preventivni kontrola

Zpráva

tepan · #1 Příspěvek od **tepan** » 17 črc 2014 13:37

prosim o kontrolu logu...nedavno jsem preinstalovaval kvuli Facebooku Firefox a ted mi kdyz kliknu na ikonu firefoxu samotny internet nabiha cca 10 sekund.(coz je asi hodne)..jinak internet jede celkem slusne: pridal bych i log z FRST ale ten mi stale vyhazuje hlasku,ze ho nemam stazeny na plose(coz neni pravda),tak davam log z RSIT,a jeste chci dodat,ze e mi stale meni domovska stranka. A ted jsem dokonce zjistil,ze (nevim proc) mam zakazane Java script a Adobe Flash(opetovne je nainstaluji,az mi poradite)

Logfile of random's system information tool 1.10 (written by random/random)
Run by Tepan at 2014-07-17 14:27:23
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 8 GB (4%) free of 175 GB
Total RAM: 4095 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:27:27, on 17.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.199\jsdrv.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Full Tilt Poker\FullTiltPoker.exe
C:\Program Files (x86)\Full Tilt Poker\xc\xc.exe
c:\program files (x86)\mozilla firefox\firefox.exe
C:\Program Files\trend micro\Tepan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Adblocker - {570D52D9-1245-263F-C66E-0E31B1FE9110} - C:\Program Files (x86)\Adblocker\tHTAPmYF.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: piricechopp - {91D8A13F-99EF-13FB-482F-F2D951D08FD6} - C:\Program Files (x86)\piricechopp\xaX.dll
O2 - BHO: ShopperProBHO - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - C:\ProgramData\ShopperPro\ShopperPro.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: MySearch - {D0B32322-F814-34C8-D4F9-A5018DF28908} - C:\Program Files (x86)\MySearch\2H.dll
O2 - BHO: pricechop - {D58BFC1C-493E-22A8-2D7B-D3837EF25C8A} - C:\Program Files (x86)\pricechop\7p8HyxRE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DelReg] C:\Program Files (x86)\MSI\DualCoreCenter\DelReg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.199\jsdrv.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Tepan\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.199\jsdrv.exe
O4 - HKCU\..\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Stáhnout FDM - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video FDM - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané FDM - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše FDM - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Poker Heaven by Microgaming - {368C66AE-2DB5-4DED-AF32-94FF18B493E6} - C:\Microgaming\Poker\PokerHeavenMPP\MPPoker.exe (HKCU)
O9 - Extra button: Cool Hand Poker - {5A19D95F-A6BF-4B68-B8BD-BF4307CB794A} - C:\Microgaming\Poker\coolhandMPP\MPPoker.exe (HKCU)
O9 - Extra button: Betsson Poker by Microgaming - {E0D59277-8248-4CC0-A93E-42764DC4B641} - C:\Microgaming\Poker\BetssonMPP\MPPoker.exe (HKCU)
O9 - Extra button: 32Red Poker Room - {E5A68C59-481A-4A60-B532-F4AFC5767CFA} - C:\Microgaming\Poker\32RedMPP\MPPoker.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~2\sw-boo~1\assist~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) - Unknown owner - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: ShopperPro Update (SPBIUpd) - ShopperPro - C:\Program Files\Common Files\ShopperPro\spbiu.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 9726 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Windows\system32\rundll32.exe" "c:\progra~2\sw-boo~1\AssistantSvc.dll",service
"C:\Windows\system32\rundll32.exe" "c:\progra~2\sw-boo~1\AssistantSvc.dll",service
C:\Windows\Explorer.EXE
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe"
C:\Windows\SysWOW64\IoctlSvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Common Files\ShopperPro\spbiu.exe" /service
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:1996
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4d8ddb06-5913-4217-b6a2-31a517c86d05 -SystemEventPortName:HostProcess-834ee66a-7c68-42bd-a636-137ce577d2ce -IoCancelEventPortName:HostProcess-f77130ba-60e9-4e41-8d1b-aa732914e19c -NonStateChangingEventPortName:HostProcess-47dde4aa-e8ea-4765-9ac5-60e98794abfa -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3126223d-60da-4ad6-82d5-ab582b2ebca3 -DeviceGroupId:WpdFsGroup
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.199\jsdrv.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Full Tilt Poker\FullTiltPoker.exe"
"xc/xc.exe" ""/openTable:invisible" "/sharedName:pyr_00000a3800095907""
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe

"C:\Downloads\RSITx64.exe"
"c:\program files (x86)\mozilla firefox\firefox.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\ReimageUpdater.job - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe run_task
C:\Windows\tasks\SPBIW_UpdateTask_Time_313137363632353534382d50552d6c455a37575a417834.job - C:\Windows\system32\wscript.exe //B "C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe /invoke /f:check_services /l:0
C:\Windows\tasks\SW-Booster-S-792098896.job - c:\programdata\trusted publisher\sw-booster\SW-Booster.exe /schedule /profile "c:\programdata\trusted publisher\sw-booster\792098896.ini"
C:\Windows\tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job - C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe $(Arg0)
C:\Windows\tasks\YourFile DownloaderUpdate.job - C:\Program Files (x86)\YourFileDownloader Updater\YourFileUpdater.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\9dgbgoc5.default

prefs.js - "browser.startup.homepage" - "http://websearch.fastsearchings.info/?p ... Z&unqvl=56"
prefs.js - "keyword.URL" - ""

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{570D52D9-1245-263F-C66E-0E31B1FE9110}]
Adblocker - C:\Program Files (x86)\Adblocker\tHTAPmYF.x64.dll [2014-07-17 517120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91D8A13F-99EF-13FB-482F-F2D951D08FD6}]
piricechopp - C:\Program Files (x86)\piricechopp\xaX.x64.dll [2014-07-17 517120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]
Shopper Pro - C:\ProgramData\ShopperPro\ShopperPro64.dll [2014-07-16 500584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0B32322-F814-34C8-D4F9-A5018DF28908}]
MySearch - C:\Program Files (x86)\MySearch\2H.x64.dll [2013-07-17 517120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D58BFC1C-493E-22A8-2D7B-D3837EF25C8A}]
pricechop - C:\Program Files (x86)\pricechop\7p8HyxRE.x64.dll [2014-07-17 517120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{570D52D9-1245-263F-C66E-0E31B1FE9110}]
Adblocker - C:\Program Files (x86)\Adblocker\tHTAPmYF.dll [2013-07-17 458752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-05-07 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91D8A13F-99EF-13FB-482F-F2D951D08FD6}]
piricechopp - C:\Program Files (x86)\piricechopp\xaX.dll [2014-07-17 458752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]
Shopper Pro - C:\ProgramData\ShopperPro\ShopperPro.dll [2014-07-16 418664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
Free Download Manager - C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2013-10-25 365056]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0B32322-F814-34C8-D4F9-A5018DF28908}]
MySearch - C:\Program Files (x86)\MySearch\2H.dll [2013-07-17 458752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D58BFC1C-493E-22A8-2D7B-D3837EF25C8A}]
pricechop - C:\Program Files (x86)\pricechop\7p8HyxRE.dll [2014-07-17 458752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-05-07 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-09-09 12856936]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 1271072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"uTorrent"=C:\Users\Tepan\AppData\Roaming\uTorrent\uTorrent.exe [2014-07-04 1322832]
"SPDriver"=C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.199\jsdrv.exe [2014-07-16 3211776]
"Optimizer Pro"=C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [2014-07-13 146888]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-05-13 5181456]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808]
"DelReg"=C:\Program Files (x86)\MSI\DualCoreCenter\DelReg.exe [2008-05-13 196608]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-05-07 256896]
"SPDriver"=C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.199\jsdrv.exe [2014-07-16 3211776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\PROGRA~2\SW-BOO~1\ASSIST~2.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-07-17 05:41:57 ----D---- C:\Users\Tepan\AppData\Roaming\Optimizer Pro
2014-07-17 05:40:21 ----D---- C:\ProgramData\MySearch
2014-07-17 05:40:19 ----D---- C:\Program Files (x86)\MySearch
2014-07-17 05:39:57 ----D---- C:\Windows\SYSWOW64\X86
2014-07-17 05:39:57 ----D---- C:\Windows\SYSWOW64\AMD64
2014-07-17 05:39:57 ----D---- C:\Program Files (x86)\EZDownloader
2014-07-17 05:39:51 ----D---- C:\Program Files (x86)\Optimizer Pro
2014-07-17 05:39:16 ----D---- C:\ProgramData\Trusted Publisher
2014-07-17 05:39:05 ----D---- C:\Program Files (x86)\SW-Booster
2014-07-17 05:38:45 ----D---- C:\ProgramData\piricechopp
2014-07-17 05:38:43 ----D---- C:\Program Files (x86)\piricechopp
2014-07-17 05:35:17 ----D---- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-17 05:13:23 ----D---- C:\ProgramData\Adblocker
2014-07-17 05:13:20 ----D---- C:\Program Files (x86)\Adblocker
2014-07-17 05:13:05 ----D---- C:\ProgramData\pricechop
2014-07-17 05:12:51 ----D---- C:\Program Files (x86)\pricechop
2014-07-17 05:12:25 ----D---- C:\ProgramData\d109c10690b61419
2014-07-17 05:10:13 ----D---- C:\ProgramData\Reimage Protector
2014-07-17 05:10:06 ----D---- C:\ProgramData\ShopperPro
2014-07-17 05:10:04 ----D---- C:\Program Files\Common Files\ShopperPro
2014-07-17 05:10:01 ----D---- C:\Program Files (x86)\ShopperPro
2014-07-17 05:09:56 ----D---- C:\ProgramData\Reimage Express
2014-07-14 10:16:32 ----D---- C:\Users\Tepan\AppData\Roaming\YourFileDownloader
2014-07-14 10:16:32 ----D---- C:\Program Files (x86)\YourFileDownloader Updater
2014-07-14 09:57:56 ----D---- C:\Program Files\Reimage
2014-07-14 09:57:17 ----A---- C:\Windows\Reimage.ini
2014-07-13 13:55:09 ----D---- C:\Redbet
2014-07-12 12:10:15 ----D---- C:\Program Files (x86)\Microsoft Security Client
2014-07-12 12:10:10 ----D---- C:\Program Files\Microsoft Security Client
2014-07-11 21:38:35 ----D---- C:\Users\Tepan\AppData\Roaming\QuickScan
2014-07-11 14:21:25 ----A---- C:\Tepan.txt
2014-07-09 06:00:20 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-07-09 06:00:20 ----A---- C:\Windows\system32\win32k.sys
2014-07-09 06:00:19 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-07-09 06:00:19 ----A---- C:\Windows\system32\qedit.dll
2014-07-09 06:00:19 ----A---- C:\Windows\system32\osk.exe
2014-07-09 06:00:18 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-09 06:00:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-07-09 06:00:17 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-09 06:00:17 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-07-09 06:00:17 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-07-09 06:00:17 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-07-09 06:00:17 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-07-09 06:00:17 ----A---- C:\Windows\system32\iernonce.dll
2014-07-09 06:00:16 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-07-09 06:00:16 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-07-09 06:00:16 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-07-09 06:00:16 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 06:00:16 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-09 06:00:16 ----A---- C:\Windows\system32\iedkcs32.dll
2014-07-09 06:00:15 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-07-09 06:00:15 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-07-09 06:00:15 ----A---- C:\Windows\system32\urlmon.dll
2014-07-09 06:00:14 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-07-09 06:00:14 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-07-09 06:00:14 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-07-09 06:00:14 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-07-09 06:00:14 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-07-09 06:00:14 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-09 06:00:14 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 06:00:14 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-09 06:00:14 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-09 06:00:13 ----A---- C:\Windows\system32\iesetup.dll
2014-07-09 06:00:13 ----A---- C:\Windows\system32\iertutil.dll
2014-07-09 06:00:13 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-09 06:00:12 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-07-09 06:00:12 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-07-09 06:00:12 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-07-09 06:00:12 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-07-09 06:00:12 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-07-09 06:00:12 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-07-09 06:00:12 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-07-09 06:00:12 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-07-09 06:00:12 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-09 06:00:11 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-09 06:00:11 ----A---- C:\Windows\system32\ieui.dll
2014-07-09 06:00:11 ----A---- C:\Windows\system32\ieframe.dll
2014-07-09 06:00:11 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-09 06:00:10 ----A---- C:\Windows\system32\vbscript.dll
2014-07-09 06:00:10 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-09 06:00:10 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-09 06:00:10 ----A---- C:\Windows\system32\jscript9.dll
2014-07-09 06:00:10 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-09 06:00:10 ----A---- C:\Windows\system32\ieapfltr.dll
2014-07-09 06:00:09 ----A---- C:\Windows\system32\wininet.dll
2014-07-09 06:00:09 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 06:00:09 ----A---- C:\Windows\system32\msrating.dll
2014-07-09 06:00:09 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-07-09 06:00:08 ----A---- C:\Windows\system32\mshtml.dll
2014-07-09 05:59:37 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-07-09 05:59:37 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-07-09 05:59:37 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-07 23:00:20 ----D---- C:\Users\Tepan\AppData\Roaming\Microgaming
2014-07-07 22:58:24 ----D---- C:\ProgramData\MGS
2014-07-07 22:58:24 ----D---- C:\Microgaming
2014-07-06 07:03:52 ----A---- C:\Windows\DEIZCWU.TXT
2014-07-04 09:38:52 ----D---- C:\Program Files (x86)\PKR
2014-07-03 12:07:22 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-07-03 12:07:22 ----A---- C:\Windows\system32\mstscax.dll
2014-06-22 21:49:00 ----D---- C:\ProgramData\Ubisoft
2014-06-22 17:51:41 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-06-22 17:51:40 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-06-22 17:51:40 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-06-22 17:51:40 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2014-06-22 17:51:39 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2014-06-22 17:51:39 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2014-06-22 17:51:39 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-06-22 17:51:39 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2014-06-22 17:51:39 ----A---- C:\Windows\system32\wksprtPS.dll
2014-06-22 17:51:39 ----A---- C:\Windows\system32\wksprt.exe
2014-06-22 17:51:39 ----A---- C:\Windows\system32\TSWbPrxy.exe
2014-06-22 17:51:39 ----A---- C:\Windows\system32\tsgqec.dll
2014-06-22 17:51:39 ----A---- C:\Windows\system32\mstsc.exe
2014-06-22 17:51:39 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2014-06-22 17:51:38 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2014-06-22 17:51:38 ----A---- C:\Windows\system32\rdvidcrl.dll
2014-06-22 17:50:26 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-06-22 17:50:26 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-06-22 17:50:26 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-06-22 17:50:26 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-06-22 17:50:26 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-06-22 17:50:26 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-06-22 17:50:26 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-06-22 17:50:26 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-06-22 17:50:26 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-06-22 17:50:26 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-06-22 17:50:26 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-06-22 17:50:26 ----A---- C:\Windows\system32\secproc_isv.dll
2014-06-22 17:50:26 ----A---- C:\Windows\system32\secproc.dll
2014-06-22 17:50:26 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-06-22 17:50:26 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-06-22 17:50:26 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-06-22 17:50:26 ----A---- C:\Windows\system32\RMActivate.exe
2014-06-22 17:50:26 ----A---- C:\Windows\system32\msdrm.dll
2014-06-22 17:50:23 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2014-06-22 17:50:23 ----A---- C:\Windows\system32\iologmsg.dll
2014-06-22 17:50:23 ----A---- C:\Windows\system32\drivers\storport.sys
2014-06-22 17:50:23 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-06-22 17:50:23 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-06-22 17:50:19 ----A---- C:\Windows\system32\wwansvc.dll
2014-06-22 17:50:18 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-06-22 17:50:17 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2014-06-22 17:50:17 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-06-22 17:50:00 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-06-22 17:50:00 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-06-22 17:43:52 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2014-06-22 17:40:52 ----D---- C:\Users\Tepan\AppData\Roaming\Oracle
2014-06-22 17:31:15 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-06-22 17:31:10 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-06-22 17:31:10 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-06-22 17:31:10 ----A---- C:\Windows\SYSWOW64\java.exe
2014-06-22 11:59:53 ----D---- C:\Program Files (x86)\Steam

