VIRY.CZ

Logfile of random's system information tool 1.10 (written by random/random)
Run by Wareza at 2014-08-01 20:53:13
Microsoft Windows 7 Home Premium
System drive C: has 26 GB (11%) free of 238 GB
Total RAM: 4091 MB (24% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:53:19, on 1.8.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)
Boot mode: Normal

Running processes:
C:\Users\Wareza\AppData\Local\Pokki\Engine\pokki.exe
C:\Windows\System32\PrintDisp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Users\Wareza\AppData\Local\VNT\vntldr.exe
C:\Users\Wareza\AppData\Local\Pokki\Engine\pokki.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\SuperAntiSpyware - Professional - XxXFreakyXxX\SUPERAntiSpywarePro.exe
C:\Users\Wareza\AppData\Local\Temp\SkyMonkAM__2155_il2428.exe
C:\Users\Wareza\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Wareza.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_s ... 2&tsp=5250
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: CrossriderApp0057050 - {11111111-1111-1111-1111-110511701150} - C:\Program Files (x86)\SavePass\SavePass-bho.dll
O2 - BHO: CrossriderApp0061762 - {11111111-1111-1111-1111-110611171162} - C:\Program Files (x86)\HD-V1.9\HD-V1.9-bho.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O3 - Toolbar: (no name) - {828DC97A-2277-4E10-92A9-4907FA0922A9} - (no file)
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
O4 - HKLM\..\Run: [FontExpertType1Loader] C:\Program Files (x86)\FontExpert\Type1Loader.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Nástroj WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKLM\..\Run: [VNT] C:\Program Files (x86)\VNT\vntldr.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [DriveCrypt Startup] C:\Program Files (x86)\DriveCrypt\DriveCrypt.exe /WS
O4 - HKCU\..\Run: [SmartSerialMail Sending] C:\Program Files (x86)\JAM Software\SmartSerialMail\SmartSerialMailServiceApp.exe /delayedstart
O4 - HKCU\..\Run: [tedcgtelwn] wscript.exe //B "C:\Users\Wareza\AppData\Local\Temp\tedcgtelwn..vbs"
O4 - HKCU\..\Run: [qrnvvhxtfg] wscript.exe //B "C:\Users\Wareza\AppData\Local\Temp\qrnvvhxtfg..vbs"
O4 - HKCU\..\Run: [Pokki] C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files (x86)\SuperAntiSpyware - Professional - XxXFreakyXxX\SUPERAntiSpywarePro.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Wareza\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Wareza\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: qrnvvhxtfg..vbs
O4 - Startup: tedcgtelwn..vbs
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: Atomic Email Hunter - C:\Program Files (x86)\AtomPark\Atomic Email Hunter\ie.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Extract e-mail addresses - C:\Program Files (x86)\AtomPark\Atomic Email Studio\modules\Hunter\ie.htm
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: Extract e-mail addresses - {491A6C2B-1046-486b-8A8F-7D26BCB79A9B} - C:\Program Files (x86)\AtomPark\Atomic Email Studio\modules\Hunter\ie.htm (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Extract e-mail addresses - {491A6C2B-1046-486b-8A8F-7D26BCB79A9B} - C:\Program Files (x86)\AtomPark\Atomic Email Studio\modules\Hunter\ie.htm (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\ip hider pro\iphiderlib.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\ip hider pro\iphiderlib.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\ip hider pro\iphiderlib.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\ip hider pro\iphiderlib.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\ip hider pro\iphiderlib.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\ip hider pro\iphiderlib.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\ip hider pro\iphiderlib.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\ip hider pro\iphiderlib.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\ip hider pro\iphiderlib.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\ip hider pro\iphiderlib.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\ip hider pro\iphiderlib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{32C913EE-9640-4023-93A9-F7A94D537652}: NameServer = 4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: CrypKey License - Unknown owner - C:\Windows\system32\crypserv.exe (file missing)
O23 - Service: DriveCrypt Service (DriveCryptService) - Unknown owner - C:\Program Files (x86)\DriveCrypt\DcrServ.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel Local License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: HDRExpose3Service - Unknown owner - C:\Program Files\UCT\HDR Expose 3\HDRExpose3Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Printer Control - Unknown owner - C:\Windows\system32\PrintCtrl.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protect Monitor (ProtectMonitor) - Unknown owner - C:\Program Files\PCDApp\StartHelp.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: WD Rules (WDRulesService) - Western Digital - C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 18745 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 32165920
\??\C:\Windows\system32\conhost.exe "-1469446462-24901943-1795427553-5770267731418599919-452001495794982546-802203594
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
taskeng.exe {97D335DC-D15A-4589-97BE-CB431B498041}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskeng.exe {E5CDF462-01ED-468B-9D7F-DA1133FA936B}
"C:\Users\Wareza\AppData\Local\Pokki\Engine\pokki.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
"C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\SavePass\7dd07b49-00e3-43fc-aa78-d59d31542b53-10.exe" /ivGKDm='SavePass' /sywcXNlqN=57050 /ipMQcVy='001504' /tGavZZ='0' /jqrbnHI='0' /yZtwz=6F26FD6331EF42CC8A0AC13B8B685718IE /sdOcnejp=152a0c218bc945671311e216b106ec62 /Mpuww=1_34_07_01 /THRfeM=1405846363 /jbEPe=http://stats.genstatsnet.com /AOqMEMKFI=http://errors.genstatsnet.com /awdJubQ='SavePass' /iwZphDOV=1000 /WlUVNkF=93-0,102-0,104-0,178-288,179-288,180-288,223-288 /AUrZlSbRE=http://logs.genstatsnet.com /strmlzPp='task' /MluqbclGU=''
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\system32\crypserv.exe
"C:\Program Files (x86)\DriveCrypt\DcrServ.exe"
C:\Windows\system32\hasplms.exe -run
"C:\Program Files\UCT\HDR Expose 3\HDRExpose3Service.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
C:\Windows\SysWOW64\nlssrv32.exe
"C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\PrintCtrl.exe
"C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe"
"C:\Windows\System32\PrintDisp.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
"C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
"C:\Users\Wareza\AppData\Local\VNT\vntldr.exe" /EXEC
C:\Windows\SysWOW64\PSIService.exe
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe"
"C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe"
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:4072
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe"
WLIDSvcM.exe 4256
"C:\Users\Wareza\AppData\Local\Pokki\Engine\pokki.exe" --type=renderer --disable-breakpad --disable-desktop-notifications --disable-logging --disable-speech-input --lang=en-US --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/Yes/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/9/OneClickSignIn/BlueOnWhite/Prefetch/ContentPrefetchPrefetchOff/Prerender/PrerenderMulti/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwndMin16/SpeculativePrefetchingLearning/SpeculativePrefetchingLearningEnabled/Test0PercentDefault/group_01/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_01/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/last_accessed_socket/ --noerrdialogs --disable-client-side-phishing-detection --disable-bundled-ppapi-flash --channel="888.2.1482929081\1833150136" /prefetch:3
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
TosBtBty.exe
"C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\SuperAntiSpyware - Professional - XxXFreakyXxX\SUPERAntiSpywarePro.exe"
"taskhost.exe"
"C:\Users\Wareza\AppData\Local\Temp\SkyMonkAM__2155_il2428.exe"
"C:\Program Files (x86)\HD-V1.9\b82486d5-bb46-4c3f-bb97-2f0f41a249b0.exe" /czeXVoVH='HD-V1.9' /NTKQsLzu=61762 /tyutJad='001859' /ZhPjJOLxa='0' /iqJRaLB='0' /QBsotRPK=6F26FD6331EF42CC8A0AC13B8B685718IE /PvJtTS=152a0c218bc945671311e216b106ec62 /zMIKjxRrN=1_34_07_29 /ZTXOElFrk=1406913860 /xgiwSpi=http://stats.infogenservice.com /WrHwj=http://errors.infogenservice.com /UfxezKjj='Information' /OpCDRWC=1000 /sQjIxQ=93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 /XlOtcfFVl=http://logs.infogenservice.com
"C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe" /c
"C:\Users\Wareza\AppData\Roaming\Seznam.cz\bin\szndesktop.exe" default restart
"C:\Users\Wareza\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "533950929201358046615222617-778379726-17209728441562265620-4034199261756067456
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc
"C:\Program Files (x86)\HD-V1.9\f7a4cc7e-9a86-4d86-a37b-ee13c88ab168-6.exe" /czeXVoVH='HD-V1.9' /NTKQsLzu=61762 /tyutJad='001859' /ZhPjJOLxa='0' /iqJRaLB='0' /QBsotRPK=6F26FD6331EF42CC8A0AC13B8B685718IE /PvJtTS=152a0c218bc945671311e216b106ec62 /zMIKjxRrN=1_34_07_29 /mqtMO=1.34.7.29 /ZTXOElFrk=1406913860 /xgiwSpi=http://stats.infogenservice.com /WrHwj=http://errors.infogenservice.com /EiqWCRllV=http://js.infogenservice.com /aaDFWNW=ch /coNJs /iUogpmnmb=HD-V1.9 /CgnmDlFbf84380d-77a2-4bc9-a2e7-5540de71071e.dll /rPhBrxCfX925a6da0-08c2-4cac-b63c-87e7d905d204.dll /hfgFCwMmqf7a4cc7e-9a86-4d86-a37b-ee13c88ab168-64.exe /lGCHTpn='nova' /QaZWS=http://js.clientdemocloud.com /HaSZZW='{"asw":[32770, -1602223867, 0]}' /tUhLI='http://update.infogenservice.com/novaru ... pdate.json' /IXonsqn='task' /mcmUK=''
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="8952.0.473162999\833892306" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x9553 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.712.2.1000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Control/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_72/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="8952.2.604224725\1082397893" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Control/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_72/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="8952.3.48905474\277079206" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Control/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_72/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="8952.4.1374615775\1260337540" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Control/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_72/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="8952.5.314646503\1324081633" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="8952.10.82561523\1488683136" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Control/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_72/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="8952.11.221832232\824587545" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/NetworkConnectivity/disable_network_stats/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Control/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_72/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="8952.14.515600331\135007853" /prefetch:673131151

