VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Preventivni kontrola

https://forum.viry.cz:443/viewtopic.php?t=138983

Stránka 1 z 1

Preventivni kontrola

Napsal: 05 črc 2014 17:36
od krystof37
Dobry den, prosim o kontrolu logu

Dekuji predem


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by Kryštof (administrator) on PCKRYSTOF37 on 05-07-2014 18:25:43
Running from C:\Users\Kryštof\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Akamai Technologies, Inc.) C:\Users\Kryštof\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe
(PandoraTV) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
(Google Inc.) C:\Users\Kryštof\AppData\Local\Google\Chrome\Application\chrome.exe
(Akamai Technologies, Inc.) C:\Users\Kryštof\AppData\Local\Akamai\netsession_win.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(ASUS) C:\Windows\AsScrPro.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Autodesk, Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Google Inc.) C:\Users\Kryštof\AppData\Local\Google\Chrome\Application\chrome.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
() C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Users\Kryštof\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Alex) C:\Program Files (x86)\hosts\hosts-bg.exe
(forum.viry.cz) C:\Users\Kryštof\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [635784 2010-01-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [ASUS WebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1736704 2009-12-24] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [UfSeAgnt.exe] => C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [1022904 2010-02-23] (Trend Micro Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [7350912 2010-02-04] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-01-05] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-03-21] ()
HKLM-x32\...\Run: [facemoods] => C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\facemoodssrv.exe [329432 2011-04-14] (facemoods.com)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1641368 2013-02-01] (Autodesk, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1646216 2013-03-31] (Ask)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [mslylbSrv] => C:\Windows\SysWOW64\mslylb.vbe [583 2013-12-10] ()
HKLM-x32\...\Run: [Printsrv] => c:\Windows\SysWOW64\Printing_Admin_Scripts\en-US\pubpr.vbs [543 2013-05-01] ()
HKLM-x32\...\Run: [MSStp] => C:\Windows\SysWOW64\msstp.vbe [1419 2014-01-19] ()
HKLM-x32\...\Run: [mncdebbtSrv] => C:\Windows\inf\mncdebbt.vbe [1342 2014-01-19] ()
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-05-21] (BlueStack Systems, Inc.)
HKU\S-1-5-21-2626375623-2613348435-3061783339-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-2626375623-2613348435-3061783339-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe [2647040 2009-12-22] ()
HKU\S-1-5-21-2626375623-2613348435-3061783339-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1753280 2014-06-30] (Valve Corporation)
HKU\S-1-5-21-2626375623-2613348435-3061783339-1000\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [81912 2012-01-02] (PC Utilities Pro)
HKU\S-1-5-21-2626375623-2613348435-3061783339-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Kryštof\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2626375623-2613348435-3061783339-1000\...\Run: [T-Mobile Communication Centre] => C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [1368768 2012-08-22] (Gemfor s.r.o.)
HKU\S-1-5-21-2626375623-2613348435-3061783339-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2626375623-2613348435-3061783339-1000\...\Run: [Facebook Update] => C:\Users\Kryštof\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-04-13] (Facebook Inc.)
HKU\S-1-5-21-2626375623-2613348435-3061783339-1000\...\Run: [icq] => C:\Users\Kryštof\AppData\Roaming\ICQM\icq.exe [29919576 2013-11-02] (ICQ)
HKU\S-1-5-21-2626375623-2613348435-3061783339-1000\...\Run: [Google Update] => C:\Users\Kryštof\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-11-12] (Google Inc.)
HKU\S-1-5-21-2626375623-2613348435-3061783339-1000\...\Run: [SysProc] => C:\Users\Public\Public\run_shc.lnk [1438 2014-01-11] ()
HKU\S-1-5-21-2626375623-2613348435-3061783339-1000\...\Run: [GoogleChromeAutoLaunch_E95D698D6E8DEF0A1BACF4958C1F012E] => C:\Users\Kryštof\AppData\Local\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
HKU\S-1-5-21-2626375623-2613348435-3061783339-1000\...\Policies\Explorer: []
HKU\S-1-5-21-2626375623-2613348435-3061783339-1000\...\MountPoints2: {95e39730-c1c5-11e1-a550-485b394a42e8} - G:\Autorun.exe
HKU\S-1-5-21-2626375623-2613348435-3061783339-1000\...\MountPoints2: {95e3973e-c1c5-11e1-a550-485b394a42e8} - G:\Autorun.exe
HKU\S-1-5-21-2626375623-2613348435-3061783339-1000\...\MountPoints2: {95e3974a-c1c5-11e1-a550-485b394a42e8} - G:\Autorun.exe
AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [157504 2014-02-22] (Amazon Inc.)
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\\AmazonExtIE.dll [141120 2014-02-22] (Amazon Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.amazon.com/websearch/ref=bit ... _sp_sdl-la
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... =chrome&q=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... =chrome&q=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... =chrome&q=
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?affID=1198 ... 4BD6A7A49B
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... =chrome&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... =chrome&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... =chrome&q=
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
SearchScopes: HKLM-x32 - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.certified-toolbar.com?si= ... earchTerms}
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ASUT
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.sweetim.com/search.asp?sr ... 5B394A42E8}
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.certified-toolbar.com?si= ... earchTerms}
SearchScopes: HKCU - DefaultScope {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = http://www.amazon.com/websearch/ref=bit ... earchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - 6D31095CD66044B1B293FD32DAB41535 URL = http://search.certified-toolbar.com?si= ... earchTerms}
SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = http://start.facemoods.com/?a=stonicla& ... Terms}&f=4
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchT ... 4BD6A7A49B
SearchScopes: HKCU - {1F096B29-E9DA-4D64-8D63-936BE7762CC5} URL = http://search.babylon.com/?babsrc=SP_ss ... ffID=17981
SearchScopes: HKCU - {33524C00-63FB-43DB-A6BF-0A4E14B24649} URL = http://www.basicscan.com/?prt=BscscnPB& ... earchTerms}
SearchScopes: HKCU - {4289AC35-18F4-42BA-971D-8A1AE24C0B4F} URL = http://websearch.ask.com/redirect?clien ... B70A31C272
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search/web?q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT1750559
SearchScopes: HKCU - {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = http://www.amazon.com/websearch/ref=bit ... earchTerms}
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 5B394A42E8}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HomeTab - {036451d5-97b6-4882-a0cb-0f3b6de4df8d} - C:\Users\Kryštof\AppData\Roaming\HomeTab\HomeTab.dll (Simplytech Ltd.)
BHO-x32: hosts - {11111111-1111-1111-1111-110311531182} - C:\Program Files (x86)\hosts\hosts-bho.dll (Alex)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: CescrtHlpr Object - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\bh\facemoods.dll (facemoods.com BHO)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
Toolbar: HKLM-x32 - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
Toolbar: HKLM-x32 - facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\facemoodsTlbr.dll (facemoods.com)
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM-x32 - HomeTab - {036451d5-97b6-4882-a0cb-0f3b6de4df8d} - C:\Users\Kryštof\AppData\Roaming\HomeTab\HomeTab.dll (Simplytech Ltd.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
Toolbar: HKCU - No Name - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File
Toolbar: HKCU - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/xhtml+xml - {32F66A26-7614-11D4-BD11-00104BD3F987} - No File
Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - No File
Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - No File
Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - No File
Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - No File
Filter-x32: application/xhtml+xml - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
Filter-x32: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
Filter-x32: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
Filter-x32: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
Filter-x32: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.6.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @parallelgraphics.com/Cortona - C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll (ParallelGraphics)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Kryštof\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Kryštof\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Kryštof\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchstonicla.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml
FF Extension: General Crawler - C:\Users\Kryštof\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com [2013-01-21]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-04-13]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-04-13]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-04-24]
FF HKCU\...\Firefox\Extensions: [{0F827075-B026-42F3-885D-98981EE7B1AE}] - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension

Chrome:
=======
CHR StartupUrls: "hxxp://www.seznam.cz/"
CHR Plugin: (Shockwave Flash) - C:\Users\Kryštof\AppData\Local\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Kryštof\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Kryštof\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Kryštof\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Extension: (Ask Toolbar) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo [2013-08-08]
CHR Extension: (uTorrentControl_v6) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp [2013-08-08]
CHR Extension: (General Crawler) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel [2013-08-08]
CHR Extension: (DivX HiQ) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2013-08-08]
CHR Extension: (Foxtab Speed Dial (Release Candidate)) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif [2013-08-08]
CHR Extension: (Skype Click to Call) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-08]
CHR Extension: (Peněženka Google) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-13]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-08-08]
CHR Extension: (HomeTab) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbigfkbippnoeffniighecdghnbnmced [2013-08-08]
CHR Extension: (Amazon 1Button App for Chrome) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2014-06-22]
CHR Extension: (GoPhoto.it) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk [2013-08-08]
CHR HKCU\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Kryštof\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2013-05-22]
CHR HKCU\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - C:\Program Files (x86)\Amazon\ABB\AmazonChrome-bds-amzn.crx [2014-04-04]
CHR HKLM-x32\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\Users\Kryštof\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx [2013-03-31]
CHR HKLM-x32\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Kryštof\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2013-05-22]
CHR HKLM-x32\...\Chrome\Extension: [dednnpigldgdbpgcdpfppmlcnnbjciel] - C:\Users\Kryštof\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx [2013-01-21]
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx [2013-01-21]
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-08]
CHR HKLM-x32\...\Chrome\Extension: [ihflimipbcaljfnojhhknppphnnciiif] - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\facemoods.crx [2011-05-01]
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2011-05-01]
CHR HKLM-x32\...\Chrome\Extension: [jplinpmadfkdgipabgcdchbdikologlh] - C:\Program Files (x86)\1ClickDownload\1click12.crx [2011-05-01]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [lpmkgpnbiojfaoklbkpfneikocaobfai] - C:\Users\Kryštof\AppData\Roaming\Media Finder\Extensions\mf_plugin_gc.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files (x86)\TornTV.com\torn2_10.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Users\KRYTOF~1\AppData\Local\Temp\YontooLayers.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-08]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx [2011-02-08]
CHR HKLM-x32\...\Chrome\Extension: [pbigfkbippnoeffniighecdghnbnmced] - C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx [2013-04-24]
CHR HKLM-x32\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx [2012-07-31]
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx [2012-07-31]

==================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-08] (Adobe Systems) [File not signed]
R2 ameisvc; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [123320 2012-08-22] (Gemfor s.r.o.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-21] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-21] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-21] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-10-01] (Intel Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4323256 2011-03-28] (INCA Internet Co., Ltd.) [File not signed]
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (Pandora.TV)
S2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2011-04-17] ()
S3 PrintNotify; C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll [2675712 2012-09-20] (Microsoft Corporation) [File not signed]
R2 SfCtlCom; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [859712 2010-10-09] (Trend Micro Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TMBMServer; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [570632 2009-09-29] (Trend Micro Inc.)
S3 TmProxy; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [917768 2009-09-29] (Trend Micro Inc.)
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-10-01] (Intel Corporation) [File not signed]
R2 Updater Service for AMZN; C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe [222368 2013-03-21] ()