======List of files/folders modified in the last 1 month======

2014-07-17 14:27:26 ----D---- C:\Program Files\trend micro
2014-07-17 14:27:16 ----D---- C:\Downloads
2014-07-17 14:26:51 ----D---- C:\Windows\Temp
2014-07-17 14:25:52 ----D---- C:\Windows\system32\config
2014-07-17 14:15:39 ----D---- C:\Windows\Tasks
2014-07-17 12:13:44 ----D---- C:\Users\Tepan\AppData\Roaming\uTorrent
2014-07-17 12:09:24 ----D---- C:\Windows\System32
2014-07-17 12:09:24 ----D---- C:\Windows\inf
2014-07-17 12:09:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-17 11:06:51 ----AD---- C:\ProgramData\TEMP
2014-07-17 10:56:58 ----SHD---- C:\System Volume Information
2014-07-17 06:29:10 ----D---- C:\Users\Tepan\AppData\Roaming\vlc
2014-07-17 05:40:21 ----HD---- C:\ProgramData
2014-07-17 05:40:19 ----D---- C:\Program Files (x86)
2014-07-17 05:39:57 ----D---- C:\Windows\SysWOW64
2014-07-17 05:35:48 ----SHD---- C:\Windows\Installer
2014-07-17 05:35:46 ----D---- C:\Program Files
2014-07-17 05:35:17 ----D---- C:\Windows
2014-07-17 05:19:41 ----D---- C:\ProgramData\AVAST Software
2014-07-17 05:17:22 ----AD---- C:\Temp
2014-07-17 05:12:25 ----HD---- C:\Windows\system32\GroupPolicy
2014-07-17 05:12:25 ----D---- C:\Windows\SYSWOW64\GroupPolicy
2014-07-17 05:12:24 ----D---- C:\Users
2014-07-17 05:10:04 ----D---- C:\Program Files\Common Files
2014-07-17 05:09:40 ----D---- C:\Users\Tepan\AppData\Roaming\Seznam.cz
2014-07-16 12:55:26 ----D---- C:\Users\Tepan\AppData\Roaming\Free Download Manager
2014-07-14 07:51:29 ----D---- C:\Program Files (x86)\PacificPoker
2014-07-13 22:52:29 ----D---- C:\Users\Tepan\AppData\Roaming\DAEMON Tools Lite
2014-07-13 22:52:23 ----D---- C:\Windows\Logs
2014-07-13 22:52:23 ----D---- C:\Windows\debug
2014-07-13 22:41:11 ----D---- C:\Program Files (x86)\Google
2014-07-13 22:33:39 ----D---- C:\Windows\system32\drivers
2014-07-13 21:13:31 ----RD---- C:\Program Files (x86)\Skype
2014-07-13 20:59:02 ----D---- C:\Windows\winsxs
2014-07-13 20:29:13 ----D---- C:\Users\Tepan\AppData\Roaming\Skype
2014-07-13 12:56:06 ----SD---- C:\Users\Tepan\AppData\Roaming\Microsoft
2014-07-13 10:39:24 ----D---- C:\Program Files (x86)\Full Tilt Poker
2014-07-12 12:10:17 ----D---- C:\Windows\system32\catroot
2014-07-12 12:10:15 ----SD---- C:\ProgramData\Microsoft
2014-07-11 13:44:13 ----D---- C:\AdwCleaner
2014-07-11 13:40:54 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-11 06:51:14 ----D---- C:\Windows\system32\catroot2
2014-07-10 03:26:00 ----D---- C:\Program Files\Windows Journal
2014-07-10 03:25:59 ----D---- C:\Windows\SYSWOW64\en-US
2014-07-10 03:25:59 ----D---- C:\Windows\ehome
2014-07-10 03:25:59 ----D---- C:\Program Files\Internet Explorer
2014-07-10 03:25:58 ----D---- C:\Windows\system32\en-US
2014-07-10 03:25:58 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-10 03:05:53 ----D---- C:\ProgramData\Microsoft Help
2014-07-10 03:05:44 ----D---- C:\Windows\system32\MRT
2014-07-10 03:03:33 ----A---- C:\Windows\system32\MRT.exe
2014-07-07 22:59:49 ----D---- C:\Poker
2014-07-03 17:20:18 ----D---- C:\ProgramData\Skype
2014-07-03 17:20:12 ----D---- C:\Program Files (x86)\Common Files
2014-07-03 12:08:04 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-07-03 12:08:04 ----D---- C:\Windows\system32\cs-CZ
2014-07-01 22:15:15 ----RSD---- C:\Windows\assembly
2014-06-28 17:48:40 ----D---- C:\Program Files (x86)\PokerStars
2014-06-22 20:54:45 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-06-22 19:23:19 ----D---- C:\Program Files (x86)\Ubisoft
2014-06-22 18:57:22 ----D---- C:\Windows\SYSWOW64\wbem
2014-06-22 18:57:22 ----D---- C:\Windows\system32\wbem
2014-06-22 18:57:22 ----D---- C:\Windows\system32\DriverStore
2014-06-22 18:57:22 ----D---- C:\Windows\system32\drivers\en-US
2014-06-22 17:40:04 ----D---- C:\ProgramData\Oracle
2014-06-22 17:31:10 ----D---- C:\Program Files (x86)\Java
2014-06-22 14:12:56 ----D---- C:\Windows\Prefetch
2014-06-22 12:00:54 ----D---- C:\Program Files (x86)\Rockstar Games
2014-06-22 08:36:32 ----D---- C:\ProgramData\MFAData
2014-06-21 23:07:17 ----D---- C:\Stazeno z torrentu
2014-06-21 20:34:31 ----D---- C:\ProgramData\RELOADED
2014-06-21 20:31:07 ----D---- C:\Windows\SYSWOW64\directx
2014-06-21 14:32:46 ----D---- C:\Program Files (x86)\Call of Juarez Gunslinger
2014-06-19 06:37:23 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-18 09:16:24 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-05-13 191768]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-05-13 323352]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-05-13 130328]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-05-13 31512]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 268512]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-02-07 381440]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-05-13 152344]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-05-13 236312]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-05-13 235800]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-05-13 273176]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-04-20 49952]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-03-09 283064]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 133928]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-01-27 47632]
R2 SPDRIVER_1.37.0.199;SPDRIVER_1.37.0.199; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.199\jsdrv.sys [2014-07-16 52584]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 11278336]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 552960]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-09-13 3076456]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SPBIUpdd;ShopperPro UpdateD; \??\C:\Program Files\Common Files\ShopperPro\spbiw.sys [2014-07-16 41856]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-09-19 11880]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 11278336]
S3 cpuz130;cpuz130; \??\C:\Users\Tepan\AppData\Local\Temp\cpuz130\cpuz_x64.sys []
S3 cpuz134;cpuz134; \??\C:\Users\Tepan\AppData\Local\Temp\cpuz134\cpuz134_x64.sys []
S3 cpuz135;cpuz135; \??\C:\Users\Tepan\AppData\Local\Temp\cpuz135\cpuz135_x64.sys []
S3 ENTECH64;ENTECH64; \??\C:\Windows\system32\DRIVERS\ENTECH64.sys [2008-09-17 12744]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys []
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys []
S3 FLASHSYS;FLASHSYS; \??\C:\Program Files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys []
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys []
S3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys []
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys []
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys []
S3 NTIOLib_1_0_6;NTIOLib_1_0_6; \??\C:\Program Files (x86)\Setup Files\Ms7529v470\NTIOLib_X64.sys [2011-01-06 11888]
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 240640]
R2 d0e87c27;SW-Sustainer; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 23808]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-04-15 76888]
R2 SPBIUpd;ShopperPro Update; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2014-07-16 2346880]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2012-09-19 2365792]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 347872]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 ReimageRealTimeProtector;Reimage Real Time Protector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-15 257712]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-18 119408]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-06-30 542400]
S4 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-05-13 3644432]
S4 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-05-13 292424]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 17 črc 2014 15:17

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

tepan · #3 Příspěvek od **tepan** » 18 črc 2014 10:38

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Tepan on p 18.07.2014 at 14:56:01,58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ FireFox

Successfully deleted the following from C:\Users\Tepan\AppData\Roaming\mozilla\firefox\profiles\sdckyap9.default-1405284649585\prefs.js

user_pref("extensions.A6Wx9aGz9C.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\"
user_pref("extensions.A6Wx9aGz9C.url", "hxxp://jobfirstall.in/sync2/?q=hfZ9ofV9CShEAen0pjg4tMqLDe49CNU0n8OMCMlNhd9Fqda6rjCErHw9rdaMBzqUojw9rdCFpda4rHgGqch7hfs0pihPBMn0rHwErjUF
user_pref("extensions.dFpC.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 18.07.2014 at 15:02:54,22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.216 - Report created 18/07/2014 at 11:32:56
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Tepan - TEPAN-PC
# Running from : C:\Users\Tepan\Desktop\adwcleaner_3.216.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : d0e87c27
Service Deleted : SPBIUpd
Service Deleted : SPBIUpdd

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Adblocker
Folder Deleted : C:\ProgramData\ShopperPro
Folder Deleted : C:\ProgramData\Trusted Publisher
Folder Deleted : C:\ProgramData\piricechopp
Folder Deleted : C:\ProgramData\pricechop
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
Folder Deleted : C:\Program Files (x86)\Adblocker
Folder Deleted : C:\Program Files (x86)\EZDownloader
Folder Deleted : C:\Program Files (x86)\ShopperPro
Folder Deleted : C:\Program Files (x86)\SW-Booster
Folder Deleted : C:\Program Files (x86)\YourFileDownloader Updater
Folder Deleted : C:\Program Files (x86)\piricechopp
Folder Deleted : C:\Program Files (x86)\pricechop
Folder Deleted : C:\Program Files\Reimage
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Users\Tepan\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Tepan\AppData\Local\torch
Folder Deleted : C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\sdckyap9.default-1405284649585\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
Folder Deleted : C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\sdckyap9.default-1405284649585\Extensions\sppaooaylzc@jteu.com
Folder Deleted : C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\sdckyap9.default-1405284649585\Extensions\uoafwz@avr.com
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\elmilbmkonehdembhcgbbaokbmkfmfic
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\elmilbmkonehdembhcgbbaokbmkfmfic
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\elmilbmkonehdembhcgbbaokbmkfmfic
Folder Deleted : C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\elmilbmkonehdembhcgbbaokbmkfmfic
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnfldjjgdbhfomcnokkgehbecnpghmec
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnfldjjgdbhfomcnokkgehbecnpghmec
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnfldjjgdbhfomcnokkgehbecnpghmec
Folder Deleted : C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnfldjjgdbhfomcnokkgehbecnpghmec
File Deleted : C:\Users\Public\Desktop\EZDownloader.lnk
File Deleted : C:\Users\Tepan\Desktop\Optimizer Pro.lnk
File Deleted : C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\sdckyap9.default-1405284649585\searchplugins\WebSearch.xml
File Deleted : C:\Windows\Tasks\YourFile DownloaderUpdate.job
File Deleted : C:\Windows\Tasks\SW-Booster-S-792098896.job

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SPDriver]
Key Deleted : HKLM\SOFTWARE\Classes\pricechop.pricechop
Key Deleted : HKLM\SOFTWARE\Classes\pricechop.pricechop.3.9
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-792098896
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{d0e87c27}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{91D8A13F-99EF-13FB-482F-F2D951D08FD6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D58BFC1C-493E-22A8-2D7B-D3837EF25C8A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91D8A13F-99EF-13FB-482F-F2D951D08FD6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D58BFC1C-493E-22A8-2D7B-D3837EF25C8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{91D8A13F-99EF-13FB-482F-F2D951D08FD6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D58BFC1C-493E-22A8-2D7B-D3837EF25C8A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{91D8A13F-99EF-13FB-482F-F2D951D08FD6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{D58BFC1C-493E-22A8-2D7B-D3837EF25C8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91D8A13F-99EF-13FB-482F-F2D951D08FD6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D58BFC1C-493E-22A8-2D7B-D3837EF25C8A}
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\Software\SW-Booster
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\sw-boo~1\assist~1.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SW-BOO~1\ASSIST~2.DLL

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v30.0 (cs)

[ File : C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\9dgbgoc5.default\prefs.js ]

Line Deleted : user_pref("browser.startup.homepage", "hxxp://websearch.fastsearchings.info/?pid=969&r=2014/07/17&hid=3718690363786529967&lg=EN&cc=CZ&unqvl=56");

[ File : C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\sdckyap9.default-1405284649585\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.fastsearchings.info/?pid=969&r=2014/07/17&hid=3718690363786529967&lg=EN&cc=CZ&unqvl=56&l=1&q=");
Line Deleted : user_pref("browser.search.order.1", "WebSearch");
Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");
Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
Line Deleted : user_pref("extensions.2nEtj.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.n[...]
Line Deleted : user_pref("extensions.7NoY34E.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo[...]
Line Deleted : user_pref("extensions.A6Wx9aGz9C.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumor[...]
Line Deleted : user_pref("extensions.dFpC.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.ne[...]
Line Deleted : user_pref("keyword.URL", "hxxp://websearch.fastsearchings.info/?pid=969&r=2014/07/17&hid=3718690363786529967&lg=EN&cc=CZ&unqvl=56&l=1&q=");

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [4261 octets] - [06/12/2013 12:08:41]
AdwCleaner[R10].txt - [2989 octets] - [23/03/2014 18:33:58]
AdwCleaner[R11].txt - [2307 octets] - [02/04/2014 08:41:56]
AdwCleaner[R12].txt - [5285 octets] - [02/05/2014 12:57:56]
AdwCleaner[R13].txt - [2948 octets] - [18/05/2014 17:29:44]
AdwCleaner[R14].txt - [2620 octets] - [26/05/2014 11:43:25]
AdwCleaner[R15].txt - [3447 octets] - [11/07/2014 13:42:40]
AdwCleaner[R16].txt - [11975 octets] - [18/07/2014 11:30:57]
AdwCleaner[R1].txt - [2945 octets] - [07/02/2014 13:49:41]
AdwCleaner[R2].txt - [1369 octets] - [07/02/2014 21:36:37]
AdwCleaner[R3].txt - [2923 octets] - [08/02/2014 16:56:02]
AdwCleaner[R4].txt - [2983 octets] - [08/02/2014 16:59:37]
AdwCleaner[R5].txt - [3043 octets] - [09/02/2014 20:59:43]
AdwCleaner[R6].txt - [4099 octets] - [07/03/2014 13:53:17]
AdwCleaner[R7].txt - [1724 octets] - [07/03/2014 18:37:11]
AdwCleaner[R8].txt - [1899 octets] - [08/03/2014 23:31:47]
AdwCleaner[R9].txt - [2019 octets] - [10/03/2014 10:16:11]
AdwCleaner[S0].txt - [4136 octets] - [06/12/2013 12:29:19]
AdwCleaner[S10].txt - [4966 octets] - [02/05/2014 12:58:30]
AdwCleaner[S11].txt - [3026 octets] - [18/05/2014 17:31:00]
AdwCleaner[S12].txt - [2684 octets] - [26/05/2014 11:44:11]
AdwCleaner[S13].txt - [3525 octets] - [11/07/2014 13:44:09]
AdwCleaner[S14].txt - [10915 octets] - [18/07/2014 11:32:56]
AdwCleaner[S1].txt - [2912 octets] - [07/02/2014 13:52:35]
AdwCleaner[S2].txt - [1432 octets] - [07/02/2014 21:37:35]
AdwCleaner[S3].txt - [3144 octets] - [09/02/2014 22:00:51]
AdwCleaner[S4].txt - [4162 octets] - [07/03/2014 13:59:19]
AdwCleaner[S5].txt - [1785 octets] - [07/03/2014 18:38:44]
AdwCleaner[S6].txt - [1966 octets] - [08/03/2014 23:49:40]
AdwCleaner[S7].txt - [2086 octets] - [10/03/2014 10:18:45]
AdwCleaner[S8].txt - [3075 octets] - [23/03/2014 18:35:04]
AdwCleaner[S9].txt - [2377 octets] - [02/04/2014 08:43:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S14].txt - [11517 octets] ##########

#4 Příspěvek od **vyosek** » 18 črc 2014 15:42

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

tepan · #5 Příspěvek od **tepan** » 18 črc 2014 22:17

Zoek.exe v5.0.0.0 Updated 16-07-2014
Tool run by Tepan on p 18.07.2014 at 22:17:04,95.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Tepan\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