C:\Windows\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/NetworkConnectivity/disable_network_stats/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Control/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_72/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="8952.33.842534985\570612996" /prefetch:673131151
C:\Windows\system32\vssvc.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe58_ Global\UsGthrCtrlFltPipeMssGthrPipe58 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
"C:\Users\Wareza\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\7dd07b49-00e3-43fc-aa78-d59d31542b53-1.job - C:\Program Files (x86)\SavePass\SavePass-codedownloader.exe /pqEPCzi /strmlzPp=task /ivGKDm='SavePass' /sywcXNlqN=57050 /ipMQcVy='001504' /tGavZZ='0' /jqrbnHI='0' /yZtwz=6F26FD6331EF42CC8A0AC13B8B685718IE /sdOcnejp=152a0c218bc945671311e216b106ec62 /Mpuww=1_34_07_01 /tIDoOVcLd=1.34.7.1 /THRfeM=1405846363 /jbEPe=http://stats.genstatsnet.com /AOqMEMKFI=http://errors.genstatsnet.com /SbfFnn=http://js.genstatsnet.com /PWGNFnVAw=ch /llaXMtNA='SavePass' /DNSYbH=http://js.clientdemocloud.com /BCgfKDZqT /XRQmuSjbS='{"asw":[32770, 536870917, 0]}' /JeVlF='http://update.genstatsnet.com/ie_code_a ... pdate.json' /strmlzPp='task' /MluqbclGU=''
C:\Windows\tasks\7dd07b49-00e3-43fc-aa78-d59d31542b53-10.job - C:\Program Files (x86)\SavePass\7dd07b49-00e3-43fc-aa78-d59d31542b53-10.exe /ivGKDm='SavePass' /sywcXNlqN=57050 /ipMQcVy='001504' /tGavZZ='0' /jqrbnHI='0' /yZtwz=6F26FD6331EF42CC8A0AC13B8B685718IE /sdOcnejp=152a0c218bc945671311e216b106ec62 /Mpuww=1_34_07_01 /THRfeM=1405846363 /jbEPe=http://stats.genstatsnet.com /AOqMEMKFI=http://errors.genstatsnet.com /awdJubQ='SavePass' /iwZphDOV=1000 /WlUVNkF=93-0,102-0,104-0,178-288,179-288,180-288,223-288 /AUrZlSbRE=http://logs.genstatsnet.com /strmlzPp='task' /MluqbclGU=''
C:\Windows\tasks\7dd07b49-00e3-43fc-aa78-d59d31542b53-11.job - C:\Program Files (x86)\SavePass\7dd07b49-00e3-43fc-aa78-d59d31542b53-11.exe 001504 6F26FD6331EF42CC8A0AC13B8B685718IE 57050 1405846363 93-0,102-0,104-0,178-288,179-288,180-288,223-288
C:\Windows\tasks\7dd07b49-00e3-43fc-aa78-d59d31542b53-4.job - C:\Program Files (x86)\SavePass\7dd07b49-00e3-43fc-aa78-d59d31542b53-4.exe /mfoOei /ivGKDm='SavePass' /YroxogYLU='C:\Program Files (x86)\SavePass\7dd07b49-00e3-43fc-aa78-d59d31542b53.xpi' /sywcXNlqN=57050 /ipMQcVy='001504' /tGavZZ='0' /jqrbnHI='0' /yZtwz=6F26FD6331EF42CC8A0AC13B8B685718IE /sdOcnejp=152a0c218bc945671311e216b106ec62 /Mpuww=1_34_07_01 /tIDoOVcLd=1.34.7.1 /THRfeM=1405846363 /jbEPe=http://stats.genstatsnet.com /AOqMEMKFI=http://errors.genstatsnet.com /TDlbtL=300 /omxhrzmX=587fea1b-1c76-43c0-8b29-3c3da78e2485@2309207e-4ba6-42d8-b8a2-3b0a22e052b5.com /ncagNs=0.95 /wMkepiDvb=a587fea1b1c7643c08b293c3da78e24852309207e4ba642d8b8a23b0a22e052b5com57050 /iibxsGtwM=https://w9u6a2p6.ssl.hwcdn.net/plugin/f ... /57050.rdf /awdJubQ='SavePass' /ulVKHxcBF='Just Save!' /xPCOk='OutBrowse' /PWGNFnVAw=ch /XRQmuSjbS='{"asw":[32770, 536870917, 0]}' /BCgfKDZqT /GxINeoL /UFDleiqq /JeVlF='http://update.genstatsnet.com/ff_agent_ ... pdate.json' /strmlzPp='task' /MluqbclGU=''
C:\Windows\tasks\7dd07b49-00e3-43fc-aa78-d59d31542b53-6.job - C:\Program Files (x86)\SavePass\SavePass-novainstaller.exe /CPJPf /ivGKDm='SavePass' /sywcXNlqN=57050 /ipMQcVy='001504' /tGavZZ='0' /jqrbnHI='0' /yZtwz=6F26FD6331EF42CC8A0AC13B8B685718IE /sdOcnejp=152a0c218bc945671311e216b106ec62 /Mpuww=1_34_07_01 /tIDoOVcLd=1.34.7.1 /THRfeM=1405846363 /jbEPe=http://stats.genstatsnet.com /AOqMEMKFI=http://errors.genstatsnet.com /SbfFnn=http://js.genstatsnet.com /PWGNFnVAw=ch /fZDrKku /llaXMtNA=SavePass /VkkIIyg='nova' /DNSYbH=http://js.clientdemocloud.com /XRQmuSjbS='{"asw":[32770, 536870917, 0]}' /strmlzPp=task /JeVlF='http://update.genstatsnet.com/novacode/ ... pdate.json' /strmlzPp='task' /MluqbclGU=''
C:\Windows\tasks\aa7a3f39-302c-46f7-8819-f4f38634d18c.job - C:\Program Files (x86)\HD-V1.9\f7a4cc7e-9a86-4d86-a37b-ee13c88ab168-4.exe /qzWkN=gbbuLTNWVgOfB52rUgxi2Qu8nOtb7I960rFYPBFx21/jNbgYQU8n5s/J7nqXfhidb2mZnjwpHWdZPkRUnibl2M8SlQtILU5znmfS6TkhMMaFFBhdoFsNrS4FcfnPbpnHZFDDRV2C8GNHHnL9mAXofOnAL/RpU+2cG7vjNz8M9jUqG3B4JMeUVV2Ac5LADYCr922hnU6eTxPEuyBtwYB3D97XeJXsbF1MMOwV5OnWIJPViubP2WCLxdqHzd+KrWBPM6X26He7nvJf8ROqt2nbXmkFQdXINnR91os3ftqDYEpp3++yHCAHyU7bCVAP7ZDE9Ur673jadoywQAe7OEk9IqbCBPDmgeXHY7IC6peI503G8RM3QPyr77I6/qMMsgrr6d/5ocebRgzbDd3xCie1C8HX5fvuw/j3lQgjT9hDIKOOnYs2ZNVj4KH6q75Zj8uBJKq2ZzPBuvRNT2/+PoQATeMjruQP3Rvj+UjKY6WugLsI7nvtClNow2HX4VmrlbL1bcFStL6RiEjwVRujXVB+aXC8xiFuo4tRASjTJDPdX0JGHjd0q6oHtaeNTB3kcCJY+l9EgFkoHdh1191X9COGtyRiEbmGnzV+M4hbSNwm5TJ5wl4XKIfH6bFp32YSA/RuQdFUS1jR+q0mcf9EUYz35Gy/FgKSJCUvtxLJbKH6wleMLpbLMfBuygkWMhExiVYlVjrfzkbnOdrKF6Qsf1FljXYma7G/J9VzPhcAMM11fJZh/Vj2pIVyidCSm8uSu8GcYoJxO39+3WHwBmqV5fKCByD9iVsOhBgLjTzZuelyd4fjUvqcm0BFyEf8WEiWckD8T638DIk4rKdqm9l3w17jTEfnbfrjmb9rgcbVQ+2fzVX9H6Bwc0KZc32QYhahoJFA+Rr+9DEhqcxBllxseiRmb5910JOL7xJzJluk4YHT0b4uwFZx6wP0HE5e/yjnCM4OjHu2454Bw+jKANlArXuJIAexneAmAqxpgxdyy+8ccD5K0r9cviDujCcrJhehsfPxbzy7UpD22VLNXbNDC5T1doUSfzhPlgj3Yul03A2Qfw3eHtHOpbU8rI1fnzsvKLky+V9eLjbGBqxgR0+xHp9jYJsmKbBUyJ5ky4CHNZUjzkE0Z5BB+Rxuw5c6+FdwfEoFWTABPQRqOfis8teaWav1A5xr3Rsrzci10UqbwKD9uIoNXRaEPXq5ZzsH+aThO4vJVzh0bmnBrVdTCJoZqrqkcJAUICBgBF0UpmlQ5WB99SS6vui7hP+3vxUFxDMn7Ttihc2oGU0PaiqZ2H1QSIvH5uTg64ofoRhmbAKpn45Gp5xj6B8bmGZZ65DVgXzgkXe3HbsvoPDXwUSIf05RSU5G75XxdROo60cDy/3xbY4cpIk3nqL/YZlDjpoUluGV8Qd1UHtTUGl3CRIG6fTxpTlsXSMnf7gWIdHqVFptv0DaMHuRLpsNpSFExAla3g6DoBYSrCvCY3fcKWiIYsKK1Kf/Iq6CoxwtBFfuNIzwlyzx9pUDhmAdSXP9UlNSxarDqZ6s
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\b82486d5-bb46-4c3f-bb97-2f0f41a249b0.job - C:\Program Files (x86)\HD-V1.9\b82486d5-bb46-4c3f-bb97-2f0f41a249b0.exe /czeXVoVH='HD-V1.9' /NTKQsLzu=61762 /tyutJad='001859' /ZhPjJOLxa='0' /iqJRaLB='0' /QBsotRPK=6F26FD6331EF42CC8A0AC13B8B685718IE /PvJtTS=152a0c218bc945671311e216b106ec62 /zMIKjxRrN=1_34_07_29 /ZTXOElFrk=1406913860 /xgiwSpi=http://stats.infogenservice.com /WrHwj=http://errors.infogenservice.com /UfxezKjj='Information' /OpCDRWC=1000 /sQjIxQ=93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 /XlOtcfFVl=http://logs.infogenservice.com /IXonsqn='task' /mcmUK=''
C:\Windows\tasks\bdeae81b-09ea-4fc8-93ce-7d0c70c48698.job - C:\Program Files (x86)\HD-V1.9\bdeae81b-09ea-4fc8-93ce-7d0c70c48698.exe 001859 6F26FD6331EF42CC8A0AC13B8B685718IE 61762 1406913860 93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 HD-V1.9
C:\Windows\tasks\f7a4cc7e-9a86-4d86-a37b-ee13c88ab168-1.job - C:\Program Files (x86)\HD-V1.9\HD-V1.9-codedownloader.exe /OtYwaHiV /IXonsqn=task /czeXVoVH='HD-V1.9' /NTKQsLzu=61762 /tyutJad='001859' /ZhPjJOLxa='0' /iqJRaLB='0' /QBsotRPK=6F26FD6331EF42CC8A0AC13B8B685718IE /PvJtTS=152a0c218bc945671311e216b106ec62 /zMIKjxRrN=1_34_07_29 /mqtMO=1.34.7.29 /ZTXOElFrk=1406913860 /xgiwSpi=http://stats.infogenservice.com /WrHwj=http://errors.infogenservice.com /EiqWCRllV=http://js.infogenservice.com /aaDFWNW=ch /iUogpmnmb='HD-V1.9' /QaZWS=http://js.clientdemocloud.com /WOWkiqR /HaSZZW='{"asw":[32770, -1602223867, 0]}' /tUhLI='http://update.infogenservice.com/ie_cod ... pdate.json' /IXonsqn='task' /mcmUK=''
C:\Windows\tasks\f7a4cc7e-9a86-4d86-a37b-ee13c88ab168-11.job - C:\Program Files (x86)\HD-V1.9\f7a4cc7e-9a86-4d86-a37b-ee13c88ab168-11.exe /qzWkN=iSkpzKtRrSQagkURWHwN2vjBAUsL5MdUwslLwoFPmpll7pY3Blapym9LNbTBkv1EOE9MrVndKHgi82A+ilnqQt/ie+SaEYp9+Axe+ErzwkXY9Bf+QVwZDS/Qrc7VrMHQjennKIDTwYcjJywe5paBq2WpkMPprHwZMSkXsXFcV+aGnMNqHZpE2c/At912PIEhnp2mB1U7U8+KK8LkYDpX0E4UnUZ3OFtmrf0EuZ5IP92E9Q9tAy2a/KZLDztNxQycGmQvVi6rgEEUGh1b1p9RTWqrxcO2K/HRZFvSFhTF4kczGgFn8NsH3Yb8yszfq2t5PIQHa5w/0h9LGZwAcaxlOwIDqsANcNDwntrPD6zA+v6nnUp0Ehhn6KIttFHbJBWymP38MNY6omaReuJlSzyZ2DUHUYEJUBVYZOm24/+T2zQBaz4UcSy6L3vjWn/u0n/8Smc62ABVVW4vJB8+zgIw9Z9+oJUVLVvY2sGtSWXTHzUDRIgw1wbR4qJ69SSt5mpJMbJTTFPbq5dcDsJBptFaI+Kx/o9blzwZZFxo+uuEpYdGtxhWxOoHR4m0r5lk37cmDLzlL8j3Km5TlsLH+6hYJdONk5nn+BumyITJzW+M1S887JMrGSKJrAh0Nt915jturhcejst8XoluXwOquFehvmVxyjVOLi3aUQiPogGJt78ui3VfKl8Z9tKKJ8HmLgXH1EiAwGhw0D6/YZdXp1eUWfLj2oxCQZH1mAQenE2rHK2JyFwy1zTd1iaeBZLeSs0JZyc+T8VChuvSNAy9f15NN1cN5mvGrMMHkFYwhIDhBOXbFX2kap0UCnTKPISK716D9t8D+Kxsm9vM6KlO4a2iIGppjBUNVwgcRfiAYWfITBi1Wg0oQK53VDxWii8CV/P2ioVu35D/duJ5l5xXzXLmsuKHSedRHEIsbFFSkqe2RlbDORMwkJxRIcLvOJZRB2JjbOSt/Nzvn7ScRznUKtrBq++WV/DlUB7YFGebBrDoFVJlme6Ybffo7rTlMyPYe7XonSkz2hP5FhArRbbMoQdDcF5Z7akWHNCF5SwPsWA+roHpeElsTSZyzxPl72DuamZmY+1pTg3XZJUKN1n52w7+e8aK2St15T0ZJ9SuzGhA9u/aPQ8RzetRWQD3wFoCUuMBwTm/Nj0QgZZA+aPVuMVoZ73r79v6V415Rh/x/w4e+txzRyalfy02quEXqQubdrH1pXGAseMRRY1ccon7U1NcZ3UGkbVhdlf6o6Ds/ujGxKNmk8Cgd36tgnthIqoMCCHIHZI0s5IaJ+VkjyE/CKeqIKouuY1hyxGWwMZlVzRaQD5c2pnc9y3MvPMXRyf4zukUEqsA3mYXdKFy/uYkDjKTSFY+x80EdXNO2vJM7jyd6RUJpzcXQaTWDy4AxngnMr/H1P40TUUpooFetLW5ZwaFMy9vrQ7NcfvKRuJGKGjVLqMlzDVjCAoCWdL19XjBRmCEiDZuQSL0fnbIYXecAOtj+JcAQphKvjDVTAlXgbFMvkks+3JQkQGhqGjuZGtr7kC+CFcU6gZQYR/PNKAuREIUXnJGM0+405nqy5djJz9obtGNH7C9EMiXDOPVcrXRWsFgrRvB5y9WoSqy8TWhfBDEF1brW88fnHdVOiUzIiriasThUzdl/yLA0Tg13HN7+uBgixZvOMQLsUng8NGEvolJm9+gXhzY6ekVKG2FsBhGxQE=
C:\Windows\tasks\f7a4cc7e-9a86-4d86-a37b-ee13c88ab168-3.job - C:\Program Files (x86)\HD-V1.9\f7a4cc7e-9a86-4d86-a37b-ee13c88ab168-3.exe /qzWkN=g+BL3EpxqZYb7DfId15Gh2FTk+ng52onGgaAeL7zISkXNT1xEKNd2s03YqnmzUBIIFHL53iUygvM031uzHI/VQDrRh3pHRG8WRc3Ou7X56XQf2Dcd5nY8Xs1ieUOjm+/a7/vwYmChKhsG+1688knGtnn8QAAgnEW2e3t2UtxWYFCtocv2cLYZkdyA1ZLKW1oy0/blFJBewI33APpojDF8bNMtkV7A0Ft1KcNrr4H3wXn31PfWFnDnahMiSe6YYln12dPQZCgMiYGkiKMDcppXZUFxPBxxhhVr9Oc44AHL+w94Wp7VwGe5FRLOoNY6j5fsDB1vcu6J66Z44v3nX+99bn1K3MrTjBiAUcMA+HrCcADtH8qqbqeP4juFa0luiCNsKnvjDAzOV2JYDJwEq4ClCU52E6p1H6PQtiWs9Kae04Dux5zX23GjqQ3jaAtNegv3Gmw5iyr7YvjsmUXPY+c70/Nu77jxYWuX6pU8Bd2VS9coL5CONeEDLdCOnAbPrCTfaR3WSg3BOAq6n7G7oIQuGMDrq/bCUVqvSLWb0+hdBxqE4TCoPQ0bhUG7FGf4MDx7HwHo4wEYjOYa16JSypgHIoMfGXJZDlomJS8G6iDJCRVw4nXo4zwmuDdsGN6/scyhI393AJX5LiHVLV3rLrCKowiij1pEXVTcv+caFWwAC8WmI95HfESP3RQZgsvQsrA68ihotCFQXniFtxdrqokcjJ1xOKXiS555I9O/AftQl7f0UyrnfMOdQ0hfgFoPBXkHLnC7sWcwS2LxnmnqJoIisu1zvtSWTXeuw7rRUidaJshUU8B/CIMo1lhHqGVdrB+zUXdL4FDVDrpM7w5xzSBUVLPXnlBC7PGISlkcypgZ1F88TII+zwbg1ZK3E5rHImL9YNiaxwZS3OS1qnjkihb3gxbFiaT973b9X3PrmLwj8VwZT44gFUQmP70p3dflWsMr4Ot/aUR6M8bNNua29Xz4JyUiwk5qlk3xUqvpVpktjZqSJ/xLZJqvOX3hzb2597PmCgxAcgL+4lzWPhZNRdLiUuADpW8YMGykh1T5in0xiDEUOfDDQb8VDWxzmMQoTdl+9ieJ2/r1nJ5SNZEYB2visukyoubwDFcT68pBaSsGpmEV4YcfzLTwjG9HIOPJuMzLEN1NdzHsCHbkkyQ0Z7xv+eQE/pmwvrL18Yu3CWCKsWfHfXAhCYANmOjPEffvBq+nJu3V1Oqn+pGbwpWymSlIqx2kEim0RYmYzzO7zI3jjVLg66sNtoO9ctdUHv15UUsCdr1CWUWhHqr9i+s+kcME7BTR7Np6LxylWv7IFjJtupVophhM26C93S/aSG6RRg7BZbJtzPz2veG6K0GqluwyQ==
C:\Windows\tasks\f7a4cc7e-9a86-4d86-a37b-ee13c88ab168-4.job - C:\Program Files (x86)\HD-V1.9\f7a4cc7e-9a86-4d86-a37b-ee13c88ab168-4.exe /zUDYVOfKZ /czeXVoVH='HD-V1.9' /guLuXGk='C:\Program Files (x86)\HD-V1.9\f7a4cc7e-9a86-4d86-a37b-ee13c88ab168.xpi' /NTKQsLzu=61762 /tyutJad='001859' /ZhPjJOLxa='0' /iqJRaLB='0' /QBsotRPK=6F26FD6331EF42CC8A0AC13B8B685718IE /PvJtTS=152a0c218bc945671311e216b106ec62 /zMIKjxRrN=1_34_07_29 /mqtMO=1.34.7.29 /ZTXOElFrk=1406913860 /xgiwSpi=http://stats.infogenservice.com /WrHwj=http://errors.infogenservice.com /MBxxWezKH=300 /rQqUqB=0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com /BPldBcs=0.95 /cMtnkAeX=a0b105cbff1eb40b89bca7dae371d7ead239035fb4613ab38efcom61762 /JPBSDf=https://w9u6a2p6.ssl.hwcdn.net/plugin/f ... /61762.rdf /UfxezKjj='HD-V1.9' /BykEld='Turn YouTube videos to High Definition by default' /OlsHtY='InfoHD-V1.8' /aaDFWNW=ch /HaSZZW='{"asw":[32770, -1602223867, 0]}' /WOWkiqR /GjatKFEvu /ouFRYqTVd /tUhLI='http://update.infogenservice.com/ff_age ... pdate.json' /IXonsqn='task' /mcmUK=''
C:\Windows\tasks\f7a4cc7e-9a86-4d86-a37b-ee13c88ab168-5.job - C:\Program Files (x86)\HD-V1.9\f7a4cc7e-9a86-4d86-a37b-ee13c88ab168-5.exe /jkAyfrw /czeXVoVH='HD-V1.9' /NTKQsLzu=61762 /tyutJad='001859' /ZhPjJOLxa='0' /iqJRaLB='0' /QBsotRPK=6F26FD6331EF42CC8A0AC13B8B685718IE /PvJtTS=152a0c218bc945671311e216b106ec62 /zMIKjxRrN=1_34_07_29 /ZTXOElFrk=1406913860 /xgiwSpi=http://stats.infogenservice.com /WrHwj=http://errors.infogenservice.com /RugkKYbJC=http://ipgeoapi.com/ /WTHMYHf=http://update.infogenservice.com /lvDfMb=2 /XlOtcfFVl=http://logs.infogenservice.com /tUhLI='http://update.infogenservice.com/update ... pdate.json' /IXonsqn='task' /mcmUK=''
C:\Windows\tasks\f7a4cc7e-9a86-4d86-a37b-ee13c88ab168-5_user.job - C:\Program Files (x86)\HD-V1.9\f7a4cc7e-9a86-4d86-a37b-ee13c88ab168-5.exe /jkAyfrw /czeXVoVH='HD-V1.9' /NTKQsLzu=61762 /tyutJad='001859' /ZhPjJOLxa='0' /iqJRaLB='0' /QBsotRPK=6F26FD6331EF42CC8A0AC13B8B685718IE /PvJtTS=152a0c218bc945671311e216b106ec62 /zMIKjxRrN=1_34_07_29 /ZTXOElFrk=1406913860 /xgiwSpi=http://stats.infogenservice.com /WrHwj=http://errors.infogenservice.com /RugkKYbJC=http://ipgeoapi.com/ /WTHMYHf=http://update.infogenservice.com /lvDfMb=2 /XlOtcfFVl=http://logs.infogenservice.com /tUhLI='http://update.infogenservice.com/update ... pdate.json' /RwcRQamFg /IXonsqn='task' /mcmUK=''
C:\Windows\tasks\f7a4cc7e-9a86-4d86-a37b-ee13c88ab168-6.job - C:\Program Files (x86)\HD-V1.9\f7a4cc7e-9a86-4d86-a37b-ee13c88ab168-6.exe /czeXVoVH='HD-V1.9' /NTKQsLzu=61762 /tyutJad='001859' /ZhPjJOLxa='0' /iqJRaLB='0' /QBsotRPK=6F26FD6331EF42CC8A0AC13B8B685718IE /PvJtTS=152a0c218bc945671311e216b106ec62 /zMIKjxRrN=1_34_07_29 /mqtMO=1.34.7.29 /ZTXOElFrk=1406913860 /xgiwSpi=http://stats.infogenservice.com /WrHwj=http://errors.infogenservice.com /EiqWCRllV=http://js.infogenservice.com /aaDFWNW=ch /coNJs /iUogpmnmb=HD-V1.9 /CgnmDlFbf84380d-77a2-4bc9-a2e7-5540de71071e.dll /rPhBrxCfX925a6da0-08c2-4cac-b63c-87e7d905d204.dll /hfgFCwMmqf7a4cc7e-9a86-4d86-a37b-ee13c88ab168-64.exe /lGCHTpn='nova' /QaZWS=http://js.clientdemocloud.com /HaSZZW='{"asw":[32770, -1602223867, 0]}' /tUhLI='http://update.infogenservice.com/novaru ... pdate.json' /IXonsqn='task' /mcmUK=''
C:\Windows\tasks\f7a4cc7e-9a86-4d86-a37b-ee13c88ab168-7.job - C:\Program Files (x86)\HD-V1.9\f7a4cc7e-9a86-4d86-a37b-ee13c88ab168-7.exe /eYUadnJG /czeXVoVH='HD-V1.9' /NTKQsLzu=61762 /tyutJad='001859' /ZhPjJOLxa='0' /iqJRaLB='0' /QBsotRPK=6F26FD6331EF42CC8A0AC13B8B685718IE /PvJtTS=152a0c218bc945671311e216b106ec62 /zMIKjxRrN=1_34_07_29 /mqtMO=1.34.7.29 /ZTXOElFrk=1406913860 /xgiwSpi=http://stats.infogenservice.com /WrHwj=http://errors.infogenservice.com /EiqWCRllV=http://js.infogenservice.com /aaDFWNW=ch /coNJs /iUogpmnmb=HD-V1.9 /CgnmDlFbf84380d-77a2-4bc9-a2e7-5540de71071e.dll /rPhBrxCfX925a6da0-08c2-4cac-b63c-87e7d905d204.dll /hfgFCwMmqf7a4cc7e-9a86-4d86-a37b-ee13c88ab168-64.exe /lGCHTpn='nova' /QaZWS=http://js.clientdemocloud.com /HaSZZW='{"asw":[32770, -1602223867, 0]}' /IXonsqn=task /tUhLI='http://update.infogenservice.com/novaco ... pdate.json' /IXonsqn='task' /mcmUK=''
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3893988867-3537961221-3907201996-1000Core.job - C:\Users\Wareza\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3893988867-3537961221-3907201996-1000UA.job - C:\Users\Wareza\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default

prefs.js - "browser.search.useDBForOrder" - true

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@protectdisc.com/NPMPDRM]
"Description"=MPDRM License Acquisition Plugin
"Path"=C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198]
"Description"=15.0.0.198
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
nppl3260.dll
nppl3260.xpt
nprjplug.dll
nprpjplug.dll
nsjsrealplayerplugin.xpt
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\extensions\
0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com
39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com
587fea1b-1c76-43c0-8b29-3c3da78e2485@2309207e-4ba6-42d8-b8a2-3b0a22e052b5.com
ffxtlbr@buenosearch.com
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\
Ask.xml
buenosearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511701150}]
SavePass - C:\Program Files (x86)\SavePass\SavePass-bho64.dll [2014-07-20 796696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171162}]
HD-V1.9 - C:\Program Files (x86)\HD-V1.9\HD-V1.9-bho64.dll [2014-08-01 774000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-16 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511701150}]
SavePass - C:\Program Files (x86)\SavePass\SavePass-bho.dll [2014-07-20 587288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171162}]
HD-V1.9 - C:\Program Files (x86)\HD-V1.9\HD-V1.9-bho.dll [2014-08-01 573296]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-15 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-07 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-15 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19 529784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{828DC97A-2277-4E10-92A9-4907FA0922A9}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-10-19 238080]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-02-05 709976]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-03-03 35672]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-03-09 595816]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2010-02-11 1050072]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2010-03-10 520760]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-11-05 505696]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-03-03 913720]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2010-03-17 1489760]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2010-02-23 705368]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2010-04-19 136136]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-18 767312]
"PrintDisp"=C:\Windows\system32\PrintDisp.exe [2011-01-03 976896]
"tedcgtelwn"=wscript.exe //B C:\Users\Wareza\AppData\Local\Temp\tedcgtelwn..vbs []
"qrnvvhxtfg"=wscript.exe //B C:\Users\Wareza\AppData\Local\Temp\qrnvvhxtfg..vbs []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DriveCrypt Startup"=C:\Program Files (x86)\DriveCrypt\DriveCrypt.exe [2013-05-09 1249280]
"SmartSerialMail Sending"=C:\Program Files (x86)\JAM Software\SmartSerialMail\SmartSerialMailServiceApp.exe [2011-11-10 12234136]
"tedcgtelwn"=wscript.exe //B C:\Users\Wareza\AppData\Local\Temp\tedcgtelwn..vbs []
"qrnvvhxtfg"=wscript.exe //B C:\Users\Wareza\AppData\Local\Temp\qrnvvhxtfg..vbs []
"Pokki"=C:\Users\Wareza\AppData\Local\Pokki\Engine\Launcher.dll [2013-12-05 1271064]
"SUPERAntiSpyware"=C:\Program Files (x86)\SuperAntiSpyware - Professional - XxXFreakyXxX\SUPERAntiSpywarePro.exe [2010-10-25 2408688]
"cz.seznam.software.autoupdate"=C:\Users\Wareza\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Wareza\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TWebCamera"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-02-24 2454840]
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-10-06 1294136]
"FontExpertType1Loader"=C:\Program Files (x86)\FontExpert\Type1Loader.exe [2010-05-14 294208]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-01-20 43848]
"Nástroj WD Quick View"=C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [2012-09-19 5236664]
"VNT"=C:\Program Files (x86)\VNT\vntldr.exe [2014-03-19 196048]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-04 3890208]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2011-12-10 296056]

[HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Acdiacra"=C:\Users\Wareza\AppData\Roaming\Ebefno\vopow.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Users\Wareza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
qrnvvhxtfg..vbs
tedcgtelwn..vbs
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
"C:\Users\Wareza\AppData\Roaming\wind.exe"="C:\Users\Wareza\AppData\Roaming\wind.exe:*:Enabled:Windows Messanger"
"C:\Users\Wareza\AppData\Local\Temp\wind.exe"="C:\Users\Wareza\AppData\Local\Temp\wind.exe:*:Enabled:Windows Messanger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.txt - open -