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-21] (BlueStack Systems)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [218624 2011-09-09] (Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2006-02-04] (INCA Internet Co., Ltd.) [File not signed]
S3 RTCore64; C:\Program Files (x86)\RMClock\RTCore64.sys [7168 2005-05-25] () [File not signed]
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-12-28] () [File not signed]
R2 tmpreflt; C:\Windows\System32\DRIVERS\tmpreflt.sys [42576 2010-07-30] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [107536 2009-09-29] (Trend Micro Inc.)
R2 tmxpflt; C:\Windows\System32\DRIVERS\tmxpflt.sys [309840 2010-07-30] (Trend Micro Inc.)
R2 vsapint; C:\Windows\System32\DRIVERS\vsapint.sys [1988176 2010-07-30] (Trend Micro Inc.)
U3 aui9xzab; C:\Windows\System32\Drivers\aui9xzab.sys [0 ] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\KRYTOF~1\AppData\Local\Temp\ALSysIO64.sys [X]
S3 dump_wmimmc; \??\D:\Lineage II\system\GameGuard\dump_wmimmc.sys [X]
S3 nhcNT_driver; \??\C:\Windows\system32\drivers\nhcNT.sys [X]
U3 tmlwf;
U3 tmwfp;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-05 18:25 - 2014-07-05 18:26 - 00045163 _____ () C:\Users\Kryštof\Desktop\FRST.txt
2014-07-05 18:25 - 2014-07-05 18:25 - 00000000 ____D () C:\FRST
2014-07-05 18:24 - 2014-07-05 18:24 - 00112640 _____ (forum.viry.cz) C:\Users\Kryštof\Desktop\FRSTLauncher.exe
2014-07-05 18:23 - 2014-07-05 18:23 - 02084352 _____ (Farbar) C:\Users\Kryštof\Desktop\FRST64.exe
2014-07-05 18:15 - 2014-07-05 18:15 - 00000584 _____ () C:\Windows\PFRO.log
2014-07-05 18:15 - 2014-07-05 18:15 - 00000056 _____ () C:\Windows\setupact.log
2014-07-05 18:15 - 2014-07-05 18:15 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-05 18:13 - 2014-07-05 18:13 - 00000748 _____ () C:\Users\Kryštof\Documents\cc_20140705_181310.reg
2014-07-05 18:12 - 2014-07-05 18:12 - 00059840 _____ () C:\Users\Kryštof\Documents\cc_20140705_181237.reg
2014-07-05 18:12 - 2014-07-05 18:12 - 00003118 _____ () C:\Users\Kryštof\Documents\cc_20140705_181254.reg
2014-07-05 18:10 - 2014-07-05 18:11 - 02303704 _____ () C:\Users\Kryštof\Documents\cc_20140705_181030.reg
2014-07-05 18:03 - 2014-07-05 18:03 - 00000000 ____D () C:\Program Files (x86)\sweetpacks bundle uninstaller_SweetPlayer_1348381
2014-07-05 17:57 - 2014-07-05 17:57 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-05 17:57 - 2014-07-05 17:57 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-05 17:57 - 2014-07-05 17:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-05 17:57 - 2014-07-05 17:57 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-03 19:21 - 2014-07-03 19:21 - 00019175 _____ () C:\Users\Kryštof\AppData\Local\recently-used.xbel
2014-07-01 20:14 - 2014-07-01 20:14 - 00000222 _____ () C:\Users\Kryštof\Desktop\Euro Truck Simulator 2.url
2014-06-21 20:53 - 2014-06-21 20:53 - 00000000 ____D () C:\Users\Kryštof\AppData\Local\Amazon Browser Bar
2014-06-21 20:52 - 2014-06-21 20:53 - 00000000 ____D () C:\Program Files (x86)\Amazon Browser Bar
2014-06-21 20:51 - 2014-06-21 20:52 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-06-21 20:51 - 2014-06-21 20:51 - 00003154 _____ () C:\Windows\System32\Tasks\Systweak Support Dock
2014-06-21 20:51 - 2014-06-21 20:51 - 00002207 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.lnk
2014-06-21 20:51 - 2014-06-21 20:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Systweak Support Dock
2014-06-21 20:51 - 2014-06-21 20:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Cleaner
2014-06-21 20:51 - 2014-06-21 20:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Disk Recovery
2014-06-21 20:51 - 2014-06-21 20:51 - 00000000 ____D () C:\Program Files (x86)\PC Cleaner
2014-06-21 20:51 - 2014-06-21 20:51 - 00000000 ____D () C:\Program Files (x86)\Advanced Disk Recovery
2014-06-21 20:50 - 2014-06-21 20:51 - 00000000 ____D () C:\Program Files (x86)\Systweak Support Dock
2014-06-21 17:52 - 2014-06-21 20:51 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\systweak
2014-06-21 17:52 - 2014-06-21 20:50 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-06-11 09:01 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 09:01 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 09:01 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 09:01 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 09:00 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 09:00 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 09:00 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 09:00 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 09:00 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 09:00 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 09:00 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 09:00 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 09:00 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 09:00 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 09:00 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 09:00 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 09:00 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 09:00 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 09:00 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 09:00 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 09:00 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 09:00 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 09:00 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 09:00 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 09:00 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 09:00 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 09:00 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 09:00 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 09:00 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 09:00 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 09:00 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 09:00 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 09:00 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 09:00 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 09:00 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 09:00 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 09:00 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 09:00 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 09:00 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 09:00 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 09:00 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 09:00 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 09:00 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 09:00 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 09:00 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 09:00 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 09:00 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 09:00 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 09:00 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 09:00 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 09:00 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 09:00 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 09:00 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 09:00 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 09:00 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 09:00 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 09:00 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 09:00 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 09:00 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 09:00 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 09:00 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 09:00 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 09:00 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 09:00 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-06 17:11 - 2014-06-06 17:11 - 00002371 _____ () C:\Users\Guest\Desktop\Google Chrome.lnk
2014-06-06 17:11 - 2014-06-06 17:11 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-06 17:10 - 2014-06-06 17:11 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-06-06 17:09 - 2014-06-06 17:09 - 00000000 ____D () C:\Users\Guest\AppData\Local\Deployment
2014-06-06 17:09 - 2014-06-06 17:09 - 00000000 ____D () C:\Users\Guest\AppData\Local\Apps\2.0
2014-06-06 17:08 - 2014-06-06 17:08 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieUserList
2014-06-06 17:08 - 2014-06-06 17:08 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieSiteList
2014-06-06 17:07 - 2014-06-06 17:07 - 00000000 ____D () C:\Users\Guest\AppData\Local\Skype
2014-06-06 17:06 - 2014-06-06 22:53 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Skype
2014-06-06 17:06 - 2014-06-06 17:06 - 00112656 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-06 17:06 - 2014-06-06 17:06 - 00000000 ____D () C:\Users\Guest\Documents\Bluetooth Exchange Folder
2014-06-06 17:06 - 2014-06-06 17:06 - 00000000 ____D () C:\Users\Guest\AppData\Local\SRS Labs
2014-06-06 17:06 - 2014-06-06 17:06 - 00000000 ____D () C:\Users\Guest\AppData\Local\Broadcom
2014-06-06 17:06 - 2014-06-06 17:06 - 00000000 ____D () C:\Users\Guest\AppData\Local\Autodesk
2014-06-06 17:06 - 2014-06-06 17:06 - 00000000 ____D () C:\Users\Guest\AppData\Local\Adobe
2014-06-06 17:05 - 2014-06-06 17:05 - 00001395 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-06 17:05 - 2014-06-06 17:05 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Adobe
2014-06-06 17:04 - 2014-06-06 17:05 - 00000000 ____D () C:\Users\Guest
2014-06-06 17:04 - 2014-06-06 17:04 - 00000020 ___SH () C:\Users\Guest\ntuser.ini
2014-06-06 17:04 - 2014-06-06 17:04 - 00000000 _SHDL () C:\Users\Guest\Soubory cookie
2014-06-06 17:04 - 2014-06-06 17:04 - 00000000 _SHDL () C:\Users\Guest\Šablony
2014-06-06 17:04 - 2014-06-06 17:04 - 00000000 _SHDL () C:\Users\Guest\Poslední
2014-06-06 17:04 - 2014-06-06 17:04 - 00000000 _SHDL () C:\Users\Guest\Okolní tiskárny
2014-06-06 17:04 - 2014-06-06 17:04 - 00000000 _SHDL () C:\Users\Guest\Nabídka Start
2014-06-06 17:04 - 2014-06-06 17:04 - 00000000 _SHDL () C:\Users\Guest\Dokumenty
2014-06-06 17:04 - 2014-06-06 17:04 - 00000000 _SHDL () C:\Users\Guest\Documents\Obrázky
2014-06-06 17:04 - 2014-06-06 17:04 - 00000000 _SHDL () C:\Users\Guest\Documents\Hudba
2014-06-06 17:04 - 2014-06-06 17:04 - 00000000 _SHDL () C:\Users\Guest\Documents\Filmy
2014-06-06 17:04 - 2014-06-06 17:04 - 00000000 _SHDL () C:\Users\Guest\Data aplikací
2014-06-06 17:04 - 2014-06-06 17:04 - 00000000 _SHDL () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-06-06 17:04 - 2014-06-06 17:04 - 00000000 _SHDL () C:\Users\Guest\AppData\Local\Data aplikací
2014-06-06 17:04 - 2014-06-06 17:04 - 00000000 __SHD () C:\Users\Guest\Okolní síť
2014-06-06 17:04 - 2014-04-16 20:06 - 00002130 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-06-06 17:04 - 2010-12-27 22:59 - 00000000 ____D () C:\Users\Guest\AppData\Local\Microsoft Help
2014-06-06 17:04 - 2010-04-09 09:08 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2014-06-06 17:04 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-06 17:04 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