18.7.2014 22:40:08 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1029120089-3632672932-3177029402-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{570D52D9-1245-263F-C66E-0E31B1FE9110} deleted successfully
HKEY_USERS\S-1-5-21-1029120089-3632672932-3177029402-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{570D52D9-1245-263F-C66E-0E31B1FE9110} deleted successfully
HKEY_USERS\S-1-5-21-1029120089-3632672932-3177029402-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0B32322-F814-34C8-D4F9-A5018DF28908} deleted successfully
HKEY_USERS\S-1-5-21-1029120089-3632672932-3177029402-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D0B32322-F814-34C8-D4F9-A5018DF28908} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{570D52D9-1245-263F-C66E-0E31B1FE9110} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{570D52D9-1245-263F-C66E-0E31B1FE9110} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{570D52D9-1245-263F-C66E-0E31B1FE9110} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{570D52D9-1245-263F-C66E-0E31B1FE9110} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{570D52D9-1245-263F-C66E-0E31B1FE9110} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{570D52D9-1245-263F-C66E-0E31B1FE9110} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D0B32322-F814-34C8-D4F9-A5018DF28908} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D0B32322-F814-34C8-D4F9-A5018DF28908} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{D0B32322-F814-34C8-D4F9-A5018DF28908} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D0B32322-F814-34C8-D4F9-A5018DF28908} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0B32322-F814-34C8-D4F9-A5018DF28908} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0B32322-F814-34C8-D4F9-A5018DF28908} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdate deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdatem deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\9dgbgoc5.default\prefs.js:
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("keyword.URL", "");

Added to C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\9dgbgoc5.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\sdckyap9.default-1405284649585\prefs.js:
user_pref("browser.startup.homepage", "http://www.seznam.cz/");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");

Added to C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\sdckyap9.default-1405284649585\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\9dgbgoc5.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_18.07.2014_2257_.backup

ProfilePath: C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\sdckyap9.default-1405284649585

user.js not found
---- Lines extensions.2nEtj removed from prefs.js ----
user_pref("extensions.2nEtj.epoch", "1405745607");
user_pref("extensions.2nEtj.url", "http://webterminall.in/sync2/?q=hfZ9ofb ... jYEqdk9rTa
---- Lines extensions.7NoY34E removed from prefs.js ----
user_pref("extensions.7NoY34E.epoch", "1405745606");
user_pref("extensions.7NoY34E.url", "http://directwebfile.info/sync2/?q=hfZ9 ... qda6rjYEqd
---- Lines extensions.A6Wx9aGz9C removed from prefs.js ----
user_pref("extensions.A6Wx9aGz9C.epoch", "1405776082");
user_pref("extensions.A6Wx9aGz9C.url", "http://getjpiproxy.info/sync2/?q=hfZ9of ... 9rdCFpdwHr
---- Lines extensions.dFpC removed from prefs.js ----
user_pref("extensions.dFpC.epoch", "1405762538");
user_pref("extensions.dFpC.url", "http://jpi-syncer.info/sync2/?q=hfZ9ofD ... a4rHgGqch7
---- FireFox user.js and prefs.js backups ----

prefs_18.07.2014_2257_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted
C:\PROGRA~3\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} deleted
C:\Users\Tepan\AppData\LocalLow\{570D52D9-1245-263F-C66E-0E31B1FE9110} deleted
C:\Users\Tepan\AppData\LocalLow\{91D8A13F-99EF-13FB-482F-F2D951D08FD6} deleted
C:\Users\Tepan\AppData\LocalLow\{D0B32322-F814-34C8-D4F9-A5018DF28908} deleted
C:\Users\Tepan\AppData\LocalLow\{D58BFC1C-493E-22A8-2D7B-D3837EF25C8A} deleted
C:\Users\Tepan\AppData\Local\Packages\windows_ie_ac_001\AC\{570D52D9-1245-263F-C66E-0E31B1FE9110} deleted
C:\Users\Tepan\AppData\Local\Packages\windows_ie_ac_001\AC\{91D8A13F-99EF-13FB-482F-F2D951D08FD6} deleted
C:\Users\Tepan\AppData\Local\Packages\windows_ie_ac_001\AC\{D0B32322-F814-34C8-D4F9-A5018DF28908} deleted
C:\Users\Tepan\AppData\Local\Packages\windows_ie_ac_001\AC\{D58BFC1C-493E-22A8-2D7B-D3837EF25C8A} deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\pref.js deleted
C:\PROGRA~2\Probit Software deleted
C:\PROGRA~2\Free Download Manager deleted
C:\PROGRA~2\Internet Download Manager deleted
C:\found.000 deleted
C:\Users\Tepan\AppData\Roaming\Oxy deleted
C:\Users\Tepan\CD95F661A5C444F5A6AAECDD91C240DF.TMP deleted
C:\PROGRA~3\spds90.txt deleted
C:\PROGRA~3\AVG January 2013 Campaign deleted
C:\PROGRA~3\Free Download Manager deleted
C:\Users\Tepan\AppData\Local\BIT91A4.tmp deleted
C:\Users\Tepan\AppData\Local\globalUpdate deleted
C:\Users\Tepan\AppData\Local\cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager deleted
C:\Windows\Tasks\d8f74118-7758-4a73-8216-f3d5e66779f5-1.job deleted
C:\Windows\Tasks\d8f74118-7758-4a73-8216-f3d5e66779f5-10.job deleted
C:\Windows\Tasks\d8f74118-7758-4a73-8216-f3d5e66779f5-11.job deleted
C:\Windows\Tasks\d8f74118-7758-4a73-8216-f3d5e66779f5-2.job deleted
C:\Windows\Tasks\d8f74118-7758-4a73-8216-f3d5e66779f5-4.job deleted
C:\Windows\Tasks\d8f74118-7758-4a73-8216-f3d5e66779f5-5.job deleted
C:\Users\Tepan\Searches deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\Reimage.ini deleted
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job deleted
C:\windows\SysNative\tasks\CPU Grid Computing deleted
C:\windows\SysNative\tasks\GPU Grid Computing deleted
C:\windows\SysNative\tasks\Grid Computing Updater deleted
C:\Windows\SysWOW64\dfrg deleted
C:\Users\Tepan\AppData\Local\MSGBOX.EXE deleted
C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\sdckyap9.default-1405284649585\extensions\sz34qmblqe@w-aii.edu deleted
"C:\Windows\Installer\12c326f.msi" deleted
"C:\Users\Tepan\AppData\Local\{49DF5F0C-4C46-4C59-8F3B-0243C8AEBD26}" deleted
"C:\PROGRA~3\d109c10690b61419\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.20140717051323" deleted
"C:\PROGRA~3\d109c10690b61419\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}.20140717051335" deleted
"C:\PROGRA~3\d109c10690b61419\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}.20140717054021" deleted
"C:\PROGRA~3\d109c10690b61419\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}.20140717051225" deleted
"C:\PROGRA~3\d109c10690b61419\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}.20140717051308" deleted
"C:\PROGRA~3\d109c10690b61419\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}.20140717053658" deleted
"C:\PROGRA~3\d109c10690b61419\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}.20140717053846" deleted
"C:\PROGRA~2\globalUpdate\Update\GoogleUpdate.exe" deleted
"C:\PROGRA~2\globalUpdate\Update\1.3.25.0\goopdate.dll" deleted
"C:\Users\Tepan\AppData\Local\Oxy\Application\bin\cygwin1.dll" deleted
"C:\Users\Tepan\AppData\Local\Oxy\Application\bin\oxy-downloader.exe" deleted
"C:\PROGRA~3\d109c10690b61419" deleted
"C:\Users\Tepan\AppData\Roaming\DMCache" deleted
"C:\PROGRA~2\globalUpdate" not deleted
"C:\Users\Tepan\AppData\Local\Oxy" deleted
"C:\PROGRA~2\globalUpdate\Update" not deleted
"C:\PROGRA~2\globalUpdate\Update\1.3.25.0" not deleted
"C:\Users\Tepan\AppData\Local\Oxy\Application" deleted
"C:\Users\Tepan\AppData\Local\Oxy\Application\bin" deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\sdckyap9.default-1405284649585
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\sdckyap9.default-1405284649585
4390CCD3790F8D9C427C0C29590C62D7 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
pcjomiiegbeghfgcghkohnccohjcknoo - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
lelcohngbjgpiibagnfmncojacafbbpg - No path found[]

MySearch - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\daobjndlhmfkdlchnfbdjjdldacomjha
piricechopp - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\elmilbmkonehdembhcgbbaokbmkfmfic
uSelect iDownload - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ileabdhfjmgaognikmjgmhhkjffggejc
pruicechop - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nnfldjjgdbhfomcnokkgehbecnpghmec
MySearch - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\daobjndlhmfkdlchnfbdjjdldacomjha
uSelect iDownload - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ileabdhfjmgaognikmjgmhhkjffggejc
MySearch - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\daobjndlhmfkdlchnfbdjjdldacomjha
piricechopp - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\elmilbmkonehdembhcgbbaokbmkfmfic
uSelect iDownload - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ileabdhfjmgaognikmjgmhhkjffggejc
pruicechop - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nnfldjjgdbhfomcnokkgehbecnpghmec
MySearch - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\daobjndlhmfkdlchnfbdjjdldacomjha
piricechopp - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\elmilbmkonehdembhcgbbaokbmkfmfic
uSelect iDownload - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ileabdhfjmgaognikmjgmhhkjffggejc
pruicechop - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nnfldjjgdbhfomcnokkgehbecnpghmec
MySearch - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\daobjndlhmfkdlchnfbdjjdldacomjha
uSelect iDownload - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ileabdhfjmgaognikmjgmhhkjffggejc
MySearch - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\daobjndlhmfkdlchnfbdjjdldacomjha
piricechopp - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\elmilbmkonehdembhcgbbaokbmkfmfic
uSelect iDownload - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ileabdhfjmgaognikmjgmhhkjffggejc
pruicechop - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nnfldjjgdbhfomcnokkgehbecnpghmec
MySearch - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\daobjndlhmfkdlchnfbdjjdldacomjha
piricechopp - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\elmilbmkonehdembhcgbbaokbmkfmfic
uSelect iDownload - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ileabdhfjmgaognikmjgmhhkjffggejc
pruicechop - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nnfldjjgdbhfomcnokkgehbecnpghmec
MySearch - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\daobjndlhmfkdlchnfbdjjdldacomjha
uSelect iDownload - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ileabdhfjmgaognikmjgmhhkjffggejc
MySearch - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\daobjndlhmfkdlchnfbdjjdldacomjha
piricechopp - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\elmilbmkonehdembhcgbbaokbmkfmfic
uSelect iDownload - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ileabdhfjmgaognikmjgmhhkjffggejc
pruicechop - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nnfldjjgdbhfomcnokkgehbecnpghmec
AdBlock - Tepan\AppData\Local\Chromium\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
FreeHDSport TV - Tepan\AppData\Local\Chromium\User Data\Default\Extensions\kkfggacklibaabdomphfdpcodjgihgon
Skype for Chromium - Tepan\AppData\Local\Chromium\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
MySearch - Tepan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\daobjndlhmfkdlchnfbdjjdldacomjha
piricechopp - Tepan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\elmilbmkonehdembhcgbbaokbmkfmfic
uSelect iDownload - Tepan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ileabdhfjmgaognikmjgmhhkjffggejc
pruicechop - Tepan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nnfldjjgdbhfomcnokkgehbecnpghmec
MySearch - Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\daobjndlhmfkdlchnfbdjjdldacomjha
uSelect iDownload - Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ileabdhfjmgaognikmjgmhhkjffggejc
MySearch - Tepan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\daobjndlhmfkdlchnfbdjjdldacomjha
piricechopp - Tepan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\elmilbmkonehdembhcgbbaokbmkfmfic
uSelect iDownload - Tepan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ileabdhfjmgaognikmjgmhhkjffggejc
pruicechop - Tepan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nnfldjjgdbhfomcnokkgehbecnpghmec

==== Chrome Fix ======================

C:\Users\Tepan\AppData\Local\Chromium\User Data\Default\Extensions\kkfggacklibaabdomphfdpcodjgihgon deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\daobjndlhmfkdlchnfbdjjdldacomjha deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\daobjndlhmfkdlchnfbdjjdldacomjha deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\daobjndlhmfkdlchnfbdjjdldacomjha deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\daobjndlhmfkdlchnfbdjjdldacomjha deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\daobjndlhmfkdlchnfbdjjdldacomjha deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\daobjndlhmfkdlchnfbdjjdldacomjha deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\daobjndlhmfkdlchnfbdjjdldacomjha deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\daobjndlhmfkdlchnfbdjjdldacomjha deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\daobjndlhmfkdlchnfbdjjdldacomjha deleted successfully
C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\daobjndlhmfkdlchnfbdjjdldacomjha deleted successfully
C:\Users\Tepan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\daobjndlhmfkdlchnfbdjjdldacomjha deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\elmilbmkonehdembhcgbbaokbmkfmfic deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\elmilbmkonehdembhcgbbaokbmkfmfic deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\elmilbmkonehdembhcgbbaokbmkfmfic deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\elmilbmkonehdembhcgbbaokbmkfmfic deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\elmilbmkonehdembhcgbbaokbmkfmfic deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\elmilbmkonehdembhcgbbaokbmkfmfic deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\elmilbmkonehdembhcgbbaokbmkfmfic deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\elmilbmkonehdembhcgbbaokbmkfmfic deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\elmilbmkonehdembhcgbbaokbmkfmfic deleted successfully
C:\Users\Tepan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\elmilbmkonehdembhcgbbaokbmkfmfic deleted successfully
C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\elmilbmkonehdembhcgbbaokbmkfmfic deleted successfully
C:\Users\Tepan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\elmilbmkonehdembhcgbbaokbmkfmfic deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ileabdhfjmgaognikmjgmhhkjffggejc deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ileabdhfjmgaognikmjgmhhkjffggejc deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ileabdhfjmgaognikmjgmhhkjffggejc deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ileabdhfjmgaognikmjgmhhkjffggejc deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ileabdhfjmgaognikmjgmhhkjffggejc deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ileabdhfjmgaognikmjgmhhkjffggejc deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ileabdhfjmgaognikmjgmhhkjffggejc deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ileabdhfjmgaognikmjgmhhkjffggejc deleted successfully
C:\Users\Tepan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ileabdhfjmgaognikmjgmhhkjffggejc deleted successfully
C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ileabdhfjmgaognikmjgmhhkjffggejc deleted successfully
C:\Users\Tepan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ileabdhfjmgaognikmjgmhhkjffggejc deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nnfldjjgdbhfomcnokkgehbecnpghmec deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnfldjjgdbhfomcnokkgehbecnpghmec deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nnfldjjgdbhfomcnokkgehbecnpghmec deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nnfldjjgdbhfomcnokkgehbecnpghmec deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnfldjjgdbhfomcnokkgehbecnpghmec deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nnfldjjgdbhfomcnokkgehbecnpghmec deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nnfldjjgdbhfomcnokkgehbecnpghmec deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnfldjjgdbhfomcnokkgehbecnpghmec deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nnfldjjgdbhfomcnokkgehbecnpghmec deleted successfully
C:\Users\Tepan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nnfldjjgdbhfomcnokkgehbecnpghmec deleted successfully
C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnfldjjgdbhfomcnokkgehbecnpghmec deleted successfully
C:\Users\Tepan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nnfldjjgdbhfomcnokkgehbecnpghmec deleted successfully
C:\Users\Tepan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\daobjndlhmfkdlchnfbdjjdldacomjha deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ileabdhfjmgaognikmjgmhhkjffggejc deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.bing.com/search?q={searchTer ... DF&PC=AV01"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.bing.com/search?q={searchTer ... DF&PC=AV01"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.bing.com/search?q={searchTer ... DF&PC=AV01"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE11SR"
{571C39B2-9A29-4CD2-AEC2-16080D27FC11} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_12454"
{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} Microsoft (Bing) Url="http://www.bing.com/search?q={searchTer ... DF&PC=AV01"
{6EA8DE15-6FD1-4153-943A-9FB62C9B7502} Google Url="http://www.google.com/search?q={searchT ... utEncoding?}"
{86EAA69F-40B1-41DD-BE17-071BD7007B13} Firmy.cz Url="http://www.firmy.cz/phr/{searchTerms}?s ... arch_12454"
{B56E4805-7DB2-4C57-92ED-46422E39B760} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_12454"
{BC19EC76-206B-4A9A-911C-1CF0DFA500F7} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_12454"
{D7EF919B-153E-41DF-8990-28886A462074} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454"
{EA30FEDD-ED27-4392-B51D-BA331F1DE906} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_12454"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1029120089-3632672932-3177029402-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
HKEY_USERS\S-1-5-21-1029120089-3632672932-3177029402-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pcjomiiegbeghfgcghkohnccohjcknoo deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\lelcohngbjgpiibagnfmncojacafbbpg deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Free Download Manager_is1 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Tepan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Tepan\AppData\Local\Mozilla\Firefox\Profiles\sdckyap9.default-1405284649585\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Tepan\AppData\Local\Chromium\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=861 folders=223 72183618 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Tepan\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Tepan\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~2\globalUpdate" not found
"C:\Users\Tepan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\daobjndlhmfkdlchnfbdjjdldacomjha" not found
"C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ileabdhfjmgaognikmjgmhhkjffggejc" not found

==== EOF on p 18.07.2014 at 23:13:17,30 ======================

tepan · #6 Příspěvek od **tepan** » 18 črc 2014 23:29

i po několika čištění různými programy, jsem stále zuřil,že se firefox stále spouští po cca 14sec. A až teď jsem čirou náhodou přišel na to čím to bylo.Ve správci doplňků ve Firefoxu jsem zakázal "Seznam lištička" a prohlížeč nabíhá ,jak má.Nicméně log mi prosím zkontrolujte,pokud tam nic není,můžete téma uzavřít.Děkuji.