======List of files/folders created in the last 1 month======

2014-08-01 20:53:13 ----D---- C:\rsit
2014-08-01 20:44:39 ----D---- C:\FRST
2014-08-01 20:18:47 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-08-01 19:41:43 ----D---- C:\Program Files (x86)\Seznam.cz
2014-08-01 19:24:33 ----D---- C:\Program Files (x86)\HD-V1.9
2014-07-20 16:01:47 ----N---- C:\bootsqm.dat
2014-07-20 10:56:04 ----D---- C:\Program Files (x86)\7-Zip
2014-07-20 10:52:50 ----D---- C:\Program Files (x86)\SavePass
2014-07-19 14:55:55 ----A---- C:\Windows\ETKINST.INI
2014-07-18 20:59:50 ----A---- C:\Windows\system32\drivers\aksdf.sys
2014-07-18 20:59:46 ----A---- C:\Windows\SYSWOW64\UNWISE.EXE
2014-07-18 20:04:10 ----D---- C:\ProgramData\ALI213
2014-07-18 17:25:03 ----A---- C:\Windows\system32\hasplms.exe
2014-07-18 17:25:03 ----A---- C:\Windows\system32\aksllmtp.exe
2014-07-18 17:25:02 ----A---- C:\Windows\system32\drivers\aksfridge.sys
2014-07-18 17:24:26 ----A---- C:\Windows\system32\drivers\akshhl.sys
2014-07-18 17:24:26 ----A---- C:\Windows\system32\aksusb4.dll
2014-07-18 17:24:26 ----A---- C:\Windows\system32\akshsp52.dll
2014-07-18 17:24:26 ----A---- C:\Windows\system32\akshhl30.dll
2014-07-18 16:10:19 ----A---- C:\Windows\system32\drivers\multikey.sys
2014-07-18 16:10:16 ----RA---- C:\Windows\SYSWOW64\drivers\nshe.sys
2014-07-17 16:15:20 ----D---- C:\Users\Wareza\AppData\Roaming\proxyeverysvr
2014-07-16 18:34:03 ----A---- C:\Windows\avastSS.scr
2014-07-16 18:32:20 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys
2014-07-15 20:20:44 ----A---- C:\Windows\system32\TURegOpt.exe
2014-07-15 20:20:40 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2014-07-15 20:20:40 ----A---- C:\Windows\system32\authuitu.dll
2014-07-15 20:20:31 ----D---- C:\ProgramData\AVG Secure Search
2014-07-15 20:18:26 ----D---- C:\Program Files (x86)\TuneUp Utilities 2013
2014-07-15 19:09:28 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-07-15 19:08:58 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-07-08 23:35:17 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2014-07-06 23:19:50 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2014-07-06 23:19:19 ----D---- C:\Program Files (x86)\SuperAntiSpyware - Professional - XxXFreakyXxX

======List of files/folders modified in the last 1 month======

2014-08-01 20:53:17 ----D---- C:\Program Files\trend micro
2014-08-01 20:51:24 ----AD---- C:\Windows
2014-08-01 20:21:24 ----RD---- C:\Program Files (x86)
2014-08-01 20:21:24 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-01 20:20:38 ----D---- C:\Windows\temp
2014-08-01 20:20:17 ----D---- C:\Program Files (x86)\Google
2014-08-01 19:51:32 ----D---- C:\Users\Wareza\AppData\Roaming\Seznam.cz
2014-08-01 19:41:52 ----D---- C:\Windows\Tasks
2014-08-01 19:41:52 ----D---- C:\Windows\system32\Tasks
2014-08-01 19:34:50 ----D---- C:\Users\Wareza\AppData\Roaming\QuickScan
2014-08-01 19:25:14 ----SHD---- C:\Windows\Installer
2014-08-01 19:25:14 ----D---- C:\Config.Msi
2014-08-01 12:55:33 ----D---- C:\Windows\system32\config
2014-08-01 12:37:15 ----D---- C:\Program Files\PCDApp
2014-07-30 22:49:22 ----D---- C:\Users\Wareza\AppData\Roaming\vlc
2014-07-30 20:44:04 ----D---- C:\Users\Wareza\AppData\Roaming\uTorrent
2014-07-29 12:53:30 ----SHD---- C:\System Volume Information
2014-07-26 09:10:09 ----D---- C:\Program Files\Microsoft Silverlight
2014-07-26 09:10:07 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-07-26 09:07:12 ----D---- C:\Windows\system32\MRT
2014-07-26 09:07:07 ----A---- C:\Windows\system32\MRT.exe
2014-07-26 09:06:38 ----D---- C:\ProgramData\Microsoft Help
2014-07-23 13:27:02 ----AD---- C:\Windows\System32
2014-07-23 13:27:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-23 13:26:56 ----D---- C:\Windows\inf
2014-07-21 12:57:04 ----D---- C:\Windows\system32\drivers
2014-07-21 12:57:03 ----D---- C:\Windows\system32\DriverStore
2014-07-21 12:57:03 ----D---- C:\Windows\system32\catroot
2014-07-19 20:07:26 ----D---- C:\Windows\SysWOW64
2014-07-19 16:16:38 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-07-19 16:16:35 ----D---- C:\Windows\system32\cs-CZ
2014-07-19 12:54:10 ----D---- C:\Windows\SYSWOW64\drivers
2014-07-19 12:54:10 ----D---- C:\Windows\system
2014-07-18 21:10:35 ----D---- C:\Hry
2014-07-18 20:59:49 ----D---- C:\Windows\system32\Setup
2014-07-18 20:44:50 ----D---- C:\Users\Wareza\AppData\Roaming\DAEMON Tools Lite
2014-07-18 20:44:49 ----D---- C:\ProgramData\DAEMON Tools Lite
2014-07-18 20:04:10 ----D---- C:\ProgramData
2014-07-18 20:00:25 ----D---- C:\Windows\Logs
2014-07-18 17:24:16 ----D---- C:\Program Files (x86)\Common Files
2014-07-16 18:34:12 ----A---- C:\Windows\system32\aswBoot.exe
2014-07-15 20:48:58 ----SHD---- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2014-07-15 20:48:58 ----HDC---- C:\ProgramData\{81083967-5051-4F49-910E-70164AD89C2D}
2014-07-15 20:18:37 ----D---- C:\ProgramData\TuneUp Software
2014-07-15 19:10:24 ----D---- C:\ProgramData\Oracle
2014-07-15 19:08:48 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-07-15 19:08:48 ----A---- C:\Windows\SYSWOW64\java.exe
2014-07-15 18:55:11 ----D---- C:\ProgramData\IObit
2014-07-15 18:55:11 ----D---- C:\Program Files (x86)\IObit
2014-07-09 09:05:23 ----D---- C:\Windows\system32\catroot2
2014-07-09 09:05:17 ----D---- C:\Windows\winsxs
2014-07-08 23:36:17 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-07-02 00:18:15 ----D---- C:\Windows\debug

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2014-07-16 448400]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-07-16 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-07-16 224896]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 PCTCore;PCTools KDS; C:\Windows\system32\drivers\PCTCore64.sys [2011-11-14 367912]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2014-07-16 28184]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-07-16 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-07-16 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-07-17 427360]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2010-01-29 115600]
R1 NetworkX;NetworkX; C:\Windows\System32\ckldrv.sys [2010-03-19 30272]
R1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [2012-07-15 55384]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 81768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aksdf;aksdf; C:\Windows\system32\DRIVERS\aksdf.sys [2006-12-13 65024]
R2 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys [2013-02-19 141064]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-16 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-07-16 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-07-16 92008]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2006-12-04 314368]
R2 multikey;Virtual USB MultiKey; C:\Windows\system32\DRIVERS\multikey.sys [2014-07-18 67584]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 akshasp;SafeNet Inc. HASP Key; C:\Windows\system32\DRIVERS\akshasp.sys [2013-01-14 60488]
R3 aksusb;SafeNet Inc. USB Key; C:\Windows\system32\DRIVERS\aksusb.sys [2013-03-05 303368]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-03-15 6403072]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-03-15 188928]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-08-07 3058168]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-01-18 717368]
R3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDMI64.sys [2010-03-05 720952]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-04-20 169584]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 SynTP;Synaptics Pointing Device Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 toshidpt;Bluetooth HID Port; C:\Windows\system32\drivers\Toshidpt.sys [2009-06-19 9608]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 212072]
R3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2009-07-13 19824]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336]
R3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2010-02-03 60408]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-08-28 11880]
S0 TfFsMon;TfFsMon; C:\Windows\system32\drivers\TfFsMon.sys []
S0 TFSysMon;TfSysMon; C:\Windows\system32\drivers\TfSysMon.sys []
S1 SASDIFSV;SASDIFSV; \??\C:\Program Files (x86)\SuperAntiSpyware - Professional - XxXFreakyXxX\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL; \??\C:\Program Files (x86)\SuperAntiSpyware - Professional - XxXFreakyXxX\SASKUTIL.SYS [2010-05-10 67656]
S2 NSHE;Guardant Emulator Driver; \??\C:\Windows\system32\Drivers\NSHE.SYS []
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-03-15 6403072]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files (x86)\MediaCoder\SysInfoX64.sys []
S3 DCR;DCR; \??\C:\Program Files (x86)\DriveCrypt\DCR.Sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 hmhrwoiz;hmhrwoiz; C:\Windows\system32\drivers\hmhrwoiz.sys []
S3 PCTBD;PC Tools Browser Defender Driver; C:\Windows\System32\Drivers\PCTBD64.sys [2011-09-28 70760]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-01 232992]
S3 tap0901;avast! SecureLine TAP Adapter; C:\Windows\system32\DRIVERS\tap0901.sys [2013-04-30 40616]
S3 TfNetMon;TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys []
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 63856]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-03-15 202752]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-01-07 43336]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-05-07 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-05-07 109048]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 CrypKey License;CrypKey License; C:\Windows\system32\crypserv.exe [2010-03-18 126976]
R2 DriveCryptService;DriveCrypt Service; C:\Program Files (x86)\DriveCrypt\DcrServ.exe [2013-05-09 202112]
R2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-04 136176]
R2 hasplms;Sentinel Local License Manager; C:\Windows\system32\hasplms.exe [2013-01-11 4466120]
R2 HDRExpose3Service;HDRExpose3Service; C:\Program Files\UCT\HDR Expose 3\HDRExpose3Service.exe [2013-10-13 65656]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2009-02-10 116104]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\nlssrv32.exe [2012-12-21 66560]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-04-24 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2011-04-24 107832]
R2 Printer Control;Printer Control; C:\Windows\system32\PrintCtrl.exe [2009-10-28 65536]
R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [2007-06-05 177704]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-03-17 258928]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2012-09-17 2365792]
R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2010-02-25 196464]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-08-01 68608]
S2 ProtectMonitor;Protect Monitor; C:\Program Files\PCDApp\StartHelp.exe [2014-06-09 77705]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08 262320]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-08-01 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-04 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-01-20 641352]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-08-01 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-07 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Také Vás Zdraví,

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Home Premium x64
Ran by Wareza on so 02.08.2014 at 9:21:27,73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values




~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escorteng.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\esrv.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0057050.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0057050.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0057050.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0057050.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0061762.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0061762.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0061762.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0061762.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110511701150}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110611171162}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220522702250}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220622172262}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550455855559}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550555705550}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550655175562}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660466856659}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660566706650}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660666176662}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440444854459}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440544704450}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440644174462}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110511701150}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110611171162}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220522702250}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220622172262}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550455855559}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550555705550}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550655175562}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660466856659}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660566706650}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660666176662}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440444854459}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440544704450}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644174462}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0057050.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0057050.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0057050.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0057050.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0061762.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0061762.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0061762.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0061762.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550455855559}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550555705550}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550655175562}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660466856659}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660566706650}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660666176662}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440444854459}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440544704450}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440644174462}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511701150}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611171162}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511701150}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611171162}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550455855559}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550555705550}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550655175562}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660466856659}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660566706650}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660666176662}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440444854459}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440544704450}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644174462}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_xerobank-browser_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_xerobank-browser_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511701150}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171162}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D818B3C9-F0F6-465C-9163-CB5D02AE6503}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}



~~~ Files

Successfully deleted: [File] "C:\Users\Wareza\appdata\local\google\chrome\user data\default\local storage\http_www1.delta-search.com_0.localstorage"
Successfully deleted: [File] "C:\Users\Wareza\appdata\local\google\chrome\user data\default\local storage\http_www1.delta-search.com_0.localstorage-journal"



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Wareza\AppData\Roaming\babsolution"
Successfully deleted: [Folder] "C:\Users\Wareza\AppData\Roaming\opencandy"
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{0025E993-783C-4A7D-9BF7-63071F07BA53}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{01538B4C-2361-4247-91DF-375069F163E4}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{015B8568-13FC-4BD1-8525-883F971D1577}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{04AA0C77-5E27-4EA6-8D4A-1FBF849D6B72}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{05359480-0146-4C89-AEEE-B3A3E1214DDF}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{05A222D7-D18E-455C-B252-47A80733F7B0}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{06A65288-6746-4E93-8F88-CF9DBED013D9}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{0783784F-B425-4615-9677-551AD6E4851F}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{0BABB4AC-9DC0-4BA4-A2FB-89A86914DA80}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{0C967EAD-E0F5-49E3-A4E3-2AD714DC8D49}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{0EBBB00E-19D1-49E4-99EA-672154B41CC9}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{0F3225F3-B99A-44B7-8245-B3AD0D68AAF1}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{12CD2BFC-4BB5-450A-8111-A50980259712}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{1EE75160-22E8-4D8A-9997-DE24F3558CF5}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{269A571E-2816-45BA-A7C9-7D0C0BE3D551}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{2724AC6B-C2D8-49D3-88B9-A79A45BC852E}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{2B270408-B869-4CC1-B36C-8ADC43263037}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{2BC515CA-CFC6-452C-A6F2-F152C26AD659}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{2CA4611C-0C0E-4512-86A5-67EE5F010947}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{2D8EE01F-7F69-4EE0-AE37-25EAF213479E}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{314EE910-D04B-4538-BB8C-AF956A1167AF}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{32CE4C6A-A8A1-4A6B-824F-61666DA79407}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{32CEF759-5888-4AA3-875B-0D67FD53F7E1}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{398EDC71-16F0-49D9-BB8D-8C24F79B9F1A}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{3E4D27FB-DAE7-48AE-9EFE-D257A3BFDD0F}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{442E2D2D-3DC8-4D6E-AD6D-F9E7FC618923}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{449FD7FD-0C92-4D18-829F-A45623A7E15A}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{46320B53-0D3C-4F00-B001-DEA6EB6EA05B}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{4703E738-7E0C-4878-AE33-4C5608638FDF}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{4756634F-5F5A-44D9-A1B2-D5982240D027}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{478374A5-A218-4679-8A89-2686E3CF0929}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{48406BF6-254E-4FE4-ADA3-97EB22FE9098}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{49628355-4DEC-4788-96DD-E034296BCA79}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{4CBFFB46-F728-4662-9E83-B892902FB0C5}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{4CFFA532-C9E3-4BF1-8C64-64C426C3D2B9}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{4D877828-5103-4E55-B678-ADA1C219A727}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{4E4A216A-B8AD-4685-A4AF-C089C0C9BA80}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{501AA24F-6D51-4384-86B3-E81850042B24}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{54796FC9-3E46-4FA0-A9F9-180BFD2B9591}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{5CFD2059-A6AA-4586-A137-91766AD1D142}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{604B358B-8285-472A-AE70-40559F71A517}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{64E88278-00D5-4B4D-979D-37E6AF42E55C}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{654F8C7C-EF78-4C04-9C6F-E8C2DF7A2A90}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{66FADDC9-C737-42BE-8AE4-E5D97F5694E2}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{670605E9-0986-4A45-8DF8-085BC8700BCE}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{6845B873-2032-4964-9604-99B49A77ADB0}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{6AB44D2D-EF9B-44E9-A834-E0E1C5D63FC8}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{6B6FD447-5058-4831-B7DC-399A7C2E5C2A}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{6C722BF6-9664-4F8A-8546-CCBF010EB469}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{6D36F8EC-8491-4BDB-8C82-D509157D0645}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{6D3CEC42-DB84-4115-B53B-3D9568366D7D}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{71DE203F-0CC6-4695-93ED-C9F89E6AFCA4}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{72E46A91-40DF-44E0-86E0-17B69402B058}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{72EC8B31-0BC7-41B2-B8A4-820E0A1937D0}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{7CB223CC-A783-4258-8688-016ADBB8364B}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{7CD76137-7856-44CB-99E8-6A9AC8555350}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{83C12131-3CB0-4F9B-AAFC-724449390C76}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{8A1CA753-C426-4A27-8193-A56DA1AF89C4}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{8BEB0CF9-4C12-4B01-8D0F-89F6FB539300}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{8D0832F9-583D-4FDC-AC72-31EB38ECC313}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{8E28FF7E-AD8E-42E5-9986-43CE74B36B8D}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{8E46544A-FBBD-4C37-90B2-CAADB3074255}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{9366D3B8-C6F5-4694-B558-E906699A43C9}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{945B6522-2FB4-4AC3-A1C4-9D822090ED70}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{94D397CA-0CF1-4CE8-9ECE-4D535A67573B}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{95039811-9FC7-4D14-99AC-ACC941CC8EC8}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{95BBFD1B-B109-4698-B10A-C1FCB88278CF}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{96AAEECD-DBF0-4A2F-B730-FFE3C37B6613}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{9960A2A7-B8C6-4D04-AE89-F0798CA6B345}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{9B398652-912B-47EB-A2D6-1F889BA3D20B}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{9C41030F-8BE0-4B10-AD67-FFB21EEC6E3B}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{9EC2956F-E494-4994-9BA9-2DBC973448A1}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{9F703BA0-6EFB-42EE-BBBE-A0D2C89901B5}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{A0BC0FCB-6855-41E1-B8E2-A4CA76116485}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{A4347F2B-F242-4B99-804F-A59D05DEF6A3}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{A478B789-4EFB-4545-A4B5-5FD9E0BF4D84}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{A5877206-A849-4DFD-A4F5-8B813975B674}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{A5D4DC2C-7EE1-4082-8328-2FCE76C22206}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{AC06D3FF-819F-40A0-A903-14FEB3CE5451}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{AD90A689-C89A-4D80-A52C-5A2044931284}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{AF5E74B1-8734-4D0D-B623-DBF56B2608FD}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{AF613462-1CF4-4758-A0EF-FDC6EE1B59AB}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{B179B0AE-DE3A-4FD2-98C6-1C0E8CA1F68F}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{B2E41C82-9582-4A47-9B0B-92B4BF4644B0}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{B4B47259-D9A3-4C53-B365-F26AC41EF72A}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{B65878E6-E420-47D6-93A5-A65129CAE0AF}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{BF696E5C-17DC-492D-A718-00B6E49B309A}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{C5439940-EE7F-4F4C-B573-8E3B1CFEE823}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{C5B0C035-CA0E-4DED-B19C-5AFBB3176E15}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{D1B60C66-774E-44D2-8E97-E437550B63D1}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{D9FB78FE-2EEC-4242-AA5E-774D2265CEE9}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{DBADF952-1949-4FC2-890C-F6AE1FA17339}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{DC00A7EB-750F-4423-A512-C991814E296B}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{DD2B9F94-D487-4814-BFF4-CD3D798CF365}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{E0024330-C6EA-43A2-A28A-A527FE58E10E}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{E3F821A0-6CDE-4356-A368-86E24265C556}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{E4862E35-8859-4613-99FB-0949AE76434C}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{EDC1BC5A-894B-4508-9644-07D5B8E3D88C}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{EE32EB30-738C-4BD8-B95C-E444DB75D873}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{EF4690A8-7BCE-4007-8D15-9091DC990053}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{EFD019AB-552B-4F72-BD68-DBF5DC248525}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{F672718E-CB41-4902-943E-46878C045BF2}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{F6970E07-65E0-4CAF-A9AF-6722379C6479}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{F76A3502-B297-4AA1-B821-FF07BA6BFF66}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{F90A091E-EADD-441D-BBE6-FC8AFFE96896}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{FD52F909-123E-4E4E-8067-88FA06BCD7EA}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{FD7891E1-E730-42D9-8544-7088F6F35466}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{FE684E64-AC59-42C3-A10B-6721D7A5FE56}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{FE951AB3-F1B5-4464-B48F-2452F0F13417}
Successfully deleted: [Empty Folder] C:\Users\Wareza\appdata\local\{FF9AEA05-3A6E-4476-8EAF-687C5CBBA20E}



~~~ FireFox

Successfully deleted: [File] C:\Users\Wareza\AppData\Roaming\mozilla\firefox\profiles\7x9so9sh.default\user.js
Successfully deleted: [File] C:\Users\Wareza\AppData\Roaming\mozilla\firefox\profiles\7x9so9sh.default\searchplugins\ask.xml
Successfully deleted the following from C:\Users\Wareza\AppData\Roaming\mozilla\firefox\profiles\7x9so9sh.default\prefs.js

user_pref("extensions.a0b105cbff1eb40b89bca7dae371d7ead239035fb4613ab38efcom61762.61762.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_meta.value", "%7B%2219x19.png%22%3A%7B%22id%22%3A485
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_resource_485550.value", "%22data%3Aimage/png%3Bbase6
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%2
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A
user_pref("extensions.a587fea1b1c7643c08b293c3da78e24852309207e4ba642d8b8a23b0a22e052b5com57050.57050.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%2
user_pref("extensions.a587fea1b1c7643c08b293c3da78e24852309207e4ba642d8b8a23b0a22e052b5com57050.57050.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A
user_pref("extensions.buenosearch.tb_url", "hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 2&tsp=5250");
user_pref("extensions.buenosearch.tlbrSrchUrl", "hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 2&tsp=5250");
user_pref("extensions.crossrider.bic", "146e6d690fa58e0d4d107738fb2b5d8c");
user_pref("extensions.ffxtlbr@buenosearch.com.install-event-fired", true);
Emptied folder: C:\Users\Wareza\AppData\Roaming\mozilla\firefox\profiles\7x9so9sh.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 02.08.2014 at 9:30:04,95
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Pokracujte AdwCleanerem