==================== One Month Modified Files and Folders =======

2014-07-05 18:26 - 2014-07-05 18:25 - 00045163 _____ () C:\Users\Kryštof\Desktop\FRST.txt
2014-07-05 18:25 - 2014-07-05 18:25 - 00000000 ____D () C:\FRST
2014-07-05 18:24 - 2014-07-05 18:24 - 00112640 _____ (forum.viry.cz) C:\Users\Kryštof\Desktop\FRSTLauncher.exe
2014-07-05 18:24 - 2009-07-14 06:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-05 18:24 - 2009-07-14 06:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-05 18:23 - 2014-07-05 18:23 - 02084352 _____ (Farbar) C:\Users\Kryštof\Desktop\FRST64.exe
2014-07-05 18:22 - 2010-04-09 08:47 - 01153796 _____ () C:\Windows\WindowsUpdate.log
2014-07-05 18:20 - 2011-11-02 17:20 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-05 18:19 - 2013-06-01 10:26 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\Dropbox
2014-07-05 18:18 - 2013-06-01 10:29 - 00000000 ___RD () C:\Users\Kryštof\Dropbox
2014-07-05 18:15 - 2014-07-05 18:15 - 00000584 _____ () C:\Windows\PFRO.log
2014-07-05 18:15 - 2014-07-05 18:15 - 00000056 _____ () C:\Windows\setupact.log
2014-07-05 18:15 - 2014-07-05 18:15 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-05 18:15 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-05 18:13 - 2014-07-05 18:13 - 00000748 _____ () C:\Users\Kryštof\Documents\cc_20140705_181310.reg
2014-07-05 18:12 - 2014-07-05 18:12 - 00059840 _____ () C:\Users\Kryštof\Documents\cc_20140705_181237.reg
2014-07-05 18:12 - 2014-07-05 18:12 - 00003118 _____ () C:\Users\Kryštof\Documents\cc_20140705_181254.reg
2014-07-05 18:11 - 2014-07-05 18:10 - 02303704 _____ () C:\Users\Kryštof\Documents\cc_20140705_181030.reg
2014-07-05 18:09 - 2013-07-20 09:46 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\uTorrent
2014-07-05 18:09 - 2013-04-24 01:58 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-07-05 18:09 - 2012-11-23 09:53 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\Media Player Classic
2014-07-05 18:09 - 2012-03-26 17:54 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\Skype
2014-07-05 18:09 - 2010-12-28 13:25 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\DAEMON Tools Lite
2014-07-05 18:08 - 2012-12-01 21:51 - 00000000 ____D () C:\Windows\Minidump
2014-07-05 18:08 - 2009-07-29 08:03 - 00000000 ____D () C:\Windows\Panther
2014-07-05 18:03 - 2014-07-05 18:03 - 00000000 ____D () C:\Program Files (x86)\sweetpacks bundle uninstaller_SweetPlayer_1348381
2014-07-05 17:57 - 2014-07-05 17:57 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-05 17:57 - 2014-07-05 17:57 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-05 17:57 - 2014-07-05 17:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-05 17:57 - 2014-07-05 17:57 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-05 17:56 - 2012-05-27 12:16 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-05 17:41 - 2013-11-12 21:43 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2626375623-2613348435-3061783339-1000UA.job
2014-07-05 16:39 - 2013-04-13 22:34 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2626375623-2613348435-3061783339-1000UA.job
2014-07-05 12:04 - 2010-12-25 21:13 - 00000000 ____D () C:\Users\Kryštof\AppData\Local\Adobe
2014-07-04 20:18 - 2011-05-02 18:42 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\vlc
2014-07-04 18:41 - 2013-11-12 21:43 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2626375623-2613348435-3061783339-1000Core.job
2014-07-04 11:38 - 2012-11-23 17:14 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-07-04 09:50 - 2013-10-30 16:13 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\.minecraft
2014-07-03 20:57 - 2014-05-16 19:32 - 00000000 ____D () C:\Users\Kryštof\Desktop\Nová složka
2014-07-03 19:22 - 2013-06-30 16:35 - 00000000 ____D () C:\Users\Kryštof\.gimp-2.8
2014-07-03 19:21 - 2014-07-03 19:21 - 00019175 _____ () C:\Users\Kryštof\AppData\Local\recently-used.xbel
2014-07-03 19:21 - 2013-06-30 16:38 - 00000000 ____D () C:\Users\Kryštof\AppData\Local\gtk-2.0
2014-07-01 20:14 - 2014-07-01 20:14 - 00000222 _____ () C:\Users\Kryštof\Desktop\Euro Truck Simulator 2.url
2014-06-29 11:39 - 2013-07-15 20:45 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\ViberPC
2014-06-29 11:39 - 2013-07-15 20:44 - 00000000 ____D () C:\Users\Kryštof\AppData\Local\Viber
2014-06-24 07:42 - 2010-04-09 09:46 - 00001611 _____ () C:\Windows\system32\ServiceFilter.ini
2014-06-21 20:53 - 2014-06-21 20:53 - 00000000 ____D () C:\Users\Kryštof\AppData\Local\Amazon Browser Bar
2014-06-21 20:53 - 2014-06-21 20:52 - 00000000 ____D () C:\Program Files (x86)\Amazon Browser Bar
2014-06-21 20:52 - 2014-06-21 20:51 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-06-21 20:51 - 2014-06-21 20:51 - 00003154 _____ () C:\Windows\System32\Tasks\Systweak Support Dock
2014-06-21 20:51 - 2014-06-21 20:51 - 00002207 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.lnk
2014-06-21 20:51 - 2014-06-21 20:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Systweak Support Dock
2014-06-21 20:51 - 2014-06-21 20:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Cleaner
2014-06-21 20:51 - 2014-06-21 20:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Disk Recovery
2014-06-21 20:51 - 2014-06-21 20:51 - 00000000 ____D () C:\Program Files (x86)\PC Cleaner
2014-06-21 20:51 - 2014-06-21 20:51 - 00000000 ____D () C:\Program Files (x86)\Advanced Disk Recovery
2014-06-21 20:51 - 2014-06-21 20:50 - 00000000 ____D () C:\Program Files (x86)\Systweak Support Dock
2014-06-21 20:51 - 2014-06-21 17:52 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\systweak
2014-06-21 20:50 - 2014-06-21 17:52 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-06-21 18:36 - 2013-11-12 21:43 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2626375623-2613348435-3061783339-1000UA
2014-06-21 18:36 - 2013-11-12 21:43 - 00003710 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2626375623-2613348435-3061783339-1000Core
2014-06-19 16:44 - 2014-05-20 17:50 - 00000000 ____D () C:\Windows\rescache
2014-06-19 07:37 - 2011-04-03 16:17 - 00000000 ____D () C:\Windows\system32\Service
2014-06-14 08:37 - 2013-08-08 14:36 - 00002385 _____ () C:\Users\Kryštof\Desktop\Google Chrome.lnk
2014-06-11 20:57 - 2013-08-03 14:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 20:52 - 2011-01-17 20:35 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 20:52 - 2010-04-09 08:59 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-10 07:28 - 2009-07-14 07:08 - 00032630 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-09 20:05 - 2014-05-08 12:26 - 00003646 _____ () C:\Users\Kryštof\Desktop\Caitlin Cullenova_Zmijozel.html
2014-06-09 07:32 - 2009-07-14 06:45 - 05049264 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-08 19:00 - 2014-05-16 20:05 - 00000000 ____D () C:\Users\Kryštof\Desktop\SpyHunter.4.1.11
2014-06-06 22:53 - 2014-06-06 17:06 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Skype
2014-06-06 22:39 - 2013-04-13 22:34 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2626375623-2613348435-3061783339-1000Core.job
2014-06-06 17:11 - 2014-06-06 17:11 - 00002371 _____ () C:\Users\Guest\Desktop\Google Chrome.lnk
2014-06-06 17:11 - 2014-06-06 17:11 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-06 17:11 - 2014-06-06 17:10 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-06-06 17:09 - 2014-06-06 17:09 - 00000000 ____D () C:\Users\Guest\AppData\Local\Deployment
2014-06-06 17:09 - 2014-06-06 17:09 - 00000000 ____D () C:\Users\Guest\AppData\Local\Apps\2.0
2014-06-06 17:08 - 2014-06-06 17:08 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieUserList
2014-06-06 17:08 - 2014-06-06 17:08 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieSiteList
2014-06-06 17:07 - 2014-06-06 17:07 - 00000000 ____D () C:\Users\Guest\AppData\Local\Skype
2014-06-06 17:06 - 2014-06-06 17:06 - 00112656 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-06 17:06 - 2014-06-06 17:06 - 00000000 ____D () C:\Users\Guest\Documents\Bluetooth Exchange Folder
2014-06-06 17:06 - 2014-06-06 17:06 - 00000000 ____D () C:\Users\Guest\AppData\Local\SRS Labs
2014-06-06 17:06 - 2014-06-06 17:06 - 00000000 ____D () C:\Users\Guest\AppData\Local\Broadcom
2014-06-06 17:06 - 2014-06-06 17:06 - 00000000 ____D () C:\Users\Guest\AppData\Local\Autodesk
2014-06-06 17:06 - 2014-06-06 17:06 - 00000000 ____D () C:\Users\Guest\AppData\Local\Adobe
2014-06-06 17:05 - 2014-06-06 17:05 - 00001395 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-06 17:05 - 2014-06-06 17:05 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Adobe
2014-06-06 17:05 - 2014-06-06 17:04 - 00000000 ____D () C:\Users\Guest
2014-06-06 17:04 - 2014-06-06 17:04 - 00000020 ___SH () C:\Users\Guest\ntuser.ini
2014-06-06 17:04 - 2014-06-06 17:04 - 00000000 _SHDL () C:\Users\Guest\Soubory cookie
2014-06-06 17:04 - 2014-06-06 17:04 - 00000000 _SHDL () C:\Users\Guest\Šablony
2014-06-06 17:04 - 2014-06-06 17:04 - 00000000 _SHDL () C:\Users\Guest\Poslední
2014-06-06 17:04 - 2014-06-06 17:04 - 00000000 _SHDL () C:\Users\Guest\Okolní tiskárny
2014-06-06 17:04 - 2014-06-06 17:04 - 00000000 _SHDL () C:\Users\Guest\Nabídka Start
2014-06-06 17:04 - 2014-06-06 17:04 - 00000000 _SHDL () C:\Users\Guest\Dokumenty
2014-06-06 17:04 - 2014-06-06 17:04 - 00000000 _SHDL () C:\Users\Guest\Documents\Obrázky
2014-06-06 17:04 - 2014-06-06 17:04 - 00000000 _SHDL () C:\Users\Guest\Documents\Hudba
2014-06-06 17:04 - 2014-06-06 17:04 - 00000000 _SHDL () C:\Users\Guest\Documents\Filmy
2014-06-06 17:04 - 2014-06-06 17:04 - 00000000 _SHDL () C:\Users\Guest\Data aplikací
2014-06-06 17:04 - 2014-06-06 17:04 - 00000000 _SHDL () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-06-06 17:04 - 2014-06-06 17:04 - 00000000 _SHDL () C:\Users\Guest\AppData\Local\Data aplikací
2014-06-06 17:04 - 2014-06-06 17:04 - 00000000 __SHD () C:\Users\Guest\Okolní síť