#7 Příspěvek od **vyosek** » 19 črc 2014 06:20

Poprosim jeste o FRST http://forum.viry.cz/viewtopic.php?f=30&t=133101

tepan · #8 Příspěvek od **tepan** » 19 črc 2014 11:46

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01
Ran by Tepan (administrator) on TEPAN-PC on 19-07-2014 12:23:57
Running from C:\Users\Tepan\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Enigma Software Group USA, LLC.) C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
() C:\Program Files (x86)\Peerinator\peerinator.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(forum.viry.cz) C:\Users\Tepan\Desktop\FRSTLauncher.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12856936 2011-09-09] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5181456 2014-05-13] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DelReg] => C:\Program Files (x86)\MSI\DualCoreCenter\DelReg.exe [196608 2008-05-13] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\...\Run: [uTorrent] => C:\Users\Tepan\AppData\Roaming\uTorrent\uTorrent.exe [1322832 2014-07-04] (BitTorrent Inc.)
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.199\jsdrv.exe
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\...\MountPoints2: {b1f4c1dc-5803-11e3-9023-d43d7e500c5b} - G:\AutoRun.exe
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\...\MountPoints2: {b1f4c1e7-5803-11e3-9023-d43d7e500c5b} - G:\AutoRun.exe
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\...\MountPoints2: {b1f4c1fd-5803-11e3-9023-d43d7e500c5b} - G:\AutoRun.exe
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
StartMenuInternet: IEXPLORE.EXE - c:\program files (x86)\internet explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKCU - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {571C39B2-9A29-4CD2-AEC2-16080D27FC11} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKCU - {86EAA69F-40B1-41DD-BE17-071BD7007B13} URL = http://www.firmy.cz/phr/{searchTerms}?s ... arch_12454
SearchScopes: HKCU - {B56E4805-7DB2-4C57-92ED-46422E39B760} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKCU - {BC19EC76-206B-4A9A-911C-1CF0DFA500F7} URL = http://encyklopedie.seznam.cz/search?q= ... arch_12454
SearchScopes: HKCU - {D7EF919B-153E-41DF-8990-28886A462074} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
SearchScopes: HKCU - {EA30FEDD-ED27-4392-B51D-BA331F1DE906} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12454
BHO: Shop_an_Upi_1.6 -> {11111111-1111-1111-1111-110411281122} -> C:\Program Files (x86)\Shop_an_Upi_1.6\Shop_an_Upi_1.6-bho64.dll No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36

FireFox:
========
FF ProfilePath: C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\sdckyap9.default-1405284649585
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz/
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Seznam lištička - C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\sdckyap9.default-1405284649585\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-07-13]
FF Extension: Adblock Plus - C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\sdckyap9.default-1405284649585\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-16]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S4 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3644432 2014-05-13] (AVG Technologies CZ, s.r.o.)
S4 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [292424 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-02-18] (Nero AG)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 Peerinator; C:\Program Files (x86)\Peerinator\Peerinator.exe [53248 2014-01-20] () [File not signed]
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-04-15] ()
R2 SpyHunter 4 Service; C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe [770432 2013-06-27] (Enigma Software Group USA, LLC.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-19] (TuneUp Software)
S2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [X]

==================== Drivers (Whitelisted) ====================

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [236312 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [191768 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [323352 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130328 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [273176 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [49952 2014-04-20] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-09] (Disc Soft Ltd)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-09-17] (EnTech Taiwan)
S3 esgiguard; C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()
S3 EsgScanner; C:\Windows\SysWOW64\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc.)
S3 NTIOLib_1_0_6; C:\Program Files (x86)\Setup Files\Ms7529v470\NTIOLib_X64.sys [11888 2011-01-06] (MSI) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-02-07] (Duplex Secure Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software)
S3 cpuz130; \??\C:\Users\Tepan\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
S3 cpuz134; \??\C:\Users\Tepan\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 cpuz135; \??\C:\Users\Tepan\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 FLASHSYS; \??\C:\Program Files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
S2 SPDRIVER_1.37.0.199; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.199\jsdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-07-19 12:23 - 2014-07-19 12:24 - 00014986 _____ () C:\Users\Tepan\Desktop\FRST.txt
2014-07-19 11:51 - 2014-07-19 12:24 - 00000000 ____D () C:\FRST
2014-07-19 11:18 - 2014-07-19 11:21 - 00001770 _____ () C:\Users\Public\Desktop\Cool Hand Poker.lnk
2014-07-19 11:12 - 2014-07-19 11:13 - 00001763 _____ () C:\Users\Public\Desktop\Betsson Poker by Microgaming.lnk
2014-07-19 11:07 - 2014-07-19 11:07 - 00112640 _____ (forum.viry.cz) C:\Users\Tepan\Desktop\FRSTLauncher.exe
2014-07-19 11:06 - 2014-07-19 11:06 - 02086912 _____ (Farbar) C:\Users\Tepan\Desktop\FRST64.exe
2014-07-19 10:55 - 2014-07-19 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker
2014-07-19 03:45 - 2014-07-19 03:46 - 00001755 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\32Red Poker Room.lnk
2014-07-19 03:45 - 2014-07-19 03:46 - 00001749 _____ () C:\Users\Public\Desktop\32Red Poker Room.lnk
2014-07-18 23:44 - 2014-07-18 23:44 - 00000000 ____D () C:\Users\Tepan\AppData\Local\cache
2014-07-18 23:07 - 2014-07-18 22:16 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-18 22:39 - 2014-07-18 23:13 - 00031966 _____ () C:\zoek-results.log
2014-07-18 22:16 - 2014-07-18 23:02 - 00000000 ____D () C:\zoek_backup
2014-07-18 22:14 - 2014-07-18 22:14 - 01287168 _____ () C:\Users\Tepan\Desktop\zoek.exe
2014-07-18 18:51 - 2014-07-18 18:51 - 00002248 _____ () C:\Users\Tepan\Desktop\SpyHunter.lnk
2014-07-18 18:51 - 2014-07-18 18:51 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-07-18 18:51 - 2014-07-18 18:51 - 00000000 ____D () C:\sh4ldr
2014-07-18 18:50 - 2014-07-18 18:51 - 00000000 ____D () C:\Windows\027B5748C40941FE949B7B81A8304EF4.TMP
2014-07-18 18:12 - 2014-07-18 18:12 - 00000000 ____D () C:\ProgramData\QuteClient
2014-07-18 18:12 - 2014-07-18 18:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peerinator
2014-07-18 18:12 - 2014-07-18 18:12 - 00000000 ____D () C:\Program Files (x86)\Peerinator
2014-07-18 18:11 - 2014-07-18 18:11 - 01131107 _____ () C:\Users\Tepan\Downloads\SevenZip-setup-on.exe
2014-07-18 18:09 - 2014-07-18 18:13 - 00000987 _____ () C:\Users\Tepan\Desktop\SevenZip.lnk
2014-07-18 18:09 - 2014-07-18 18:09 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SevenZip 9.20
2014-07-18 18:09 - 2014-07-18 18:09 - 00000000 ____D () C:\Program Files (x86)\SevenZip
2014-07-18 17:50 - 2014-07-18 17:50 - 00000000 ____D () C:\S
2014-07-18 17:10 - 2014-07-18 17:10 - 00000420 _____ () C:\Windows\Tasks\RunAsStdUser Task.job
2014-07-18 17:05 - 2014-07-18 17:05 - 00000310 ____H () C:\Windows\Tasks\Oxy.job
2014-07-18 17:02 - 2014-07-18 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-18 17:02 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-18 17:02 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-18 17:02 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-18 17:02 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-18 17:01 - 2014-07-18 17:02 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-18 16:39 - 2014-07-18 17:06 - 00000000 ____D () C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2014-07-18 16:39 - 2014-07-18 16:39 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2014-07-18 15:33 - 2014-07-18 16:44 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-07-18 15:33 - 2014-07-18 15:33 - 00000000 _____ () C:\autoexec.bat
2014-07-18 10:24 - 2014-07-18 10:24 - 01354223 _____ () C:\Users\Tepan\Desktop\adwcleaner_3.216.exe
2014-07-17 05:39 - 2014-07-17 05:39 - 00000000 ____D () C:\Windows\SysWOW64\X86
2014-07-17 05:39 - 2014-07-17 05:39 - 00000000 ____D () C:\Windows\SysWOW64\AMD64
2014-07-17 05:35 - 2014-07-18 16:37 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-17 05:19 - 2014-07-18 23:12 - 00707826 _____ () C:\Windows\PFRO.log
2014-07-17 05:13 - 2014-07-17 05:13 - 00000000 ____D () C:\Users\Tepan\AppData\Local\Packages
2014-07-17 05:12 - 2014-07-17 05:38 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Tepan\AppData\Local\Comodo
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Guest
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Administrator
2014-07-17 05:10 - 2014-07-18 10:45 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_313137363632353534382d50552d6c455a37575a417834.job
2014-07-17 05:10 - 2014-07-17 05:10 - 00000344 _____ () C:\Windows\Tasks\ReimageUpdater.job
2014-07-17 05:10 - 2014-07-17 05:10 - 00000000 ____D () C:\ProgramData\Reimage Protector
2014-07-17 05:10 - 2014-07-17 05:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Express
2014-07-17 05:10 - 2014-07-17 05:10 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-07-17 05:09 - 2014-07-17 05:10 - 00000000 ____D () C:\ProgramData\Reimage Express
2014-07-17 05:09 - 2014-07-17 05:09 - 00000000 ____D () C:\Users\Tepan\AppData\Local\CrashRpt
2014-07-17 04:18 - 2014-07-19 10:44 - 00000336 _____ () C:\Windows\setupact.log
2014-07-17 04:18 - 2014-07-17 04:18 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-14 07:51 - 2014-07-14 07:51 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\888poker
2014-07-13 22:50 - 2014-07-13 22:50 - 00000000 ____D () C:\Users\Tepan\Desktop\Původní data aplikace Firefox
2014-07-13 13:56 - 2014-07-13 13:56 - 00000000 ____D () C:\Users\Tepan\.swt
2014-07-13 13:55 - 2014-07-13 13:57 - 00000000 ____D () C:\Users\Tepan\P5JavaClientSettings
2014-07-13 13:55 - 2014-07-13 13:56 - 00000000 ____D () C:\Redbet
2014-07-13 13:55 - 2014-07-13 13:55 - 00001427 _____ () C:\Users\Public\Desktop\Redbet.lnk
2014-07-13 13:55 - 2014-07-13 13:55 - 00000000 ____D () C:\Users\Tepan\AppData\Local\P5
2014-07-13 13:55 - 2014-07-13 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Redbet Poker
2014-07-13 12:47 - 2014-07-19 11:21 - 00001776 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Cool Hand Poker.lnk
2014-07-13 12:47 - 2014-07-13 12:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cool Hand Poker
2014-07-12 12:10 - 2014-07-12 12:10 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-07-12 12:10 - 2014-07-12 12:10 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-07-12 12:10 - 2014-07-12 12:10 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-07-12 12:10 - 2014-07-12 12:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-07-11 21:38 - 2014-07-11 21:57 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\QuickScan
2014-07-11 14:21 - 2014-07-11 14:21 - 00001736 _____ () C:\Tepan.txt
2014-07-09 10:59 - 2014-07-09 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\32Red Poker Room
2014-07-09 06:00 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 06:00 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 06:00 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 06:00 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 06:00 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 06:00 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 06:00 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 06:00 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 06:00 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 06:00 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 06:00 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 06:00 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 06:00 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 06:00 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 06:00 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 06:00 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 06:00 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 06:00 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 06:00 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 06:00 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 06:00 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 06:00 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 06:00 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 06:00 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 06:00 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 06:00 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 06:00 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 06:00 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 06:00 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 06:00 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 06:00 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 06:00 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 06:00 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 06:00 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 06:00 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 06:00 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 06:00 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 06:00 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 06:00 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 06:00 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 06:00 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 06:00 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 06:00 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 06:00 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 06:00 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 06:00 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 06:00 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 06:00 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 06:00 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 06:00 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 06:00 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 06:00 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 06:00 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 06:00 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 06:00 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 06:00 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 06:00 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 06:00 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 06:00 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 06:00 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 06:00 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 06:00 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 05:59 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 05:59 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 05:59 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-08 15:39 - 2014-07-08 15:40 - 00001797 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Poker Heaven by Microgaming.lnk
2014-07-08 15:39 - 2014-07-08 15:40 - 00001791 _____ () C:\Users\Public\Desktop\Poker Heaven by Microgaming.lnk
2014-07-08 15:39 - 2014-07-08 15:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Poker Heaven by Microgaming
2014-07-07 23:00 - 2014-07-19 11:25 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Microgaming
2014-07-07 22:59 - 2014-07-07 22:59 - 00000799 _____ () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Betfair.com Poker.lnk
2014-07-07 22:59 - 2014-07-07 22:59 - 00000769 _____ () C:\Users\Tepan\Desktop\Betfair.com Poker.lnk
2014-07-07 22:58 - 2014-07-19 11:13 - 00001769 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Betsson Poker by Microgaming.lnk
2014-07-07 22:58 - 2014-07-07 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Betsson Poker by Microgaming
2014-07-07 22:58 - 2014-07-07 22:58 - 00000000 ____D () C:\ProgramData\MGS
2014-07-07 22:58 - 2014-07-07 22:58 - 00000000 ____D () C:\Microgaming
2014-07-06 07:03 - 2014-07-19 10:55 - 00000026 _____ () C:\Windows\DEIZCWU.TXT
2014-07-04 10:07 - 2014-07-04 10:07 - 00000000 ____D () C:\Users\Tepan\Documents\PKR
2014-07-04 09:38 - 2014-07-07 21:01 - 00000000 ____D () C:\Program Files (x86)\PKR
2014-07-04 09:38 - 2014-07-04 09:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PKR
2014-07-04 09:38 - 2014-07-04 09:38 - 00000899 _____ () C:\Users\Public\Desktop\Play PKR.lnk
2014-07-03 23:58 - 2014-07-03 23:58 - 00000753 _____ () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Coral Poker.lnk
2014-07-03 23:58 - 2014-07-03 23:58 - 00000723 _____ () C:\Users\Tepan\Desktop\Coral Poker.lnk
2014-07-03 23:31 - 2014-07-19 11:08 - 00000000 ____D () C:\Users\Tepan\AppData\Local\Titan Poker
2014-07-03 23:31 - 2014-07-06 17:03 - 00001796 _____ () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Titan Poker.lnk
2014-07-03 23:31 - 2014-07-06 17:03 - 00001794 _____ () C:\Users\Tepan\Desktop\Titan Poker.lnk
2014-07-03 17:20 - 2014-07-03 17:20 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-07-03 17:20 - 2014-07-03 17:20 - 00000000 ____D () C:\Users\Tepan\AppData\Local\Skype
2014-07-03 17:20 - 2014-07-03 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-07-03 12:07 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-07-03 12:07 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-06-30 20:29 - 2014-06-30 20:29 - 00000781 _____ () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ladbrokes Poker.lnk
2014-06-30 20:29 - 2014-06-30 20:29 - 00000751 _____ () C:\Users\Tepan\Desktop\Ladbrokes Poker.lnk
2014-06-24 09:30 - 2014-06-24 09:30 - 00000240 _____ () C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job
2014-06-23 01:49 - 2014-06-23 01:49 - 00001318 _____ () C:\Users\Tepan\Desktop\AssassinsCreedBrotherhood – zástupce.lnk
2014-06-22 21:49 - 2014-06-22 21:49 - 00000000 ____D () C:\ProgramData\Ubisoft
2014-06-22 17:51 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-06-22 17:51 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-06-22 17:51 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-06-22 17:51 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-06-22 17:51 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-06-22 17:51 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-06-22 17:51 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-06-22 17:51 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-06-22 17:51 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-06-22 17:51 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-06-22 17:51 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-06-22 17:51 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-06-22 17:51 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-06-22 17:51 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-06-22 17:51 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-06-22 17:51 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-06-22 17:50 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-06-22 17:50 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-06-22 17:50 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-06-22 17:50 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-06-22 17:50 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-06-22 17:50 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-06-22 17:50 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-06-22 17:50 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-06-22 17:50 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-06-22 17:50 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-06-22 17:50 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-06-22 17:50 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-06-22 17:50 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-06-22 17:50 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-06-22 17:50 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-06-22 17:50 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-06-22 17:50 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-06-22 17:50 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-06-22 17:50 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-06-22 17:50 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-06-22 17:50 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-06-22 17:50 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-06-22 17:50 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-06-22 17:50 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-06-22 17:50 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-06-22 17:50 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-06-22 17:50 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-06-22 17:50 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-06-22 17:50 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-06-22 17:50 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-06-22 17:50 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-06-22 17:43 - 2014-06-22 17:43 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-06-22 17:40 - 2014-06-22 17:40 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Oracle
2014-06-22 17:30 - 2014-06-22 17:31 - 00004505 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-22 11:59 - 2014-07-13 22:52 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-22 11:59 - 2014-06-22 11:59 - 00000877 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-06-22 11:59 - 2014-06-22 11:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