# AdwCleaner v3.302 - Report created 02/08/2014 at 09:33:23
# Updated 30/07/2014 by Xplode
# Operating System : Windows 7 Home Premium (64 bits)
# Username : Wareza - HOME
# Running from : C:\Users\Wareza\Desktop\adwcleaner_3.302.exe
# Option : Scan

***** [ Services ] *****

Service Found : globalUpdate
Service Found : globalUpdatem
Service Found : ProtectMonitor

***** [ Files / Folders ] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Ask.xml
File Found : C:\Users\Wareza\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.buenosearch.com_0.localstorage
File Found : C:\Users\Wareza\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.buenosearch.com_0.localstorage-journal
File Found : C:\Users\Wareza\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Found : C:\Users\Wareza\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\buenosearch.xml
Folder Found : C:\Program Files (x86)\globalUpdate
Folder Found : C:\Program Files (x86)\HD-V1.9
Folder Found : C:\Program Files (x86)\SavePass
Folder Found : C:\Program Files (x86)\VNT
Folder Found : C:\Program Files\PCDApp
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\Updater
Folder Found : C:\Users\Wareza\AppData\Local\globalUpdate
Folder Found : C:\Users\Wareza\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnanplinmmnjhobaliikmelmmjpoogkb
Folder Found : C:\Users\Wareza\AppData\Local\Temp\focusbase
Folder Found : C:\Users\Wareza\AppData\Local\VNT
Folder Found : C:\Users\Wareza\AppData\Roaming\buenosearch LTD
Folder Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\Extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com
Folder Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\Extensions\587fea1b-1c76-43c0-8b29-3c3da78e2485@2309207e-4ba6-42d8-b8a2-3b0a22e052b5.com
Folder Found : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\Extensions\ffxtlbr@buenosearch.com

***** [ Scheduled Tasks ] *****

Task Found : globalUpdateUpdateTaskMachineCore
Task Found : globalUpdateUpdateTaskMachineUA
Task Found : paretologic registration3
Task Found : paretologic update version3
Task Found : 7dd07b49-00e3-43fc-aa78-d59d31542b53-1
Task Found : 7dd07b49-00e3-43fc-aa78-d59d31542b53-10
Task Found : 7dd07b49-00e3-43fc-aa78-d59d31542b53-11
Task Found : 7dd07b49-00e3-43fc-aa78-d59d31542b53-4
Task Found : 7dd07b49-00e3-43fc-aa78-d59d31542b53-6
Task Found : aa7a3f39-302c-46f7-8819-f4f38634d18c
Task Found : b82486d5-bb46-4c3f-bb97-2f0f41a249b0
Task Found : bdeae81b-09ea-4fc8-93ce-7d0c70c48698
Task Found : f7a4cc7e-9a86-4d86-a37b-ee13c88ab168-1
Task Found : f7a4cc7e-9a86-4d86-a37b-ee13c88ab168-11
Task Found : f7a4cc7e-9a86-4d86-a37b-ee13c88ab168-3
Task Found : f7a4cc7e-9a86-4d86-a37b-ee13c88ab168-4
Task Found : f7a4cc7e-9a86-4d86-a37b-ee13c88ab168-5
Task Found : f7a4cc7e-9a86-4d86-a37b-ee13c88ab168-5_user
Task Found : f7a4cc7e-9a86-4d86-a37b-ee13c88ab168-6
Task Found : f7a4cc7e-9a86-4d86-a37b-ee13c88ab168-7

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\HD-V1.9
Key Found : HKCU\Software\AppDataLow\Software\SavePass
Key Found : HKCU\Software\buenosearch LTD
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Found : [x64] HKCU\Software\buenosearch LTD
Key Found : [x64] HKCU\Software\GlobalUpdate
Key Found : HKLM\Software\buenosearch LTD
Key Found : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\AppID\{37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}
Key Found : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\AppID\{67FCE87F-F3EF-4A3C-87C2-8BD46E68807B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\Interface\{0BDDE35F-64F7-49C3-99B2-404E899C49F7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{24236608-609C-42C5-B13C-A8A3EC921850}
Key Found : HKLM\SOFTWARE\Classes\Interface\{28B1A706-4B97-4EB1-8B32-125042685AD9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{33575A26-D9CF-40C6-8A3E-116F17201C7F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4BDFD19F-93D7-49CE-B554-5C215FDC0136}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7307CF0F-7173-4FBF-8649-B149916DD322}
Key Found : HKLM\SOFTWARE\Classes\Interface\{80A5E38C-5F6B-485F-BD97-0B5BE991FAD5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9544D727-A26F-4D57-AF38-4496088640EA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC4C30BF-7D5F-4EAB-9C2A-454178F079AA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BC6F9C26-93EA-4C6D-A4A7-C1FA333B4BBE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E975527B-ABE7-40B3-B5C1-385016913E3B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA4B5B1-6C76-4B20-BCDB-D41A93E79053}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
Key Found : HKLM\Software\GlobalUpdate
Key Found : HKLM\Software\HD-V1.9
Key Found : HKLM\Software\InstalledBrowserExtensions
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{708D0DD7-FBC0-4437-B525-C098F450A62C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HD-V1.9
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SavePass
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Found : HKLM\Software\SafetyNut
Key Found : HKLM\Software\SavePass
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0BDDE35F-64F7-49C3-99B2-404E899C49F7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{24236608-609C-42C5-B13C-A8A3EC921850}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{28B1A706-4B97-4EB1-8B32-125042685AD9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{33575A26-D9CF-40C6-8A3E-116F17201C7F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4BDFD19F-93D7-49CE-B554-5C215FDC0136}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7307CF0F-7173-4FBF-8649-B149916DD322}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{80A5E38C-5F6B-485F-BD97-0B5BE991FAD5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9544D727-A26F-4D57-AF38-4496088640EA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC4C30BF-7D5F-4EAB-9C2A-454178F079AA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BC6F9C26-93EA-4C6D-A4A7-C1FA333B4BBE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E975527B-ABE7-40B3-B5C1-385016913E3B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA4B5B1-6C76-4B20-BCDB-D41A93E79053}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{828DC97A-2277-4E10-92A9-4907FA0922A9}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VNT]

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16476

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrI ... 2&tsp=5250

-\\ Mozilla Firefox v31.0 (x86 cs)

[ File : C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\prefs.js ]

Line Found : user_pref("browser.search.defaultenginename", "Ask.com");
Line Found : user_pref("browser.search.order.1", "Ask.com");
Line Found : user_pref("extensions.buenosearch.admin", false);
Line Found : user_pref("extensions.buenosearch.aflt", "babsst");
Line Found : user_pref("extensions.buenosearch.appId", "{37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}");
Line Found : user_pref("extensions.buenosearch.autoRvrt", "false");
Line Found : user_pref("extensions.buenosearch.dfltLng", "en");
Line Found : user_pref("extensions.buenosearch.excTlbr", false);
Line Found : user_pref("extensions.buenosearch.ffxUnstlRst", true);
Line Found : user_pref("extensions.buenosearch.id", "6623aa4900000000000000266c774594");
Line Found : user_pref("extensions.buenosearch.instlDay", "16207");
Line Found : user_pref("extensions.buenosearch.instlRef", "sst");
Line Found : user_pref("extensions.buenosearch.newTab", false);
Line Found : user_pref("extensions.buenosearch.prdct", "buenosearch");
Line Found : user_pref("extensions.buenosearch.prtnrId", "buenosearch");
Line Found : user_pref("extensions.buenosearch.rvrt", "false");
Line Found : user_pref("extensions.buenosearch.smplGrp", "none");
Line Found : user_pref("extensions.buenosearch.tlbrId", "base");
Line Found : user_pref("extensions.buenosearch.vrsn", "1.8.28.7");
Line Found : user_pref("extensions.buenosearch.vrsnTs", "1.8.28.717:55:14");
Line Found : user_pref("extensions.buenosearch.vrsni", "1.8.28.7");

-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\Wareza\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=101&systemid=488&v=n12521-346&apn_uid=2015706144514131&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms}
Found [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Found [Search Provider] : hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 2&tsp=5250
Found [Search Provider] : hxxp://tridistri.cz/inshop/scripts/shop.aspx?action=dosearch&searchphrase={searchTerms}
Found [Search Provider] : hxxp://stesticko.inshop.cz/inshop/scripts/shop.aspx?action=dosearch&searchphrase={searchTerms}
Found [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Found [Extension] : mnanplinmmnjhobaliikmelmmjpoogkb

*************************

AdwCleaner[R1].txt - [14592 octets] - [02/08/2014 09:33:23]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [14653 octets] ##########

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Tak jsem to stáhl a uložil na plochu, spustil, načetlo to pár informací po cca 8 hod, což mi tedy přijde asi hodně dlouho, nevím.. Jinak se nic nedělo, zůstalo to na mrtvém bodě. Děkuji za rady jak pokračovat dále...

Zoek tedy vynechame

Dejte log z FRST http://forum.viry.cz/viewtopic.php?f=30&t=133101

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-08-2014
Ran by Wareza (administrator) on HOME on 04-08-2014 18:54:23
Running from C:\Users\Wareza\Desktop
Platform: Windows 7 Home Premium (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Pokki) C:\Users\Wareza\AppData\Local\Pokki\Engine\pokki.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
() C:\Program Files (x86)\DriveCrypt\DcrServ.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
() C:\Program Files\UCT\HDR Expose 3\HDRExpose3Service.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Toshiba Europe GmbH) C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
(ActMask Co.,Ltd - http://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(SUPERAntiSpyware.com) C:\Program Files (x86)\SuperAntiSpyware - Professional - XxXFreakyXxX\SUPERAntiSpywarePro.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
() C:\Windows\SysWOW64\PSIService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Pokki) C:\Users\Wareza\AppData\Local\Pokki\Engine\pokki.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosOBEX.exe
(Společnost TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtBty.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050072 2010-02-11] (Toshiba Europe GmbH)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [520760 2010-03-10] (Conexant Systems, Inc.)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [913720 2010-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1489760 2010-03-17] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [136136 2010-04-19] (Toshiba Europe GmbH)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-18] (CANON INC.)
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [976896 2011-01-03] (ActMask Co.,Ltd - http://www.all2pdf.com)
HKLM\...\Run: [tedcgtelwn] => wscript.exe //B "C:\Users\Wareza\AppData\Local\Temp\tedcgtelwn..vbs" <===== ATTENTION
HKLM\...\Run: [qrnvvhxtfg] => wscript.exe //B "C:\Users\Wareza\AppData\Local\Temp\qrnvvhxtfg..vbs" <===== ATTENTION
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-02-24] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-10-06] (TOSHIBA Corporation)
HKLM-x32\...\Run: [FontExpertType1Loader] => C:\Program Files (x86)\FontExpert\Type1Loader.exe [294208 2010-05-14] (Proxima Software)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [Nástroj WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5236664 2012-09-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-07-04] (AVAST Software)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296056 2011-12-10] (RealNetworks, Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Users\Wareza\AppData\Local\Temp\DCSCMIN\IMDCSC.exe,C:\Users\Wareza\AppData\Local\Temp\DCSCMIN\IMDCSC.exe,userinit.exe
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Run: [DriveCrypt Startup] => C:\Program Files (x86)\DriveCrypt\DriveCrypt.exe [1249280 2013-05-09] (Secustar)
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Run: [SmartSerialMail Sending] => C:\Program Files (x86)\JAM Software\SmartSerialMail\SmartSerialMailServiceApp.exe [12234136 2011-11-10] (JAM Software GmbH)
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Run: [tedcgtelwn] => wscript.exe //B "C:\Users\Wareza\AppData\Local\Temp\tedcgtelwn..vbs" <===== ATTENTION
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Run: [qrnvvhxtfg] => wscript.exe //B "C:\Users\Wareza\AppData\Local\Temp\qrnvvhxtfg..vbs" <===== ATTENTION
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files (x86)\SuperAntiSpyware - Professional - XxXFreakyXxX\SUPERAntiSpywarePro.exe [2408688 2010-10-25] (SUPERAntiSpyware.com)
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Wareza\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Wareza\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Policies\system: [EnableLUA] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Wareza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qrnvvhxtfg..vbs ()
Startup: C:\Users\Wareza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tedcgtelwn..vbs ()
Startup: C:\Users\Wareza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_s ... 2&tsp=5250
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {14726521-4EA8-4E31-954A-F819C5E43366} URL = http://www.mapy.cz/?query={searchTerms} ... arch_14875
SearchScopes: HKCU - {289116D8-F3E8-44B8-B017-4381C432E558} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_14875
SearchScopes: HKCU - {5C959B8B-2E5E-46D6-9E06-BE939B43229A} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_14875
SearchScopes: HKCU - {794CBEE8-E6E3-48B8-9F92-FEE279BB0D38} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_14875
SearchScopes: HKCU - {922F01D9-E72B-44ED-8939-A4D004BDC39C} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_14875
SearchScopes: HKCU - {ADAAFF6A-E733-46DA-A8F7-730D9D788F90} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_14875
SearchScopes: HKCU - {BF895BE1-C46D-450C-90C6-3B9589D1C12B} URL = http://encyklopedie.seznam.cz/search?q= ... arch_14875
SearchScopes: HKCU - {DB6A7191-1D1B-4013-886F-E328C0A72B59} URL = http://www.novinky.cz/hledej?w={searchT ... arch_14875
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{32C913EE-9640-4023-93A9-F7A94D537652}: [NameServer]4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF ProfilePath: C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default
FF NetworkProxy: "ftp", "85.114.141.191"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "gopher", "85.114.141.191"
FF NetworkProxy: "gopher_port", 80
FF NetworkProxy: "http", "85.114.141.191"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @protectdisc.com/NPMPDRM -> C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll ( )
FF Plugin-x32: @real.com/nppl3260;version=15.0.0.198 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.0.198 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=15.0.0.198 -> c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF SearchPlugin: C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: HD-V1.9 - C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\Extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com [2014-08-01]
FF Extension: Seznam lištička - C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-07-07]
FF Extension: Hide IP Easy - C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\Extensions\support@easy-hideip.com.xpi [2014-05-25]
FF Extension: Super Hide IP - C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\Extensions\support@superhideip.com.xpi [2014-05-26]
FF Extension: CheckerLink - C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\Extensions\{1E379E8A-6F65-11E2-8F56-F1A26188709B}.xpi [2014-07-31]
FF Extension: Adblock Plus - C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-03-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-07]

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/
CHR StartupUrls: "hxxp://www.seznam.cz/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (fluxDVD Browser Plugin) - C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll ( )
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.40.255) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U4) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (globalUpdate Update) - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll No File
CHR Extension: (Dokumenty Google) - C:\Users\Wareza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-28]
CHR Extension: (Disk Google) - C:\Users\Wareza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-27]
CHR Extension: (YouTube) - C:\Users\Wareza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-27]
CHR Extension: (Adblock Plus) - C:\Users\Wareza\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-01]
CHR Extension: (Rozšíření pro webové stránky - WP Screenshot) - C:\Users\Wareza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2014-06-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Wareza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-27]
CHR Extension: (AdBlock Plus) - C:\Users\Wareza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebophoempopiimfdkeechjfchhmdmmnc [2014-08-01]
CHR Extension: (avast! Online Security) - C:\Users\Wareza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-05-07]
CHR Extension: (Watch Online) - C:\Users\Wareza\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnanplinmmnjhobaliikmelmmjpoogkb [2014-08-02]
CHR Extension: (Gmail) - C:\Users\Wareza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-27]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-07] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-05-07] (AVAST Software)
R2 CrypKey License; C:\Windows\system32\crypserv.exe [126976 2010-03-18] (CrypKey (Canada) Ltd.) [File not signed]
R2 DriveCryptService; C:\Program Files (x86)\DriveCrypt\DcrServ.exe [202112 2013-05-09] () [File not signed]
R2 hasplms; C:\Windows\system32\hasplms.exe [4466120 2013-01-11] (SafeNet Inc.)
R2 HDRExpose3Service; C:\Program Files\UCT\HDR Expose 3\HDRExpose3Service.exe [65656 2013-10-13] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] ()
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2012-12-21] (Nalpeiron Ltd.) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2011-04-24] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2011-04-24] ()
R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [65536 2009-10-28] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) [File not signed]
U2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-02-11] (Toshiba Europe GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-17] (TuneUp Software)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1157056 2012-09-19] (Western Digital )
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-19] (Western Digital)
R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-09-19] (Western Digital )