Some content of TEMP:
====================
C:\Users\Kryštof\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpup9hbd.dll
C:\Users\Kryštof\AppData\Local\Temp\rcpsetup_sdl_la_sdl_la.exe
C:\Users\Kryštof\AppData\Local\Temp\SHSetup.exe
C:\Users\Kryštof\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Kryštof\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Kryštof\AppData\Local\Temp\Update.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2626375623-2613348435-3061783339-1000Core.job => C:\Users\Kryatof\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2626375623-2613348435-3061783339-1000UA.job => C:\Users\Kryatof\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2626375623-2613348435-3061783339-1000Core.job => C:\Users\Kryatof\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2626375623-2613348435-3061783339-1000UA.job => C:\Users\Kryatof\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: Trend Micro Internet Security (Disabled - Up to date) {68F968AC-2AA0-091D-848C-803E83E35902}
AS: Trend Micro Internet Security (Disabled - Up to date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Kry�tof\Desktop" je 7400 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector
C:\Windows\AsScrPro.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Preventivni kontrola

Napsal: 05 črc 2014 17:37
od krystof37
Logfile of random's system information tool 1.10 (written by random/random)
Run by Kryštof at 2014-07-05 18:29:02
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 24 GB (20%) free of 119 GB
Total RAM: 3948 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:29:14, on 05.07.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Users\Kryštof\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Users\Kryštof\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kryštof\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\WScript.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Users\Kryštof\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\Kryštof\AppData\Local\Google\Chrome\Application\chrome.exe
C:\program files (x86)\hosts\hosts-bg.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Kryštof.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... =chrome&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... =chrome&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... =chrome&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.amazon.com/websearch/ref=bit ... _sp_sdl-la
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... =chrome&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... =chrome&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... =chrome&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... =chrome&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... =chrome&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=stonicla& ... Terms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HomeTab - {036451d5-97b6-4882-a0cb-0f3b6de4df8d} - C:\Users\Kryštof\AppData\Roaming\HomeTab\HomeTab.dll
O2 - BHO: CrossriderApp0035382 - {11111111-1111-1111-1111-110311531182} - C:\Program Files (x86)\hosts\hosts-bho.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\bh\facemoods.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro prihlášení k úctu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\facemoodsTlbr.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: HomeTab - {036451d5-97b6-4882-a0cb-0f3b6de4df8d} - C:\Users\Kryštof\AppData\Roaming\HomeTab\HomeTab.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\facemoodssrv.exe" /md I
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [mslylbSrv] "C:\Windows\system32\mslylb.vbe" msthjnay mslnludk
O4 - HKLM\..\Run: [Printsrv] c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs
O4 - HKLM\..\Run: [MSStp] C:\Windows\system32\msstp.vbe
O4 - HKLM\..\Run: [mncdebbtSrv] C:\Windows\inf\mncdebbt.vbe
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Kryštof\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Kryštof\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [icq] C:\Users\Kryštof\AppData\Roaming\ICQM\icq.exe -CU
O4 - HKCU\..\Run: [Google Update] "C:\Users\Kryštof\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SysProc] C:\Users\Public\Public\run_shc.lnk
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_E95D698D6E8DEF0A1BACF4958C1F012E] "C:\Users\Kryštof\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {537675de-6231-4c94-a204-c14207cd8f6f} - C:\Users\Kryštof\AppData\Roaming\HomeTab\HomeTab.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do zarízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zarízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Kryštof\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Kryštof\AppData\Roaming\ICQM\icq.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll
O20 - AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service for AMZN - Unknown owner - C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 22521 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe" -switch-3be2f036c43042cdb03588591c9325c3
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe"
taskeng.exe {BA03B937-2A73-404F-9C2B-535A8AAE6DC3}
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe" /STARTUP
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" MySyncFolder
"C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Users\Kryštof\AppData\Local\Akamai\netsession_win.exe"
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
"C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe" PanProcess
"C:\Users\Kryštof\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
"C:/Users/Kryštof/AppData/Local/Akamai/netsession_win.exe" --client
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe"
"C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Windows\System32\WScript.exe" "C:\Windows\System32\mslylb.vbe" msthjnay mslnludk
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\BlueStacks\HD-Agent.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Users\Kryštof\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3252.0.664961820\1938174633" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,15 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x9553 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.692.1.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 5544
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
KBFiltr.exe
WDC.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
"C:\Users\Kryštof\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/NewSuggestType_A6_Stable_R2/Prefetch/Default/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_52/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="3252.11.382696061\98977282" /prefetch:673131151
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\program files (x86)\hosts\hosts-bg.exe" /createbg
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6420 CREDAT:3486752 /prefetch:2
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\Kryštof\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2626375623-2613348435-3061783339-1000Core.job - C:\Users\Kryštof\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2626375623-2613348435-3061783339-1000UA.job - C:\Users\Kryštof\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2626375623-2613348435-3061783339-1000Core.job - C:\Users\Kryštof\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2626375623-2613348435-3061783339-1000UA.job - C:\Users\Kryštof\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-03-21 6270336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{036451d5-97b6-4882-a0cb-0f3b6de4df8d}]
HomeTab - C:\Users\Kryštof\AppData\Roaming\HomeTab\HomeTab.dll [2013-04-04 1031752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182}]
hosts - C:\Program Files (x86)\hosts\hosts-bho.dll [2013-07-06 748032]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
CescrtHlpr Object - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\bh\facemoods.dll [2011-04-14 265944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2013-03-31 1520776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo - C:\Program Files (x86)\Yontoo\YontooIEClient.dll [2012-05-16 194928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25 1548096]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - facemoods Toolbar - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\facemoodsTlbr.dll [2011-04-14 220888]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]
{036451d5-97b6-4882-a0cb-0f3b6de4df8d} - HomeTab - C:\Users\Kryštof\AppData\Roaming\HomeTab\HomeTab.dll [2013-04-04 1031752]
{25A3A431-30BB-47C8-AD6A-E1063801134F} - PDF Architect Toolbar - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2013-04-08 654384]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2013-03-31 1520776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-01-13 635784]
"ASUS WebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2009-12-24 1736704]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"UfSeAgnt.exe"=C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [2010-02-23 1022904]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 1271072]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-05 415680]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"OscarEditor"=C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe [2009-12-22 2647040]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2014-06-30 1753280]
"Optimizer Pro"=C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [2012-01-02 81912]
"Akamai NetSession Interface"=C:\Users\Kryštof\AppData\Local\Akamai\netsession_win.exe [2014-04-17 4672920]
"T-Mobile Communication Centre"=C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [2012-08-22 1368768]
"AdobeBridge"= []
"Facebook Update"=C:\Users\Kryštof\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-13 138096]
"icq"=C:\Users\Kryštof\AppData\Roaming\ICQM\icq.exe [2013-11-02 29919576]
"Google Update"=C:\Users\Kryštof\AppData\Local\Google\Update\GoogleUpdate.exe [2013-11-12 116648]
"SysProc"=C:\Users\Public\Public\run_shc.lnk [2014-01-11 1438]
"GoogleChromeAutoLaunch_E95D698D6E8DEF0A1BACF4958C1F012E"=C:\Users\Kryštof\AppData\Local\Google\Chrome\Application\chrome.exe [2014-06-05 860488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2013-09-03 40312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-04-09 3054136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-01-22 98304]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-02-04 7350912]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-01-05 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"facemoods"=C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\facemoodssrv.exe [2011-04-14 329432]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2013-04-25 1075296]
"ADSK DLMSession"=C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [2013-02-01 1641368]
""= []
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2013-03-31 1646216]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"mslylbSrv"=C:\Windows\system32\mslylb.vbe msthjnay mslnludk []
"Printsrv"=c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs []
"MSStp"=C:\Windows\system32\msstp.vbe []
"mncdebbtSrv"=C:\Windows\inf\mncdebbt.vbe [2014-01-19 1342]
"BlueStacks Agent"=C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2014-05-21 832272]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=16
"NoDriveTypeAutoRun"=145
""=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"msacm.ac3filter"=ac3filter64.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-07-05 18:29:02 ----D---- C:\rsit
2014-07-05 18:25:38 ----D---- C:\FRST
2014-07-05 18:03:16 ----D---- C:\Program Files (x86)\sweetpacks bundle uninstaller_SweetPlayer_1348381
2014-07-05 17:57:10 ----D---- C:\Program Files\CCleaner
2014-06-21 20:52:51 ----D---- C:\Program Files (x86)\Amazon Browser Bar
2014-06-21 20:51:47 ----D---- C:\Program Files (x86)\Amazon
2014-06-21 20:51:10 ----D---- C:\Program Files (x86)\Advanced Disk Recovery
2014-06-21 20:51:02 ----D---- C:\Program Files (x86)\PC Cleaner
2014-06-21 20:50:51 ----D---- C:\Program Files (x86)\Systweak Support Dock
2014-06-21 17:52:21 ----D---- C:\Users\Kryštof\AppData\Roaming\systweak
2014-06-21 17:52:15 ----D---- C:\Program Files (x86)\RegClean Pro
2014-06-11 09:01:01 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-06-11 09:01:01 ----A---- C:\Windows\system32\usp10.dll
2014-06-11 09:01:00 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-06-11 09:01:00 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-06-11 09:00:59 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-06-11 09:00:59 ----A---- C:\Windows\system32\msxml6.dll
2014-06-11 09:00:59 ----A---- C:\Windows\system32\msxml3.dll
2014-06-11 09:00:58 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2014-06-11 09:00:58 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-06-11 09:00:58 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-06-11 09:00:58 ----A---- C:\Windows\system32\msxml6r.dll
2014-06-11 09:00:58 ----A---- C:\Windows\system32\msxml3r.dll
2014-06-11 09:00:57 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-06-11 09:00:57 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-06-11 09:00:57 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-06-11 09:00:56 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-06-11 09:00:56 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-06-11 09:00:56 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-06-11 09:00:56 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-06-11 09:00:56 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-06-11 09:00:56 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 09:00:56 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-06-11 09:00:55 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-06-11 09:00:54 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-06-11 09:00:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-06-11 09:00:54 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-06-11 09:00:54 ----A---- C:\Windows\system32\urlmon.dll
2014-06-11 09:00:54 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 09:00:53 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-06-11 09:00:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-06-11 09:00:53 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-06-11 09:00:53 ----A---- C:\Windows\system32\msfeeds.dll
2014-06-11 09:00:53 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-06-11 09:00:53 ----A---- C:\Windows\system32\dxtmsft.dll
2014-06-11 09:00:52 ----A---- C:\Windows\system32\iesetup.dll
2014-06-11 09:00:52 ----A---- C:\Windows\system32\ie4uinit.exe
2014-06-11 09:00:51 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-06-11 09:00:51 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-06-11 09:00:51 ----A---- C:\Windows\system32\iertutil.dll
2014-06-11 09:00:50 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-06-11 09:00:50 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-06-11 09:00:50 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-06-11 09:00:50 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-06-11 09:00:50 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-06-11 09:00:50 ----A---- C:\Windows\system32\jsproxy.dll
2014-06-11 09:00:50 ----A---- C:\Windows\system32\iernonce.dll
2014-06-11 09:00:49 ----A---- C:\Windows\system32\ieui.dll
2014-06-11 09:00:49 ----A---- C:\Windows\system32\ieframe.dll
2014-06-11 09:00:49 ----A---- C:\Windows\system32\dxtrans.dll
2014-06-11 09:00:48 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-06-11 09:00:48 ----A---- C:\Windows\system32\mshtmled.dll
2014-06-11 09:00:48 ----A---- C:\Windows\system32\jscript9diag.dll
2014-06-11 09:00:48 ----A---- C:\Windows\system32\ieUnatt.exe
2014-06-11 09:00:47 ----A---- C:\Windows\system32\wininet.dll
2014-06-11 09:00:47 ----A---- C:\Windows\system32\vbscript.dll
2014-06-11 09:00:47 ----A---- C:\Windows\system32\jscript9.dll
2014-06-11 09:00:47 ----A---- C:\Windows\system32\ieapfltr.dll
2014-06-11 09:00:46 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 09:00:46 ----A---- C:\Windows\system32\msrating.dll
2014-06-11 09:00:45 ----A---- C:\Windows\system32\mshtml.dll