==================== One Month Modified Files and Folders =======

2014-07-19 12:24 - 2014-07-19 12:23 - 00014986 _____ () C:\Users\Tepan\Desktop\FRST.txt
2014-07-19 12:24 - 2014-07-19 11:51 - 00000000 ____D () C:\FRST
2014-07-19 11:25 - 2014-07-07 23:00 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Microgaming
2014-07-19 11:21 - 2014-07-19 11:18 - 00001770 _____ () C:\Users\Public\Desktop\Cool Hand Poker.lnk
2014-07-19 11:21 - 2014-07-13 12:47 - 00001776 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Cool Hand Poker.lnk
2014-07-19 11:13 - 2014-07-19 11:12 - 00001763 _____ () C:\Users\Public\Desktop\Betsson Poker by Microgaming.lnk
2014-07-19 11:13 - 2014-07-07 22:58 - 00001769 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Betsson Poker by Microgaming.lnk
2014-07-19 11:08 - 2014-07-03 23:31 - 00000000 ____D () C:\Users\Tepan\AppData\Local\Titan Poker
2014-07-19 11:07 - 2014-07-19 11:07 - 00112640 _____ (forum.viry.cz) C:\Users\Tepan\Desktop\FRSTLauncher.exe
2014-07-19 11:06 - 2014-07-19 11:06 - 02086912 _____ (Farbar) C:\Users\Tepan\Desktop\FRST64.exe
2014-07-19 10:55 - 2014-07-19 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker
2014-07-19 10:55 - 2014-07-06 07:03 - 00000026 _____ () C:\Windows\DEIZCWU.TXT
2014-07-19 10:55 - 2014-01-26 15:55 - 00001537 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\partypoker.lnk
2014-07-19 10:55 - 2014-01-26 15:55 - 00001531 _____ () C:\Users\Tepan\Desktop\partypoker.lnk
2014-07-19 10:55 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-19 10:52 - 2013-01-16 14:36 - 01721384 _____ () C:\Windows\WindowsUpdate.log
2014-07-19 10:44 - 2014-07-17 04:18 - 00000336 _____ () C:\Windows\setupact.log
2014-07-19 04:08 - 2013-12-07 16:30 - 00000000 ____D () C:\Users\Tepan\AppData\Local\FullTiltPoker
2014-07-19 04:08 - 2013-12-07 16:30 - 00000000 ____D () C:\Program Files (x86)\Full Tilt Poker
2014-07-19 03:52 - 2013-06-30 12:18 - 00000000 ____D () C:\Users\Tepan\AppData\Local\PokerStars
2014-07-19 03:46 - 2014-07-19 03:45 - 00001755 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\32Red Poker Room.lnk
2014-07-19 03:46 - 2014-07-19 03:45 - 00001749 _____ () C:\Users\Public\Desktop\32Red Poker Room.lnk
2014-07-19 03:35 - 2014-01-26 11:59 - 00000000 ____D () C:\Users\Tepan\Documents\888poker
2014-07-19 00:04 - 2014-02-07 14:23 - 00000000 ____D () C:\Users\Tepan\AppData\Local\AuxClient
2014-07-18 23:44 - 2014-07-18 23:44 - 00000000 ____D () C:\Users\Tepan\AppData\Local\cache
2014-07-18 23:20 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-18 23:20 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-18 23:18 - 2009-07-14 17:18 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2014-07-18 23:18 - 2009-07-14 17:18 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2014-07-18 23:18 - 2009-07-14 07:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-18 23:14 - 2013-01-16 17:21 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\uTorrent
2014-07-18 23:13 - 2014-07-18 22:39 - 00031966 _____ () C:\zoek-results.log
2014-07-18 23:12 - 2014-07-17 05:19 - 00707826 _____ () C:\Windows\PFRO.log
2014-07-18 23:02 - 2014-07-18 22:16 - 00000000 ____D () C:\zoek_backup
2014-07-18 22:58 - 2013-01-16 14:48 - 00000000 ____D () C:\Users\Tepan
2014-07-18 22:16 - 2014-07-18 23:07 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-18 22:14 - 2014-07-18 22:14 - 01287168 _____ () C:\Users\Tepan\Desktop\zoek.exe
2014-07-18 18:51 - 2014-07-18 18:51 - 00002248 _____ () C:\Users\Tepan\Desktop\SpyHunter.lnk
2014-07-18 18:51 - 2014-07-18 18:51 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-07-18 18:51 - 2014-07-18 18:51 - 00000000 ____D () C:\sh4ldr
2014-07-18 18:51 - 2014-07-18 18:50 - 00000000 ____D () C:\Windows\027B5748C40941FE949B7B81A8304EF4.TMP
2014-07-18 18:44 - 2013-01-16 20:32 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\vlc
2014-07-18 18:13 - 2014-07-18 18:09 - 00000987 _____ () C:\Users\Tepan\Desktop\SevenZip.lnk
2014-07-18 18:12 - 2014-07-18 18:12 - 00000000 ____D () C:\ProgramData\QuteClient
2014-07-18 18:12 - 2014-07-18 18:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peerinator
2014-07-18 18:12 - 2014-07-18 18:12 - 00000000 ____D () C:\Program Files (x86)\Peerinator
2014-07-18 18:11 - 2014-07-18 18:11 - 01131107 _____ () C:\Users\Tepan\Downloads\SevenZip-setup-on.exe
2014-07-18 18:09 - 2014-07-18 18:09 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SevenZip 9.20
2014-07-18 18:09 - 2014-07-18 18:09 - 00000000 ____D () C:\Program Files (x86)\SevenZip
2014-07-18 17:50 - 2014-07-18 17:50 - 00000000 ____D () C:\S
2014-07-18 17:14 - 2013-01-31 23:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-18 17:10 - 2014-07-18 17:10 - 00000420 _____ () C:\Windows\Tasks\RunAsStdUser Task.job
2014-07-18 17:06 - 2014-07-18 16:39 - 00000000 ____D () C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2014-07-18 17:05 - 2014-07-18 17:05 - 00000310 ____H () C:\Windows\Tasks\Oxy.job
2014-07-18 17:02 - 2014-07-18 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-18 17:02 - 2014-07-18 17:01 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-18 17:02 - 2014-01-20 17:55 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-18 17:02 - 2013-06-25 01:23 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-18 16:44 - 2014-07-18 15:33 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-07-18 16:39 - 2014-07-18 16:39 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2014-07-18 16:37 - 2014-07-17 05:35 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-18 15:33 - 2014-07-18 15:33 - 00000000 _____ () C:\autoexec.bat
2014-07-18 11:51 - 2013-01-16 15:40 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-18 11:51 - 2013-01-16 15:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-18 11:51 - 2013-01-16 15:40 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-18 11:33 - 2013-12-06 12:08 - 00000000 ____D () C:\AdwCleaner
2014-07-18 10:45 - 2014-07-17 05:10 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_313137363632353534382d50552d6c455a37575a417834.job
2014-07-18 10:24 - 2014-07-18 10:24 - 01354223 _____ () C:\Users\Tepan\Desktop\adwcleaner_3.216.exe
2014-07-17 14:27 - 2013-06-09 20:19 - 00000000 ____D () C:\Program Files\trend micro
2014-07-17 12:04 - 2009-07-14 06:45 - 00419800 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-17 11:06 - 2013-08-25 21:43 - 00000000 ____D () C:\ProgramData\TEMP
2014-07-17 11:00 - 2013-01-16 17:22 - 00110776 _____ () C:\Users\Tepan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-17 05:39 - 2014-07-17 05:39 - 00000000 ____D () C:\Windows\SysWOW64\X86
2014-07-17 05:39 - 2014-07-17 05:39 - 00000000 ____D () C:\Windows\SysWOW64\AMD64
2014-07-17 05:38 - 2014-07-17 05:12 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-07-17 05:19 - 2013-12-08 15:23 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-17 05:17 - 2014-05-17 15:36 - 00000000 ____D () C:\Temp
2014-07-17 05:13 - 2014-07-17 05:13 - 00000000 ____D () C:\Users\Tepan\AppData\Local\Packages
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Tepan\AppData\Local\Comodo
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Guest
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Administrator
2014-07-17 05:12 - 2014-02-25 12:58 - 00000000 ____D () C:\Users\Tepan\AppData\Local\CrashDumps
2014-07-17 05:12 - 2013-02-01 00:56 - 00000000 ____D () C:\Users\Tepan\AppData\Local\Google
2014-07-17 05:12 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-17 05:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-07-17 05:10 - 2014-07-17 05:10 - 00000344 _____ () C:\Windows\Tasks\ReimageUpdater.job
2014-07-17 05:10 - 2014-07-17 05:10 - 00000000 ____D () C:\ProgramData\Reimage Protector
2014-07-17 05:10 - 2014-07-17 05:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Express
2014-07-17 05:10 - 2014-07-17 05:10 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-07-17 05:10 - 2014-07-17 05:09 - 00000000 ____D () C:\ProgramData\Reimage Express
2014-07-17 05:09 - 2014-07-17 05:09 - 00000000 ____D () C:\Users\Tepan\AppData\Local\CrashRpt
2014-07-17 05:09 - 2013-02-01 00:57 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Seznam.cz
2014-07-17 04:18 - 2014-07-17 04:18 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-16 12:55 - 2014-02-10 01:24 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Free Download Manager
2014-07-14 07:51 - 2014-07-14 07:51 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\888poker
2014-07-14 07:51 - 2014-01-26 11:59 - 00001967 _____ () C:\Users\Tepan\Desktop\888poker.lnk
2014-07-14 07:51 - 2014-01-26 11:58 - 00000000 ____D () C:\Program Files (x86)\PacificPoker
2014-07-13 22:52 - 2014-06-22 11:59 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-13 22:52 - 2013-01-16 16:50 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\DAEMON Tools Lite
2014-07-13 22:50 - 2014-07-13 22:50 - 00000000 ____D () C:\Users\Tepan\Desktop\Původní data aplikace Firefox
2014-07-13 22:41 - 2013-07-18 11:01 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-13 21:13 - 2013-03-31 11:32 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-13 21:12 - 2013-01-16 15:28 - 00001139 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-13 20:29 - 2013-03-31 11:33 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Skype
2014-07-13 13:57 - 2014-07-13 13:55 - 00000000 ____D () C:\Users\Tepan\P5JavaClientSettings
2014-07-13 13:56 - 2014-07-13 13:56 - 00000000 ____D () C:\Users\Tepan\.swt
2014-07-13 13:56 - 2014-07-13 13:55 - 00000000 ____D () C:\Redbet
2014-07-13 13:55 - 2014-07-13 13:55 - 00001427 _____ () C:\Users\Public\Desktop\Redbet.lnk
2014-07-13 13:55 - 2014-07-13 13:55 - 00000000 ____D () C:\Users\Tepan\AppData\Local\P5
2014-07-13 13:55 - 2014-07-13 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Redbet Poker
2014-07-13 12:48 - 2014-07-13 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cool Hand Poker
2014-07-12 12:10 - 2014-07-12 12:10 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-07-12 12:10 - 2014-07-12 12:10 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-07-12 12:10 - 2014-07-12 12:10 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-07-12 12:10 - 2014-07-12 12:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-07-11 21:57 - 2014-07-11 21:38 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\QuickScan
2014-07-11 14:21 - 2014-07-11 14:21 - 00001736 _____ () C:\Tepan.txt
2014-07-11 13:48 - 2014-04-02 00:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-11 13:40 - 2014-04-02 00:33 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-11 13:40 - 2014-04-02 00:33 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-11 03:02 - 2014-07-18 17:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-07-18 17:02 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-07-18 17:02 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-07-18 17:02 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-10 03:26 - 2009-07-14 17:37 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 03:05 - 2013-08-16 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 03:05 - 2013-03-08 13:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-10 03:03 - 2013-01-16 16:32 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 11:00 - 2014-07-09 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\32Red Poker Room
2014-07-08 15:40 - 2014-07-08 15:39 - 00001797 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Poker Heaven by Microgaming.lnk
2014-07-08 15:40 - 2014-07-08 15:39 - 00001791 _____ () C:\Users\Public\Desktop\Poker Heaven by Microgaming.lnk
2014-07-08 15:40 - 2014-07-08 15:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Poker Heaven by Microgaming
2014-07-07 23:00 - 2014-07-07 22:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Betsson Poker by Microgaming
2014-07-07 22:59 - 2014-07-07 22:59 - 00000799 _____ () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Betfair.com Poker.lnk
2014-07-07 22:59 - 2014-07-07 22:59 - 00000769 _____ () C:\Users\Tepan\Desktop\Betfair.com Poker.lnk
2014-07-07 22:59 - 2014-01-10 04:51 - 00000000 ____D () C:\Poker
2014-07-07 22:58 - 2014-07-07 22:58 - 00000000 ____D () C:\ProgramData\MGS
2014-07-07 22:58 - 2014-07-07 22:58 - 00000000 ____D () C:\Microgaming
2014-07-07 21:01 - 2014-07-04 09:38 - 00000000 ____D () C:\Program Files (x86)\PKR
2014-07-06 17:03 - 2014-07-03 23:31 - 00001796 _____ () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Titan Poker.lnk
2014-07-06 17:03 - 2014-07-03 23:31 - 00001794 _____ () C:\Users\Tepan\Desktop\Titan Poker.lnk
2014-07-05 20:03 - 2014-02-22 15:24 - 00000000 ____D () C:\Users\Tepan\AppData\Local\WinZip
2014-07-04 10:07 - 2014-07-04 10:07 - 00000000 ____D () C:\Users\Tepan\Documents\PKR
2014-07-04 09:39 - 2014-07-04 09:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PKR
2014-07-04 09:38 - 2014-07-04 09:38 - 00000899 _____ () C:\Users\Public\Desktop\Play PKR.lnk
2014-07-03 23:58 - 2014-07-03 23:58 - 00000753 _____ () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Coral Poker.lnk
2014-07-03 23:58 - 2014-07-03 23:58 - 00000723 _____ () C:\Users\Tepan\Desktop\Coral Poker.lnk
2014-07-03 17:20 - 2014-07-03 17:20 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-07-03 17:20 - 2014-07-03 17:20 - 00000000 ____D () C:\Users\Tepan\AppData\Local\Skype
2014-07-03 17:20 - 2014-07-03 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-07-03 17:20 - 2013-03-31 11:32 - 00000000 ____D () C:\ProgramData\Skype
2014-07-01 22:27 - 2014-02-22 15:28 - 00000000 ____D () C:\Users\Tepan\AppData\Local\SKIDROW
2014-06-30 20:29 - 2014-06-30 20:29 - 00000781 _____ () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ladbrokes Poker.lnk
2014-06-30 20:29 - 2014-06-30 20:29 - 00000751 _____ () C:\Users\Tepan\Desktop\Ladbrokes Poker.lnk
2014-06-28 17:48 - 2013-06-30 12:18 - 00000000 ____D () C:\Program Files (x86)\PokerStars
2014-06-24 09:30 - 2014-06-24 09:30 - 00000240 _____ () C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job
2014-06-23 01:49 - 2014-06-23 01:49 - 00001318 _____ () C:\Users\Tepan\Desktop\AssassinsCreedBrotherhood – zástupce.lnk
2014-06-22 21:49 - 2014-06-22 21:49 - 00000000 ____D () C:\ProgramData\Ubisoft
2014-06-22 20:54 - 2013-01-16 15:02 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-22 19:23 - 2013-04-01 11:04 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-06-22 17:43 - 2014-06-22 17:43 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-06-22 17:40 - 2014-06-22 17:40 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Oracle
2014-06-22 17:31 - 2014-06-22 17:30 - 00004505 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-22 14:13 - 2013-03-12 04:07 - 00003970 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2A515284-680A-45EA-B4C4-72FAA57CC791}
2014-06-22 12:00 - 2014-02-25 10:48 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-06-22 11:59 - 2014-06-22 11:59 - 00000877 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-06-22 11:59 - 2014-06-22 11:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-22 08:36 - 2013-01-18 17:08 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-22 08:05 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-21 23:07 - 2013-04-14 21:56 - 00000000 ____D () C:\Stazeno z torrentu
2014-06-21 20:34 - 2014-02-22 13:11 - 00000000 ____D () C:\ProgramData\RELOADED
2014-06-21 20:31 - 2013-01-21 09:12 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-06-21 14:32 - 2014-03-23 18:38 - 00000000 ____D () C:\Program Files (x86)\Call of Juarez Gunslinger
2014-06-20 22:14 - 2014-07-09 06:00 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 21:39 - 2014-07-09 06:00 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-19 06:37 - 2013-01-16 15:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-19 03:39 - 2014-07-09 06:00 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 03:06 - 2014-07-09 06:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 03:06 - 2014-07-09 06:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-19 02:48 - 2014-07-09 06:00 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 02:42 - 2014-07-09 06:00 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-19 02:42 - 2014-07-09 06:00 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 02:41 - 2014-07-09 06:00 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-19 02:41 - 2014-07-09 06:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-19 02:32 - 2014-07-09 06:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 02:31 - 2014-07-09 06:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 02:26 - 2014-07-09 06:00 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-19 02:24 - 2014-07-09 06:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-19 02:24 - 2014-07-09 06:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-19 02:23 - 2014-07-09 06:00 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-19 02:16 - 2014-07-09 06:00 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 02:14 - 2014-07-09 06:00 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-19 02:09 - 2014-07-09 06:00 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 01:59 - 2014-07-09 06:00 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 01:56 - 2014-07-09 06:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-19 01:53 - 2014-07-09 06:00 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 01:51 - 2014-07-09 06:00 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 01:50 - 2014-07-09 06:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 01:48 - 2014-07-09 06:00 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 01:39 - 2014-07-09 06:00 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 01:38 - 2014-07-09 06:00 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-19 01:37 - 2014-07-09 06:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-19 01:36 - 2014-07-09 06:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-19 01:35 - 2014-07-09 06:00 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-19 01:33 - 2014-07-09 06:00 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 01:32 - 2014-07-09 06:00 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 01:28 - 2014-07-09 06:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-19 01:28 - 2014-07-09 06:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-19 01:27 - 2014-07-09 06:00 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 01:27 - 2014-07-09 06:00 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-19 01:25 - 2014-07-09 06:00 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-19 01:23 - 2014-07-09 06:00 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-19 01:22 - 2014-07-09 06:00 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-19 01:12 - 2014-07-09 06:00 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 01:06 - 2014-07-09 06:00 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-19 01:01 - 2014-07-09 06:00 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-19 00:59 - 2014-07-09 06:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 00:58 - 2014-07-09 06:00 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 00:58 - 2014-07-09 06:00 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 00:52 - 2014-07-09 06:00 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 00:51 - 2014-07-09 06:00 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 00:49 - 2014-07-09 06:00 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 00:46 - 2014-07-09 06:00 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-19 00:45 - 2014-07-09 06:00 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 00:35 - 2014-07-09 06:00 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 00:34 - 2014-07-09 06:00 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 00:15 - 2014-07-09 06:00 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-19 00:13 - 2014-07-09 06:00 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 00:09 - 2014-07-09 06:00 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 00:07 - 2014-07-09 06:00 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Oxy.job => C:\Users\Tepan\AppData\Roaming\Oxy\Updater.exe
Task: C:\Windows\Tasks\ReimageUpdater.job => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
Task: C:\Windows\Tasks\RunAsStdUser Task.job => C:\Users\Tepan\AppData\Local\Oxy\Application\oxy.exe
Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_313137363632353534382d50552d6c455a37575a417834.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe
Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Temp:pid1
AlternateDataStreams: C:\Temp:pid2
AlternateDataStreams: C:\Temp:srv
AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Security Center ==================

AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Tepan\Desktop" je 67 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#9 Příspěvek od **vyosek** » 19 črc 2014 15:02

Odinstalujte AVG, tluce se s MSE

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\...\Run: [uTorrent] => C:\Users\Tepan\AppData\Roaming\uTorrent\uTorrent.exe [1322832 2014-07-04] (BitTorrent Inc.)
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.199\jsdrv.exe
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\...\MountPoints2: {b1f4c1dc-5803-11e3-9023-d43d7e500c5b} - G:\AutoRun.exe
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\...\MountPoints2: {b1f4c1e7-5803-11e3-9023-d43d7e500c5b} - G:\AutoRun.exe
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\...\MountPoints2: {b1f4c1fd-5803-11e3-9023-d43d7e500c5b} - G:\AutoRun.exe
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
StartMenuInternet: IEXPLORE.EXE - c:\program files (x86)\internet explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: Shop_an_Upi_1.6 -> {11111111-1111-1111-1111-110411281122} -> C:\Program Files (x86)\Shop_an_Upi_1.6\Shop_an_Upi_1.6-bho64.dll No File

FF Extension: Seznam lištička - C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\sdckyap9.default-1405284649585\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-07-13]

Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

DisableService: Nero BackItUp Scheduler 3

R2 SpyHunter 4 Service; C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe [770432 2013-06-27] (Enigma Software Group USA, LLC.)
S2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [X]

C:\Program Files\Reimage
C:\Program Files (x86)\Enigma Software Group

S3 esgiguard; C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()
S3 EsgScanner; C:\Windows\SysWOW64\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()
S3 cpuz130; \??\C:\Users\Tepan\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
S3 cpuz134; \??\C:\Users\Tepan\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 cpuz135; \??\C:\Users\Tepan\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X]

2014-07-19 12:23 - 2014-07-19 12:24 - 00014986 _____ () C:\Users\Tepan\Desktop\FRST.txt
2014-07-19 11:07 - 2014-07-19 11:07 - 00112640 _____ (forum.viry.cz) C:\Users\Tepan\Desktop\FRSTLauncher.exe
2014-07-18 23:07 - 2014-07-18 22:16 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-18 22:39 - 2014-07-18 23:13 - 00031966 _____ () C:\zoek-results.log
2014-07-18 22:16 - 2014-07-18 23:02 - 00000000 ____D () C:\zoek_backup
2014-07-18 22:14 - 2014-07-18 22:14 - 01287168 _____ () C:\Users\Tepan\Desktop\zoek.exe
2014-07-18 18:51 - 2014-07-18 18:51 - 00002248 _____ () C:\Users\Tepan\Desktop\SpyHunter.lnk
2014-07-18 18:51 - 2014-07-18 18:51 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-07-18 18:51 - 2014-07-18 18:51 - 00000000 ____D () C:\sh4ldr
2014-07-18 18:50 - 2014-07-18 18:51 - 00000000 ____D () C:\Windows\027B5748C40941FE949B7B81A8304EF4.TMP
2014-07-18 16:39 - 2014-07-18 16:39 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2014-07-18 15:33 - 2014-07-18 16:44 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-07-18 10:24 - 2014-07-18 10:24 - 01354223 _____ () C:\Users\Tepan\Desktop\adwcleaner_3.216.exe
2014-07-17 05:10 - 2014-07-17 05:10 - 00000000 ____D () C:\ProgramData\Reimage Protector
2014-07-17 05:10 - 2014-07-17 05:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Express
2014-07-17 05:10 - 2014-07-17 05:10 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-07-17 05:09 - 2014-07-17 05:10 - 00000000 ____D () C:\ProgramData\Reimage Express
2014-07-17 05:09 - 2014-07-17 05:09 - 00000000 ____D () C:\Users\Tepan\AppData\Local\CrashRpt

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Oxy.job => C:\Users\Tepan\AppData\Roaming\Oxy\Updater.exe
Task: C:\Windows\Tasks\ReimageUpdater.job => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
Task: C:\Windows\Tasks\RunAsStdUser Task.job => C:\Users\Tepan\AppData\Local\Oxy\Application\oxy.exe
Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_313137363632353534382d50552d6c455a37575a417834.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe
Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe

AlternateDataStreams: C:\Temp:pid1
AlternateDataStreams: C:\Temp:pid2
AlternateDataStreams: C:\Temp:srv
AlternateDataStreams: C:\ProgramData\TEMP:373E1720

Hosts:
Reboot:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

tepan · #10 Příspěvek od **tepan** » 19 črc 2014 15:11

Nevím,co je MSE ,ale AVG pouzivam od doby,co jsem pocitac koupil,respektive mi ho tam prodejce automaticky nainstaloval,ale nedal mi k nemu instalacku,tak nevim,kde bych potom k nemu shanel licencni cislo.Vim,ze mohu pouzivat treba Awast,ale ja jsem zatim s AVG spokojen.Otazka: co je prosim to MSE?

tepan · #11 Příspěvek od **tepan** » 19 črc 2014 15:29

tak uz jsem zjistil,co to je:Je to- Microsoft security esentials..to jsem nainstaloval nedavno.Ale nevim,jestli je lepsi AVG nebo MSE?PLS poradte.

#12 Příspěvek od **vyosek** » 19 črc 2014 15:38

Tak z tech dvou bych rekl ze MSE, jinak bych sel spise do Avastu...Ale je to Vase volba. Kazdopadne v PC muze byt jen jeden antivir

tepan · #13 Příspěvek od **tepan** » 19 črc 2014 18:42

tak jsem oba odinstaloval,a mam avst..udelal jsem FRST scan,ale nevim proc,spustil se mi jaksi dvakrat 1: z FRST a podruhe z Farbar recovery..doufam,ze tento je ten co chcete:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-07-2014
Ran by Tepan (administrator) on TEPAN-PC on 19-07-2014 19:38:38
Running from C:\Users\Tepan\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Enigma Software Group USA, LLC.) C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Igor Pavlov) C:\Program Files (x86)\7-Zip\7zFM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(forum.viry.cz) C:\Users\Tepan\Desktop\FRST-OlderVersion\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12856936 2011-09-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DelReg] => C:\Program Files (x86)\MSI\DualCoreCenter\DelReg.exe [196608 2008-05-13] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-07-19] (AVAST Software)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\...\Run: [uTorrent] => C:\Users\Tepan\AppData\Roaming\uTorrent\uTorrent.exe [1322832 2014-07-04] (BitTorrent Inc.)
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.199\jsdrv.exe

HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\...\Run: [key] => wscript.exe //B "C:\Users\Tepan\AppData\Roaming\key.vbs"

HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\...\Run: [45cd603ee23d7c7a771df421f5721e99] => C:\Users\Tepan\AppData\Local\Temp\win.exe [138240 2014-07-19] () <===== ATTENTION
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\...\MountPoints2: {b1f4c1dc-5803-11e3-9023-d43d7e500c5b} - G:\AutoRun.exe
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\...\MountPoints2: {b1f4c1e7-5803-11e3-9023-d43d7e500c5b} - G:\AutoRun.exe
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\...\MountPoints2: {b1f4c1fd-5803-11e3-9023-d43d7e500c5b} - G:\AutoRun.exe
Startup: C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\45cd603ee23d7c7a771df421f5721e99.exe ()
Startup: C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\key.vbs ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
StartMenuInternet: IEXPLORE.EXE - c:\program files (x86)\internet explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKCU - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {571C39B2-9A29-4CD2-AEC2-16080D27FC11} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKCU - {86EAA69F-40B1-41DD-BE17-071BD7007B13} URL = http://www.firmy.cz/phr/{searchTerms}?s ... arch_12454
SearchScopes: HKCU - {B56E4805-7DB2-4C57-92ED-46422E39B760} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKCU - {BC19EC76-206B-4A9A-911C-1CF0DFA500F7} URL = http://encyklopedie.seznam.cz/search?q= ... arch_12454
SearchScopes: HKCU - {D7EF919B-153E-41DF-8990-28886A462074} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
SearchScopes: HKCU - {EA30FEDD-ED27-4392-B51D-BA331F1DE906} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12454
BHO: Shop_an_Upi_1.6 -> {11111111-1111-1111-1111-110411281122} -> C:\Program Files (x86)\Shop_an_Upi_1.6\Shop_an_Upi_1.6-bho64.dll No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36

FireFox:
========
FF ProfilePath: C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\sdckyap9.default-1405284649585
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz/
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Seznam lištička - C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\sdckyap9.default-1405284649585\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-07-13]
FF Extension: Adblock Plus - C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\sdckyap9.default-1405284649585\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-16]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-19]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-19]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-19] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-07-19] (AVAST Software)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-02-18] (Nero AG)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-04-15] ()
R2 SpyHunter 4 Service; C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe [770432 2013-06-27] (Enigma Software Group USA, LLC.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-19] (TuneUp Software)
S2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [X]