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [60488 2013-01-14] (SafeNet Inc.)
R3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [303368 2013-03-05] (SafeNet Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-16] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-07-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-16] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-07-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-17] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-16] ()
R3 CnxtHdmiAudService; C:\Windows\System32\drivers\CHDMI64.sys [720952 2010-03-05] (Conexant Systems Inc.)
R2 hardlock; C:\Windows\SysWOW64\drivers\hardlock.sys [24064 2005-11-09] () [File not signed]
S3 hmhrwoiz; No ImagePath
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R2 multikey; C:\Windows\System32\DRIVERS\multikey.sys [67584 2014-07-18] (Chingachguk & Denger2k (Elite & SP edition))
R1 NetworkX; C:\Windows\System32\ckldrv.sys [30272 2010-03-19] ()
S2 NSHE; C:\Windows\SysWOW64\Drivers\NSHE.SYS [98816 2013-05-22] (T0r0 2008) [File not signed]
S3 PCTBD; C:\Windows\System32\Drivers\PCTBD64.sys [70760 2011-09-28] (PC Tools)
R0 PCTCore; C:\Windows\System32\drivers\PCTCore64.sys [367912 2011-11-14] (PC Tools)
S1 SASDIFSV; C:\Program Files (x86)\SuperAntiSpyware - Professional - XxXFreakyXxX\SASDIFSV.SYS [12872 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files (x86)\SuperAntiSpyware - Professional - XxXFreakyXxX\SASKUTIL.SYS [67656 2010-05-10] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SBRE; C:\Windows\system32\drivers\SBREdrv.sys [55384 2012-07-15] (Sunbelt Software)
R3 toshidpt; C:\Windows\System32\drivers\Toshidpt.sys [9608 2009-06-19] (TOSHIBA Corporation.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-08-28] (TuneUp Software)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [110672 2012-11-04] (Webroot)
S3 CrystalSysInfo; \??\C:\Program Files (x86)\MediaCoder\SysInfoX64.sys [X]
S3 DCR; \??\C:\Program Files (x86)\DriveCrypt\DCR.Sys [X]
S0 TfFsMon; system32\drivers\TfFsMon.sys [X]
S3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [X]
S0 TFSysMon; system32\drivers\TfSysMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-04 18:54 - 2014-08-04 18:56 - 00035107 _____ () C:\Users\Wareza\Desktop\FRST.txt
2014-08-04 18:53 - 2014-08-04 18:53 - 02094080 _____ (Farbar) C:\Users\Wareza\Downloads\FRST64.exe
2014-08-04 18:53 - 2014-08-04 18:53 - 02094080 _____ (Farbar) C:\Users\Wareza\Desktop\FRST64.exe
2014-08-04 18:52 - 2014-08-04 18:52 - 00015327 _____ () C:\Users\Wareza\Desktop\LM.bat
2014-08-04 18:51 - 2014-08-04 18:52 - 00029696 _____ () C:\Users\Wareza\AppData\Local\MSGBOX.EXE
2014-08-04 18:50 - 2014-08-04 18:50 - 00112640 _____ (forum.viry.cz) C:\Users\Wareza\Downloads\FRSTLauncher.exe
2014-08-04 18:50 - 2014-08-04 18:50 - 00112640 _____ (forum.viry.cz) C:\Users\Wareza\Desktop\FRSTLauncher.exe
2014-08-04 18:49 - 2014-08-04 18:50 - 110138096 _____ () C:\Users\Wareza\Downloads\SSS.Eco.Elements.25xEPS.GFXTRA.NET.rar
2014-08-04 17:54 - 2014-08-04 17:54 - 04857459 _____ () C:\Users\Wareza\Downloads\Monopol.GFXTRA.NET.rar
2014-08-04 17:53 - 2014-08-04 17:53 - 111045911 _____ () C:\Users\Wareza\Downloads\SSS.Happy.Easter.4.25xEPS.GFXTRA.NET.rar
2014-08-04 17:52 - 2014-08-04 17:52 - 05874364 _____ () C:\Users\Wareza\Downloads\Pupcat.GFXTRA.NET.rar
2014-08-04 17:51 - 2014-08-04 17:52 - 137318374 _____ () C:\Users\Wareza\Downloads\SSS.Badges.and.Stickers.8.25xEPS.GFXTRA.NET.rar
2014-08-04 17:50 - 2014-08-04 17:51 - 07277273 _____ () C:\Users\Wareza\Downloads\Sceptica.GFXTRA.NET.rar
2014-08-04 17:50 - 2014-08-04 17:50 - 06074059 _____ () C:\Users\Wareza\Downloads\Dharma.Gothic.GFXTRA.NET.rar
2014-08-04 17:48 - 2014-08-04 17:49 - 108207626 _____ () C:\Users\Wareza\Downloads\SSS.Sale.Tags.4.25xEPS.GFXTRA.NET.rar
2014-08-04 17:48 - 2014-08-04 17:48 - 05919765 _____ () C:\Users\Wareza\Downloads\Selfica.GFXTRA.NET.rar
2014-08-04 17:47 - 2014-08-04 17:48 - 133610351 _____ () C:\Users\Wareza\Downloads\SSS.Tomato.and.Ketchup.25xEPS.GFXTRA.NET.rar
2014-08-04 17:47 - 2014-08-04 17:47 - 04447069 _____ () C:\Users\Wareza\Downloads\Equip.Slab.GFXTRA.NET.rar
2014-08-04 17:26 - 2014-08-04 17:26 - 07029079 _____ () C:\Users\Wareza\Downloads\Nauman.GFXTRA.NET.rar
2014-08-04 17:25 - 2014-08-04 17:25 - 134014148 _____ () C:\Users\Wareza\Downloads\SSS.Realistic.Flowers.25xEPS.GFXTRA.NET.rar
2014-08-04 17:24 - 2014-08-04 17:24 - 31240376 _____ () C:\Users\Wareza\Downloads\SSS.Tree.25xEPS.GFXTRA.NET.rar
2014-08-04 17:24 - 2014-08-04 17:24 - 04875009 _____ () C:\Users\Wareza\Downloads\Cavole.Slab.GFXTRA.NET.rar
2014-08-04 17:23 - 2014-08-04 17:23 - 04541525 _____ () C:\Users\Wareza\Downloads\Typonil.GFXTRA.NET.rar
2014-08-04 17:20 - 2014-08-04 17:20 - 04737040 _____ () C:\Users\Wareza\Downloads\Rooney.GFXTRA.NET.rar
2014-08-04 17:19 - 2014-08-04 17:20 - 124356324 _____ () C:\Users\Wareza\Downloads\SSS.Women.s.Day.2.25xEPS.GFXTRA.NET.rar
2014-08-04 17:18 - 2014-08-04 17:19 - 06720308 _____ () C:\Users\Wareza\Downloads\PF.Din.Display.Pro.GFXTRA.NET.rar
2014-08-04 17:18 - 2014-08-04 17:18 - 15742807 _____ () C:\Users\Wareza\Downloads\SSS.Floral.Pattern.25xEPS.GFXTRA.COM.rar
2014-08-04 17:16 - 2014-08-04 17:17 - 118475741 _____ () C:\Users\Wareza\Downloads\SSS.BBQ.Grill.25xEPS.GFXTRA.NET.rar
2014-08-04 17:16 - 2014-08-04 17:17 - 06072546 _____ () C:\Users\Wareza\Downloads\Semplicita.Pro.GFXTRA.NET.rar
2014-08-04 17:15 - 2014-08-04 17:15 - 04713341 _____ () C:\Users\Wareza\Downloads\Octin.Sports.GFXTRA.NET.rar
2014-08-04 17:13 - 2014-08-04 17:13 - 06589717 _____ () C:\Users\Wareza\Downloads\Helia.GFXTRA.NET.rar
2014-08-04 17:12 - 2014-08-04 17:14 - 139436621 _____ () C:\Users\Wareza\Downloads\SSS.Outdoor.Adventure.25xEPS.GFXTRA.NET.rar
2014-08-04 16:42 - 2014-08-04 16:43 - 281166112 _____ () C:\Users\Wareza\Downloads\SSS.Beauty.Girls.33xJPG.GFXTRA.NET.rar
2014-08-04 16:41 - 2014-08-04 16:41 - 06153518 _____ () C:\Users\Wareza\Downloads\Farrerons.Serif.GFXTRA.NET.rar
2014-08-04 16:39 - 2014-08-04 16:40 - 128688712 _____ () C:\Users\Wareza\Downloads\SSS.Gs.and.Winemaking.6.25xEPS.GFXTRA.NET.rar
2014-08-04 16:39 - 2014-08-04 16:39 - 04608111 _____ () C:\Users\Wareza\Downloads\Signor.GFXTRA.NET.rar
2014-08-04 16:38 - 2014-08-04 16:40 - 143918658 _____ () C:\Users\Wareza\Downloads\SSS.Happy.Holi.25xEPS.GFXTRA.NET.rar
2014-08-04 16:38 - 2014-08-04 16:38 - 05070630 _____ () C:\Users\Wareza\Downloads\Brevia.GFXTRA.NET.rar
2014-08-04 16:37 - 2014-03-09 17:22 - 00000000 ____D () C:\Users\Wareza\Desktop\Stock Vectors - Logo Collection Vol.6, 25xEPS GFXTRA.COM!
2014-08-04 16:35 - 2014-08-04 16:35 - 12994476 _____ () C:\Users\Wareza\Downloads\SSS.Logo.Collection.Vol.6.25xEPS.GFXTRA.COM.rar
2014-08-04 16:33 - 2014-08-04 16:33 - 06052166 _____ () C:\Users\Wareza\Downloads\Clio.XS.GFXTRA.NET.rar
2014-08-04 16:32 - 2014-08-04 16:34 - 190756541 _____ () C:\Users\Wareza\Downloads\SSS.Menu.Cover.4.25xEPS.GFXTRA.NET.rar
2014-08-04 16:31 - 2014-08-04 16:33 - 112601398 _____ () C:\Users\Wareza\Downloads\SSS.Darts.Championship.25xEPS.GFXTRA.NET.rar
2014-08-04 16:28 - 2014-08-04 16:29 - 101805279 _____ () C:\Users\Wareza\Downloads\SSS.Farm.and.Agriculture.2.25xEPS.GFXTRA.NET.rar
2014-08-04 16:28 - 2014-08-04 16:29 - 05046826 _____ () C:\Users\Wareza\Downloads\Stat.Display.Pro.GFXTRA.NET.rar
2014-08-04 16:27 - 2014-08-04 16:29 - 216144120 _____ () C:\Users\Wareza\Downloads\SSS.St.Petersburg.25xJPG.GFXTRA.COM.rar
2014-08-04 16:26 - 2014-08-04 16:27 - 89861465 _____ () C:\Users\Wareza\Downloads\F0t0lia.Mountain.Sports.25xJPG.GFXTRA.COM.rar
2014-08-04 16:26 - 2014-08-04 16:27 - 100174201 _____ () C:\Users\Wareza\Downloads\F0t0lia.Mountain.Skiing.25xJPG.GFXTRA.NET.rar
2014-08-04 16:24 - 2014-08-04 16:24 - 04623017 _____ () C:\Users\Wareza\Downloads\Ephesus.GFXTRA.NET.rar
2014-08-04 16:23 - 2014-08-04 16:24 - 80329379 _____ () C:\Users\Wareza\Downloads\SSS.Fishing.Elements.25xEPS.GFXTRA.NET.rar
2014-08-04 16:22 - 2014-08-04 16:22 - 04996655 _____ () C:\Users\Wareza\Downloads\Showcase.GFXTRA.NET.rar
2014-08-04 16:21 - 2014-08-04 16:22 - 62822481 _____ () C:\Users\Wareza\Downloads\SSS.Crawling.Baby.Boy.on.White.Background.25xJPG.GFXTRA.NET.rar
2014-08-04 16:14 - 2014-08-04 16:15 - 162386211 _____ () C:\Users\Wareza\Downloads\SSS.Cute.Pin.Up.Girls.25xJPG.GFXTRA.NET.rar
2014-08-04 16:13 - 2014-08-04 16:14 - 98980095 _____ () C:\Users\Wareza\Downloads\F0t0lia.Brazil.Collection.25xEPS.GFXTRA.COM.rar
2014-08-04 16:12 - 2014-08-04 16:12 - 07032785 _____ () C:\Users\Wareza\Downloads\Nuber.GFXTRA.NET.rar
2014-08-04 16:11 - 2014-08-04 16:11 - 99859292 _____ () C:\Users\Wareza\Downloads\SSS.Happy.Mother.s.Day.3.25xEPS.GFXTRA.NET.rar
2014-08-04 16:10 - 2014-08-04 16:10 - 05790661 _____ () C:\Users\Wareza\Downloads\Agmena.Pro.GFXTRA.NET.rar
2014-08-04 16:08 - 2014-08-04 16:09 - 127230644 _____ () C:\Users\Wareza\Downloads\SSS.Happy.Easter.5.25xEPS.GFXTRA.NET.rar
2014-08-04 16:07 - 2014-08-04 16:07 - 10993128 _____ () C:\Users\Wareza\Downloads\Levato.Pro.GFXTRA.NET.rar
2014-08-04 16:06 - 2014-08-04 16:07 - 108144399 _____ () C:\Users\Wareza\Downloads\SSS.Ukrainian.Symbols.25xEPS.GFXTRA.NET.rar
2014-08-04 16:04 - 2014-08-04 16:05 - 123552324 _____ () C:\Users\Wareza\Downloads\SSS.Saint.Patrick.s.Day.6.25xEPS.GFXTRA.NET.rar
2014-08-04 16:04 - 2014-08-04 16:05 - 06263320 _____ () C:\Users\Wareza\Downloads\Idler.GFXTRA.NET.rar
2014-08-04 16:02 - 2014-08-04 16:02 - 04738325 _____ () C:\Users\Wareza\Downloads\CamingoDos.Pro.SemiCondensed.GFXTRA.NET.rar
2014-08-04 16:01 - 2014-08-04 16:01 - 74505293 _____ () C:\Users\Wareza\Downloads\SSS.Battery.Icons.25xEPS.GFXTRA.NET.rar
2014-08-04 16:00 - 2014-08-04 16:00 - 06270155 _____ () C:\Users\Wareza\Downloads\PF.Square.Sans.Pro.GFXTRA.NET.rar
2014-08-04 15:57 - 2014-08-04 15:57 - 04703014 _____ () C:\Users\Wareza\Downloads\Osnova.Pro.GFXTRA.NET.rar
2014-08-04 15:02 - 2014-08-04 15:03 - 110070481 _____ () C:\Users\Wareza\Downloads\SSS.Choco.Elements.25xEPS.GFXTRA.NET.rar
2014-08-04 15:01 - 2014-08-04 15:01 - 04187041 _____ () C:\Users\Wareza\Downloads\Vanitas.Stencil.GFXTRA.NET.rar
2014-08-04 15:00 - 2014-08-04 15:00 - 02979085 _____ () C:\Users\Wareza\Downloads\PF.Scandal.Pro.GFXTRA.NET.rar
2014-08-04 14:58 - 2014-08-04 14:58 - 07217278 _____ () C:\Users\Wareza\Downloads\Klavika.PTF.GFXTRA.NET.rar
2014-08-04 14:57 - 2014-08-04 14:57 - 04505313 _____ () C:\Users\Wareza\Downloads\Troia.GFXTRA.NET.rar
2014-08-04 14:56 - 2014-08-04 14:57 - 120339088 _____ () C:\Users\Wareza\Downloads\SSS.Metal.Textures.3.25xEPS.GFXTRA.NET.rar
2014-08-04 14:51 - 2014-08-04 14:51 - 05270286 _____ () C:\Users\Wareza\Downloads\Antenna.GFXTRA.NET.rar
2014-08-04 14:50 - 2014-08-04 14:51 - 134530282 _____ () C:\Users\Wareza\Downloads\SSS.Grunge.Elements.Vol.6.25xEPS.GFXTRA.NET.rar
2014-08-04 14:50 - 2014-08-04 14:50 - 35677272 _____ () C:\Users\Wareza\Downloads\SSS.Cheese.Vectors.25xEPS.GFXTRA.NET.rar
2014-08-04 14:48 - 2014-08-04 14:49 - 08911748 _____ () C:\Users\Wareza\Downloads\PF.Handbook.Pro.GFXTRA.NET.rar
2014-08-04 14:47 - 2014-08-04 14:48 - 143478711 _____ () C:\Users\Wareza\Downloads\SSS.Coffee.Time.7.25xEPS.GFXTRA.NET.rar
2014-08-04 14:45 - 2014-08-04 14:45 - 05088750 _____ () C:\Users\Wareza\Downloads\Bandera.Pro.GFXTRA.NET.rar
2014-08-04 14:44 - 2014-08-04 14:46 - 168619322 _____ () C:\Users\Wareza\Downloads\SSS.Young.Businessman_Working.with.a.Notebook.II.25xJPG.GFXTRA.COM.rar
2014-08-04 14:43 - 2014-08-04 14:45 - 219985029 _____ () C:\Users\Wareza\Downloads\SSS.Golden.Bitcoin.25xJPG.GFXTRA.NET.rar
2014-08-04 14:43 - 2014-08-04 14:43 - 08646150 _____ () C:\Users\Wareza\Downloads\Cabrito.GFXTRA.NET.rar
2014-08-04 14:41 - 2014-08-04 14:41 - 04037563 _____ () C:\Users\Wareza\Downloads\Frutiger.Adobe.GFXTRA.NET.rar
2014-08-04 14:41 - 2014-06-25 19:13 - 00000000 ____D () C:\Users\Wareza\Desktop\Shutterstock - Logo Design 2 25xEPS GFXTRA.NET!
2014-08-04 14:40 - 2014-08-04 14:41 - 134111225 _____ () C:\Users\Wareza\Downloads\SSS.Vegetarian.Food.25xEPS.GFXTRA.NET.rar
2014-08-04 14:39 - 2014-08-04 14:40 - 08247235 _____ () C:\Users\Wareza\Downloads\PF.Beau.Sans.Pro.GFXTRA.NET.rar
2014-08-04 14:36 - 2014-08-04 14:36 - 15366449 _____ () C:\Users\Wareza\Downloads\Veneer.GFXTRA.NET.rar
2014-08-04 14:34 - 2014-08-04 14:35 - 91287414 _____ () C:\Users\Wareza\Downloads\SSS.Logo.Design.2.25xEPS.GFXTRA.NET.rar
2014-08-04 13:51 - 2014-08-04 13:53 - 277641392 _____ () C:\Users\Wareza\Downloads\TShirtFactory.Vectors.Bundle.400.Premium.Designs.in.Bundle_GFXTRA.COM.pw.rar
2014-08-04 11:02 - 2014-08-04 11:02 - 00000000 ____D () C:\Users\Wareza\AppData\Local\{316329AA-F0F7-4458-AA95-108547743604}
2014-08-03 09:56 - 2014-08-03 09:56 - 00000000 _____ () C:\Users\Wareza\Desktop\Nový textový dokument.txt
2014-08-02 15:47 - 2014-08-02 15:47 - 00000000 ____D () C:\Users\Wareza\AppData\Local\{6E4A6504-328C-4E54-99FB-59CE92EA1811}
2014-08-02 13:12 - 2014-08-02 13:12 - 00000021 _____ () C:\folders.log
2014-08-02 13:12 - 2014-08-02 13:12 - 00000000 ____D () C:\zoek
2014-08-02 12:34 - 2014-08-02 20:11 - 00054495 _____ () C:\zoek-results.log
2014-08-02 12:26 - 2014-08-02 12:26 - 00003118 _____ () C:\Windows\System32\Tasks\{C0E5D28D-00F1-44BE-B643-C2D0A642F45E}
2014-08-02 12:25 - 2014-07-14 15:11 - 01417360 _____ () C:\Users\Wareza\Desktop\zoek.scr
2014-08-02 12:25 - 2014-07-14 15:11 - 01417360 _____ () C:\Users\Wareza\Desktop\zoek.com
2014-08-02 12:10 - 2014-08-02 13:12 - 00003133 _____ () C:\runcheck.txt
2014-08-02 12:10 - 2014-08-02 12:10 - 00000000 ____D () C:\zoek_backup
2014-08-02 11:26 - 2014-07-27 10:43 - 00000000 ____D () C:\Users\Wareza\Desktop\crt_zd_smb
2014-08-02 09:33 - 2014-08-02 12:01 - 00000000 ____D () C:\AdwCleaner
2014-08-02 09:30 - 2014-08-02 09:30 - 00025906 _____ () C:\Users\Wareza\Desktop\JRT.txt
2014-08-02 09:05 - 2014-08-02 09:05 - 01361309 _____ () C:\Users\Wareza\Desktop\adwcleaner_3.302.exe
2014-08-02 09:05 - 2014-08-02 09:05 - 01016261 _____ (Thisisu) C:\Users\Wareza\Desktop\JRT.exe
2014-08-01 22:07 - 2014-08-01 22:07 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-01 20:53 - 2014-08-01 20:53 - 00000000 ____D () C:\rsit
2014-08-01 20:44 - 2014-08-04 18:54 - 00000000 ____D () C:\FRST
2014-08-01 20:20 - 2014-08-02 08:58 - 00002324 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-01 20:20 - 2014-08-02 08:58 - 00002324 _____ () C:\ProgramData\Desktop\Google Chrome.lnk
2014-08-01 20:20 - 2014-08-01 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-01 20:18 - 2014-08-01 20:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-01 19:41 - 2014-08-01 19:51 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-07-31 16:20 - 2014-04-05 02:31 - 00000000 ____D () C:\Users\Wareza\Desktop\Stock Vector - Businessman infographic Template
2014-07-30 20:37 - 2014-07-30 20:44 - 00000000 ____D () C:\Users\Wareza\Desktop\The.Expendables.3.2014.DVDSCR.Xvid-DiNGO
2014-07-30 19:11 - 2014-07-19 08:07 - 00000000 ____D () C:\Users\Wareza\Desktop\Trump Gothic Pro Font Family - 66 Fonts 240$
2014-07-30 17:53 - 2014-07-08 20:25 - 00000000 ____D () C:\Users\Wareza\Desktop\Stock Vector - Abstract Logo and Icon Collection 35
2014-07-29 16:32 - 2014-07-22 20:17 - 00000000 ____D () C:\Users\Wareza\Desktop\Crea 150
2014-07-23 19:01 - 2014-07-13 11:38 - 00000000 ____D () C:\Users\Wareza\Desktop\Creative Pack # 534
2014-07-23 13:23 - 2014-07-23 13:23 - 00000000 ____D () C:\Users\Wareza\Desktop\CD č.l. 84
2014-07-23 13:23 - 2014-07-23 13:23 - 00000000 ____D () C:\Users\Wareza\Desktop\CD č.l. 38
2014-07-23 13:23 - 2014-07-23 13:23 - 00000000 ____D () C:\Users\Wareza\Desktop\CD č.l. 207
2014-07-23 08:00 - 2014-07-23 08:00 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-07-22 12:06 - 2014-07-16 11:13 - 00000000 ____D () C:\Users\Wareza\Desktop\Creative Pack # 541
2014-07-22 11:50 - 2012-11-23 22:30 - 00000000 ____D () C:\Users\Wareza\Desktop\Rons Brushes
2014-07-22 10:08 - 2014-07-22 12:01 - 00000000 ____D () C:\Users\Wareza\Desktop\Textures Mix
2014-07-22 09:11 - 2014-07-22 09:11 - 00000000 ____D () C:\Users\Wareza\Desktop\PDF Magazíny
2014-07-22 00:22 - 2013-08-07 11:15 - 00000000 ____D () C:\Users\Wareza\Desktop\The Digital Trends Bundle 2014
2014-07-21 22:02 - 2014-07-21 22:02 - 00000010 _____ () C:\Users\Wareza\Desktop\heslo.txt
2014-07-21 08:50 - 2014-07-19 22:37 - 00000000 ____D () C:\Users\Wareza\Desktop\Crea 149
2014-07-20 16:01 - 2014-07-20 16:01 - 00003600 ____N () C:\bootsqm.dat
2014-07-20 10:56 - 2014-07-20 10:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-07-20 10:56 - 2014-07-20 10:56 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-07-19 22:23 - 2014-07-19 22:33 - 2124101632 _____ () C:\Users\Wareza\Downloads\btb.avi
2014-07-19 14:55 - 2014-07-19 14:55 - 00000032 _____ () C:\Windows\ETKINST.INI
2014-07-19 12:18 - 2007-03-08 16:08 - 00507904 _____ (LexCom Informationssysteme GmbH) C:\Windows\system\LexHdl5.dll
2014-07-18 20:59 - 2006-12-13 18:14 - 00065024 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\system32\Drivers\aksdf.sys
2014-07-18 20:59 - 2002-07-26 17:02 - 00153088 _____ () C:\Windows\SysWOW64\UNWISE.EXE
2014-07-18 20:04 - 2014-07-18 20:04 - 00000000 ____D () C:\Users\Wareza\AppData\Local\Sniper3
2014-07-18 20:04 - 2014-07-18 20:04 - 00000000 ____D () C:\ProgramData\ALI213
2014-07-18 20:00 - 2014-07-18 20:00 - 00000758 _____ () C:\Windows\DirectX.log
2014-07-18 18:13 - 2014-07-18 18:13 - 00003536 _____ () C:\Windows\System32\Tasks\{87E11AAA-A114-4794-8A7E-C2089F882346}
2014-07-18 17:58 - 2014-07-18 17:58 - 00000543 _____ () C:\Windows\NGO.cer
2014-07-18 17:25 - 2013-02-19 15:04 - 00141064 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksfridge.sys
2014-07-18 17:25 - 2013-01-11 16:36 - 04466120 _____ (SafeNet Inc.) C:\Windows\system32\hasplms.exe
2014-07-18 17:25 - 2013-01-11 16:36 - 04466120 _____ (SafeNet Inc.) C:\Windows\system32\aksllmtp.exe
2014-07-18 17:24 - 2014-07-19 20:07 - 00000673 _____ () C:\Windows\aksdrvsetup.log
2014-07-18 17:24 - 2014-07-19 12:56 - 00000674 _____ () C:\Windows\aksdrvsetup.1.log
2014-07-18 17:24 - 2014-07-18 21:00 - 00000677 _____ () C:\Windows\aksdrvsetup.2.log
2014-07-18 17:24 - 2014-07-18 17:25 - 00020585 _____ () C:\Windows\aksdrvsetup.3.log
2014-07-18 17:24 - 2013-03-06 09:03 - 00077768 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\system32\aksusb4.dll
2014-07-18 17:24 - 2013-03-06 09:03 - 00070088 _____ (SafeNet Inc.) C:\Windows\system32\akshhl30.dll
2014-07-18 17:24 - 2013-03-06 09:03 - 00018376 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\system32\akshsp52.dll
2014-07-18 17:24 - 2013-01-14 12:32 - 00063944 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\akshhl.sys
2014-07-18 16:10 - 2014-07-18 17:59 - 00067584 _____ (Chingachguk & Denger2k (Elite & SP edition)) C:\Windows\system32\Drivers\multikey.sys
2014-07-18 16:10 - 2013-05-22 23:54 - 00098816 ____R (T0r0 2008) C:\Windows\SysWOW64\Drivers\nshe.sys
2014-07-18 14:29 - 2014-07-18 14:43 - 00000000 ____D () C:\Users\Wareza\Downloads\Sniper Elite III
2014-07-17 18:00 - 2014-07-17 18:00 - 00000000 ____D () C:\Users\Wareza\Desktop\Retro Style People_
2014-07-17 16:15 - 2014-07-17 16:15 - 00000000 ____D () C:\Users\Wareza\AppData\Roaming\proxyeverysvr
2014-07-17 16:13 - 2014-07-17 16:22 - 00000417 _____ () C:\TMachInfo.log
2014-07-16 18:39 - 2014-08-04 08:34 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-16 18:34 - 2014-07-16 18:34 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-16 18:32 - 2014-07-16 18:32 - 00448400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-07-15 20:50 - 2014-07-26 09:56 - 00003756 _____ () C:\Windows\System32\Tasks\Real Player online aktualizace
2014-07-15 20:50 - 2014-07-15 20:50 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe online aktualizační program
2014-07-15 20:20 - 2014-07-15 20:20 - 00002220 _____ () C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
2014-07-15 20:20 - 2014-07-15 20:20 - 00002220 _____ () C:\ProgramData\Desktop\TuneUp 1-Click Maintenance.lnk
2014-07-15 20:20 - 2014-07-15 20:20 - 00002206 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
2014-07-15 20:20 - 2014-07-15 20:20 - 00002194 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
2014-07-15 20:20 - 2014-07-15 20:20 - 00002194 _____ () C:\ProgramData\Desktop\TuneUp Utilities 2013.lnk
2014-07-15 20:20 - 2014-07-15 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
2014-07-15 20:20 - 2012-09-17 12:01 - 00034656 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2014-07-15 20:20 - 2012-09-17 12:01 - 00025952 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-07-15 20:20 - 2012-09-17 12:01 - 00021344 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2014-07-15 20:18 - 2014-07-15 20:20 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2013
2014-07-15 19:09 - 2014-07-15 19:08 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-15 19:08 - 2014-07-15 19:08 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-15 18:56 - 2014-07-15 18:56 - 00003076 _____ () C:\Windows\System32\Tasks\Game_Booster_Startup
2014-07-09 09:07 - 2014-07-01 03:56 - 00516096 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 09:07 - 2014-07-01 03:50 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-08 23:35 - 2014-07-08 23:35 - 05659136 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-06 23:19 - 2014-07-06 23:19 - 00001339 _____ () C:\Users\Public\Desktop\SuperAntiSpyware - Professional - XxXFreakyXxX.lnk
2014-07-06 23:19 - 2014-07-06 23:19 - 00001339 _____ () C:\ProgramData\Desktop\SuperAntiSpyware - Professional - XxXFreakyXxX.lnk
2014-07-06 23:19 - 2014-07-06 23:19 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-07-06 23:19 - 2014-07-06 23:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperAntiSpyware - Professional
2014-07-06 23:19 - 2014-07-06 23:19 - 00000000 ____D () C:\Program Files (x86)\SuperAntiSpyware - Professional - XxXFreakyXxX
2014-07-06 17:46 - 2014-07-19 12:01 - 00000000 ____D () C:\Users\Wareza\Desktop\Detailer komp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-04 18:56 - 2014-08-04 18:54 - 00035107 _____ () C:\Users\Wareza\Desktop\FRST.txt
2014-08-04 18:55 - 2013-02-16 15:51 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-04 18:55 - 2011-01-04 16:50 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{EE17EAED-6211-4D65-986B-9A678E1E2EA5}
2014-08-04 18:54 - 2014-08-01 20:44 - 00000000 ____D () C:\FRST
2014-08-04 18:53 - 2014-08-04 18:53 - 02094080 _____ (Farbar) C:\Users\Wareza\Downloads\FRST64.exe
2014-08-04 18:53 - 2014-08-04 18:53 - 02094080 _____ (Farbar) C:\Users\Wareza\Desktop\FRST64.exe
2014-08-04 18:52 - 2014-08-04 18:52 - 00015327 _____ () C:\Users\Wareza\Desktop\LM.bat
2014-08-04 18:52 - 2014-08-04 18:51 - 00029696 _____ () C:\Users\Wareza\AppData\Local\MSGBOX.EXE
2014-08-04 18:50 - 2014-08-04 18:50 - 00112640 _____ (forum.viry.cz) C:\Users\Wareza\Downloads\FRSTLauncher.exe
2014-08-04 18:50 - 2014-08-04 18:50 - 00112640 _____ (forum.viry.cz) C:\Users\Wareza\Desktop\FRSTLauncher.exe
2014-08-04 18:50 - 2014-08-04 18:49 - 110138096 _____ () C:\Users\Wareza\Downloads\SSS.Eco.Elements.25xEPS.GFXTRA.NET.rar
2014-08-04 18:36 - 2012-12-27 20:55 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3893988867-3537961221-3907201996-1000UA.job
2014-08-04 18:35 - 2013-01-25 23:05 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-04 17:54 - 2014-08-04 17:54 - 04857459 _____ () C:\Users\Wareza\Downloads\Monopol.GFXTRA.NET.rar
2014-08-04 17:54 - 2014-05-18 21:15 - 00000000 ____D () C:\Users\Wareza\Desktop\myfonts.com
2014-08-04 17:54 - 2014-05-18 20:26 - 00000000 ____D () C:\Users\Wareza\Desktop\Vector
