp
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.

FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

S1 {587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64; system32\drivers\{587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64.sys [X]

C:\windows\AutoKMS
C:\ProgramData\UycuBinqa.dat
C:\Users\Martina\AppData\Local\Temp\install747170717.exe
2014-07-04 14:16 - 2014-07-04 14:16 - 01073664 _____ (Farbar) C:\Users\Martina\Downloads\FRST.exe
2014-07-04 13:43 - 2014-07-04 13:27 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-07-04 13:28 - 2014-07-04 13:51 - 00018049 _____ () C:\zoek-results.log
2014-07-04 13:27 - 2014-07-04 13:41 - 00000000 ____D () C:\zoek_backup
2014-07-04 13:27 - 2014-07-04 13:27 - 01285120 _____ () C:\Users\Martina\Downloads\zoek.exe
2014-07-04 11:53 - 2014-07-04 11:53 - 00001330 _____ () C:\Users\Martina\Desktop\JRT.txt
2014-07-04 11:16 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-07-04 11:15 - 2014-07-04 11:56 - 00000000 ____D () C:\AdwCleaner
2014-07-04 11:15 - 2014-07-04 11:15 - 01346519 _____ () C:\Users\Martina\Downloads\adwcleaner_3.214.exe
2014-07-04 11:15 - 2014-07-04 11:15 - 00000000 ____D () C:\windows\ERUNT
2014-07-04 11:14 - 2014-07-04 11:14 - 01016261 _____ (Thisisu) C:\Users\Martina\Downloads\JRT.exe
2014-07-03 17:25 - 2014-07-03 17:25 - 00781909 _____ () C:\Users\Martina\Downloads\RSIT.exe
2014-07-03 17:25 - 2014-07-03 17:25 - 00081309 _____ () C:\Users\Martina\Downloads\Martina.exe
2014-07-03 17:24 - 2014-07-03 17:25 - 00832273 _____ () C:\Users\Martina\Downloads\RSITx64(2).exe
2014-07-03 17:23 - 2014-07-03 17:23 - 01222144 _____ () C:\Users\Martina\Downloads\RSITx64(1).exe
2014-07-03 17:23 - 2014-07-03 17:23 - 00000000 ____D () C:\rsit
2014-07-03 16:26 - 2014-07-03 16:26 - 00012945 _____ () C:\Users\Martina\Downloads\hijackthis.log
2014-07-03 16:25 - 2014-07-03 16:25 - 00388608 _____ (Trend Micro Inc.) C:\Users\Martina\Downloads\hijackthis.exe
2014-07-03 15:16 - 2014-07-04 13:40 - 00269720 _____ (Microsoft Corporation) C:\ProgramData\UycuBinqa.dat

Task: {13D50001-E5FC-4787-BB58-AF7484B64F82} - \9ace90aa-3e4d-4c59-9d72-0db3da3612c4-10 No Task File <==== ATTENTION
Task: {13F34021-4841-40DB-87F3-68A118A4F161} - \9ace90aa-3e4d-4c59-9d72-0db3da3612c4-5 No Task File <==== ATTENTION
Task: {168E2E46-A724-4669-8478-4EFC7E8D0CDE} - \9ace90aa-3e4d-4c59-9d72-0db3da3612c4-1 No Task File <==== ATTENTION
Task: {5A48C525-7BBD-49D7-8E06-66D687BA611F} - \GoforFilesUpdate No Task File <==== ATTENTION
Task: {5FD2644B-5C29-495B-9287-650CFBF50A1E} - \9ace90aa-3e4d-4c59-9d72-0db3da3612c4-4 No Task File <==== ATTENTION
Task: {77CE5349-ABFC-4142-8104-7373CF32C90C} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {7CA7B86E-9D1F-4EF6-B9EF-0B9C0D6A6FF5} - \9ace90aa-3e4d-4c59-9d72-0db3da3612c4-11 No Task File <==== ATTENTION
Task: {7EAF30AA-465B-4082-A1EE-C78AE6E74006} - \9ace90aa-3e4d-4c59-9d72-0db3da3612c4-7 No Task File <==== ATTENTION
Task: {9215CFDD-CBC4-4C38-9695-1FD70D0224A3} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {9C6C680D-0BCC-4130-9B84-8A87E02E64BC} - \9ace90aa-3e4d-4c59-9d72-0db3da3612c4-5_user No Task File <==== ATTENTION
Task: {B834E164-59E2-4522-86EC-ECDD8F246D38} - \9ace90aa-3e4d-4c59-9d72-0db3da3612c4-6 No Task File <==== ATTENTION
Task: {DE392077-DB05-49D8-A6EB-10B8D0FE367F} - \9ace90aa-3e4d-4c59-9d72-0db3da3612c4-2 No Task File <==== ATTENTION

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\AutoKMS.job => C:\windows\AutoKMS\AutoKMS.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001Core1ceb8a123e7bf34.job => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001UA1cec44decc40ac7.job => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe

Hosts:
Reboot:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\20131121 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\YourFile DownloaderInstaller Starter => value deleted successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully.
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BitTorrent => value deleted successfully.
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BitTorrent Sync => value deleted successfully.
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Windows\CurrentVersion\Run\\EA Core => value deleted successfully.
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value deleted successfully.
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value deleted successfully.
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Windows\CurrentVersion\Run\\UycuBinqa => value deleted successfully.
'HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{29cf524e-91a1-11e3-becb-2cd05a349e8e}' => Key deleted successfully.
'HKCR\CLSID\{29cf524e-91a1-11e3-becb-2cd05a349e8e}'=> Key not found.
'HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a843982-84fe-11e3-bec9-2cd05a349e8e}' => Key deleted successfully.
'HKCR\CLSID\{6a843982-84fe-11e3-bec9-2cd05a349e8e}'=> Key not found.
'HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8341029c-197f-11e3-be96-2cd05a349e8e}' => Key deleted successfully.
'HKCR\CLSID\{8341029c-197f-11e3-be96-2cd05a349e8e}'=> Key not found.
'HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{da1bb614-dc23-11e2-be7a-2cd05a349e8e}' => Key deleted successfully.
'HKCR\CLSID\{da1bb614-dc23-11e2-be7a-2cd05a349e8e}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast' => Key deleted successfully.
'HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}'=> Key not found.
C:\windows\system32\GroupPolicy\Machine => Moved successfully.
C:\windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value deleted successfully.
'HKLM\SOFTWARE\Policies\Google' => Key deleted successfully.
{587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64 => Service deleted successfully.
C:\windows\AutoKMS => Moved successfully.
C:\ProgramData\UycuBinqa.dat => Moved successfully.
"C:\Users\Martina\AppData\Local\Temp\install747170717.exe" => File/Directory not found.
C:\Users\Martina\Downloads\FRST.exe => Moved successfully.
C:\windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Martina\Downloads\zoek.exe => Moved successfully.
"C:\Users\Martina\Desktop\JRT.txt" => File/Directory not found.
C:\windows\SysWOW64\sqlite3.dll => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Martina\Downloads\adwcleaner_3.214.exe => Moved successfully.
C:\windows\ERUNT => Moved successfully.
C:\Users\Martina\Downloads\JRT.exe => Moved successfully.
C:\Users\Martina\Downloads\RSIT.exe => Moved successfully.
C:\Users\Martina\Downloads\Martina.exe => Moved successfully.
C:\Users\Martina\Downloads\RSITx64(2).exe => Moved successfully.
C:\Users\Martina\Downloads\RSITx64(1).exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Users\Martina\Downloads\hijackthis.log => Moved successfully.
C:\Users\Martina\Downloads\hijackthis.exe => Moved successfully.
"C:\ProgramData\UycuBinqa.dat" => File/Directory not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{13D50001-E5FC-4787-BB58-AF7484B64F82}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13D50001-E5FC-4787-BB58-AF7484B64F82}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9ace90aa-3e4d-4c59-9d72-0db3da3612c4-10' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{13F34021-4841-40DB-87F3-68A118A4F161}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13F34021-4841-40DB-87F3-68A118A4F161}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9ace90aa-3e4d-4c59-9d72-0db3da3612c4-5' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{168E2E46-A724-4669-8478-4EFC7E8D0CDE}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{168E2E46-A724-4669-8478-4EFC7E8D0CDE}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9ace90aa-3e4d-4c59-9d72-0db3da3612c4-1' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5A48C525-7BBD-49D7-8E06-66D687BA611F}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A48C525-7BBD-49D7-8E06-66D687BA611F}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoforFilesUpdate' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5FD2644B-5C29-495B-9287-650CFBF50A1E}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FD2644B-5C29-495B-9287-650CFBF50A1E}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9ace90aa-3e4d-4c59-9d72-0db3da3612c4-4' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{77CE5349-ABFC-4142-8104-7373CF32C90C}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77CE5349-ABFC-4142-8104-7373CF32C90C}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7CA7B86E-9D1F-4EF6-B9EF-0B9C0D6A6FF5}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CA7B86E-9D1F-4EF6-B9EF-0B9C0D6A6FF5}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9ace90aa-3e4d-4c59-9d72-0db3da3612c4-11' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7EAF30AA-465B-4082-A1EE-C78AE6E74006}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EAF30AA-465B-4082-A1EE-C78AE6E74006}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9ace90aa-3e4d-4c59-9d72-0db3da3612c4-7' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9215CFDD-CBC4-4C38-9695-1FD70D0224A3}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9215CFDD-CBC4-4C38-9695-1FD70D0224A3}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9C6C680D-0BCC-4130-9B84-8A87E02E64BC}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C6C680D-0BCC-4130-9B84-8A87E02E64BC}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9ace90aa-3e4d-4c59-9d72-0db3da3612c4-5_user' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B834E164-59E2-4522-86EC-ECDD8F246D38}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B834E164-59E2-4522-86EC-ECDD8F246D38}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9ace90aa-3e4d-4c59-9d72-0db3da3612c4-6' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DE392077-DB05-49D8-A6EB-10B8D0FE367F}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE392077-DB05-49D8-A6EB-10B8D0FE367F}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9ace90aa-3e4d-4c59-9d72-0db3da3612c4-2' => Key deleted successfully.
C:\windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\windows\Tasks\AutoKMS.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001Core1ceb8a123e7bf34.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001UA1cec44decc40ac7.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.


The system needed a reboot.

==== End of Fixlog ====

Jak se chova PC??