======List of files/folders modified in the last 1 month======

2014-07-05 18:29:14 ----D---- C:\Program Files\Trend Micro
2014-07-05 18:29:13 ----D---- C:\Windows\Prefetch
2014-07-05 18:28:29 ----D---- C:\Windows\Temp
2014-07-05 18:27:27 ----D---- C:\Windows
2014-07-05 18:20:07 ----D---- C:\Program Files (x86)\Steam
2014-07-05 18:19:33 ----D---- C:\Users\Kryštof\AppData\Roaming\Dropbox
2014-07-05 18:18:06 ----D---- C:\Windows\inf
2014-07-05 18:18:00 ----D---- C:\Windows\system32\config
2014-07-05 18:17:47 ----D---- C:\Windows\system32\Tasks
2014-07-05 18:16:04 ----A---- C:\Windows\SYSWOW64\log.txt
2014-07-05 18:09:34 ----D---- C:\Users\Kryštof\AppData\Roaming\Media Player Classic
2014-07-05 18:09:34 ----D---- C:\Users\Kryštof\AppData\Roaming\DAEMON Tools Lite
2014-07-05 18:09:23 ----D---- C:\Users\Kryštof\AppData\Roaming\uTorrent
2014-07-05 18:09:23 ----D---- C:\Users\Kryštof\AppData\Roaming\Skype
2014-07-05 18:09:23 ----D---- C:\Program Files (x86)\PDFCreator
2014-07-05 18:08:27 ----D---- C:\Windows\Panther
2014-07-05 18:08:27 ----D---- C:\Windows\ModemLogs
2014-07-05 18:08:27 ----D---- C:\Windows\Minidump
2014-07-05 18:08:27 ----D---- C:\Windows\Logs
2014-07-05 18:08:27 ----D---- C:\Windows\debug
2014-07-05 18:03:16 ----RD---- C:\Program Files (x86)
2014-07-05 17:57:10 ----RD---- C:\Program Files
2014-07-04 20:18:53 ----D---- C:\Users\Kryštof\AppData\Roaming\vlc
2014-07-04 11:38:53 ----A---- C:\Windows\system32\acovcnt.exe
2014-07-04 09:56:21 ----SHD---- C:\System Volume Information
2014-07-04 09:50:00 ----D---- C:\Users\Kryštof\AppData\Roaming\.minecraft
2014-06-29 11:39:55 ----D---- C:\Users\Kryštof\AppData\Roaming\ViberPC
2014-06-24 07:42:12 ----A---- C:\Windows\system32\ServiceFilter.ini
2014-06-21 20:52:03 ----SHD---- C:\Windows\Installer
2014-06-21 20:52:03 ----SHD---- C:\Config.Msi
2014-06-21 20:50:39 ----D---- C:\Windows\Tasks
2014-06-19 16:44:37 ----D---- C:\Windows\rescache
2014-06-19 07:37:16 ----D---- C:\Windows\system32\Service
2014-06-12 07:39:17 ----D---- C:\Windows\winsxs
2014-06-12 07:36:15 ----D---- C:\Windows\SysWOW64
2014-06-12 07:36:15 ----D---- C:\Windows\system32\drivers
2014-06-12 07:36:15 ----D---- C:\Windows\System32
2014-06-12 07:36:14 ----D---- C:\Windows\SYSWOW64\en-US
2014-06-12 07:36:14 ----D---- C:\Program Files\Internet Explorer
2014-06-12 07:36:13 ----D---- C:\Windows\system32\en-US
2014-06-12 07:36:12 ----D---- C:\Program Files (x86)\Internet Explorer
2014-06-12 07:36:09 ----D---- C:\Windows\system32\DriverStore
2014-06-11 20:57:06 ----D---- C:\Windows\system32\MRT
2014-06-11 20:52:35 ----A---- C:\Windows\system32\MRT.exe
2014-06-11 20:52:29 ----D---- C:\ProgramData\Microsoft Help
2014-06-11 08:59:55 ----D---- C:\Windows\system32\catroot
2014-06-11 08:59:25 ----D---- C:\Windows\system32\catroot2
2014-06-06 17:05:09 ----SHD---- C:\$RECYCLE.BIN
2014-06-06 17:04:54 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-12-17 538136]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 268512]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-12-24 21184]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-28 834544]
R1 tmtdi;Trend Micro TDI Driver; C:\Windows\system32\DRIVERS\tmtdi.sys [2009-09-29 107536]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2014-05-21 123152]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2010-11-09 21992]
R2 tmpreflt;tmpreflt; C:\Windows\system32\DRIVERS\tmpreflt.sys [2010-07-30 42576]
R2 tmxpflt;tmxpflt; C:\Windows\system32\DRIVERS\tmxpflt.sys [2010-07-30 309840]
R2 vsapint;vsapint; C:\Windows\system32\DRIVERS\vsapint.sys [2010-07-30 1988176]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-01-22 6233088]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-01-22 161280]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-09-30 121872]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-07-01 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2009-10-30 704512]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-01-18 128512]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2011-09-09 87040]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-08-18 143472]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits); C:\Windows\system32\DRIVERS\JME.sys [2009-12-04 107120]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-20 1800192]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 ALSysIO;ALSysIO; \??\C:\Users\KRYTOF~1\AppData\Local\Temp\ALSysIO64.sys []
S3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-01-22 6233088]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dump_wmimmc;dump_wmimmc; \??\D:\Lineage II\system\GameGuard\dump_wmimmc.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 13952]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2011-09-09 98304]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2011-09-09 28672]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2011-09-09 218624]
S3 nhcNT_driver;Notebook Hardware Control NT Driver; \??\C:\Windows\system32\drivers\nhcNT.sys []
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 133928]
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\syswow64\npptNT2.sys [2006-02-04 4682]
S3 RTCore64;RTCore64; \??\C:\Program Files (x86)\RMClock\RTCore64.sys [2005-05-25 7168]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USB28xxBGA;USB 2863 Device; C:\Windows\system32\DRIVERS\emBDA64.sys [2009-12-01 649472]
S3 USB28xxOEM;USB 28xx OEM Filter; C:\Windows\system32\DRIVERS\emOEM64.sys [2009-12-01 617216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-12-08 379520]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-01-22 202752]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2012-08-22 123320]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2014-05-21 385808]
R2 BstHdUpdaterSvc;BlueStacks Updater Service; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2014-05-21 774928]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-02 864032]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-04-11 1390720]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-04-11 1764992]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 262144]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 23808]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-04-17 75136]
R2 SfCtlCom;Trend Micro Central Control Component; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [2010-10-09 859712]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
R2 Updater Service for AMZN;Updater Service for AMZN; C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe [2013-03-21 222368]
S2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2014-05-21 402192]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-04-08 1320496]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2013-01-08 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13 257712]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-09-27 1432400]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-05-30 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 347872]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2011-03-28 4323256]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PrintNotify;@C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TMBMServer;Trend Micro Unauthorized Change Prevention Service; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [2009-09-29 570632]
S3 TmProxy;Trend Micro Proxy Service; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [2009-09-29 917768]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-27 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Re: Preventivni kontrola

Napsal: 05 črc 2014 17:37
od krystof37
.