2014-08-04 17:53 - 2014-08-04 17:53 - 111045911 _____ () C:\Users\Wareza\Downloads\SSS.Happy.Easter.4.25xEPS.GFXTRA.NET.rar
2014-08-04 17:52 - 2014-08-04 17:52 - 05874364 _____ () C:\Users\Wareza\Downloads\Pupcat.GFXTRA.NET.rar
2014-08-04 17:52 - 2014-08-04 17:51 - 137318374 _____ () C:\Users\Wareza\Downloads\SSS.Badges.and.Stickers.8.25xEPS.GFXTRA.NET.rar
2014-08-04 17:51 - 2014-08-04 17:50 - 07277273 _____ () C:\Users\Wareza\Downloads\Sceptica.GFXTRA.NET.rar
2014-08-04 17:50 - 2014-08-04 17:50 - 06074059 _____ () C:\Users\Wareza\Downloads\Dharma.Gothic.GFXTRA.NET.rar
2014-08-04 17:49 - 2014-08-04 17:48 - 108207626 _____ () C:\Users\Wareza\Downloads\SSS.Sale.Tags.4.25xEPS.GFXTRA.NET.rar
2014-08-04 17:48 - 2014-08-04 17:48 - 05919765 _____ () C:\Users\Wareza\Downloads\Selfica.GFXTRA.NET.rar
2014-08-04 17:48 - 2014-08-04 17:47 - 133610351 _____ () C:\Users\Wareza\Downloads\SSS.Tomato.and.Ketchup.25xEPS.GFXTRA.NET.rar
2014-08-04 17:47 - 2014-08-04 17:47 - 04447069 _____ () C:\Users\Wareza\Downloads\Equip.Slab.GFXTRA.NET.rar
2014-08-04 17:26 - 2014-08-04 17:26 - 07029079 _____ () C:\Users\Wareza\Downloads\Nauman.GFXTRA.NET.rar
2014-08-04 17:25 - 2014-08-04 17:25 - 134014148 _____ () C:\Users\Wareza\Downloads\SSS.Realistic.Flowers.25xEPS.GFXTRA.NET.rar
2014-08-04 17:24 - 2014-08-04 17:24 - 31240376 _____ () C:\Users\Wareza\Downloads\SSS.Tree.25xEPS.GFXTRA.NET.rar
2014-08-04 17:24 - 2014-08-04 17:24 - 04875009 _____ () C:\Users\Wareza\Downloads\Cavole.Slab.GFXTRA.NET.rar
2014-08-04 17:23 - 2014-08-04 17:23 - 04541525 _____ () C:\Users\Wareza\Downloads\Typonil.GFXTRA.NET.rar
2014-08-04 17:20 - 2014-08-04 17:20 - 04737040 _____ () C:\Users\Wareza\Downloads\Rooney.GFXTRA.NET.rar
2014-08-04 17:20 - 2014-08-04 17:19 - 124356324 _____ () C:\Users\Wareza\Downloads\SSS.Women.s.Day.2.25xEPS.GFXTRA.NET.rar
2014-08-04 17:19 - 2014-08-04 17:18 - 06720308 _____ () C:\Users\Wareza\Downloads\PF.Din.Display.Pro.GFXTRA.NET.rar
2014-08-04 17:18 - 2014-08-04 17:18 - 15742807 _____ () C:\Users\Wareza\Downloads\SSS.Floral.Pattern.25xEPS.GFXTRA.COM.rar
2014-08-04 17:17 - 2014-08-04 17:16 - 118475741 _____ () C:\Users\Wareza\Downloads\SSS.BBQ.Grill.25xEPS.GFXTRA.NET.rar
2014-08-04 17:17 - 2014-08-04 17:16 - 06072546 _____ () C:\Users\Wareza\Downloads\Semplicita.Pro.GFXTRA.NET.rar
2014-08-04 17:15 - 2014-08-04 17:15 - 04713341 _____ () C:\Users\Wareza\Downloads\Octin.Sports.GFXTRA.NET.rar
2014-08-04 17:14 - 2014-08-04 17:12 - 139436621 _____ () C:\Users\Wareza\Downloads\SSS.Outdoor.Adventure.25xEPS.GFXTRA.NET.rar
2014-08-04 17:13 - 2014-08-04 17:13 - 06589717 _____ () C:\Users\Wareza\Downloads\Helia.GFXTRA.NET.rar
2014-08-04 16:50 - 2014-05-23 16:56 - 00000000 ____D () C:\Users\Wareza\Desktop\JPEG MIX
2014-08-04 16:43 - 2014-08-04 16:42 - 281166112 _____ () C:\Users\Wareza\Downloads\SSS.Beauty.Girls.33xJPG.GFXTRA.NET.rar
2014-08-04 16:41 - 2014-08-04 16:41 - 06153518 _____ () C:\Users\Wareza\Downloads\Farrerons.Serif.GFXTRA.NET.rar
2014-08-04 16:40 - 2014-08-04 16:39 - 128688712 _____ () C:\Users\Wareza\Downloads\SSS.Gs.and.Winemaking.6.25xEPS.GFXTRA.NET.rar
2014-08-04 16:40 - 2014-08-04 16:38 - 143918658 _____ () C:\Users\Wareza\Downloads\SSS.Happy.Holi.25xEPS.GFXTRA.NET.rar
2014-08-04 16:39 - 2014-08-04 16:39 - 04608111 _____ () C:\Users\Wareza\Downloads\Signor.GFXTRA.NET.rar
2014-08-04 16:38 - 2014-08-04 16:38 - 05070630 _____ () C:\Users\Wareza\Downloads\Brevia.GFXTRA.NET.rar
2014-08-04 16:35 - 2014-08-04 16:35 - 12994476 _____ () C:\Users\Wareza\Downloads\SSS.Logo.Collection.Vol.6.25xEPS.GFXTRA.COM.rar
2014-08-04 16:34 - 2014-08-04 16:32 - 190756541 _____ () C:\Users\Wareza\Downloads\SSS.Menu.Cover.4.25xEPS.GFXTRA.NET.rar
2014-08-04 16:33 - 2014-08-04 16:33 - 06052166 _____ () C:\Users\Wareza\Downloads\Clio.XS.GFXTRA.NET.rar
2014-08-04 16:33 - 2014-08-04 16:31 - 112601398 _____ () C:\Users\Wareza\Downloads\SSS.Darts.Championship.25xEPS.GFXTRA.NET.rar
2014-08-04 16:29 - 2014-08-04 16:28 - 101805279 _____ () C:\Users\Wareza\Downloads\SSS.Farm.and.Agriculture.2.25xEPS.GFXTRA.NET.rar
2014-08-04 16:29 - 2014-08-04 16:28 - 05046826 _____ () C:\Users\Wareza\Downloads\Stat.Display.Pro.GFXTRA.NET.rar
2014-08-04 16:29 - 2014-08-04 16:27 - 216144120 _____ () C:\Users\Wareza\Downloads\SSS.St.Petersburg.25xJPG.GFXTRA.COM.rar
2014-08-04 16:27 - 2014-08-04 16:26 - 89861465 _____ () C:\Users\Wareza\Downloads\F0t0lia.Mountain.Sports.25xJPG.GFXTRA.COM.rar
2014-08-04 16:27 - 2014-08-04 16:26 - 100174201 _____ () C:\Users\Wareza\Downloads\F0t0lia.Mountain.Skiing.25xJPG.GFXTRA.NET.rar
2014-08-04 16:24 - 2014-08-04 16:24 - 04623017 _____ () C:\Users\Wareza\Downloads\Ephesus.GFXTRA.NET.rar
2014-08-04 16:24 - 2014-08-04 16:23 - 80329379 _____ () C:\Users\Wareza\Downloads\SSS.Fishing.Elements.25xEPS.GFXTRA.NET.rar
2014-08-04 16:22 - 2014-08-04 16:22 - 04996655 _____ () C:\Users\Wareza\Downloads\Showcase.GFXTRA.NET.rar
2014-08-04 16:22 - 2014-08-04 16:21 - 62822481 _____ () C:\Users\Wareza\Downloads\SSS.Crawling.Baby.Boy.on.White.Background.25xJPG.GFXTRA.NET.rar
2014-08-04 16:15 - 2014-08-04 16:14 - 162386211 _____ () C:\Users\Wareza\Downloads\SSS.Cute.Pin.Up.Girls.25xJPG.GFXTRA.NET.rar
2014-08-04 16:14 - 2014-08-04 16:13 - 98980095 _____ () C:\Users\Wareza\Downloads\F0t0lia.Brazil.Collection.25xEPS.GFXTRA.COM.rar
2014-08-04 16:12 - 2014-08-04 16:12 - 07032785 _____ () C:\Users\Wareza\Downloads\Nuber.GFXTRA.NET.rar
2014-08-04 16:11 - 2014-08-04 16:11 - 99859292 _____ () C:\Users\Wareza\Downloads\SSS.Happy.Mother.s.Day.3.25xEPS.GFXTRA.NET.rar
2014-08-04 16:10 - 2014-08-04 16:10 - 05790661 _____ () C:\Users\Wareza\Downloads\Agmena.Pro.GFXTRA.NET.rar
2014-08-04 16:09 - 2014-08-04 16:08 - 127230644 _____ () C:\Users\Wareza\Downloads\SSS.Happy.Easter.5.25xEPS.GFXTRA.NET.rar
2014-08-04 16:07 - 2014-08-04 16:07 - 10993128 _____ () C:\Users\Wareza\Downloads\Levato.Pro.GFXTRA.NET.rar
2014-08-04 16:07 - 2014-08-04 16:06 - 108144399 _____ () C:\Users\Wareza\Downloads\SSS.Ukrainian.Symbols.25xEPS.GFXTRA.NET.rar
2014-08-04 16:05 - 2014-08-04 16:04 - 123552324 _____ () C:\Users\Wareza\Downloads\SSS.Saint.Patrick.s.Day.6.25xEPS.GFXTRA.NET.rar
2014-08-04 16:05 - 2014-08-04 16:04 - 06263320 _____ () C:\Users\Wareza\Downloads\Idler.GFXTRA.NET.rar
2014-08-04 16:02 - 2014-08-04 16:02 - 04738325 _____ () C:\Users\Wareza\Downloads\CamingoDos.Pro.SemiCondensed.GFXTRA.NET.rar
2014-08-04 16:01 - 2014-08-04 16:01 - 74505293 _____ () C:\Users\Wareza\Downloads\SSS.Battery.Icons.25xEPS.GFXTRA.NET.rar
2014-08-04 16:00 - 2014-08-04 16:00 - 06270155 _____ () C:\Users\Wareza\Downloads\PF.Square.Sans.Pro.GFXTRA.NET.rar
2014-08-04 15:57 - 2014-08-04 15:57 - 04703014 _____ () C:\Users\Wareza\Downloads\Osnova.Pro.GFXTRA.NET.rar
2014-08-04 15:03 - 2014-08-04 15:02 - 110070481 _____ () C:\Users\Wareza\Downloads\SSS.Choco.Elements.25xEPS.GFXTRA.NET.rar
2014-08-04 15:01 - 2014-08-04 15:01 - 04187041 _____ () C:\Users\Wareza\Downloads\Vanitas.Stencil.GFXTRA.NET.rar
2014-08-04 15:00 - 2014-08-04 15:00 - 02979085 _____ () C:\Users\Wareza\Downloads\PF.Scandal.Pro.GFXTRA.NET.rar
2014-08-04 14:58 - 2014-08-04 14:58 - 07217278 _____ () C:\Users\Wareza\Downloads\Klavika.PTF.GFXTRA.NET.rar
2014-08-04 14:57 - 2014-08-04 14:57 - 04505313 _____ () C:\Users\Wareza\Downloads\Troia.GFXTRA.NET.rar
2014-08-04 14:57 - 2014-08-04 14:56 - 120339088 _____ () C:\Users\Wareza\Downloads\SSS.Metal.Textures.3.25xEPS.GFXTRA.NET.rar
2014-08-04 14:51 - 2014-08-04 14:51 - 05270286 _____ () C:\Users\Wareza\Downloads\Antenna.GFXTRA.NET.rar
2014-08-04 14:51 - 2014-08-04 14:50 - 134530282 _____ () C:\Users\Wareza\Downloads\SSS.Grunge.Elements.Vol.6.25xEPS.GFXTRA.NET.rar
2014-08-04 14:50 - 2014-08-04 14:50 - 35677272 _____ () C:\Users\Wareza\Downloads\SSS.Cheese.Vectors.25xEPS.GFXTRA.NET.rar
2014-08-04 14:49 - 2014-08-04 14:48 - 08911748 _____ () C:\Users\Wareza\Downloads\PF.Handbook.Pro.GFXTRA.NET.rar
2014-08-04 14:48 - 2014-08-04 14:47 - 143478711 _____ () C:\Users\Wareza\Downloads\SSS.Coffee.Time.7.25xEPS.GFXTRA.NET.rar
2014-08-04 14:46 - 2014-08-04 14:44 - 168619322 _____ () C:\Users\Wareza\Downloads\SSS.Young.Businessman_Working.with.a.Notebook.II.25xJPG.GFXTRA.COM.rar
2014-08-04 14:45 - 2014-08-04 14:45 - 05088750 _____ () C:\Users\Wareza\Downloads\Bandera.Pro.GFXTRA.NET.rar
2014-08-04 14:45 - 2014-08-04 14:43 - 219985029 _____ () C:\Users\Wareza\Downloads\SSS.Golden.Bitcoin.25xJPG.GFXTRA.NET.rar
2014-08-04 14:43 - 2014-08-04 14:43 - 08646150 _____ () C:\Users\Wareza\Downloads\Cabrito.GFXTRA.NET.rar
2014-08-04 14:41 - 2014-08-04 14:41 - 04037563 _____ () C:\Users\Wareza\Downloads\Frutiger.Adobe.GFXTRA.NET.rar
2014-08-04 14:41 - 2014-08-04 14:40 - 134111225 _____ () C:\Users\Wareza\Downloads\SSS.Vegetarian.Food.25xEPS.GFXTRA.NET.rar
2014-08-04 14:40 - 2014-08-04 14:39 - 08247235 _____ () C:\Users\Wareza\Downloads\PF.Beau.Sans.Pro.GFXTRA.NET.rar
2014-08-04 14:36 - 2014-08-04 14:36 - 15366449 _____ () C:\Users\Wareza\Downloads\Veneer.GFXTRA.NET.rar
2014-08-04 14:36 - 2012-12-27 20:55 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3893988867-3537961221-3907201996-1000Core.job
2014-08-04 14:35 - 2014-08-04 14:34 - 91287414 _____ () C:\Users\Wareza\Downloads\SSS.Logo.Design.2.25xEPS.GFXTRA.NET.rar
2014-08-04 13:53 - 2014-08-04 13:51 - 277641392 _____ () C:\Users\Wareza\Downloads\TShirtFactory.Vectors.Bundle.400.Premium.Designs.in.Bundle_GFXTRA.COM.pw.rar
2014-08-04 11:02 - 2014-08-04 11:02 - 00000000 ____D () C:\Users\Wareza\AppData\Local\{316329AA-F0F7-4458-AA95-108547743604}
2014-08-04 10:00 - 2014-05-18 20:26 - 00000000 ____D () C:\Users\Wareza\Desktop\Icony Vector
2014-08-04 09:27 - 2012-04-25 18:51 - 01659581 _____ () C:\Windows\WindowsUpdate.log
2014-08-04 08:55 - 2013-02-16 15:51 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-04 08:50 - 2009-07-14 06:45 - 00016304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-04 08:50 - 2009-07-14 06:45 - 00016304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-04 08:34 - 2014-07-16 18:39 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-04 08:34 - 2014-05-20 09:39 - 00008064 _____ () C:\Windows\setupact.log
2014-08-04 08:34 - 2014-05-13 18:05 - 00000000 ____D () C:\Users\Wareza\AppData\Local\Pokki
2014-08-04 08:34 - 2011-01-09 14:03 - 00000000 ____D () C:\Users\Wareza\AppData\Local\Adobe
2014-08-03 15:01 - 2011-08-25 18:23 - 00000000 ____D () C:\Users\Wareza\AppData\Local\CrashDumps
2014-08-03 12:38 - 2014-05-18 20:26 - 00000000 ____D () C:\Users\Wareza\Desktop\Logo Vector
2014-08-03 09:56 - 2014-08-03 09:56 - 00000000 _____ () C:\Users\Wareza\Desktop\Nový textový dokument.txt
2014-08-02 20:19 - 2013-07-15 14:13 - 00000000 ____D () C:\Users\Wareza\AppData\Roaming\Seznam.cz
2014-08-02 20:14 - 2014-05-25 19:07 - 00004060 _____ () C:\Windows\error.log
2014-08-02 20:14 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-02 20:13 - 2014-05-25 19:09 - 03413100 _____ () C:\Windows\PFRO.log
2014-08-02 20:13 - 2014-05-25 19:08 - 00004860 _____ () C:\Windows\errord.log
2014-08-02 20:11 - 2014-08-02 12:34 - 00054495 _____ () C:\zoek-results.log
2014-08-02 15:47 - 2014-08-02 15:47 - 00000000 ____D () C:\Users\Wareza\AppData\Local\{6E4A6504-328C-4E54-99FB-59CE92EA1811}
2014-08-02 13:12 - 2014-08-02 13:12 - 00000021 _____ () C:\folders.log
2014-08-02 13:12 - 2014-08-02 13:12 - 00000000 ____D () C:\zoek
2014-08-02 13:12 - 2014-08-02 12:10 - 00003133 _____ () C:\runcheck.txt
2014-08-02 12:26 - 2014-08-02 12:26 - 00003118 _____ () C:\Windows\System32\Tasks\{C0E5D28D-00F1-44BE-B643-C2D0A642F45E}
2014-08-02 12:10 - 2014-08-02 12:10 - 00000000 ____D () C:\zoek_backup
2014-08-02 12:01 - 2014-08-02 09:33 - 00000000 ____D () C:\AdwCleaner
2014-08-02 09:30 - 2014-08-02 09:30 - 00025906 _____ () C:\Users\Wareza\Desktop\JRT.txt
2014-08-02 09:05 - 2014-08-02 09:05 - 01361309 _____ () C:\Users\Wareza\Desktop\adwcleaner_3.302.exe
2014-08-02 09:05 - 2014-08-02 09:05 - 01016261 _____ (Thisisu) C:\Users\Wareza\Desktop\JRT.exe
2014-08-02 08:58 - 2014-08-01 20:20 - 00002324 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-02 08:58 - 2014-08-01 20:20 - 00002324 _____ () C:\ProgramData\Desktop\Google Chrome.lnk
2014-08-02 08:57 - 2012-05-03 10:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-01 22:07 - 2014-08-01 22:07 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-01 20:53 - 2014-08-01 20:53 - 00000000 ____D () C:\rsit
2014-08-01 20:53 - 2014-05-09 10:15 - 00000000 ____D () C:\Program Files\trend micro
2014-08-01 20:20 - 2014-08-01 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-01 20:20 - 2011-01-04 19:16 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-01 20:19 - 2014-08-01 20:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-01 19:51 - 2014-08-01 19:41 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-08-01 19:51 - 2013-04-19 12:26 - 00000000 ____D () C:\Users\Wareza\AppData\Local\Skymonk2
2014-08-01 19:34 - 2012-11-04 11:36 - 00000000 ____D () C:\Users\Wareza\AppData\Roaming\QuickScan
2014-08-01 18:32 - 2013-07-20 10:52 - 00000000 ____D () C:\Users\Wareza\AppData\Local\JDownloader v2.0
2014-07-31 16:14 - 2014-06-30 17:09 - 00000000 ____D () C:\Users\Wareza\Desktop\Graphic River
2014-07-30 22:49 - 2013-11-25 16:35 - 00000000 ____D () C:\Users\Wareza\AppData\Roaming\vlc
2014-07-30 20:44 - 2014-07-30 20:37 - 00000000 ____D () C:\Users\Wareza\Desktop\The.Expendables.3.2014.DVDSCR.Xvid-DiNGO
2014-07-30 20:44 - 2011-01-08 21:46 - 00000000 ____D () C:\Users\Wareza\AppData\Roaming\uTorrent
2014-07-29 11:22 - 2014-06-12 20:30 - 00000000 ____D () C:\Users\Wareza\Desktop\Mix Internet
2014-07-27 10:43 - 2014-08-02 11:26 - 00000000 ____D () C:\Users\Wareza\Desktop\crt_zd_smb
2014-07-27 09:32 - 2014-01-10 11:37 - 00000000 ____D () C:\Users\Wareza\Desktop\Sablony pro projekty
2014-07-26 09:56 - 2014-07-15 20:50 - 00003756 _____ () C:\Windows\System32\Tasks\Real Player online aktualizace
2014-07-26 09:10 - 2012-05-16 10:38 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-26 09:10 - 2012-05-16 10:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-26 09:07 - 2013-08-21 14:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-26 09:07 - 2011-01-06 02:14 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-26 09:06 - 2010-04-14 15:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-25 17:12 - 2012-05-16 10:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-25 10:44 - 2013-05-14 10:31 - 345231176 _____ () C:\Users\Wareza\Desktop\Záloha_Záloha_Záloha_Záloha_Záloha_Záloha_Záloha_Záloha_Záloha_Záloha_Záloha_Záloha_Záloha_mesto kartacek kveten 2013.cdr
2014-07-25 10:11 - 2014-05-11 18:03 - 00004552 _____ () C:\Users\Wareza\Desktop\nove odkazy.txt
2014-07-23 13:27 - 2009-07-14 17:18 - 00672582 _____ () C:\Windows\system32\perfh005.dat
2014-07-23 13:27 - 2009-07-14 17:18 - 00142780 _____ () C:\Windows\system32\perfc005.dat
2014-07-23 13:27 - 2009-07-14 07:13 - 01593876 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-23 13:23 - 2014-07-23 13:23 - 00000000 ____D () C:\Users\Wareza\Desktop\CD č.l. 84
2014-07-23 13:23 - 2014-07-23 13:23 - 00000000 ____D () C:\Users\Wareza\Desktop\CD č.l. 38
2014-07-23 13:23 - 2014-07-23 13:23 - 00000000 ____D () C:\Users\Wareza\Desktop\CD č.l. 207
2014-07-23 08:00 - 2014-07-23 08:00 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-07-22 20:17 - 2014-07-29 16:32 - 00000000 ____D () C:\Users\Wareza\Desktop\Crea 150
2014-07-22 20:05 - 2014-05-18 20:56 - 00000000 ____D () C:\Users\Wareza\Desktop\Programy
2014-07-22 12:01 - 2014-07-22 10:08 - 00000000 ____D () C:\Users\Wareza\Desktop\Textures Mix
2014-07-22 09:11 - 2014-07-22 09:11 - 00000000 ____D () C:\Users\Wareza\Desktop\PDF Magazíny
2014-07-21 22:02 - 2014-07-21 22:02 - 00000010 _____ () C:\Users\Wareza\Desktop\heslo.txt
2014-07-20 16:01 - 2014-07-20 16:01 - 00003600 ____N () C:\bootsqm.dat
2014-07-20 10:56 - 2014-07-20 10:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-07-20 10:56 - 2014-07-20 10:56 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-07-19 22:37 - 2014-07-21 08:50 - 00000000 ____D () C:\Users\Wareza\Desktop\Crea 149
2014-07-19 22:33 - 2014-07-19 22:23 - 2124101632 _____ () C:\Users\Wareza\Downloads\btb.avi
2014-07-19 20:07 - 2014-07-18 17:24 - 00000673 _____ () C:\Windows\aksdrvsetup.log
2014-07-19 20:07 - 2011-09-03 23:27 - 00022947 _____ () C:\Windows\SysWOW64\HLDRV.LOG
2014-07-19 14:55 - 2014-07-19 14:55 - 00000032 _____ () C:\Windows\ETKINST.INI
2014-07-19 12:56 - 2014-07-18 17:24 - 00000674 _____ () C:\Windows\aksdrvsetup.1.log
2014-07-19 12:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system
2014-07-19 12:01 - 2014-07-06 17:46 - 00000000 ____D () C:\Users\Wareza\Desktop\Detailer komp
2014-07-19 08:07 - 2014-07-30 19:11 - 00000000 ____D () C:\Users\Wareza\Desktop\Trump Gothic Pro Font Family - 66 Fonts 240$
2014-07-18 21:10 - 2012-08-23 17:05 - 00000000 ____D () C:\Hry
2014-07-18 21:00 - 2014-07-18 17:24 - 00000677 _____ () C:\Windows\aksdrvsetup.2.log
2014-07-18 20:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-07-18 20:44 - 2011-01-09 16:59 - 00000000 ____D () C:\Users\Wareza\AppData\Roaming\DAEMON Tools Lite
2014-07-18 20:44 - 2011-01-09 16:59 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-07-18 20:04 - 2014-07-18 20:04 - 00000000 ____D () C:\Users\Wareza\AppData\Local\Sniper3
2014-07-18 20:04 - 2014-07-18 20:04 - 00000000 ____D () C:\ProgramData\ALI213
2014-07-18 20:00 - 2014-07-18 20:00 - 00000758 _____ () C:\Windows\DirectX.log
2014-07-18 18:14 - 2011-01-07 19:40 - 00000000 ____D () C:\Users\Wareza\Documents\Visual Studio 2008
2014-07-18 18:13 - 2014-07-18 18:13 - 00003536 _____ () C:\Windows\System32\Tasks\{87E11AAA-A114-4794-8A7E-C2089F882346}
2014-07-18 17:59 - 2014-07-18 16:10 - 00067584 _____ (Chingachguk & Denger2k (Elite & SP edition)) C:\Windows\system32\Drivers\multikey.sys
2014-07-18 17:58 - 2014-07-18 17:58 - 00000543 _____ () C:\Windows\NGO.cer
2014-07-18 17:25 - 2014-07-18 17:24 - 00020585 _____ () C:\Windows\aksdrvsetup.3.log
2014-07-18 16:54 - 2013-11-25 16:34 - 00001077 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-07-18 16:54 - 2013-11-25 16:34 - 00001077 _____ () C:\ProgramData\Desktop\VLC media player.lnk
2014-07-18 14:43 - 2014-07-18 14:29 - 00000000 ____D () C:\Users\Wareza\Downloads\Sniper Elite III
2014-07-18 13:31 - 2014-05-23 16:55 - 00000000 ____D () C:\Users\Wareza\Desktop\Komponenty Eshop
2014-07-18 10:17 - 2014-05-07 20:46 - 00002023 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-07-18 10:17 - 2014-05-07 20:46 - 00002023 _____ () C:\ProgramData\Desktop\avast! Internet Security.lnk
2014-07-17 18:00 - 2014-07-17 18:00 - 00000000 ____D () C:\Users\Wareza\Desktop\Retro Style People_
2014-07-17 17:19 - 2014-06-12 20:32 - 00000000 ____D () C:\Users\Wareza\Desktop\Filmy
2014-07-17 16:22 - 2014-07-17 16:13 - 00000417 _____ () C:\TMachInfo.log
2014-07-17 16:15 - 2014-07-17 16:15 - 00000000 ____D () C:\Users\Wareza\AppData\Roaming\proxyeverysvr
2014-07-17 09:37 - 2014-05-07 20:45 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-16 18:34 - 2014-07-16 18:34 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-16 18:34 - 2014-05-07 20:45 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-07-16 18:34 - 2014-05-07 20:45 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-16 18:34 - 2014-05-07 20:45 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-16 18:34 - 2014-05-07 20:45 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-16 18:34 - 2014-05-07 20:45 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-07-16 18:34 - 2014-05-07 20:45 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-16 18:34 - 2014-05-07 20:45 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-16 18:34 - 2014-05-07 20:45 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-16 18:33 - 2014-05-07 20:45 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-07-16 18:32 - 2014-07-16 18:32 - 00448400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-07-16 11:13 - 2014-07-22 12:06 - 00000000 ____D () C:\Users\Wareza\Desktop\Creative Pack # 541
2014-07-15 20:50 - 2014-07-15 20:50 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe online aktualizační program
2014-07-15 20:50 - 2013-10-14 14:13 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-07-15 20:48 - 2013-11-30 01:32 - 00000000 __HDC () C:\ProgramData\{81083967-5051-4F49-910E-70164AD89C2D}
2014-07-15 20:48 - 2012-12-27 14:04 - 00000000 __SHD () C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2014-07-15 20:44 - 2014-05-17 17:54 - 00000000 ____D () C:\Users\Wareza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XeroBank
2014-07-15 20:20 - 2014-07-15 20:20 - 00002220 _____ () C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
2014-07-15 20:20 - 2014-07-15 20:20 - 00002220 _____ () C:\ProgramData\Desktop\TuneUp 1-Click Maintenance.lnk
2014-07-15 20:20 - 2014-07-15 20:20 - 00002206 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
2014-07-15 20:20 - 2014-07-15 20:20 - 00002194 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
2014-07-15 20:20 - 2014-07-15 20:20 - 00002194 _____ () C:\ProgramData\Desktop\TuneUp Utilities 2013.lnk
2014-07-15 20:20 - 2014-07-15 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
2014-07-15 20:20 - 2014-07-15 20:18 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2013
2014-07-15 20:18 - 2013-04-29 23:16 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-07-15 19:10 - 2014-01-15 23:13 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-15 19:08 - 2014-07-15 19:09 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-15 19:08 - 2014-07-15 19:08 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-15 19:08 - 2010-04-14 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-15 19:08 - 2010-04-14 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-15 18:56 - 2014-07-15 18:56 - 00003076 _____ () C:\Windows\System32\Tasks\Game_Booster_Startup
2014-07-15 18:55 - 2012-10-17 21:55 - 00000000 ____D () C:\ProgramData\IObit
2014-07-15 18:55 - 2012-10-17 21:55 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-07-14 15:11 - 2014-08-02 12:25 - 01417360 _____ () C:\Users\Wareza\Desktop\zoek.scr
2014-07-14 15:11 - 2014-08-02 12:25 - 01417360 _____ () C:\Users\Wareza\Desktop\zoek.com
2014-07-13 11:38 - 2014-07-23 19:01 - 00000000 ____D () C:\Users\Wareza\Desktop\Creative Pack # 534
2014-07-12 22:05 - 2013-05-14 10:31 - 344939143 _____ () C:\Users\Wareza\Desktop\Záloha_Záloha_Záloha_Záloha_Záloha_Záloha_Záloha_Záloha_Záloha_Záloha_Záloha_Záloha_Záloha_Záloha_mesto kartacek kveten 2013.cdr
2014-07-11 20:19 - 2013-01-03 20:52 - 02817024 ___SH () C:\Users\Wareza\Downloads\Thumbs.db
2014-07-08 23:36 - 2013-01-25 23:05 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-08 23:36 - 2013-01-25 23:04 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-08 23:36 - 2013-01-25 23:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-08 23:35 - 2014-07-08 23:35 - 05659136 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-08 20:25 - 2014-07-30 17:53 - 00000000 ____D () C:\Users\Wareza\Desktop\Stock Vector - Abstract Logo and Icon Collection 35
2014-07-06 23:19 - 2014-07-06 23:19 - 00001339 _____ () C:\Users\Public\Desktop\SuperAntiSpyware - Professional - XxXFreakyXxX.lnk
2014-07-06 23:19 - 2014-07-06 23:19 - 00001339 _____ () C:\ProgramData\Desktop\SuperAntiSpyware - Professional - XxXFreakyXxX.lnk
2014-07-06 23:19 - 2014-07-06 23:19 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-07-06 23:19 - 2014-07-06 23:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperAntiSpyware - Professional
2014-07-06 23:19 - 2014-07-06 23:19 - 00000000 ____D () C:\Program Files (x86)\SuperAntiSpyware - Professional - XxXFreakyXxX