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-19] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-07-19] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-19] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-19] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-19] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-19] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-19] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [49952 2014-04-20] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-09] (Disc Soft Ltd)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-09-17] (EnTech Taiwan)
S3 esgiguard; C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()
S3 EsgScanner; C:\Windows\SysWOW64\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc.)
S3 NTIOLib_1_0_6; C:\Program Files (x86)\Setup Files\Ms7529v470\NTIOLib_X64.sys [11888 2011-01-06] (MSI) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-02-07] (Duplex Secure Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software)
S3 cpuz130; \??\C:\Users\Tepan\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
S3 cpuz134; \??\C:\Users\Tepan\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 cpuz135; \??\C:\Users\Tepan\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 FLASHSYS; \??\C:\Program Files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
S2 SPDRIVER_1.37.0.199; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.199\jsdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-07-19 19:38 - 2014-07-19 19:38 - 00015493 _____ () C:\Users\Tepan\Desktop\FRST.txt
2014-07-19 19:38 - 2014-07-19 19:38 - 00000000 ____D () C:\Users\Tepan\Desktop\FRST-OlderVersion
2014-07-19 19:33 - 2014-07-19 19:33 - 00005791 _____ () C:\Users\Tepan\Desktop\fixlist.txt
2014-07-19 19:25 - 2014-07-19 19:24 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-19 19:24 - 2014-07-19 19:24 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-19 19:20 - 2014-07-19 19:20 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\AVAST Software
2014-07-19 19:19 - 2014-07-19 19:25 - 00001932 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-07-19 19:19 - 2014-07-19 19:19 - 00001992 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-07-19 19:19 - 2014-07-19 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-19 19:18 - 2014-07-19 19:25 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-19 19:18 - 2014-07-19 19:25 - 00000350 ____H () C:\Windows\Tasks\avast! Emergency Update.job
2014-07-19 19:18 - 2014-07-19 19:24 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-07-19 19:18 - 2014-07-19 19:24 - 00426848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1405790708840
2014-07-19 19:18 - 2014-07-19 19:24 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-19 19:18 - 2014-07-19 19:24 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-19 19:18 - 2014-07-19 19:24 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-19 19:18 - 2014-07-19 19:24 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-07-19 19:18 - 2014-07-19 19:24 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-19 19:18 - 2014-07-19 19:24 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-19 19:18 - 2014-07-19 19:24 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-07-19 19:18 - 2014-07-19 19:18 - 00082744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1405790323
2014-07-19 19:18 - 2014-07-19 19:18 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-19 19:02 - 2014-05-18 18:47 - 00102663 _____ () C:\Users\Tepan\AppData\Roaming\key.vbs
2014-07-19 11:51 - 2014-07-19 19:38 - 00000000 ____D () C:\FRST
2014-07-19 11:18 - 2014-07-19 11:21 - 00001770 _____ () C:\Users\Public\Desktop\Cool Hand Poker.lnk
2014-07-19 11:12 - 2014-07-19 11:13 - 00001763 _____ () C:\Users\Public\Desktop\Betsson Poker by Microgaming.lnk
2014-07-19 11:06 - 2014-07-19 19:38 - 02089984 _____ (Farbar) C:\Users\Tepan\Desktop\FRST64.exe
2014-07-19 10:55 - 2014-07-19 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker
2014-07-19 03:45 - 2014-07-19 03:46 - 00001755 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\32Red Poker Room.lnk
2014-07-19 03:45 - 2014-07-19 03:46 - 00001749 _____ () C:\Users\Public\Desktop\32Red Poker Room.lnk
2014-07-18 23:44 - 2014-07-18 23:44 - 00000000 ____D () C:\Users\Tepan\AppData\Local\cache
2014-07-18 23:07 - 2014-07-18 22:16 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-18 22:39 - 2014-07-18 23:13 - 00031966 _____ () C:\zoek-results.log
2014-07-18 22:16 - 2014-07-18 23:02 - 00000000 ____D () C:\zoek_backup
2014-07-18 22:14 - 2014-07-18 22:14 - 01287168 _____ () C:\Users\Tepan\Desktop\zoek.exe
2014-07-18 18:51 - 2014-07-18 18:51 - 00002248 _____ () C:\Users\Tepan\Desktop\SpyHunter.lnk
2014-07-18 18:51 - 2014-07-18 18:51 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-07-18 18:51 - 2014-07-18 18:51 - 00000000 ____D () C:\sh4ldr
2014-07-18 18:50 - 2014-07-18 18:51 - 00000000 ____D () C:\Windows\027B5748C40941FE949B7B81A8304EF4.TMP
2014-07-18 18:11 - 2014-07-18 18:11 - 01131107 _____ () C:\Users\Tepan\Downloads\SevenZip-setup-on.exe
2014-07-18 18:09 - 2014-07-18 18:13 - 00000987 _____ () C:\Users\Tepan\Desktop\SevenZip.lnk
2014-07-18 18:09 - 2014-07-18 18:09 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SevenZip 9.20
2014-07-18 18:09 - 2014-07-18 18:09 - 00000000 ____D () C:\Program Files (x86)\SevenZip
2014-07-18 17:50 - 2014-07-18 17:50 - 00000000 ____D () C:\S
2014-07-18 17:10 - 2014-07-18 17:10 - 00000420 _____ () C:\Windows\Tasks\RunAsStdUser Task.job
2014-07-18 17:05 - 2014-07-18 17:05 - 00000310 ____H () C:\Windows\Tasks\Oxy.job
2014-07-18 17:02 - 2014-07-18 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-18 17:02 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-18 17:02 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-18 17:02 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-18 17:02 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-18 17:01 - 2014-07-18 17:02 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-18 16:39 - 2014-07-18 17:06 - 00000000 ____D () C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2014-07-18 16:39 - 2014-07-18 16:39 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2014-07-18 15:33 - 2014-07-18 16:44 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-07-18 15:33 - 2014-07-18 15:33 - 00000000 _____ () C:\autoexec.bat
2014-07-18 10:24 - 2014-07-18 10:24 - 01354223 _____ () C:\Users\Tepan\Desktop\adwcleaner_3.216.exe
2014-07-17 05:39 - 2014-07-17 05:39 - 00000000 ____D () C:\Windows\SysWOW64\X86
2014-07-17 05:39 - 2014-07-17 05:39 - 00000000 ____D () C:\Windows\SysWOW64\AMD64
2014-07-17 05:35 - 2014-07-18 16:37 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-17 05:19 - 2014-07-19 18:53 - 01419836 _____ () C:\Windows\PFRO.log
2014-07-17 05:13 - 2014-07-17 05:13 - 00000000 ____D () C:\Users\Tepan\AppData\Local\Packages
2014-07-17 05:12 - 2014-07-17 05:38 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Tepan\AppData\Local\Comodo
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Guest
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Administrator
2014-07-17 05:10 - 2014-07-18 10:45 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_313137363632353534382d50552d6c455a37575a417834.job
2014-07-17 05:10 - 2014-07-17 05:10 - 00000344 _____ () C:\Windows\Tasks\ReimageUpdater.job
2014-07-17 05:10 - 2014-07-17 05:10 - 00000000 ____D () C:\ProgramData\Reimage Protector
2014-07-17 05:10 - 2014-07-17 05:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Express
2014-07-17 05:10 - 2014-07-17 05:10 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-07-17 05:09 - 2014-07-17 05:10 - 00000000 ____D () C:\ProgramData\Reimage Express
2014-07-17 05:09 - 2014-07-17 05:09 - 00000000 ____D () C:\Users\Tepan\AppData\Local\CrashRpt
2014-07-17 04:18 - 2014-07-19 18:54 - 00000448 _____ () C:\Windows\setupact.log
2014-07-17 04:18 - 2014-07-17 04:18 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-14 07:51 - 2014-07-14 07:51 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\888poker
2014-07-13 22:50 - 2014-07-13 22:50 - 00000000 ____D () C:\Users\Tepan\Desktop\Původní data aplikace Firefox
2014-07-13 13:56 - 2014-07-13 13:56 - 00000000 ____D () C:\Users\Tepan\.swt
2014-07-13 13:55 - 2014-07-13 13:57 - 00000000 ____D () C:\Users\Tepan\P5JavaClientSettings
2014-07-13 13:55 - 2014-07-13 13:56 - 00000000 ____D () C:\Redbet
2014-07-13 13:55 - 2014-07-13 13:55 - 00001427 _____ () C:\Users\Public\Desktop\Redbet.lnk
2014-07-13 13:55 - 2014-07-13 13:55 - 00000000 ____D () C:\Users\Tepan\AppData\Local\P5
2014-07-13 13:55 - 2014-07-13 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Redbet Poker
2014-07-13 12:47 - 2014-07-19 11:21 - 00001776 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Cool Hand Poker.lnk
2014-07-13 12:47 - 2014-07-13 12:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cool Hand Poker
2014-07-12 12:10 - 2014-07-19 16:56 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-07-11 21:38 - 2014-07-11 21:57 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\QuickScan
2014-07-11 14:21 - 2014-07-11 14:21 - 00001736 _____ () C:\Tepan.txt
2014-07-09 10:59 - 2014-07-09 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\32Red Poker Room
2014-07-09 06:00 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 06:00 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 06:00 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 06:00 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 06:00 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 06:00 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 06:00 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 06:00 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 06:00 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 06:00 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 06:00 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 06:00 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 06:00 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 06:00 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 06:00 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 06:00 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 06:00 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 06:00 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 06:00 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 06:00 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 06:00 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 06:00 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 06:00 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 06:00 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 06:00 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 06:00 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 06:00 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 06:00 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 06:00 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 06:00 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 06:00 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 06:00 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 06:00 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 06:00 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 06:00 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 06:00 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 06:00 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 06:00 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 06:00 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 06:00 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 06:00 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 06:00 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 06:00 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 06:00 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 06:00 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 06:00 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 06:00 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 06:00 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 06:00 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 06:00 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 06:00 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 06:00 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 06:00 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 06:00 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 06:00 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 06:00 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 06:00 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 06:00 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 06:00 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 06:00 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 06:00 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 06:00 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 05:59 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 05:59 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 05:59 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-08 15:39 - 2014-07-08 15:40 - 00001797 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Poker Heaven by Microgaming.lnk
2014-07-08 15:39 - 2014-07-08 15:40 - 00001791 _____ () C:\Users\Public\Desktop\Poker Heaven by Microgaming.lnk
2014-07-08 15:39 - 2014-07-08 15:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Poker Heaven by Microgaming
2014-07-07 23:00 - 2014-07-19 13:00 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Microgaming
2014-07-07 22:59 - 2014-07-07 22:59 - 00000799 _____ () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Betfair.com Poker.lnk
2014-07-07 22:59 - 2014-07-07 22:59 - 00000769 _____ () C:\Users\Tepan\Desktop\Betfair.com Poker.lnk
2014-07-07 22:58 - 2014-07-19 11:13 - 00001769 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Betsson Poker by Microgaming.lnk
2014-07-07 22:58 - 2014-07-07 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Betsson Poker by Microgaming
2014-07-07 22:58 - 2014-07-07 22:58 - 00000000 ____D () C:\ProgramData\MGS
2014-07-07 22:58 - 2014-07-07 22:58 - 00000000 ____D () C:\Microgaming
2014-07-06 07:03 - 2014-07-19 10:55 - 00000026 _____ () C:\Windows\DEIZCWU.TXT
2014-07-04 10:07 - 2014-07-04 10:07 - 00000000 ____D () C:\Users\Tepan\Documents\PKR
2014-07-04 09:38 - 2014-07-07 21:01 - 00000000 ____D () C:\Program Files (x86)\PKR
2014-07-04 09:38 - 2014-07-04 09:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PKR
2014-07-04 09:38 - 2014-07-04 09:38 - 00000899 _____ () C:\Users\Public\Desktop\Play PKR.lnk
2014-07-03 23:58 - 2014-07-03 23:58 - 00000753 _____ () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Coral Poker.lnk
2014-07-03 23:58 - 2014-07-03 23:58 - 00000723 _____ () C:\Users\Tepan\Desktop\Coral Poker.lnk
2014-07-03 23:31 - 2014-07-19 11:08 - 00000000 ____D () C:\Users\Tepan\AppData\Local\Titan Poker
2014-07-03 23:31 - 2014-07-06 17:03 - 00001796 _____ () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Titan Poker.lnk
2014-07-03 23:31 - 2014-07-06 17:03 - 00001794 _____ () C:\Users\Tepan\Desktop\Titan Poker.lnk
2014-07-03 17:20 - 2014-07-03 17:20 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-07-03 17:20 - 2014-07-03 17:20 - 00000000 ____D () C:\Users\Tepan\AppData\Local\Skype
2014-07-03 17:20 - 2014-07-03 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-07-03 12:07 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-07-03 12:07 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-06-30 20:29 - 2014-06-30 20:29 - 00000781 _____ () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ladbrokes Poker.lnk
2014-06-30 20:29 - 2014-06-30 20:29 - 00000751 _____ () C:\Users\Tepan\Desktop\Ladbrokes Poker.lnk
2014-06-24 09:30 - 2014-06-24 09:30 - 00000240 _____ () C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job
2014-06-23 01:49 - 2014-06-23 01:49 - 00001318 _____ () C:\Users\Tepan\Desktop\AssassinsCreedBrotherhood – zástupce.lnk
2014-06-22 21:49 - 2014-06-22 21:49 - 00000000 ____D () C:\ProgramData\Ubisoft
2014-06-22 17:51 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-06-22 17:51 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-06-22 17:51 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-06-22 17:51 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-06-22 17:51 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-06-22 17:51 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-06-22 17:51 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-06-22 17:51 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-06-22 17:51 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-06-22 17:51 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-06-22 17:51 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-06-22 17:51 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-06-22 17:51 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-06-22 17:51 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-06-22 17:51 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-06-22 17:51 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-06-22 17:50 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-06-22 17:50 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-06-22 17:50 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-06-22 17:50 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-06-22 17:50 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-06-22 17:50 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-06-22 17:50 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-06-22 17:50 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-06-22 17:50 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-06-22 17:50 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-06-22 17:50 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-06-22 17:50 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-06-22 17:50 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-06-22 17:50 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-06-22 17:50 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-06-22 17:50 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-06-22 17:50 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-06-22 17:50 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-06-22 17:50 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-06-22 17:50 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-06-22 17:50 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-06-22 17:50 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-06-22 17:50 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-06-22 17:50 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-06-22 17:50 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-06-22 17:50 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-06-22 17:50 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-06-22 17:50 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-06-22 17:50 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-06-22 17:50 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-06-22 17:50 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-06-22 17:43 - 2014-06-22 17:43 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-06-22 17:40 - 2014-06-22 17:40 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Oracle
2014-06-22 17:30 - 2014-06-22 17:31 - 00004505 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-22 11:59 - 2014-07-13 22:52 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-22 11:59 - 2014-06-22 11:59 - 00000877 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-06-22 11:59 - 2014-06-22 11:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