Re: Preventivni kontrola

Napsal: 05 črc 2014 17:37
od krystof37
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17126 BrowserJavaVersion: 10.45.2
Run by Kryštof at 18:33:47 on 2014-07-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.41.1029.18.3948.1966 [GMT 2:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
AV: Trend Micro Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Users\Kryštof\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
C:\Users\Kryštof\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kryštof\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\WScript.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
C:\Program Files (x86)\PDF Architect\ConversionService.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Users\Kryštof\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\Kryštof\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kryštof\Desktop\RSITx64.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\sysWow64\SearchProtocolHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.amazon.com/websearch/ref=bit_bds-p1 ... _sp_sdl-la
uSearch Bar = hxxp://search.certified-toolbar.com?si=43251&tid=3623&ts=1366761384805&tguid=43251-3623-1366761297427-934045&st=chrome&q=
uSearch Page = hxxp://search.certified-toolbar.com?si=43251&tid=3623&ts=1366761384805&tguid=43251-3623-1366761297427-934045&st=chrome&q=
uDefault_Page_URL = hxxp://asus.msn.com
uDefault_Search_URL = hxxp://search.certified-toolbar.com?si=43251&tid=3623&ts=1366761384805&tguid=43251-3623-1366761297427-934045&st=chrome&q=
mStart Page = about:newtab
mSearch Bar = hxxp://search.certified-toolbar.com?si=43251&tid=3623&ts=1366761384805&tguid=43251-3623-1366761297427-934045&st=chrome&q=
mSearch Page = hxxp://search.certified-toolbar.com?si=43251&tid=3623&ts=1366761384805&tguid=43251-3623-1366761297427-934045&st=chrome&q=
mDefault_Search_URL = hxxp://search.certified-toolbar.com?si=43251&tid=3623&ts=1366761384805&tguid=43251-3623-1366761297427-934045&st=chrome&q=
uProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://start.facemoods.com/?a=stonicla&s={searchTerms}&f=4
mURLSearchHooks: {855F3B16-6D32-4fe6-8A56-BBB695989046} - <orphaned>
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
BHO: HomeTab: {036451d5-97b6-4882-a0cb-0f3b6de4df8d} - C:\Users\Kryštof\AppData\Roaming\HomeTab\HomeTab.dll
BHO: hosts: {11111111-1111-1111-1111-110311531182} - C:\Program Files (x86)\hosts\hosts-bho.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: PDF Architect Helper: {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
BHO: DivX HiQ: {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: CescrtHlpr Object: {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\bh\facemoods.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Pomocná služba pro prihlášení k úctu Microsoft: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
TB: facemoods Toolbar: {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\facemoodsTlbr.dll
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
TB: HomeTab: {036451d5-97b6-4882-a0cb-0f3b6de4df8d} - C:\Users\Kryštof\AppData\Roaming\HomeTab\HomeTab.dll
TB: PDF Architect Toolbar: {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [OscarEditor] "C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe" Minimum
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
uRun: [Akamai NetSession Interface] "C:\Users\Kryštof\AppData\Local\Akamai\netsession_win.exe"
uRun: [T-Mobile Communication Centre] "C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
uRun: [AdobeBridge] <no file>
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\facemoodssrv.exe" /md I
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [mslylbSrv] "C:\Windows\System32\mslylb.vbe" msthjnay mslnludk
mRun: [Printsrv] C:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs
mRun: [MSStp] C:\Windows\System32\msstp.vbe
mRun: [mncdebbtSrv] C:\Windows\inf\mncdebbt.vbe
mRun: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
uPolicies-Explorer: NoDriveAutoRun = dword:16
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zarízení &Bluetooth... - <no file>
IE: Odeslat stránku do zarízení &Bluetooth... - <no file>
IE: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {537675de-6231-4c94-a204-c14207cd8f6f} - {036451d5-97b6-4882-a0cb-0f3b6de4df8d}
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: NameServer = 192.168.6.1
TCP: Interfaces\{8F357176-CAB3-411C-8E18-2AC5DC8093C2} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{8F357176-CAB3-411C-8E18-2AC5DC8093C2}\1405F535C4142495 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{B2F5C850-6C9F-4402-A060-F0DEB39DD66B} : DHCPNameServer = 192.168.6.1
TCP: Interfaces\{E35EB20D-627F-4DE3-AF97-787826538736} : DHCPNameServer = 192.168.6.1
TCP: Interfaces\{E35EB20D-627F-4DE3-AF97-787826538736}\1405F535C616269723 : DHCPNameServer = 192.168.6.1
TCP: Interfaces\{E35EB20D-627F-4DE3-AF97-787826538736}\25567696F6A45647 : DHCPNameServer = 192.168.2.254
TCP: Interfaces\{E35EB20D-627F-4DE3-AF97-787826538736}\4505D2C494E4B4F5441423034383 : DHCPNameServer = 213.46.172.36 213.46.172.37
TCP: Interfaces\{E35EB20D-627F-4DE3-AF97-787826538736}\46F6D616 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{E35EB20D-627F-4DE3-AF97-787826538736}\65C6163686021405024756C6E2737353631363737313 : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{F22B6815-DAA6-4981-8A88-266762469A90} : DHCPNameServer = 192.168.42.129
Filter: application/xhtml+xml - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll
Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll
Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll
Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll
Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {981b174d-7733-4e7f-b89d-6545a7c21838} - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonTaskbarApp.exe /pin:
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll
x64-Run: [ETDWare] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe MySyncFolder
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Filter: application/xhtml+xml - {32F66A26-7614-11D4-BD11-00104BD3F987} - <orphaned>
x64-Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - <orphaned>
x64-Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - <orphaned>
x64-Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - <orphaned>
x64-Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - <orphaned>
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 lullaby;lullaby;C:\Windows\System32\drivers\lullaby.sys [2010-4-9 15928]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-1-25 268512]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2014-2-13 21184]
R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2010-4-9 379520]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-1-22 202752]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service;C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2012-8-22 123320]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]
R2 Autodesk Content Service;Autodesk Content Service;C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-1-31 19232]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2014-5-21 123152]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2014-5-21 385808]
R2 BstHdUpdaterSvc;BlueStacks Updater Service;C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2014-5-21 774928]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-4-11 1390720]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-4-11 1764992]
R2 cpuz135;cpuz135;C:\Windows\System32\drivers\cpuz135_x64.sys [2011-6-11 21992]
R2 PanService;PandoraService;C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-11-23 625304]
R2 PDF Architect Service;PDF Architect Service;C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-4-8 799280]
R2 tmpreflt;tmpreflt;C:\Windows\System32\drivers\tmpreflt.sys [2010-12-25 42576]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-4-9 2314240]
R2 Updater Service for AMZN;Updater Service for AMZN;C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe [2013-3-21 222368]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-4-9 35104]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2010-1-18 128512]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-4-9 56344]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2012-6-30 87040]
R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2009-8-18 143472]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);C:\Windows\System32\drivers\JME.sys [2009-12-4 107120]
S2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2014-5-21 402192]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 PDF Architect Helper Service;PDF Architect Helper Service;C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-4-8 1320496]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 athur;Atheros AR9271 Wireless Network Adapter Service;C:\Windows\System32\drivers\athurx.sys [2010-1-5 1847296]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2012-6-30 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\drivers\ew_usbenumfilter.sys [2012-6-30 13952]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-9-27 1432400]
S3 huawei_cdcacm;huawei_cdcacm;C:\Windows\System32\drivers\ew_jucdcacm.sys [2012-6-30 98304]
S3 huawei_ext_ctrl;huawei_ext_ctrl;C:\Windows\System32\drivers\ew_juextctrl.sys [2012-6-30 28672]
S3 huawei_wwanecm;huawei_wwanecm;C:\Windows\System32\drivers\ew_juwwanecm.sys [2012-6-30 218624]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-11 111616]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 133928]
S3 NisSrv;Kontrola síte Microsoft;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-3-11 347872]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
S3 PrintNotify;Rozšírení a oznámení tiskárny;C:\Windows\System32\svchost.exe -k print [2009-7-14 27136]
S3 RTCore64;RTCore64;C:\Program Files (x86)\RMClock\RTCore64.sys [2011-6-11 7168]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TmProxy;Trend Micro Proxy Service;C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [2010-4-9 917768]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-4-30 59392]
S3 WatAdminSvc;Služba Technologie aktivace Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-28 1255736]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1"
.
=============== Created Last 30 ================
.
2014-07-05 16:25:38 -------- d-----w- C:\FRST
2014-07-05 16:03:16 -------- d-----w- C:\Program Files (x86)\sweetpacks bundle uninstaller_SweetPlayer_1348381
2014-07-05 15:57:10 -------- d-----w- C:\Program Files\CCleaner
2014-07-05 10:04:53 10779000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A205C4A7-5E1F-4E03-9511-96704388805E}\mpengine.dll
2014-07-04 07:56:57 1031560 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8C1BFBE5-123C-4D3F-9DE0-1E814EE944FA}\gapaengine.dll
2014-07-04 07:56:32 10779000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-06-21 18:53:12 -------- d-----w- C:\Users\Kryštof\AppData\Local\Amazon Browser Bar
2014-06-21 18:52:51 -------- d-----w- C:\Program Files (x86)\Amazon Browser Bar
2014-06-21 18:51:47 -------- d-----w- C:\Program Files (x86)\Amazon
2014-06-21 18:51:10 -------- d-----w- C:\Program Files (x86)\Advanced Disk Recovery
2014-06-21 18:51:02 -------- d-----w- C:\Program Files (x86)\PC Cleaner
2014-06-21 18:50:51 -------- d-----w- C:\Program Files (x86)\Systweak Support Dock
2014-06-21 15:52:21 -------- d-----w- C:\Users\Kryštof\AppData\Roaming\systweak
2014-06-21 15:52:15 -------- d-----w- C:\Program Files (x86)\RegClean Pro
2014-06-11 07:01:01 801280 ----a-w- C:\Windows\System32\usp10.dll
2014-06-11 07:01:01 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2014-06-11 07:01:00 288192 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-06-11 07:01:00 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
.
==================== Find3M ====================
.
2014-07-04 09:38:53 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2014-05-30 10:02:37 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-30 10:02:09 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-05-30 09:39:43 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-05-30 09:39:23 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-05-30 09:38:29 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-05-30 09:21:23 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-05-30 09:21:05 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-05-30 09:20:36 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-05-30 09:11:24 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-05-30 09:08:22 5782528 ----a-w- C:\Windows\System32\jscript9.dll
2014-05-30 09:02:39 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-30 08:55:36 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-05-30 08:44:28 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-05-30 08:43:06 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-05-30 08:42:16 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-05-30 08:28:33 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-05-30 08:27:56 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-05-30 08:24:19 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-05-30 08:23:22 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-05-30 08:10:46 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-05-30 07:56:56 2266112 ----a-w- C:\Windows\System32\wininet.dll
2014-05-30 07:56:50 4244992 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-05-30 07:50:09 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-05-30 07:49:38 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-05-30 07:21:10 1790976 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-05-13 17:57:37 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-13 17:57:37 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-09 06:14:03 477184 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-09 06:11:23 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2009-04-08 17:31:56 106496 ----a-w- C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45:20 155648 ----a-w- C:\Program Files (x86)\Common Files\MSIactionall.dll
.
============= FINISH: 18:34:58.04 ===============

Re: Preventivni kontrola

Napsal: 09 črc 2014 14:10
od motji
Zdravím :)

:arrow: Stáhněte Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
-Uložte program na plochu a spusťte . Pak se zobrazí se licenční podminky - potvrďte start libovolnou klávesou.
- vytvoří se záloha a proběhne skenování.
Po skončení skenování na Vás vyběhne log (bude uložen v c:\JRT jako JRT.txt) - zkopírujte jej sem

:arrow: Stáhněte AdwCleaner http://www.bleepingcomputer.com/download/adwcleaner/
-Uložte program na plochu a ukončete všechny spuštěné programy .
-spusťte AdwCleaner, klikněte na Scan a po dokončení skenu na Clean
- provede se oprava, restartuje se pc - (případně restartujte) a objeví se log C:\AdwCleaner\AdwCleaner.txt , obsah logu zkopírujte zde.