Files to move or delete:
====================
C:\ProgramData\C__Users_Wareza_Desktop_Hide IP Easy 5.0.5.2 Full + crack [TrT-TcT]_Crack_HideIPEasy.exe
C:\Users\Wareza\AppData\Roaming\data.dat


Some content of TEMP:
====================
C:\Users\Wareza\AppData\Local\Temp\7za.exe
C:\Users\Wareza\AppData\Local\Temp\hijackthis.exe
C:\Users\Wareza\AppData\Local\Temp\inethnfd-setup.exe
C:\Users\Wareza\AppData\Local\Temp\NirCmd.exe
C:\Users\Wareza\AppData\Local\Temp\PEVZ.EXE
C:\Users\Wareza\AppData\Local\Temp\proxy_vole2854187659785734074.dll
C:\Users\Wareza\AppData\Local\Temp\proxy_vole6088813022969138227.dll
C:\Users\Wareza\AppData\Local\Temp\Quarantine.exe
C:\Users\Wareza\AppData\Local\Temp\remove.exe
C:\Users\Wareza\AppData\Local\Temp\sed.exe
C:\Users\Wareza\AppData\Local\Temp\shortcut.exe
C:\Users\Wareza\AppData\Local\Temp\SkyMonkAM__2155_il2428.exe
C:\Users\Wareza\AppData\Local\Temp\SSUPDATE.EXE
C:\Users\Wareza\AppData\Local\Temp\swreg.exe
C:\Users\Wareza\AppData\Local\Temp\swxcacls.exe
C:\Users\Wareza\AppData\Local\Temp\wget.exe
C:\Users\Wareza\AppData\Local\Temp\zoek-delete.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


LastRegBack: 2014-02-08 05:34

==================== End Of Log ============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [tedcgtelwn] => wscript.exe //B "C:\Users\Wareza\AppData\Local\Temp\tedcgtelwn..vbs" <===== ATTENTION
  HKLM\...\Run: [qrnvvhxtfg] => wscript.exe //B "C:\Users\Wareza\AppData\Local\Temp\qrnvvhxtfg..vbs" <===== ATTENTION
  HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296056 2011-12-10] (RealNetworks, Inc.)
  HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Users\Wareza\AppData\Local\Temp\DCSCMIN\IMDCSC.exe,C:\Users\Wareza\AppData\Local\Temp\DCSCMIN\IMDCSC.exe,userinit.exe
  HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Run: [DriveCrypt Startup] => C:\Program Files (x86)\DriveCrypt\DriveCrypt.exe [1249280 2013-05-09] (Secustar)
  HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Run: [SmartSerialMail Sending] => C:\Program Files (x86)\JAM Software\SmartSerialMail\SmartSerialMailServiceApp.exe [12234136 2011-11-10] (JAM Software GmbH)
  HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Run: [tedcgtelwn] => wscript.exe //B "C:\Users\Wareza\AppData\Local\Temp\tedcgtelwn..vbs" <===== ATTENTION
  HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Run: [qrnvvhxtfg] => wscript.exe //B "C:\Users\Wareza\AppData\Local\Temp\qrnvvhxtfg..vbs" <===== ATTENTION
  HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
  HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files (x86)\SuperAntiSpyware - Professional - XxXFreakyXxX\SUPERAntiSpywarePro.exe [2408688 2010-10-25] (SUPERAntiSpyware.com)
  HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Wareza\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
  HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Wareza\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
  HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Policies\system: [EnableLUA] 0
  Startup: C:\Users\Wareza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qrnvvhxtfg..vbs ()
  Startup: C:\Users\Wareza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tedcgtelwn..vbs ()
  
  HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_s ... 2&tsp=5250
  SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  
  FF NetworkProxy: "ftp", "85.114.141.191"
  FF NetworkProxy: "ftp_port", 80
  FF NetworkProxy: "gopher", "85.114.141.191"
  FF NetworkProxy: "gopher_port", 80
  FF NetworkProxy: "http", "85.114.141.191"
  FF NetworkProxy: "http_port", 80
  FF NetworkProxy: "type", 0
  FF Plugin: @microsoft.com/GENUINE -> disabled No File
  FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
  FF Extension: HD-V1.9 - C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\Extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com [2014-08-01]
  FF Extension: Hide IP Easy - C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\Extensions\support@easy-hideip.com.xpi [2014-05-25]
  FF Extension: Super Hide IP - C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\Extensions\support@superhideip.com.xpi [2014-05-26]
  FF Extension: CheckerLink - C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\Extensions\{1E379E8A-6F65-11E2-8F56-F1A26188709B}.xpi [2014-07-31]
  
  CHR Plugin: (globalUpdate Update) - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
  
  S3 CrystalSysInfo; \??\C:\Program Files (x86)\MediaCoder\SysInfoX64.sys [X]
  S3 DCR; \??\C:\Program Files (x86)\DriveCrypt\DCR.Sys [X]
  S0 TfFsMon; system32\drivers\TfFsMon.sys [X]
  S3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [X]
  S0 TFSysMon; system32\drivers\TfSysMon.sys [X]
  
  2014-08-04 18:54 - 2014-08-04 18:56 - 00035107 _____ () C:\Users\Wareza\Desktop\FRST.txt
  2014-08-04 18:53 - 2014-08-04 18:53 - 02094080 _____ (Farbar) C:\Users\Wareza\Downloads\FRST64.exe
  2014-08-04 18:52 - 2014-08-04 18:52 - 00015327 _____ () C:\Users\Wareza\Desktop\LM.bat
  2014-08-04 18:51 - 2014-08-04 18:52 - 00029696 _____ () C:\Users\Wareza\AppData\Local\MSGBOX.EXE
  2014-08-04 18:50 - 2014-08-04 18:50 - 00112640 _____ (forum.viry.cz) C:\Users\Wareza\Downloads\FRSTLauncher.exe
  2014-08-04 18:50 - 2014-08-04 18:50 - 00112640 _____ (forum.viry.cz) C:\Users\Wareza\Desktop\FRSTLauncher.exe
  2014-08-02 13:12 - 2014-08-02 13:12 - 00000021 _____ () C:\folders.log
  2014-08-02 13:12 - 2014-08-02 13:12 - 00000000 ____D () C:\zoek
  2014-08-02 12:34 - 2014-08-02 20:11 - 00054495 _____ () C:\zoek-results.log
  2014-08-02 12:26 - 2014-08-02 12:26 - 00003118 _____ () C:\Windows\System32\Tasks\{C0E5D28D-00F1-44BE-B643-C2D0A642F45E}
  2014-08-02 12:25 - 2014-07-14 15:11 - 01417360 _____ () C:\Users\Wareza\Desktop\zoek.scr
  2014-08-02 12:25 - 2014-07-14 15:11 - 01417360 _____ () C:\Users\Wareza\Desktop\zoek.com
  2014-08-02 12:10 - 2014-08-02 13:12 - 00003133 _____ () C:\runcheck.txt
  2014-08-02 12:10 - 2014-08-02 12:10 - 00000000 ____D () C:\zoek_backup
  2014-08-02 11:26 - 2014-07-27 10:43 - 00000000 ____D () C:\Users\Wareza\Desktop\crt_zd_smb
  2014-08-02 09:33 - 2014-08-02 12:01 - 00000000 ____D () C:\AdwCleaner
  2014-08-02 09:30 - 2014-08-02 09:30 - 00025906 _____ () C:\Users\Wareza\Desktop\JRT.txt
  2014-08-02 09:05 - 2014-08-02 09:05 - 01361309 _____ () C:\Users\Wareza\Desktop\adwcleaner_3.302.exe
  2014-08-02 09:05 - 2014-08-02 09:05 - 01016261 _____ (Thisisu) C:\Users\Wareza\Desktop\JRT.exe
  2014-08-01 20:53 - 2014-08-01 20:53 - 00000000 ____D () C:\rsit
  C:\ProgramData\C__Users_Wareza_Desktop_Hide IP Easy 5.0.5.2 Full + crack [TrT-TcT]_Crack_HideIPEasy.exe
  C:\Users\Wareza\AppData\Roaming\data.dat
  C:\Users\Wareza\AppData\Local\Temp\7za.exe
  C:\Users\Wareza\AppData\Local\Temp\hijackthis.exe
  C:\Users\Wareza\AppData\Local\Temp\inethnfd-setup.exe
  C:\Users\Wareza\AppData\Local\Temp\NirCmd.exe
  C:\Users\Wareza\AppData\Local\Temp\PEVZ.EXE
  C:\Users\Wareza\AppData\Local\Temp\proxy_vole2854187659785734074.dll
  C:\Users\Wareza\AppData\Local\Temp\proxy_vole6088813022969138227.dll
  C:\Users\Wareza\AppData\Local\Temp\Quarantine.exe
  C:\Users\Wareza\AppData\Local\Temp\remove.exe
  C:\Users\Wareza\AppData\Local\Temp\sed.exe
  C:\Users\Wareza\AppData\Local\Temp\shortcut.exe
  C:\Users\Wareza\AppData\Local\Temp\SkyMonkAM__2155_il2428.exe
  C:\Users\Wareza\AppData\Local\Temp\SSUPDATE.EXE
  C:\Users\Wareza\AppData\Local\Temp\swreg.exe
  C:\Users\Wareza\AppData\Local\Temp\swxcacls.exe
  C:\Users\Wareza\AppData\Local\Temp\wget.exe
  C:\Users\Wareza\AppData\Local\Temp\zoek-delete.exe
  
  Hosts:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-08-2014
Ran by Wareza at 2014-08-05 10:43:12 Run:1
Running from C:\Users\Wareza\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [tedcgtelwn] => wscript.exe //B "C:\Users\Wareza\AppData\Local\Temp\tedcgtelwn..vbs" <===== ATTENTION
HKLM\...\Run: [qrnvvhxtfg] => wscript.exe //B "C:\Users\Wareza\AppData\Local\Temp\qrnvvhxtfg..vbs" <===== ATTENTION
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296056 2011-12-10] (RealNetworks, Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Users\Wareza\AppData\Local\Temp\DCSCMIN\IMDCSC.exe,C:\Users\Wareza\AppData\Local\Temp\DCSCMIN\IMDCSC.exe,userinit.exe
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Run: [DriveCrypt Startup] => C:\Program Files (x86)\DriveCrypt\DriveCrypt.exe [1249280 2013-05-09] (Secustar)
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Run: [SmartSerialMail Sending] => C:\Program Files (x86)\JAM Software\SmartSerialMail\SmartSerialMailServiceApp.exe [12234136 2011-11-10] (JAM Software GmbH)
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Run: [tedcgtelwn] => wscript.exe //B "C:\Users\Wareza\AppData\Local\Temp\tedcgtelwn..vbs" <===== ATTENTION
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Run: [qrnvvhxtfg] => wscript.exe //B "C:\Users\Wareza\AppData\Local\Temp\qrnvvhxtfg..vbs" <===== ATTENTION
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files (x86)\SuperAntiSpyware - Professional - XxXFreakyXxX\SUPERAntiSpywarePro.exe [2408688 2010-10-25] (SUPERAntiSpyware.com)
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Wareza\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Wareza\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\...\Policies\system: [EnableLUA] 0
Startup: C:\Users\Wareza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qrnvvhxtfg..vbs ()
Startup: C:\Users\Wareza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tedcgtelwn..vbs ()

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_s ... 2&tsp=5250
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

FF NetworkProxy: "ftp", "85.114.141.191"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "gopher", "85.114.141.191"
FF NetworkProxy: "gopher_port", 80
FF NetworkProxy: "http", "85.114.141.191"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "type", 0
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Extension: HD-V1.9 - C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\Extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com [2014-08-01]
FF Extension: Hide IP Easy - C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\Extensions\support@easy-hideip.com.xpi [2014-05-25]
FF Extension: Super Hide IP - C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\Extensions\support@superhideip.com.xpi [2014-05-26]
FF Extension: CheckerLink - C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\Extensions\{1E379E8A-6F65-11E2-8F56-F1A26188709B}.xpi [2014-07-31]

CHR Plugin: (globalUpdate Update) - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File

S3 CrystalSysInfo; \??\C:\Program Files (x86)\MediaCoder\SysInfoX64.sys [X]
S3 DCR; \??\C:\Program Files (x86)\DriveCrypt\DCR.Sys [X]
S0 TfFsMon; system32\drivers\TfFsMon.sys [X]
S3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [X]
S0 TFSysMon; system32\drivers\TfSysMon.sys [X]

2014-08-04 18:54 - 2014-08-04 18:56 - 00035107 _____ () C:\Users\Wareza\Desktop\FRST.txt
2014-08-04 18:53 - 2014-08-04 18:53 - 02094080 _____ (Farbar) C:\Users\Wareza\Downloads\FRST64.exe
2014-08-04 18:52 - 2014-08-04 18:52 - 00015327 _____ () C:\Users\Wareza\Desktop\LM.bat
2014-08-04 18:51 - 2014-08-04 18:52 - 00029696 _____ () C:\Users\Wareza\AppData\Local\MSGBOX.EXE
2014-08-04 18:50 - 2014-08-04 18:50 - 00112640 _____ (forum.viry.cz) C:\Users\Wareza\Downloads\FRSTLauncher.exe
2014-08-04 18:50 - 2014-08-04 18:50 - 00112640 _____ (forum.viry.cz) C:\Users\Wareza\Desktop\FRSTLauncher.exe
2014-08-02 13:12 - 2014-08-02 13:12 - 00000021 _____ () C:\folders.log
2014-08-02 13:12 - 2014-08-02 13:12 - 00000000 ____D () C:\zoek
2014-08-02 12:34 - 2014-08-02 20:11 - 00054495 _____ () C:\zoek-results.log
2014-08-02 12:26 - 2014-08-02 12:26 - 00003118 _____ () C:\Windows\System32\Tasks\{C0E5D28D-00F1-44BE-B643-C2D0A642F45E}
2014-08-02 12:25 - 2014-07-14 15:11 - 01417360 _____ () C:\Users\Wareza\Desktop\zoek.scr
2014-08-02 12:25 - 2014-07-14 15:11 - 01417360 _____ () C:\Users\Wareza\Desktop\zoek.com
2014-08-02 12:10 - 2014-08-02 13:12 - 00003133 _____ () C:\runcheck.txt
2014-08-02 12:10 - 2014-08-02 12:10 - 00000000 ____D () C:\zoek_backup
2014-08-02 11:26 - 2014-07-27 10:43 - 00000000 ____D () C:\Users\Wareza\Desktop\crt_zd_smb
2014-08-02 09:33 - 2014-08-02 12:01 - 00000000 ____D () C:\AdwCleaner
2014-08-02 09:30 - 2014-08-02 09:30 - 00025906 _____ () C:\Users\Wareza\Desktop\JRT.txt
2014-08-02 09:05 - 2014-08-02 09:05 - 01361309 _____ () C:\Users\Wareza\Desktop\adwcleaner_3.302.exe
2014-08-02 09:05 - 2014-08-02 09:05 - 01016261 _____ (Thisisu) C:\Users\Wareza\Desktop\JRT.exe
2014-08-01 20:53 - 2014-08-01 20:53 - 00000000 ____D () C:\rsit
C:\ProgramData\C__Users_Wareza_Desktop_Hide IP Easy 5.0.5.2 Full + crack [TrT-TcT]_Crack_HideIPEasy.exe
C:\Users\Wareza\AppData\Roaming\data.dat
C:\Users\Wareza\AppData\Local\Temp\7za.exe
C:\Users\Wareza\AppData\Local\Temp\hijackthis.exe
C:\Users\Wareza\AppData\Local\Temp\inethnfd-setup.exe
C:\Users\Wareza\AppData\Local\Temp\NirCmd.exe
C:\Users\Wareza\AppData\Local\Temp\PEVZ.EXE
C:\Users\Wareza\AppData\Local\Temp\proxy_vole2854187659785734074.dll
C:\Users\Wareza\AppData\Local\Temp\proxy_vole6088813022969138227.dll
C:\Users\Wareza\AppData\Local\Temp\Quarantine.exe
C:\Users\Wareza\AppData\Local\Temp\remove.exe
C:\Users\Wareza\AppData\Local\Temp\sed.exe
C:\Users\Wareza\AppData\Local\Temp\shortcut.exe
C:\Users\Wareza\AppData\Local\Temp\SkyMonkAM__2155_il2428.exe
C:\Users\Wareza\AppData\Local\Temp\SSUPDATE.EXE
C:\Users\Wareza\AppData\Local\Temp\swreg.exe
C:\Users\Wareza\AppData\Local\Temp\swxcacls.exe
C:\Users\Wareza\AppData\Local\Temp\wget.exe
C:\Users\Wareza\AppData\Local\Temp\zoek-delete.exe

Hosts:
Reboot:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\tedcgtelwn => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\qrnvvhxtfg => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\TkBellExe => value deleted successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit => Value was restored successfully.
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DriveCrypt Startup => value deleted successfully.
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SmartSerialMail Sending => value deleted successfully.
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\Software\Microsoft\Windows\CurrentVersion\Run\\tedcgtelwn => value deleted successfully.
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\Software\Microsoft\Windows\CurrentVersion\Run\\qrnvvhxtfg => value deleted successfully.
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Pokki => value deleted successfully.
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SUPERAntiSpyware => value deleted successfully.
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value deleted successfully.
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value deleted successfully.
HKU\S-1-5-21-3893988867-3537961221-3907201996-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\EnableLUA => value deleted successfully.
C:\Users\Wareza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qrnvvhxtfg..vbs => Moved successfully.
C:\Users\Wareza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tedcgtelwn..vbs => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\Extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com => Moved successfully.
C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\Extensions\support@easy-hideip.com.xpi => Moved successfully.
C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\Extensions\support@superhideip.com.xpi => Moved successfully.
C:\Users\Wareza\AppData\Roaming\Mozilla\Firefox\Profiles\7x9so9sh.default\Extensions\{1E379E8A-6F65-11E2-8F56-F1A26188709B}.xpi => Moved successfully.
C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll not found.
CrystalSysInfo => Service deleted successfully.
DCR => Service deleted successfully.
TfFsMon => Service deleted successfully.
TfNetMon => Service deleted successfully.
TFSysMon => Service deleted successfully.
C:\Users\Wareza\Desktop\FRST.txt => Moved successfully.
C:\Users\Wareza\Downloads\FRST64.exe => Moved successfully.
C:\Users\Wareza\Desktop\LM.bat => Moved successfully.
C:\Users\Wareza\AppData\Local\MSGBOX.EXE => Moved successfully.
C:\Users\Wareza\Downloads\FRSTLauncher.exe => Moved successfully.
C:\Users\Wareza\Desktop\FRSTLauncher.exe => Moved successfully.
C:\folders.log => Moved successfully.
C:\zoek => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\Windows\System32\Tasks\{C0E5D28D-00F1-44BE-B643-C2D0A642F45E} => Moved successfully.
C:\Users\Wareza\Desktop\zoek.scr => Moved successfully.
C:\Users\Wareza\Desktop\zoek.com => Moved successfully.
C:\runcheck.txt => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Wareza\Desktop\crt_zd_smb => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Wareza\Desktop\JRT.txt => Moved successfully.
C:\Users\Wareza\Desktop\adwcleaner_3.302.exe => Moved successfully.
C:\Users\Wareza\Desktop\JRT.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\ProgramData\C__Users_Wareza_Desktop_Hide IP Easy 5.0.5.2 Full + crack [TrT-TcT]_Crack_HideIPEasy.exe => Moved successfully.
C:\Users\Wareza\AppData\Roaming\data.dat => Moved successfully.
C:\Users\Wareza\AppData\Local\Temp\7za.exe => Moved successfully.
C:\Users\Wareza\AppData\Local\Temp\hijackthis.exe => Moved successfully.
C:\Users\Wareza\AppData\Local\Temp\inethnfd-setup.exe => Moved successfully.
C:\Users\Wareza\AppData\Local\Temp\NirCmd.exe => Moved successfully.
C:\Users\Wareza\AppData\Local\Temp\PEVZ.EXE => Moved successfully.
C:\Users\Wareza\AppData\Local\Temp\proxy_vole2854187659785734074.dll => Moved successfully.
C:\Users\Wareza\AppData\Local\Temp\proxy_vole6088813022969138227.dll => Moved successfully.
C:\Users\Wareza\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Wareza\AppData\Local\Temp\remove.exe => Moved successfully.
C:\Users\Wareza\AppData\Local\Temp\sed.exe => Moved successfully.
C:\Users\Wareza\AppData\Local\Temp\shortcut.exe => Moved successfully.
C:\Users\Wareza\AppData\Local\Temp\SkyMonkAM__2155_il2428.exe => Moved successfully.
C:\Users\Wareza\AppData\Local\Temp\SSUPDATE.EXE => Moved successfully.
C:\Users\Wareza\AppData\Local\Temp\swreg.exe => Moved successfully.
C:\Users\Wareza\AppData\Local\Temp\swxcacls.exe => Moved successfully.
C:\Users\Wareza\AppData\Local\Temp\wget.exe => Moved successfully.
C:\Users\Wareza\AppData\Local\Temp\zoek-delete.exe => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.


The system needed a reboot.

==== End of Fixlog ====

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Super, mnohokrát děkuji za pomoc, skvělá práce.

Ještě jednou děkuji za vaší ochotu a čas.

Nemate zac, rad jsem pomohl Zase nekdy

A na zaklade Pravidla o zamykani temat