==================== One Month Modified Files and Folders =======

2014-07-19 19:38 - 2014-07-19 19:38 - 00015493 _____ () C:\Users\Tepan\Desktop\FRST.txt
2014-07-19 19:38 - 2014-07-19 19:38 - 00000000 ____D () C:\Users\Tepan\Desktop\FRST-OlderVersion
2014-07-19 19:38 - 2014-07-19 11:51 - 00000000 ____D () C:\FRST
2014-07-19 19:38 - 2014-07-19 11:06 - 02089984 _____ (Farbar) C:\Users\Tepan\Desktop\FRST64.exe
2014-07-19 19:33 - 2014-07-19 19:33 - 00005791 _____ () C:\Users\Tepan\Desktop\fixlist.txt
2014-07-19 19:25 - 2014-07-19 19:19 - 00001932 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-07-19 19:25 - 2014-07-19 19:18 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-19 19:25 - 2014-07-19 19:18 - 00000350 ____H () C:\Windows\Tasks\avast! Emergency Update.job
2014-07-19 19:24 - 2014-07-19 19:25 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-19 19:24 - 2014-07-19 19:24 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-19 19:24 - 2014-07-19 19:18 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-07-19 19:24 - 2014-07-19 19:18 - 00426848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1405790708840
2014-07-19 19:24 - 2014-07-19 19:18 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-19 19:24 - 2014-07-19 19:18 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-19 19:24 - 2014-07-19 19:18 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-19 19:24 - 2014-07-19 19:18 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-07-19 19:24 - 2014-07-19 19:18 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-19 19:24 - 2014-07-19 19:18 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-19 19:24 - 2014-07-19 19:18 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-07-19 19:20 - 2014-07-19 19:20 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\AVAST Software
2014-07-19 19:19 - 2014-07-19 19:19 - 00001992 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-07-19 19:19 - 2014-07-19 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-19 19:18 - 2014-07-19 19:18 - 00082744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1405790323
2014-07-19 19:18 - 2014-07-19 19:18 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-19 19:11 - 2013-12-08 15:23 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-19 19:01 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-19 19:01 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-19 19:00 - 2013-01-16 17:21 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\uTorrent
2014-07-19 18:58 - 2013-01-16 14:36 - 01764967 _____ () C:\Windows\WindowsUpdate.log
2014-07-19 18:58 - 2009-07-14 17:18 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2014-07-19 18:58 - 2009-07-14 17:18 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2014-07-19 18:58 - 2009-07-14 07:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-19 18:54 - 2014-07-17 04:18 - 00000448 _____ () C:\Windows\setupact.log
2014-07-19 18:53 - 2014-07-17 05:19 - 01419836 _____ () C:\Windows\PFRO.log
2014-07-19 18:48 - 2013-12-07 16:30 - 00000000 ____D () C:\Users\Tepan\AppData\Local\FullTiltPoker
2014-07-19 18:48 - 2013-12-07 16:30 - 00000000 ____D () C:\Program Files (x86)\Full Tilt Poker
2014-07-19 17:57 - 2013-01-18 17:08 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-19 16:56 - 2014-07-12 12:10 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-07-19 13:00 - 2014-07-07 23:00 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Microgaming
2014-07-19 11:21 - 2014-07-19 11:18 - 00001770 _____ () C:\Users\Public\Desktop\Cool Hand Poker.lnk
2014-07-19 11:21 - 2014-07-13 12:47 - 00001776 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Cool Hand Poker.lnk
2014-07-19 11:13 - 2014-07-19 11:12 - 00001763 _____ () C:\Users\Public\Desktop\Betsson Poker by Microgaming.lnk
2014-07-19 11:13 - 2014-07-07 22:58 - 00001769 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Betsson Poker by Microgaming.lnk
2014-07-19 11:08 - 2014-07-03 23:31 - 00000000 ____D () C:\Users\Tepan\AppData\Local\Titan Poker
2014-07-19 10:55 - 2014-07-19 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker
2014-07-19 10:55 - 2014-07-06 07:03 - 00000026 _____ () C:\Windows\DEIZCWU.TXT
2014-07-19 10:55 - 2014-01-26 15:55 - 00001537 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\partypoker.lnk
2014-07-19 10:55 - 2014-01-26 15:55 - 00001531 _____ () C:\Users\Tepan\Desktop\partypoker.lnk
2014-07-19 10:55 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-19 03:52 - 2013-06-30 12:18 - 00000000 ____D () C:\Users\Tepan\AppData\Local\PokerStars
2014-07-19 03:46 - 2014-07-19 03:45 - 00001755 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\32Red Poker Room.lnk
2014-07-19 03:46 - 2014-07-19 03:45 - 00001749 _____ () C:\Users\Public\Desktop\32Red Poker Room.lnk
2014-07-19 03:35 - 2014-01-26 11:59 - 00000000 ____D () C:\Users\Tepan\Documents\888poker
2014-07-19 00:04 - 2014-02-07 14:23 - 00000000 ____D () C:\Users\Tepan\AppData\Local\AuxClient
2014-07-18 23:44 - 2014-07-18 23:44 - 00000000 ____D () C:\Users\Tepan\AppData\Local\cache
2014-07-18 23:13 - 2014-07-18 22:39 - 00031966 _____ () C:\zoek-results.log
2014-07-18 23:02 - 2014-07-18 22:16 - 00000000 ____D () C:\zoek_backup
2014-07-18 22:58 - 2013-01-16 14:48 - 00000000 ____D () C:\Users\Tepan
2014-07-18 22:16 - 2014-07-18 23:07 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-18 22:14 - 2014-07-18 22:14 - 01287168 _____ () C:\Users\Tepan\Desktop\zoek.exe
2014-07-18 18:51 - 2014-07-18 18:51 - 00002248 _____ () C:\Users\Tepan\Desktop\SpyHunter.lnk
2014-07-18 18:51 - 2014-07-18 18:51 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-07-18 18:51 - 2014-07-18 18:51 - 00000000 ____D () C:\sh4ldr
2014-07-18 18:51 - 2014-07-18 18:50 - 00000000 ____D () C:\Windows\027B5748C40941FE949B7B81A8304EF4.TMP
2014-07-18 18:44 - 2013-01-16 20:32 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\vlc
2014-07-18 18:13 - 2014-07-18 18:09 - 00000987 _____ () C:\Users\Tepan\Desktop\SevenZip.lnk
2014-07-18 18:11 - 2014-07-18 18:11 - 01131107 _____ () C:\Users\Tepan\Downloads\SevenZip-setup-on.exe
2014-07-18 18:09 - 2014-07-18 18:09 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SevenZip 9.20
2014-07-18 18:09 - 2014-07-18 18:09 - 00000000 ____D () C:\Program Files (x86)\SevenZip
2014-07-18 17:50 - 2014-07-18 17:50 - 00000000 ____D () C:\S
2014-07-18 17:14 - 2013-01-31 23:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-18 17:10 - 2014-07-18 17:10 - 00000420 _____ () C:\Windows\Tasks\RunAsStdUser Task.job
2014-07-18 17:06 - 2014-07-18 16:39 - 00000000 ____D () C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2014-07-18 17:05 - 2014-07-18 17:05 - 00000310 ____H () C:\Windows\Tasks\Oxy.job
2014-07-18 17:02 - 2014-07-18 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-18 17:02 - 2014-07-18 17:01 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-18 17:02 - 2014-01-20 17:55 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-18 17:02 - 2013-06-25 01:23 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-18 16:44 - 2014-07-18 15:33 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-07-18 16:39 - 2014-07-18 16:39 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2014-07-18 16:37 - 2014-07-17 05:35 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-18 15:33 - 2014-07-18 15:33 - 00000000 _____ () C:\autoexec.bat
2014-07-18 11:51 - 2013-01-16 15:40 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-18 11:51 - 2013-01-16 15:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-18 11:51 - 2013-01-16 15:40 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-18 11:33 - 2013-12-06 12:08 - 00000000 ____D () C:\AdwCleaner
2014-07-18 10:45 - 2014-07-17 05:10 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_313137363632353534382d50552d6c455a37575a417834.job
2014-07-18 10:24 - 2014-07-18 10:24 - 01354223 _____ () C:\Users\Tepan\Desktop\adwcleaner_3.216.exe
2014-07-17 14:27 - 2013-06-09 20:19 - 00000000 ____D () C:\Program Files\trend micro
2014-07-17 12:04 - 2009-07-14 06:45 - 00419800 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-17 11:06 - 2013-08-25 21:43 - 00000000 ____D () C:\ProgramData\TEMP
2014-07-17 11:00 - 2013-01-16 17:22 - 00110776 _____ () C:\Users\Tepan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-17 05:39 - 2014-07-17 05:39 - 00000000 ____D () C:\Windows\SysWOW64\X86
2014-07-17 05:39 - 2014-07-17 05:39 - 00000000 ____D () C:\Windows\SysWOW64\AMD64
2014-07-17 05:38 - 2014-07-17 05:12 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-07-17 05:17 - 2014-05-17 15:36 - 00000000 ____D () C:\Temp
2014-07-17 05:13 - 2014-07-17 05:13 - 00000000 ____D () C:\Users\Tepan\AppData\Local\Packages
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Tepan\AppData\Local\Comodo
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Guest
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-17 05:12 - 2014-07-17 05:12 - 00000000 ____D () C:\Users\Administrator
2014-07-17 05:12 - 2014-02-25 12:58 - 00000000 ____D () C:\Users\Tepan\AppData\Local\CrashDumps
2014-07-17 05:12 - 2013-02-01 00:56 - 00000000 ____D () C:\Users\Tepan\AppData\Local\Google
2014-07-17 05:12 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-17 05:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-07-17 05:10 - 2014-07-17 05:10 - 00000344 _____ () C:\Windows\Tasks\ReimageUpdater.job
2014-07-17 05:10 - 2014-07-17 05:10 - 00000000 ____D () C:\ProgramData\Reimage Protector
2014-07-17 05:10 - 2014-07-17 05:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Express
2014-07-17 05:10 - 2014-07-17 05:10 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-07-17 05:10 - 2014-07-17 05:09 - 00000000 ____D () C:\ProgramData\Reimage Express
2014-07-17 05:09 - 2014-07-17 05:09 - 00000000 ____D () C:\Users\Tepan\AppData\Local\CrashRpt
2014-07-17 05:09 - 2013-02-01 00:57 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Seznam.cz
2014-07-17 04:18 - 2014-07-17 04:18 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-16 12:55 - 2014-02-10 01:24 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Free Download Manager
2014-07-14 07:51 - 2014-07-14 07:51 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\888poker
2014-07-14 07:51 - 2014-01-26 11:59 - 00001967 _____ () C:\Users\Tepan\Desktop\888poker.lnk
2014-07-14 07:51 - 2014-01-26 11:58 - 00000000 ____D () C:\Program Files (x86)\PacificPoker
2014-07-13 22:52 - 2014-06-22 11:59 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-13 22:52 - 2013-01-16 16:50 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\DAEMON Tools Lite
2014-07-13 22:50 - 2014-07-13 22:50 - 00000000 ____D () C:\Users\Tepan\Desktop\Původní data aplikace Firefox
2014-07-13 22:41 - 2013-07-18 11:01 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-13 21:13 - 2013-03-31 11:32 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-13 21:12 - 2013-01-16 15:28 - 00001139 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-13 20:29 - 2013-03-31 11:33 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Skype
2014-07-13 13:57 - 2014-07-13 13:55 - 00000000 ____D () C:\Users\Tepan\P5JavaClientSettings
2014-07-13 13:56 - 2014-07-13 13:56 - 00000000 ____D () C:\Users\Tepan\.swt
2014-07-13 13:56 - 2014-07-13 13:55 - 00000000 ____D () C:\Redbet
2014-07-13 13:55 - 2014-07-13 13:55 - 00001427 _____ () C:\Users\Public\Desktop\Redbet.lnk
2014-07-13 13:55 - 2014-07-13 13:55 - 00000000 ____D () C:\Users\Tepan\AppData\Local\P5
2014-07-13 13:55 - 2014-07-13 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Redbet Poker
2014-07-13 12:48 - 2014-07-13 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cool Hand Poker
2014-07-11 21:57 - 2014-07-11 21:38 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\QuickScan
2014-07-11 14:21 - 2014-07-11 14:21 - 00001736 _____ () C:\Tepan.txt
2014-07-11 13:48 - 2014-04-02 00:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-11 13:40 - 2014-04-02 00:33 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-11 13:40 - 2014-04-02 00:33 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-11 03:02 - 2014-07-18 17:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-07-18 17:02 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-07-18 17:02 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-07-18 17:02 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-10 03:26 - 2009-07-14 17:37 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 03:05 - 2013-08-16 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 03:05 - 2013-03-08 13:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-10 03:03 - 2013-01-16 16:32 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 11:00 - 2014-07-09 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\32Red Poker Room
2014-07-08 15:40 - 2014-07-08 15:39 - 00001797 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Poker Heaven by Microgaming.lnk
2014-07-08 15:40 - 2014-07-08 15:39 - 00001791 _____ () C:\Users\Public\Desktop\Poker Heaven by Microgaming.lnk
2014-07-08 15:40 - 2014-07-08 15:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Poker Heaven by Microgaming
2014-07-07 23:00 - 2014-07-07 22:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Betsson Poker by Microgaming
2014-07-07 22:59 - 2014-07-07 22:59 - 00000799 _____ () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Betfair.com Poker.lnk
2014-07-07 22:59 - 2014-07-07 22:59 - 00000769 _____ () C:\Users\Tepan\Desktop\Betfair.com Poker.lnk
2014-07-07 22:59 - 2014-01-10 04:51 - 00000000 ____D () C:\Poker
2014-07-07 22:58 - 2014-07-07 22:58 - 00000000 ____D () C:\ProgramData\MGS
2014-07-07 22:58 - 2014-07-07 22:58 - 00000000 ____D () C:\Microgaming
2014-07-07 21:01 - 2014-07-04 09:38 - 00000000 ____D () C:\Program Files (x86)\PKR
2014-07-06 17:03 - 2014-07-03 23:31 - 00001796 _____ () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Titan Poker.lnk
2014-07-06 17:03 - 2014-07-03 23:31 - 00001794 _____ () C:\Users\Tepan\Desktop\Titan Poker.lnk
2014-07-05 20:03 - 2014-02-22 15:24 - 00000000 ____D () C:\Users\Tepan\AppData\Local\WinZip
2014-07-04 10:07 - 2014-07-04 10:07 - 00000000 ____D () C:\Users\Tepan\Documents\PKR
2014-07-04 09:39 - 2014-07-04 09:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PKR
2014-07-04 09:38 - 2014-07-04 09:38 - 00000899 _____ () C:\Users\Public\Desktop\Play PKR.lnk
2014-07-03 23:58 - 2014-07-03 23:58 - 00000753 _____ () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Coral Poker.lnk
2014-07-03 23:58 - 2014-07-03 23:58 - 00000723 _____ () C:\Users\Tepan\Desktop\Coral Poker.lnk
2014-07-03 17:20 - 2014-07-03 17:20 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-07-03 17:20 - 2014-07-03 17:20 - 00000000 ____D () C:\Users\Tepan\AppData\Local\Skype
2014-07-03 17:20 - 2014-07-03 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-07-03 17:20 - 2013-03-31 11:32 - 00000000 ____D () C:\ProgramData\Skype
2014-07-01 22:27 - 2014-02-22 15:28 - 00000000 ____D () C:\Users\Tepan\AppData\Local\SKIDROW
2014-06-30 20:29 - 2014-06-30 20:29 - 00000781 _____ () C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ladbrokes Poker.lnk
2014-06-30 20:29 - 2014-06-30 20:29 - 00000751 _____ () C:\Users\Tepan\Desktop\Ladbrokes Poker.lnk
2014-06-28 17:48 - 2013-06-30 12:18 - 00000000 ____D () C:\Program Files (x86)\PokerStars
2014-06-24 09:30 - 2014-06-24 09:30 - 00000240 _____ () C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job
2014-06-23 01:49 - 2014-06-23 01:49 - 00001318 _____ () C:\Users\Tepan\Desktop\AssassinsCreedBrotherhood – zástupce.lnk
2014-06-22 21:49 - 2014-06-22 21:49 - 00000000 ____D () C:\ProgramData\Ubisoft
2014-06-22 20:54 - 2013-01-16 15:02 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-22 19:23 - 2013-04-01 11:04 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-06-22 17:43 - 2014-06-22 17:43 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-06-22 17:40 - 2014-06-22 17:40 - 00000000 ____D () C:\Users\Tepan\AppData\Roaming\Oracle
2014-06-22 17:31 - 2014-06-22 17:30 - 00004505 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-22 14:13 - 2013-03-12 04:07 - 00003970 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2A515284-680A-45EA-B4C4-72FAA57CC791}
2014-06-22 12:00 - 2014-02-25 10:48 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-06-22 11:59 - 2014-06-22 11:59 - 00000877 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-06-22 11:59 - 2014-06-22 11:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-22 08:05 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-21 23:07 - 2013-04-14 21:56 - 00000000 ____D () C:\Stazeno z torrentu
2014-06-21 20:34 - 2014-02-22 13:11 - 00000000 ____D () C:\ProgramData\RELOADED
2014-06-21 20:31 - 2013-01-21 09:12 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-06-21 14:32 - 2014-03-23 18:38 - 00000000 ____D () C:\Program Files (x86)\Call of Juarez Gunslinger
2014-06-20 22:14 - 2014-07-09 06:00 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 21:39 - 2014-07-09 06:00 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-19 06:37 - 2013-01-16 15:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-19 03:39 - 2014-07-09 06:00 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 03:06 - 2014-07-09 06:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 03:06 - 2014-07-09 06:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-19 02:48 - 2014-07-09 06:00 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 02:42 - 2014-07-09 06:00 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-19 02:42 - 2014-07-09 06:00 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 02:41 - 2014-07-09 06:00 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-19 02:41 - 2014-07-09 06:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-19 02:32 - 2014-07-09 06:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 02:31 - 2014-07-09 06:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 02:26 - 2014-07-09 06:00 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-19 02:24 - 2014-07-09 06:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-19 02:24 - 2014-07-09 06:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-19 02:23 - 2014-07-09 06:00 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-19 02:16 - 2014-07-09 06:00 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 02:14 - 2014-07-09 06:00 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-19 02:09 - 2014-07-09 06:00 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 01:59 - 2014-07-09 06:00 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 01:56 - 2014-07-09 06:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-19 01:53 - 2014-07-09 06:00 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 01:51 - 2014-07-09 06:00 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 01:50 - 2014-07-09 06:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 01:48 - 2014-07-09 06:00 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 01:39 - 2014-07-09 06:00 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 01:38 - 2014-07-09 06:00 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-19 01:37 - 2014-07-09 06:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-19 01:36 - 2014-07-09 06:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-19 01:35 - 2014-07-09 06:00 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-19 01:33 - 2014-07-09 06:00 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 01:32 - 2014-07-09 06:00 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 01:28 - 2014-07-09 06:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-19 01:28 - 2014-07-09 06:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-19 01:27 - 2014-07-09 06:00 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 01:27 - 2014-07-09 06:00 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-19 01:25 - 2014-07-09 06:00 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-19 01:23 - 2014-07-09 06:00 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-19 01:22 - 2014-07-09 06:00 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-19 01:12 - 2014-07-09 06:00 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 01:06 - 2014-07-09 06:00 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-19 01:01 - 2014-07-09 06:00 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-19 00:59 - 2014-07-09 06:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 00:58 - 2014-07-09 06:00 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 00:58 - 2014-07-09 06:00 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 00:52 - 2014-07-09 06:00 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 00:51 - 2014-07-09 06:00 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 00:49 - 2014-07-09 06:00 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 00:46 - 2014-07-09 06:00 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-19 00:45 - 2014-07-09 06:00 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 00:35 - 2014-07-09 06:00 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 00:34 - 2014-07-09 06:00 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 00:15 - 2014-07-09 06:00 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-19 00:13 - 2014-07-09 06:00 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 00:09 - 2014-07-09 06:00 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 00:07 - 2014-07-09 06:00 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

Files to move or delete:
====================
C:\Users\Tepan\AppData\Local\Temp\win.exe

Some content of TEMP:
====================
C:\Users\Tepan\AppData\Local\Temp\win.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-06-18 02:33

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:170.9 GB) (Free:6.83 GB) NTFS
Drive d: () (Fixed) (Total:127 GB) (Free:1.45 GB) NTFS
Drive i: (LaCie) (Fixed) (Total:931.51 GB) (Free:2.87 GB) NTFS

Available physical RAM: 2033.36 MB
Total physical RAM: 4095.24 MB
Percentage of memory in use: 50%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 0F29FC2D)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=171 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=127 GB) - (Type=07 NTFS)
Disk: 1 (Size: 932 GB) (Disk ID: 454C01D9)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\Windows\Tasks\Oxy.job => C:\Users\Tepan\AppData\Roaming\Oxy\Updater.exe
Task: C:\Windows\Tasks\ReimageUpdater.job => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
Task: C:\Windows\Tasks\RunAsStdUser Task.job => C:\Users\Tepan\AppData\Local\Oxy\Application\oxy.exe
Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_313137363632353534382d50552d6c455a37575a417834.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe
Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Temp:pid1
AlternateDataStreams: C:\Temp:pid2
AlternateDataStreams: C:\Temp:srv
AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Security Center ==================

AV: avast! Internet Security (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Internet Security (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Internet Security (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Tepan\Desktop" je 69 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

tepan · #14 Příspěvek od **tepan** » 19 črc 2014 19:24

tak,a ted to po mne chtelo resart pocitace,tak jsem restartoval a najednou mi pri nabihani windows naskakuje hlaska:

#15 Příspěvek od **vyosek** » 19 črc 2014 19:37

Nejde to precist, jaky soubor se to snazi spustit??

VIRY.CZ

preventivni kontrola

preventivni kontrola

Re: preventivni kontrola

Re: preventivni kontrola

Re: preventivni kontrola

Re: preventivni kontrola

Re: preventivni kontrola

Re: preventivni kontrola

Re: preventivni kontrola

Re: preventivni kontrola

Re: preventivni kontrola

Re: preventivni kontrola

Re: preventivni kontrola

Re: preventivni kontrola

Re: preventivni kontrola

Re: preventivni kontrola