:arrow: Použijte :arrow: CCleaner http://forum.viry.cz/viewtopic.php?f=46&t=7478
---------------

Re: Preventivni kontrola

Napsal: 12 črc 2014 18:32
od krystof37
# AdwCleaner v3.215 - Report created 12/07/2014 at 19:27:08
# Updated 09/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Kryštof - PCKRYSTOF37
# Running from : C:\Users\Kryštof\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : Updater Service for AMZN

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Cleaner
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Systweak Support Dock
Folder Deleted : C:\Program Files (x86)\1ClickDownload
Folder Deleted : C:\Program Files (x86)\Amazon\ABB
Folder Deleted : C:\Program Files (x86)\Browser Updater
Folder Deleted : C:\Program Files (x86)\Gophoto.it
Folder Deleted : C:\Program Files (x86)\HomeTab
Folder Deleted : C:\Program Files (x86)\PC Cleaner
Folder Deleted : C:\Program Files (x86)\Systweak Support Dock
Folder Deleted : C:\Windows\Installer\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Folder Deleted : C:\Users\Kryštof\AppData\Local\Amazon Browser Bar
Folder Deleted : C:\Users\Kryštof\AppData\Local\apn
Folder Deleted : C:\Users\Kryštof\AppData\Local\PackageAware
Folder Deleted : C:\Users\Kryštof\AppData\Local\RavenBleuSA
Folder Deleted : C:\Users\Kryštof\AppData\LocalLow\HomeTab
Folder Deleted : C:\Users\Kryštof\AppData\Roaming\HomeTab
Folder Deleted : C:\Users\Kryštof\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Users\Kryštof\Documents\Updater
Folder Deleted : C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Folder Deleted : C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Folder Deleted : C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp
File Deleted : C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\OneClickDownloader@OneClickDownloader.com.xpi
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\toolbar@ask.com\searchplugins\Askcom.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\Web Search.xml
File Deleted : C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\Web Search.xml
File Deleted : C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\[opt]rs0\searchplugins\Web Search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Web Search.xml
File Deleted : C:\Windows\System32\Tasks\BrowserProtect
File Deleted : C:\Windows\System32\Tasks\Funmoods
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{0F827075-B026-42F3-885D-98981EE7B1AE}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Key Deleted : HKCU\Software\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Key Deleted : HKCU\Software\5a0dad0b434e817
Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKLM\SOFTWARE\5a0dad0b434e817
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{929801A8-4AEF-4D12-BE31-D85BF666452B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5B99E41-E157-4209-8AAC-DB003A816079}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AD20D01C-C939-4DD2-8C55-56935A48987E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E95EAD3F-18C6-4304-9DC6-BD6FD8E11D37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{929801A8-4AEF-4D12-BE31-D85BF666452B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFDF9EF3-3C3A-4F05-9A6E-5D3B778EC567}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKCU\Software\facemoods.com
Key Deleted : HKCU\Software\ProtectedSearch
Key Deleted : HKLM\Software\facemoods.com
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\PIP
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Amazon Browser Settings
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A81A974F-8A22-43E6-9243-5198FF758DA1}
Key Deleted : HKLM\Software\Classes\Installer\Features\547B38670606DF14AA57B0BB83F3AE4D
Key Deleted : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\Software\Classes\Installer\Products\547B38670606DF14AA57B0BB83F3AE4D
Key Deleted : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]

-\\ Mozilla Firefox v

[ File : C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "Web Search");
Line Deleted : user_pref("browser.search.defaultengine", "Web Search");
Line Deleted : user_pref("browser.search.selectedEngine", "Web Search");user_pref("browser.search.order.1", "Web Search");
Line Deleted : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=43251&tid=3623&ts=1366761384805&tguid=43251-3623-1366761297427-934045&st=chrome&q=");

[ File : C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "Web Search");
Line Deleted : user_pref("browser.search.defaultengine", "Web Search");
Line Deleted : user_pref("browser.search.selectedEngine", "Web Search");
Line Deleted : user_pref("browser.search.order.1", "Web Search");
Line Deleted : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=43251&tid=3623&ts=1366761384805&tguid=43251-3623-1366761297427-934045&st=chrome&q=");

[ File : C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\[opt]rs0\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "Web Search");
Line Deleted : user_pref("browser.search.defaultengine", "Web Search");
Line Deleted : user_pref("browser.search.selectedEngine", "Web Search");user_pref("browser.search.order.1", "Web Search");
Line Deleted : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=43251&tid=3623&ts=1366761384805&tguid=43251-3623-1366761297427-934045&st=chrome&q=");

-\\ Google Chrome v

[ File : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : aaaaojmikegpiepcfdkkjaplodkpfmlo
Deleted [Extension] : cflheckfmhopnialghigdlggahiomebp
Deleted [Extension] : pbjikboenpfhbbejgkoklgkhjpfogcam
Deleted [Extension] : pfmopbbadnfoelckkcmjjeaaegjpjjbk

*************************

AdwCleaner[R0].txt - [23013 octets] - [12/07/2014 19:26:15]
AdwCleaner[S0].txt - [21378 octets] - [12/07/2014 19:27:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [21439 octets] ##########


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Kryštof on 12.07.2014 at 19:14:22.33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apnupdater
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\facemoods
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\optimizer pro
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Bar
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\Default_Search_URL
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sim-packages
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetim_urlsearchhook.toolbarurlsearchhook
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\wtb.band
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\wtb.band.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\genericasktoolbar.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\hometab.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\yontooieclient.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\cr_installer
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\distromatic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\funmoods
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\hometab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\incredibar.com
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\mediafinder
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\optimizer pro
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\simplytech
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smarttweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\simplytech
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\download with &media finder
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dttoolbar.toolbandobj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dttoolbar.toolbandobj.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.escrtsrvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.escrtsrvc.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\facemoods.dskbnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\facemoods.dskbnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\facemoods.facemoodshlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\facemoods.facemoodshlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\facemoods.xtrnl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\facemoods.xtrnl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\facemoodsapp.appcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\facemoodsapp.appcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mf
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.notificationsource
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.notificationsource.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.sourcesinkimpl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.sourcesinkimpl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.toolbarinfo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.toolbarinfo.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\babylontoolbarsrv_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\babylontoolbarsrv_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bundlesweetimsetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bundlesweetimsetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\facemoods_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\facemoods_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\facemoodssrv_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\facemoodssrv_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\facemoods
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\protected search_is1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7683b745-6060-41fd-aa75-0bbb383fead4}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86d4b82a-abed-442a-be86-96357b70f4fe}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{a7bc02af-1128-4a31-bcf8-1a3ee803d3b3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{a81a974f-8a22-43e6-9243-5198ff758da1}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{c3e85ee9-5892-4142-b537-bceb3dac4c3d}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0035382.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0035382.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0035382.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0035382.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311531182}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322532282}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355535582}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366536682}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440344534482}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311531182}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322532282}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550355535582}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366536682}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440344534482}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0035382.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0035382.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0035382.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0035382.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355535582}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366536682}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440344534482}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311531182}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311531182}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_fbreader_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_fbreader_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_ybook_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_ybook_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311531182}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550355535582}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366536682}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440344534482}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNToolbarInstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNToolbarInstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_fbreader_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_fbreader_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_ybook_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_ybook_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4289AC35-18F4-42BA-971D-8A1AE24C0B4F}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486B-A045-B233BD0DA8FC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{036451d5-97b6-4882-a0cb-0f3b6de4df8d}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{036451d5-97b6-4882-a0cb-0f3b6de4df8d}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{64182481-4F71-486b-A045-B233BD0DA8FC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\apn"
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_current_user\software\ask.com"
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
Successfully deleted: [Registry Key] "hkey_current_user\software\pip"
Successfully deleted: [Registry Key] "hkey_local_machine\software\apn"
Successfully deleted: [Registry Key] "hkey_local_machine\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\appid\{9b0cb95c-933a-4b8c-b6d4-edcd19a43874}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\typelib\{2996f0e7-292b-4cae-893f-47b8b1c05b56}"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\big fish games"
Successfully deleted: [Folder] "C:\ProgramData\ibupdaterservice"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\ProgramData\sweetim"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\Kryštof\AppData\Roaming\babsolution"
Successfully deleted: [Folder] "C:\Users\Kryštof\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Kryštof\AppData\Roaming\funmoods"
Successfully deleted: [Folder] "C:\Users\Kryštof\AppData\Roaming\media finder"
Successfully deleted: [Folder] "C:\Users\Kryštof\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Kryštof\AppData\Roaming\pdfforge"
Successfully deleted: [Folder] "C:\Users\Kryštof\AppData\Roaming\performersoft"
Successfully deleted: [Folder] "C:\Users\Kryštof\AppData\Roaming\simplytech"
Successfully deleted: [Folder] "C:\Users\Kryštof\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\Kryštof\appdata\locallow\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\Kryštof\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Kryštof\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Kryštof\appdata\locallow\facemoods.com"
Successfully deleted: [Folder] "C:\Users\Kryštof\appdata\locallow\simplytech"
Successfully deleted: [Folder] "C:\Users\Kryštof\appdata\locallow\sweetim"
Successfully deleted: [Folder] "C:\Program Files (x86)\amazon browser bar"
Successfully deleted: [Folder] "C:\Program Files (x86)\basicscan"
Successfully deleted: [Folder] "C:\Program Files (x86)\daemon tools toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\facemoods.com"
Successfully deleted: [Folder] "C:\Program Files (x86)\hosts"
Successfully deleted: [Folder] "C:\Program Files (x86)\icq6toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\optimizer pro"
Successfully deleted: [Folder] "C:\Program Files (x86)\protected search"
Successfully deleted: [Folder] "C:\Program Files (x86)\regclean pro"
Successfully deleted: [Folder] "C:\Program Files (x86)\sweetim"
Successfully deleted: [Folder] "C:\Program Files (x86)\yontoo"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\protected search"
Successfully deleted: [Folder] "C:\Users\Kryštof\AppData\Roaming\microsoft\windows\start menu\programs\browserprotect"
Successfully deleted: [Folder] "C:\Users\Kryštof\AppData\Roaming\microsoft\windows\start menu\programs\torntv.com"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Folder] "C:\ProgramData\ask"
Successfully deleted: [Folder] "C:\Users\Kryštof\appdata\locallow\asktoolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\ask.com"
Successfully deleted: [Folder] "C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}"



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Kryštof\appdata\local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.07.2014 at 19:26:00.75
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Re: Preventivni kontrola

Napsal: 13 črc 2014 09:28
od motji
Fuj :D

Ještě použijte mbam, log vložte zde :)
http://forum.viry.cz/viewtopic.php?f=29&t=137928

Re: Preventivni kontrola

Napsal: 13 črc 2014 10:24
od krystof37
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 13.07.2014
Scan Time: 11:01:29
Logfile: Malwarebytes Anti-Malware.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.13.01
Rootkit Database: v2014.07.09.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Kryštof

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 431123
Time Elapsed: 16 min, 11 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 14
Adware.Zwangi, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33524C00-63FB-43DB-A6BF-0A4E14B24649}, , [897ceeb17308f73fc964a0c8da2845bb],
PUP.Optional.FaceMoods.A, HKU\S-1-5-21-2626375623-2613348435-3061783339-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{64182481-4F71-486B-A045-B233BD0DA8FC}, , [cf36d0cf7cff23139dc0084cfc06659b],
PUP.Optional.FaceMoods.A, HKU\S-1-5-21-2626375623-2613348435-3061783339-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{64182481-4F71-486B-A045-B233BD0DA8FC}, , [cf36d0cf7cff23139dc0084cfc06659b],
PUP.Optional.FrostwireTB.A, HKU\S-1-5-21-2626375623-2613348435-3061783339-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D4027C7F-154A-4066-A1AD-4243D8127440}, , [57ae712e314aac8ace42018da0627987],
PUP.Optional.FrostwireTB.A, HKU\S-1-5-21-2626375623-2613348435-3061783339-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D4027C7F-154A-4066-A1AD-4243D8127440}, , [57ae712e314aac8ace42018da0627987],
PUP.Optional.FaceMoods.A, HKU\S-1-5-21-2626375623-2613348435-3061783339-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}, , [e322c5dab3c861d5fa64c98bfe044bb5],
PUP.Optional.FaceMoods.A, HKU\S-1-5-21-2626375623-2613348435-3061783339-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}, , [e322c5dab3c861d5fa64c98bfe044bb5],
PUP.Optional.SweetPacks, HKU\S-1-5-21-2626375623-2613348435-3061783339-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{EEE6C35C-6118-11DC-9C72-001320C79847}, , [4cb90b947dfe2c0a7f8b93c5fe04e31d],
PUP.Optional.SweetPacks, HKU\S-1-5-21-2626375623-2613348435-3061783339-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{EEE6C35C-6118-11DC-9C72-001320C79847}, , [4cb90b947dfe2c0a7f8b93c5fe04e31d],
PUP.Optional.Yontoo.A, HKU\S-1-5-21-2626375623-2613348435-3061783339-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}, , [d530d3cc0f6ced491044470ba65cc937],
PUP.Optional.Yontoo.A, HKU\S-1-5-21-2626375623-2613348435-3061783339-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}, , [d530d3cc0f6ced491044470ba65cc937],
Trojan.Agent.CK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{0444801E-91E0-35DE-5197-78C32D860F38}_is1, , [19ec58471d5ea4920f902be0818311ef],
PUP.Optional.Hosts.A, HKLM\SOFTWARE\WOW6432NODE\HOSTS\INSTALLER, , [f510b3ecd8a37db95910ab3207fbee12],
PUP.Optional.SuperFish.A, HKU\S-1-5-21-2626375623-2613348435-3061783339-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, , [bf46039cdaa1bf7700b5a21a7d858779],

Registry Values: 4
Trojan.BitcoinMiner, HKU\S-1-5-21-2626375623-2613348435-3061783339-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SysProc, C:\Users\Public\Public\run_shc.lnk, , [9b6a1689205b6dc907447f8b867ef709]
PUP.Optional.Hosts.A, HKLM\SOFTWARE\WOW6432NODE\HOSTS\INSTALLER|BundledIe, 1, , [f510b3ecd8a37db95910ab3207fbee12]
PUP.Optional.CertifiedToolBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), http://search.certified-toolbar.com?si= ... 34045&q=%s, , [63a2257aee8d013535a1407e020044bc]
Trojan.Agent.VBSGen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|mslylbSrv, "C:\Windows\system32\mslylb.vbe" msthjnay mslnludk, , [d62f752a0378f54189b7e3fbaf53ed13]

Registry Data: 1
PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-2626375623-2613348435-3061783339-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), http://search.certified-toolbar.com?si= ... 34045&q=%s, Good: (www.google.com), Bad: (http://search.certified-toolbar.com?si= ... 34045&q=%s),,[52b3e9b63a4141f5f3aaf2ac897bd828]

Folders: 5
Trojan.BitcoinMiner, C:\Users\Public\Public, , [9b6a1689205b6dc907447f8b867ef709],
Trojan.Agent.CK, C:\Program Files (x86)\Minecraft 1.5.2 plna hra, , [19ec58471d5ea4920f902be0818311ef],
Trojan.Agent.BCM, C:\Windows\inf\mncdebbt, , [b253c7d86d0e8aac190fd8c88c767888],
Trojan.Agent.BCM, C:\Windows\inf\mncdebbt\bitstreams, , [b253c7d86d0e8aac190fd8c88c767888],
PUP.Optional.AmazonBrowserBar.A, C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam, , [7194bee1b0cb9b9b8050c4ef1ee4a957],

Files: 44
PUP.Optional.RegCleanPro, C:\Users\Kryštof\AppData\Local\Temp\rcpsetup_sdl_la_sdl_la.exe, , [6a9bc4dbc4b7c86e584c37fd1ae6d52b],
PUP.Proxy.BCM, C:\Users\Public\Public\mining_proxy.exe, , [7f865e4191eaba7cce50779fbb450ff1],
PUP.Optional.Somoto.A, C:\Users\Kryštof\AppData\Local\Application Data\Bundled software uninstaller\biclient.exe, , [5ea7722dd0abee48915cc55957aa39c7],
Trojan.BitCoinMiner, C:\Windows\expIorer.exe, , [7c89851a3447fa3c97fe35dabe43c040],
PUP.Optional.SweetIM, C:\Windows\Installer\4a67c.msi, , [7c89bfe024576ec867a4f6cc8084c838],
PUP.Optional.SweetIM, C:\Windows\Installer\4a6e1.msi, , [bc499a050a7162d4f318dde5e51fcf31],
PUP.Optional.SweetIM, C:\Windows\Installer\4a6f6.msi, , [768f5d422d4e60d624e7b210e71d14ec],
PUP.Optional.FaceMoods.A, C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrchstonicla.xml, , [4db8217ecdae85b19d615c65fd05916f],
Trojan.Agent.VBS, C:\Windows\SysWOW64\msstp.vbe, , [ef16a1fe502bc472827a8256649e728e],
Trojan.Script, C:\Windows\SysWOW64\mslnludk.vbe, , [c73e9b047209270fd36d1bc6fe041ce4],
Trojan.Script, C:\Windows\SysWOW64\mslylb.vbe, , [669f2f70512a082e4cf4ca17bd45857b],
Trojan.Script, C:\Windows\SysWOW64\msthjnay.vbe, , [798ce3bc3843c5714af6cf122bd79967],
Trojan.BitcoinMiner, C:\Users\Public\Public\run.vbs, , [9b6a1689205b6dc907447f8b867ef709],
Trojan.BitcoinMiner, C:\Users\Public\Public\game.bat, , [9b6a1689205b6dc907447f8b867ef709],
Trojan.BitcoinMiner, C:\Users\Public\Public\game.vbs, , [9b6a1689205b6dc907447f8b867ef709],
Trojan.BitcoinMiner, C:\Users\Public\Public\libcurl.dll, , [9b6a1689205b6dc907447f8b867ef709],
Trojan.BitcoinMiner, C:\Users\Public\Public\mining_proxy.exe, , [9b6a1689205b6dc907447f8b867ef709],
Trojan.BitcoinMiner, C:\Users\Public\Public\pthreadGC2.dll, , [9b6a1689205b6dc907447f8b867ef709],
Trojan.BitcoinMiner, C:\Users\Public\Public\run.bat, , [9b6a1689205b6dc907447f8b867ef709],
Trojan.BitcoinMiner, C:\Users\Public\Public\run_shc.lnk, , [9b6a1689205b6dc907447f8b867ef709],
Trojan.BitcoinMiner, C:\Users\Public\Public\zlib1.dll, , [9b6a1689205b6dc907447f8b867ef709],
Trojan.Agent.CK, C:\Program Files (x86)\Minecraft 1.5.2 plna hra\unins000.dat, , [19ec58471d5ea4920f902be0818311ef],
Trojan.Agent.CK, C:\Program Files (x86)\Minecraft 1.5.2 plna hra\Minecraft 1.5.2 plna hra.exe, , [19ec58471d5ea4920f902be0818311ef],
Trojan.Agent.CK, C:\Program Files (x86)\Minecraft 1.5.2 plna hra\unins000.exe, , [19ec58471d5ea4920f902be0818311ef],
PUP.Optional.AmazonBrowserBar.A, C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pbjikboenpfhbbejgkoklgkhjpfogcam_0.localstorage, , [3dc8d6c9e79493a33c61e82de91bb44c],
Trojan.Agent.BCM, C:\Windows\inf\mncdebbt\diablo130302.cl, , [b253c7d86d0e8aac190fd8c88c767888],
Trojan.Agent.BCM, C:\Windows\inf\mncdebbt\diakgcn121016.cl, , [b253c7d86d0e8aac190fd8c88c767888],
Trojan.Agent.BCM, C:\Windows\inf\mncdebbt\libcurl-4.dll, , [b253c7d86d0e8aac190fd8c88c767888],
Trojan.Agent.BCM, C:\Windows\inf\mncdebbt\libeay32.dll, , [b253c7d86d0e8aac190fd8c88c767888],
Trojan.Agent.BCM, C:\Windows\inf\mncdebbt\libidn-11.dll, , [b253c7d86d0e8aac190fd8c88c767888],
Trojan.Agent.BCM, C:\Windows\inf\mncdebbt\librtmp.dll, , [b253c7d86d0e8aac190fd8c88c767888],
Trojan.Agent.BCM, C:\Windows\inf\mncdebbt\libssh2.dll, , [b253c7d86d0e8aac190fd8c88c767888],
Trojan.Agent.BCM, C:\Windows\inf\mncdebbt\mncdebbt.exe, , [b253c7d86d0e8aac190fd8c88c767888],
Trojan.Agent.BCM, C:\Windows\inf\mncdebbt\phatk121016.cl, , [b253c7d86d0e8aac190fd8c88c767888],
Trojan.Agent.BCM, C:\Windows\inf\mncdebbt\poclbm130302.cl, , [b253c7d86d0e8aac190fd8c88c767888],
Trojan.Agent.BCM, C:\Windows\inf\mncdebbt\scrypt130511.cl, , [b253c7d86d0e8aac190fd8c88c767888],
Trojan.Agent.BCM, C:\Windows\inf\mncdebbt\ssleay32.dll, , [b253c7d86d0e8aac190fd8c88c767888],
Trojan.Agent.BCM, C:\Windows\inf\mncdebbt\zlib1.dll, , [b253c7d86d0e8aac190fd8c88c767888],
Trojan.Agent.BCM, C:\Windows\inf\mncdebbt\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [b253c7d86d0e8aac190fd8c88c767888],
PUP.Optional.AmazonBrowserBar.A, C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\000003.log, , [7194bee1b0cb9b9b8050c4ef1ee4a957],
PUP.Optional.AmazonBrowserBar.A, C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\CURRENT, , [7194bee1b0cb9b9b8050c4ef1ee4a957],
PUP.Optional.AmazonBrowserBar.A, C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\LOCK, , [7194bee1b0cb9b9b8050c4ef1ee4a957],
PUP.Optional.AmazonBrowserBar.A, C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\LOG, , [7194bee1b0cb9b9b8050c4ef1ee4a957],
PUP.Optional.AmazonBrowserBar.A, C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam\MANIFEST-000002, , [7194bee1b0cb9b9b8050c4ef1ee4a957],

Physical Sectors: 0
(No malicious items detected)


(end)

Re: Preventivni kontrola

Napsal: 13 črc 2014 19:53
od motji
Vše smažte. Co počítač?

Re: Preventivni kontrola

Napsal: 13 črc 2014 21:01
od krystof37
Dobrá. Děkuji za pomoc.

Počítač funguje bez problémů.

Re: Preventivni kontrola

Napsal: 13 črc 2014 22:05
od motji
Není zač :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz