Mám zavirováno a absolutně se nevyznám a nevím co dělat:/

[MyNameIsCady]

Bohužel už delší dobu mám ESET na takové úrovni, že svítí červeně a žádá po mně aktualizaci (kterou mu neumožním protože nemám peníze na placenou verzi a jakýkoliv crack mi tam nepasuje..) takže mi často chodí varování a každý den se bojím abych vubec zapla notebook.

Nepoužívám myš, takže na notebooku všechno dělám dotykově a dnes mi to šíleně blblo, pořád to přeskakovalo a celkově si to dělalo, co chtělo. Za pár hodin jsem si všimla, že mi svítí zaplá webkamera, přestože byla vyplá. No a ted mi přestaly fungovat háčky a čárky (d,n,t,o,u)... Trochu jsem brousila po diskuzích a došlo mi, že mám asi vir. Kamarád mi poslal odkaz na ESET online scanner a ten mi výskyt viru potvrdil.

Problém je že jsem z toho streslá jak prase a nevím co si s tím počít, absolutně se v tomto oboru nevyznám a bojím se stáhnout další antivirák, protože mám trauma z dětství kdy jsem stáhla do otcova pc dva antiviráky, které se navzájem nahlásily jako vir, pc zdechl a musel se komplet celý vymazat, aby šel - a neměli jsme nic zálohované, takže jsme přišli o dost důležitých věcí. Ani ted nemám nic na notebooku zálohované a mám fakt strach, protože přestože dostat trojského koně není žádná hrůza, tak to tak díky své neznalosti vnímám.

Jestli jsem sem právě napsala nějaký směšný příspěvek o triviálním problému, tak fakt pardon, já opravdu v těchto věcech nevím...
Nicméně budu ráda za jakoukoli odpověd ))

[vyosek]

Zdravim

Zadny crack neni potreba , jednak crack ma v sobe bonus nejake haveti a jednak je to poruseni licencnich podminek = poruseni autorskeho zakona = pachani trestneho cinu. A to na nasem foru nepodporujeme

Odinstalujte nelegalni ESET a nainstalujte si Avast Free http://www.avast.com/get/gWR5mo92 ktery je zdarma

Pote dejte log z RSIT dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=130786

[MyNameIsCady]

Omlouvám se za zpožděnou odpověď, sháněla jsem po kamarádech přenosný hadr na zálohování souborů...
Tak jsem teda přeinstalovala ten ESET na Avast a celý den jsem si Avastem čistila počítač. (A už mi dokonce i jede ď,ť,ň, jupí:D)

Jinak ten log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Karol at 2014-08-28 01:17:46
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 189 GB (41%) free of 461 GB
Total RAM: 3691 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:28:18, on 28.8.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files\trend micro\Karol.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\AVAST Software\Avast\BrowserCleanup.exe
C:\Program Files\AVAST Software\Avast\BrowserCleanup.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =TB_IESB22
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll
R3 - URLSearchHook: FreeOnlineRadioPlayerRecorder Toolbar - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Users\Karol\AppData\LocalLow\CT2737658\ldrtbFree.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: DVDVideoSoftTB - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: FreeOnlineRadioPlayerRecorder Toolbar - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Users\Karol\AppData\LocalLow\CT2737658\ldrtbFree.dll
O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll
O3 - Toolbar: FreeOnlineRadioPlayerRecorder Toolbar - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Users\Karol\AppData\LocalLow\CT2737658\ldrtbFree.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [ISUSPM Startup] c:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Karol\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [b5fc7b4e77c78228bfbffe7fef976276] "C:\Users\Karol\AppData\Local\Temp\chost.exe" ..
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe

--
End of file - 15592 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 1555568
\??\C:\Windows\system32\conhost.exe "1122421547-21096029-347418933-6717636418350744851192654816-513505275633564546
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"taskhost.exe"
taskeng.exe {8B9C1E34-3ADD-46B7-9C7A-EB0937CB3515}
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesService64.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2268
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesApp64.exe" /TUStart /pid:2180
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" -quickstart
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" "-quickstart" "-env:OOO_CWD=2C:\\Program Files (x86)\\OpenOffice.org 3\\program"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><Title>HP Wireless Assistant</Title><Text>Bluetooth®: On
WLAN: On</Text><IconPath>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WA_tray_32_on.ico</IconPath><ID>827132482</ID><Path>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe</Path><Parameters></Parameters></Toast></hpNotification>"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}

"C:\Users\Karol\Desktop\Downloads\RSITx64.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "/PRODUCT:READER" "/VERSION:10.0" "/MODE:1"
explorer.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
taskeng.exe {41D547D8-49E0-4DAC-B21B-9227923A1058}
"C:\Program Files\AVAST Software\Avast\BrowserCleanup.exe"
taskeng.exe {D5FBD688-3FD7-4CF2-9A03-7CB9C1404A01}
"C:\Program Files\AVAST Software\Avast\BrowserCleanup.exe" /remove="<x><55><f>{872b5b88-9db5-4310-bdd0-ac189557e5f5}</f></55></x>" /resetsettings="<x><f><sp_id>TPL_SEZNAM02_ALL</sp_id></f></x>" /user=S-1-5-21-2746505849-1622842176-3222786117-1001
C:\Windows\sysWOW64\wbem\wmiprvse.exe -secured -Embedding
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2746505849-1622842176-3222786117-1001Core.job - C:\Users\Karol\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2746505849-1622842176-3222786117-1001UA.job - C:\Users\Karol\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\obw3cq37.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.179 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0]
"Description"=RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0]
"Description"=RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0]
"Description"=RealNetworks(tm) RealDownloader Peppe rFlash Video Shim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282]
"Description"=RealPlayer Download Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@realnetworks.com/npdlplugin;version=1]
"Description"=RealDownloader Plugin
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.179 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\obw3cq37.default\extensions\
donottrackplus@abine.com
sitematcher_src@sitematcher_src.com
{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
{f999a48b-1950-4d81-9971-79018f807b4b}

C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\obw3cq37.default\searchplugins\
askcom.xml
freeonlineradioplayerrecorder-customized-web-search.xml
seznam-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-27 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-10 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
DVDVideoSoft IE Extension - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-01-22 357432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2012-11-29 539888]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-03-03 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
DVDVideoSoftTB Toolbar - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-06 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-27 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-08-16 3942048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-03-03 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
DVDVideoSoft IE Extension - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-01-22 294456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2013-05-30 1309456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f999a48b-1950-4d81-9971-79018f807b4b}]
FreeOnlineRadioPlayerRecorder Toolbar - C:\Users\Karol\AppData\LocalLow\CT2737658\ldrtbFree.dll [2012-12-30 619928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{872b5b88-9db5-4310-bdd0-ac189557e5f5} - DVDVideoSoftTB Toolbar - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll [2011-05-09 176936]
{f999a48b-1950-4d81-9971-79018f807b4b} - FreeOnlineRadioPlayerRecorder Toolbar - C:\Users\Karol\AppData\LocalLow\CT2737658\ldrtbFree.dll [2012-12-30 619928]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01 1089288]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2013-05-30 1309456]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-01-12 6602856]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-12-21 2480936]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-01-06 615584]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-01-06 379040]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-07-21 8192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=c:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-06-16 221184]
"Facebook Update"=C:\Users\Karol\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-09 138096]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20584608]
"b5fc7b4e77c78228bfbffe7fef976276"=C:\Users\Karol\AppData\Local\Temp\chost.exe .. []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-03-04 336384]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2010-11-09 586296]
"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2010-12-13 318520]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-04-23 43848]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-05-26 152392]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-27 4085896]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

C:\Users\Karol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.3.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-08-28 01:24:34 ----D---- C:\Users\Karol\AppData\Roaming\DropboxMaster
2014-08-28 01:20:26 ----D---- C:\Users\Karol\AppData\Roaming\Dropbox
2014-08-28 01:17:46 ----D---- C:\rsit
2014-08-28 01:17:46 ----D---- C:\Program Files\trend micro
2014-08-27 20:13:57 ----D---- C:\Users\Karol\AppData\Roaming\AVAST Software
2014-08-27 20:07:09 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-08-27 20:07:08 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-08-27 20:07:07 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-08-27 20:07:06 ----A---- C:\Windows\system32\drivers\aswsp.sys
2014-08-27 20:07:05 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-08-27 20:07:02 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-08-27 20:07:00 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-08-27 20:06:58 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-08-27 20:06:41 ----A---- C:\Windows\system32\aswBoot.exe
2014-08-27 20:06:19 ----A---- C:\Windows\avastSS.scr
2014-08-27 20:02:40 ----D---- C:\Program Files\AVAST Software
2014-08-27 19:58:17 ----D---- C:\ProgramData\AVAST Software
2014-08-27 19:53:10 ----SHD---- C:\Config.Msi
2014-08-27 04:23:29 ----D---- C:\Program Files (x86)\Free Samples Vol. 1 by Dj Luczan
2014-08-27 04:12:08 ----D---- C:\Windows\SYSWOW64\bitstreams
2014-08-27 04:12:08 ----AS---- C:\Windows\SYSWOW64\zlib1.dll
2014-08-27 04:12:08 ----AS---- C:\Windows\SYSWOW64\ssleay32.dll
2014-08-27 04:12:08 ----AS---- C:\Windows\SYSWOW64\pthreadVC2.dll
2014-08-27 04:12:08 ----AS---- C:\Windows\SYSWOW64\pthreadGC2.dll
2014-08-27 04:12:08 ----AS---- C:\Windows\SYSWOW64\libssh2.dll
2014-08-27 04:12:08 ----AS---- C:\Windows\SYSWOW64\librtmp.dll
2014-08-27 04:12:08 ----AS---- C:\Windows\SYSWOW64\libidn-11.dll
2014-08-27 04:12:08 ----AS---- C:\Windows\SYSWOW64\libeay32.dll
2014-08-27 04:12:08 ----AS---- C:\Windows\SYSWOW64\libcurl-4.dll
2014-08-27 04:12:07 ----AS---- C:\Windows\SYSWOW64\cudart32_50_35.dll
2014-08-27 04:12:05 ----D---- C:\Program Files (x86)\winzip 17 cz full free
2014-08-26 02:01:23 ----D---- C:\ProgramData\PDFC
2014-08-25 22:15:31 ----D---- C:\Extracted
2014-08-14 03:05:10 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-14 03:05:10 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-14 03:05:09 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-08-14 03:05:09 ----A---- C:\Windows\system32\icardagt.exe
2014-08-14 03:05:04 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-08-14 03:05:04 ----A---- C:\Windows\system32\icardres.dll
2014-08-14 03:04:16 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-14 03:04:16 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:42:47 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-08-13 20:42:47 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-08-13 20:42:47 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-08-13 20:42:47 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-08-13 20:42:47 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-08-13 20:42:47 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:42:47 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:42:47 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:42:47 ----A---- C:\Windows\system32\KBDRU.DLL
2014-08-13 20:42:47 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:42:38 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-08-13 20:42:38 ----A---- C:\Windows\system32\tzres.dll
2014-08-13 20:42:20 ----A---- C:\Windows\system32\msi.dll
2014-08-13 20:42:19 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-13 20:42:19 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-08-13 20:42:19 ----A---- C:\Windows\system32\authui.dll
2014-08-13 20:42:18 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-13 20:42:18 ----A---- C:\Windows\system32\msihnd.dll
2014-08-13 20:42:18 ----A---- C:\Windows\system32\consent.exe
2014-08-13 20:42:08 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-13 20:42:06 ----A---- C:\Windows\system32\win32k.sys
2014-08-13 20:42:06 ----A---- C:\Windows\system32\gdi32.dll
2014-08-13 20:42:05 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-13 20:42:03 ----A---- C:\Windows\system32\shell32.dll
2014-08-13 20:42:02 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-08-13 20:41:49 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-08-13 20:41:49 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-08-13 20:41:48 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-08-13 20:41:48 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-08-13 20:41:47 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-08-13 20:41:47 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:41:47 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:41:46 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-08-13 20:41:46 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-08-13 20:41:46 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-08-13 20:41:46 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:41:42 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-08-13 20:41:42 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-08-13 20:41:42 ----A---- C:\Windows\system32\iernonce.dll
2014-08-13 20:41:42 ----A---- C:\Windows\system32\ie4uinit.exe
2014-08-13 20:41:40 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-08-13 20:41:40 ----A---- C:\Windows\system32\urlmon.dll
2014-08-13 20:41:40 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:41:39 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-08-13 20:41:39 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:41:38 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-08-13 20:41:38 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-08-13 20:41:38 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-08-13 20:41:38 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-13 20:41:38 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-13 20:41:36 ----A---- C:\Windows\system32\iesetup.dll
2014-08-13 20:41:36 ----A---- C:\Windows\system32\iedkcs32.dll
2014-08-13 20:41:34 ----A---- C:\Windows\system32\iertutil.dll
2014-08-13 20:41:33 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-08-13 20:41:33 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-08-13 20:41:33 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-08-13 20:41:32 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-08-13 20:41:32 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-08-13 20:41:32 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-08-13 20:41:31 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-13 20:41:30 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-08-13 20:41:30 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-08-13 20:41:26 ----A---- C:\Windows\system32\ieui.dll
2014-08-13 20:41:26 ----A---- C:\Windows\system32\ieframe.dll
2014-08-13 20:41:26 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-13 20:41:25 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:41:25 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-13 20:41:25 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-13 20:41:24 ----A---- C:\Windows\system32\vbscript.dll
2014-08-13 20:41:24 ----A---- C:\Windows\system32\jscript9diag.dll
2014-08-13 20:41:24 ----A---- C:\Windows\system32\jscript9.dll
2014-08-13 20:41:23 ----A---- C:\Windows\system32\wininet.dll
2014-08-13 20:41:23 ----A---- C:\Windows\system32\ieapfltr.dll
2014-08-13 20:41:22 ----A---- C:\Windows\system32\msrating.dll
2014-08-13 20:41:22 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:41:21 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:41:21 ----A---- C:\Windows\system32\mshtml.dll
2014-08-13 20:38:31 ----A---- C:\Windows\system32\rpcrt4.dll
2014-08-13 20:38:30 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-13 20:38:29 ----A---- C:\Windows\system32\aepdu.dll
2014-08-13 20:38:28 ----A---- C:\Windows\system32\aeinv.dll
2014-08-02 15:34:45 ----A---- C:\Windows\system32\wups2.dll
2014-08-02 15:34:45 ----A---- C:\Windows\system32\wucltux.dll
2014-08-02 15:34:45 ----A---- C:\Windows\system32\wuaueng.dll
2014-08-02 15:34:45 ----A---- C:\Windows\system32\wuauclt.exe
2014-08-02 15:34:21 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-08-02 15:34:21 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-08-02 15:34:21 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-08-02 15:34:21 ----A---- C:\Windows\system32\wups.dll
2014-08-02 15:34:21 ----A---- C:\Windows\system32\wudriver.dll
2014-08-02 15:34:21 ----A---- C:\Windows\system32\wuapi.dll
2014-08-02 15:32:55 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-08-02 15:32:54 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-08-02 15:32:54 ----A---- C:\Windows\system32\wuwebv.dll
2014-08-02 15:32:53 ----A---- C:\Windows\system32\wuapp.exe

======List of files/folders modified in the last 1 month======

2014-08-28 01:28:13 ----D---- C:\Program Files (x86)\IrfanView
2014-08-28 01:28:13 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2014-08-28 01:27:08 ----D---- C:\Windows\Temp
2014-08-28 01:23:27 ----D---- C:\Windows\system32\config
2014-08-28 01:17:46 ----RD---- C:\Program Files
2014-08-28 01:06:47 ----D---- C:\Windows\system32\Tasks
2014-08-28 00:10:53 ----D---- C:\Windows\SysWOW64
2014-08-27 21:58:47 ----D---- C:\Program Files (x86)\sweetpacks bundle uninstaller_SweetPlayer_1348381
2014-08-27 20:19:10 ----D---- C:\Windows\system32\drivers
2014-08-27 20:16:52 ----D---- C:\Windows\inf
2014-08-27 20:11:45 ----SHD---- C:\System Volume Information
2014-08-27 20:09:35 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2014-08-27 20:06:43 ----D---- C:\Windows\winsxs
2014-08-27 20:06:41 ----D---- C:\Windows\System32
2014-08-27 20:06:39 ----D---- C:\Windows
2014-08-27 19:58:17 ----HD---- C:\ProgramData
2014-08-27 19:54:57 ----D---- C:\Windows\system32\catroot2
2014-08-27 19:54:09 ----SHD---- C:\Windows\Installer
2014-08-27 19:53:36 ----D---- C:\Windows\system32\DriverStore
2014-08-27 19:53:36 ----D---- C:\Windows\system32\catroot
2014-08-27 18:46:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-27 04:23:29 ----RD---- C:\Program Files (x86)
2014-08-26 02:01:15 ----SD---- C:\Users\Karol\AppData\Roaming\Microsoft
2014-08-25 22:17:56 ----D---- C:\Program Files (x86)\Google
2014-08-25 22:16:34 ----D---- C:\Windows\Tasks
2014-08-25 01:20:53 ----D---- C:\Users\Karol\AppData\Roaming\BSplayer PRO
2014-08-25 01:06:43 ----D---- C:\Users\Karol\AppData\Roaming\Audacity
2014-08-15 20:21:17 ----D---- C:\Windows\Microsoft.NET
2014-08-15 16:38:48 ----RSD---- C:\Windows\assembly
2014-08-14 04:45:58 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-08-14 04:07:22 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-08-14 04:07:22 ----D---- C:\Windows\system32\cs-CZ
2014-08-14 04:07:22 ----D---- C:\Windows\ehome
2014-08-14 04:07:16 ----RSD---- C:\Windows\Fonts
2014-08-14 04:06:24 ----D---- C:\Program Files\Internet Explorer
2014-08-14 04:06:20 ----D---- C:\Windows\SYSWOW64\en-US
2014-08-14 04:06:17 ----D---- C:\Windows\PolicyDefinitions
2014-08-14 04:06:15 ----D---- C:\Windows\system32\en-US
2014-08-14 04:06:10 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-14 03:46:30 ----D---- C:\ProgramData\Microsoft Help
2014-08-14 03:29:20 ----D---- C:\Windows\system32\MRT
2014-08-14 03:21:40 ----A---- C:\Windows\system32\MRT.exe
2014-08-14 03:02:55 ----SD---- C:\Windows\system32\CompatTel
2014-08-12 22:03:09 ----D---- C:\Windows\Minidump
2014-08-05 09:20:00 ----N---- C:\Windows\system32\MpSigStub.exe
2014-08-02 16:43:02 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-31 13:14:05 ----D---- C:\Program Files (x86)\Mozilla Firefox.bak
2014-07-30 00:01:17 ----D---- C:\Windows\Prefetch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2010-11-12 77952]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2010-11-12 37504]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-08-27 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-08-27 224896]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-08-27 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-08-27 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-08-27 427360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-03-09 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-08-27 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-08-27 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-08-27 92008]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-21 146432]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-03-05 8283136]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-03-04 295424]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-01-06 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-02-10 2717696]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-03-01 115216]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-01-06 298144]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-01-06 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-01-06 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-01-06 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-01-06 154272]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-01-06 279200]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2011-02-09 31088]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-01-12 2709224]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-02-15 335464]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-05 436840]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-12-21 1402416]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesDriver64.sys [2013-09-18 14112]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-11-29 44672]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-03-04 203776]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-03-04 354304]
R2 AMD Reservation Manager;AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-01-06 138400]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-01-06 53920]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-08-27 50344]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-02-04 92216]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2010-12-28 1817088]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesService64.exe [2014-04-15 2185528]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-02-04 797240]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-05-26 641352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-25 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-14 262320]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-25 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-23 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-04 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[vyosek]

No vidite ze aktualni a bezplatny antivir dokaze pekne vycistit

Ale jeste je tam toho hodne, ale to zvladnem

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[MyNameIsCady]

Tak mám ten log z JRT a jdu získat ten další


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Karol on źt 28.08.2014 at 13:46:00,58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2746505849-1622842176-3222786117-1001\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetim_urlsearchhook.toolbarurlsearchhook
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\powerpack
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2746505849-1622842176-3222786117-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_rasmancs
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2269050
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E652941C-D33B-4778-9F13-8E4CE9646DA0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F999A48B-1950-4D81-9971-79018F807B4B}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Karol\AppData\Roaming\dvdvideosoftiehelpers"
Failed to delete: [Folder] "C:\Users\Karol\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Karol\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Karol\appdata\locallow\dvdvideosofttb"
Successfully deleted: [Folder] "C:\Users\Karol\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\dvdvideosofttb"
Successfully deleted: [Folder] "C:\Program Files (x86)\sitefinder"
Successfully deleted: [Folder] "C:\Program Files (x86)\sweetim"
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{031727DE-B04B-4D5A-8CD9-A708757F4788}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{0350DC5A-9740-4312-880D-ACF490B97B90}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{04DA5E46-1E07-4DC0-994C-C2F0DC7ED520}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{07A237C5-8E46-4D6A-9477-7BCCBA240D91}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{0852CDB2-7556-404F-A645-362AF7A43A77}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{0AAB3D02-F6EC-4E8F-8BD0-5BAB98EC640B}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{0F0965A4-F18D-47C0-AC2E-3245709BA198}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{1448802C-AAE1-4C9C-9428-FAE85ED91787}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{1751AA62-AF08-4135-B1FF-753A868AAFD7}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{1837AD7E-040E-4463-80DA-358D92E81952}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{1D050C64-E4CA-4FDA-8D76-66052E71A990}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{1EA8744C-B29B-4468-9726-2E2DD3A74F06}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{24EAB8B9-C8D4-4AB1-99F1-F14ABF55A295}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{26400A7D-3BC0-4600-AB4A-50CFBEC9ED0F}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{281615BA-3B89-49E1-A6C1-7ADED5641E2C}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{2D2555FF-B5E2-4522-920C-445495B08351}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{2D842B3C-70BB-40BB-A152-36EEB1A8A39E}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{2F51592D-E94E-4185-ACA0-9A88D0495A3E}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{305705EF-71F8-4EB1-BA8C-1E40AA774961}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{35674960-20A4-403E-92FB-C4569EE2B647}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{3690FDEA-710D-4267-838F-F4E2B63BC145}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{36CCF7BA-08FB-49B6-BA8C-17166D1783C2}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{3AAF76F0-2756-4F23-9697-CD0CE62FD4C4}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{41856408-230D-4BF0-8A59-322130B4429D}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{48BAC19B-3EE1-4E2B-BFA1-4C238603BB89}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{4E5E0173-0E4B-4BC2-AF0B-6EC2FEABA804}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{53BA143C-27A8-4F28-8AE8-3A8EE515B451}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{54495BA5-A836-42BB-8C6C-A2D97C271D02}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{559D18B4-7BF8-4558-A2F6-F80FA0331E09}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{5661B216-75C0-484A-AF77-96072859618D}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{57037AD2-730A-40BF-9A90-E13D955C07E6}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{59AA9C6F-B869-4E58-87CA-9C9E154FE8A5}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{5AEA528B-86B4-4D83-9239-4AE6B3D025E7}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{5D9E10DB-3B50-41FF-887D-E3D220768BCE}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{6063FD54-0A2A-46AC-AFC7-7DFCFA31BF1F}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{60D6AD6A-4722-4755-A6DA-7441CABF1B78}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{61E8A35F-B1AA-438A-AEF8-373C90CCB503}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{62CCEB81-0FBC-4FDE-B1D7-E201565FE29E}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{63DDF633-1175-43B6-82F4-D7085B3D28CC}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{660B3CE4-68F6-46F8-8102-EC1FDE68C9C9}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{6759EF56-2642-4AC5-8DC9-23A6BBA42505}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{681AE13D-14C7-45DD-8EAF-9C12E31B837A}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{6BC032D6-B8CF-4C73-B6E3-7BF285E7F88A}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{6C8D46DD-22CE-4A9B-9E6D-7F7FA8067952}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{6F61A8CB-22B3-4C78-AA9C-CE1CC761C5C2}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{70750A24-8076-4749-9F48-2AA7F6A6E583}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{718571EF-7227-44C1-9041-36CD3B183066}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{72B80381-E9BC-48B9-9E77-0125BBF37930}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{78B9CCDA-DE58-4D50-BBDA-924F48EFEF5E}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{7C06D71A-170B-4985-A8B6-92C935E0132E}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{7EC63435-EB93-4512-A1EC-67EDA86143DA}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{8269B3DD-5FCE-48FD-A7F0-D45EBD045E20}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{83079650-3174-4CB5-8D4D-1D86B808B21A}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{8671FE75-E703-4D9B-ABB0-757C7E029540}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{86B39038-7D34-4C31-B862-8144E726EF02}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{8AD5DBF9-9D9E-4710-886F-4E29D5D18961}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{8D06F06C-E08F-49DE-93B4-B4D10D489D32}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{8EF6C6D6-D43A-40DE-A7FD-81AB85357367}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{90A0EE85-B452-4F33-812C-7750C6D9C2AE}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{937D661A-D6F8-4C7D-BB35-B9FEC709783F}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{939227D5-29F5-4175-BCE7-BDC1978AFB3D}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{9436CF03-87F5-4080-86DA-9931650549D5}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{963C2ADF-86E9-42D9-A264-0B73269139B5}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{97A812E1-0564-4918-8D02-BB215E1918EB}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{9CCC36F5-CE3E-45EB-A085-DDD36FE07F53}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{A1061FA1-0FF1-44A6-8E4B-F9DA15AA344E}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{A2074301-58E2-44F3-BDA3-0DDB1C83D102}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{A89EEEAE-EBE3-4EC0-89DB-26372E7F754D}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{B1FD010B-CC86-48CE-BB63-72FCB35A4486}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{BED286F0-0CEE-4194-8C20-622DDF8668CE}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{C85FF67F-334D-40F1-8E3D-2268A46B45F9}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{CE2643AA-92CA-4E75-AA32-2DF35FAFADF7}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{D055CB6D-ABC1-404F-870C-B4844458DB83}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{D089D47A-231D-4FE5-A5F5-7277229E8AF2}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{D3EE7D75-7B32-46BA-A517-B4186A335EB7}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{D4BF6058-2969-4F3D-A8FD-ED843CBA1240}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{D4D955B0-8EF9-4988-ADE8-6AFE2C046919}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{D9FD48DF-1D69-4F27-A546-1482BBFCDA2F}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{DC17C9E0-F170-4C55-97C9-D251025FEEFB}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{DF9EDE16-269A-4E62-96A7-988638ED7B00}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{E54BB696-9A78-48C6-8FF6-112A9898D25B}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{E5F783B3-C201-457F-BE18-939DAE2AEC15}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{E603A8DD-836D-4AB6-86E9-2727D6C49DB4}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{E634688B-ED8A-4535-9B69-ED9BEBC516B0}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{E6BFD003-BDB0-4366-AEF2-3FD8A99262D2}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{E9AF4AFB-2570-4B8A-95AA-8B10BE9473D7}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{EB0830B8-D70B-4798-A0B5-07697BAC254B}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{EB6C07AB-0309-46EF-A4BA-FE475B52C918}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{F34F63FA-5D99-4FF1-9D82-F0113F32447E}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{F492D31B-27E4-478A-82A1-B96F0F8BCB5F}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{F51C88A4-FF63-4352-9C4B-783C4BEEFF12}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{F5568266-C3CF-4F10-8019-792DB066EE71}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{F6BE5B4A-3DE6-427F-AD2E-DEBF71493C29}
Successfully deleted: [Empty Folder] C:\Users\Karol\appdata\local\{F9513B83-BC79-436F-93D4-5062CDC5543B}



~~~ FireFox

Successfully deleted: [File] C:\Users\Karol\AppData\Roaming\mozilla\firefox\profiles\obw3cq37.default\extensions\{eee6c361-6118-11dc-9c72-001320c79847}.xpi
Successfully deleted: [File] C:\Users\Karol\AppData\Roaming\mozilla\firefox\profiles\obw3cq37.default\searchplugins\askcom.xml
Successfully deleted: [Folder] C:\Users\Karol\AppData\Roaming\mozilla\firefox\profiles\obw3cq37.default\smartbar
Successfully deleted the following from C:\Users\Karol\AppData\Roaming\mozilla\firefox\profiles\obw3cq37.default\prefs.js

user_pref("CT2737658.1000082.isDisplayHidden", "true");
user_pref("CT2737658.1000082.isPlayDisplay", "true");
user_pref("CT2737658.1000234.TWC_TMP_city", "ZLIN");
user_pref("CT2737658.1000234.TWC_TMP_country", "CZ");
user_pref("CT2737658.1000234.TWC_country", "CZECH REPUBLIC");
user_pref("CT2737658.1000234.TWC_locId", "EZXX0001");
user_pref("CT2737658.1000234.TWC_location", "Beroun, Czech Republic");
user_pref("CT2737658.1000234.TWC_region", "OT");
user_pref("CT2737658.1000234.TWC_temp_dis", "c");
user_pref("CT2737658.1000234.TWC_wind_dis", "kmh");
user_pref("CT2737658.2737658a129531115111807042000000paramsGK0.enc", "eyJ1cGRhdGVSZXFUaW1lIjoxMzY0MzE2NzQwNDE0LCJ1cGRhdGVSZXNwVGltZSI6MTM2NDMxNjc0MDg2NSwiZGF0YSI6eyJzZXR0aW5nc
user_pref("CT2737658.CT2737658ads1.enc", "JTdCJTIyYWRzJTIyJTNBJTVCJTdCJTIyYWlkJTIyJTNBJTIyODc3NDIlMjIlMkMlMjJ0aXRsZSUyMiUzQSUyMk0lRTF0ZSUyODElMjklMjBpUGhvbmU1JTIwdXBvem9ybiV1M
user_pref("CT2737658.CT2737658current_term.enc", "");
user_pref("CT2737658.CT2737658sdate.enc", "MjY=");
user_pref("CT2737658.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2737658.FirstTime", "true");
user_pref("CT2737658.FirstTimeFF3", "true");
user_pref("CT2737658.LoginRevertSettingsEnabled", true);
user_pref("CT2737658.PG_ENABLE.enc", "dHJ1ZQ==");
user_pref("CT2737658.RSS_Pub_Config.enc", "eyJzZXR0aW5ncyI6eyJpY29uIjoiaHR0cDovL3N0b3JhZ2UuY29uZHVpdC5jb20vNTgvMjczL0NUMjczNzY1OC9TaGFyaW5nL3RlbXAvNjM0NDQyNDUyMzYyMDE4ODI5XzI0
user_pref("CT2737658.RSSapp2737658a129531115111807042000000ReadItemsArr.enc", "JTdCJTIyaHR0cCUzQSUyRiUyRnRoZWxlZGUuYmxvZ3Mubnl0aW1lcy5jb20lMkYyMDEzJTJGMDMlMkYyNiUyRmxhdGVzdC11
user_pref("CT2737658.RSSapp2737658a129531115111807042000000cat0.enc", "JTVCJTdCJTIydHlwZSUyMiUzQSUyMnJzcyUyMiUyQyUyMnZlcnNpb24lMjIlM0ElMjIyLjAlMjIlMkMlMjJ0aXRsZSUyMiUzQSUyMk5Z
user_pref("CT2737658.RSSapp2737658a129531115111807042000000cat1.enc", "JTVCJTdCJTIydHlwZSUyMiUzQSUyMnJzcyUyMiUyQyUyMnZlcnNpb24lMjIlM0ElMjIyLjAlMjIlMkMlMjJ0aXRsZSUyMiUzQSUyMllh
user_pref("CT2737658.RSSapp2737658a129531115111807042000000cat2.enc", "JTVCJTdCJTIydHlwZSUyMiUzQSUyMnJzcyUyMiUyQyUyMnZlcnNpb24lMjIlM0ElMjIyLjAlMjIlMkMlMjJ0aXRsZSUyMiUzQSUyMlBl
user_pref("CT2737658.RSSapp2737658a129531115111807042000000cat3.enc", "JTVCJTdCJTIydHlwZSUyMiUzQSUyMnJzcyUyMiUyQyUyMnZlcnNpb24lMjIlM0ElMjIyLjAlMjIlMkMlMjJ0aXRsZSUyMiUzQSUyMlRl
user_pref("CT2737658.RSSapp2737658a129531115111807042000000embeddedVersion.enc", "Mi41LjA=");
user_pref("CT2737658.RSSapp2737658a129531115111807042000000feedsObj.enc", "JTdCJTIyY2hhbm5lbHMlMjIlM0ElN0IlMjJpZCUyMiUzQSUyMmNoYW5uZWxzJTIyJTJDJTIydHlwZSUyMiUzQSUyMnJzcyUyMiUy
user_pref("CT2737658.RSSapp2737658a129531115111807042000000lastReportTime.enc", "MTM2NDMxNjc3MTM5MyA=");
user_pref("CT2737658.RSSapp2737658a129531115111807042000000newFeeds.enc", "bmV3RmVlZHM=");
user_pref("CT2737658.RestartDialogFirstTime", "false");
user_pref("CT2737658.RestartDialogShouldDisplay", "false");
user_pref("CT2737658.RevertSettingsEnabled", true);
user_pref("CT2737658.SearchAppState.enc", "Mw==");
user_pref("CT2737658.SearchAppTracking.enc", "c2VudA==");
user_pref("CT2737658.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2737658&SearchSource=2&CUI=SB_CUI&q=");
user_pref("CT2737658.UserID", "UN76005570869119552");
user_pref("CT2737658.addressBarTakeOverEnabledInHidden", "true");
user_pref("CT2737658.autoDisableScopes", -1);
user_pref("CT2737658.browser.search.defaultthis.engineName", true);
user_pref("CT2737658.cbfirsttime.enc", "TW9uIEphbiAwNyAyMDEzIDAwOjExOjA0IEdNVCswMTAw");
user_pref("CT2737658.countryCode", "CZ");
user_pref("CT2737658.defaultSearch", "true");
user_pref("CT2737658.enableAlerts", "false");
user_pref("CT2737658.enableFix404ByUser", "FALSE");
user_pref("CT2737658.enableSearchFromAddressBar", "true");
user_pref("CT2737658.firstTimeDialogOpened", "true");
user_pref("CT2737658.fixPageNotFoundError", "true");
user_pref("CT2737658.fixPageNotFoundErrorByUser", "true");
user_pref("CT2737658.fixPageNotFoundErrorInHidden", "true");
user_pref("CT2737658.fixUrls", true);
user_pref("CT2737658.fullUserID", "UN76005570869119552.UP.20130630120405");
user_pref("CT2737658.installId", "conduitnsisintegration");
user_pref("CT2737658.installType", "conduitnsisintegration");
user_pref("CT2737658.isCheckedStartAsHidden", true);
user_pref("CT2737658.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2737658.isFirstTimeToolbarLoading", "false");
user_pref("CT2737658.isNewTabEnabled", true);
user_pref("CT2737658.isPerformedSmartBarTransition", "true");
user_pref("CT2737658.keyword", true);
user_pref("CT2737658.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?gd=&ctid=CT2737658&octid=CT2737658&ISID=ISID_ID&SearchSource=15&CUI=
user_pref("CT2737658.lastVersion", "10.33.0.517");
user_pref("CT2737658.mam_gk_appStateReportTime.enc", "MTM2NDMxNjUxNDI0MQ==");
user_pref("CT2737658.mam_gk_appState_CouponBuddy.enc", "b24=");
user_pref("CT2737658.mam_gk_appState_PriceGong.enc", "b24=");
user_pref("CT2737658.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsIm9wdGlvbnN
user_pref("CT2737658.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
user_pref("CT2737658.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlByaWNlR29uZyIsImNyaXRlcmlhcyI6W3siY3JpdGVyaWFJZCI6ImRmYzdiYTlkLTY0M2MtNDA3OC05ZThhLTE4YWM3Zm
user_pref("CT2737658.mam_gk_currentVersion.enc", "MS40LjQuNg==");
user_pref("CT2737658.mam_gk_first_time.enc", "MQ==");
user_pref("CT2737658.mam_gk_lastLoginTime.enc", "MTM2NDMxNjUxMDI3Nw==");
user_pref("CT2737658.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHM
user_pref("CT2737658.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
user_pref("CT2737658.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMTYxXzAiLCJpc1Rlc3QiOnRydWUsImlzV2VsY29tZUV4cGVyaWVu
user_pref("CT2737658.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
user_pref("CT2737658.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
user_pref("CT2737658.mam_gk_userId.enc", "ZjgwNGVkODAtODdmOC00NzVlLTgxYjMtNzUyMmQwMTgzNzQ2");
user_pref("CT2737658.migrateAppsAndComponents", true);
user_pref("CT2737658.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://FreeOnlineRad
user_pref("CT2737658.openThankYouPage", "false");
user_pref("CT2737658.openUninstallPage", "true");
user_pref("CT2737658.performedDomainChangesMigration", "true");
user_pref("CT2737658.revertSettingsEnabled", "true");
user_pref("CT2737658.search.searchAppId", "129258407936791975");
user_pref("CT2737658.search.searchCount", "0");
user_pref("CT2737658.searchFromAddressBarEnabledByUser", "false");
user_pref("CT2737658.searchInNewTabEnabledByUser", "false");
user_pref("CT2737658.searchInNewTabEnabledInHidden", "true");
user_pref("CT2737658.searchSuggestEnabledByUser", "false");
user_pref("CT2737658.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2737658.sendUsageEnabled", "false");
user_pref("CT2737658.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT2737658.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"3\"}");
user_pref("CT2737658.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2737658\"}");
user_pref("CT2737658.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://FreeOnlineRadioPlayerRecorder.OurToolbar.com//xpi\"}"
user_pref("CT2737658.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"FreeOnlineRadioPlayerRecorder \"}");
user_pref("CT2737658.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2737658.serviceLayer_services_Configuration_lastUpdate", "1409181057964");
user_pref("CT2737658.serviceLayer_services_app.twitter.user-cnet_lastUpdate", "1364316859669");
user_pref("CT2737658.serviceLayer_services_app.twitter.user-cnnbrk_lastUpdate", "1364316859807");
user_pref("CT2737658.serviceLayer_services_app.twitter.user-computeractive_lastUpdate", "1364316859856");
user_pref("CT2737658.serviceLayer_services_app.twitter.user-dailymirror_lastUpdate", "1364316859872");
user_pref("CT2737658.serviceLayer_services_app.twitter.user-google_lastUpdate", "1364316859691");
user_pref("CT2737658.serviceLayer_services_app.twitter.user-techcrunch_lastUpdate", "1364316859605");
user_pref("CT2737658.serviceLayer_services_app.twitter.user-time_lastUpdate", "1364316860128");
user_pref("CT2737658.serviceLayer_services_app.twitter.user-wired_lastUpdate", "1364316860075");
user_pref("CT2737658.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1377265557756");
user_pref("CT2737658.serviceLayer_services_appTracking_lastUpdate", "1364316498763");
user_pref("CT2737658.serviceLayer_services_appsMetadata_lastUpdate", "1377686889599");
user_pref("CT2737658.serviceLayer_services_getTwitterExtraInfo_lastUpdate", "1364316741227");
user_pref("CT2737658.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1376581277186");
user_pref("CT2737658.serviceLayer_services_location_lastUpdate", "1372008946280");
user_pref("CT2737658.serviceLayer_services_login_10.13.40.15_lastUpdate", "1359116540478");
user_pref("CT2737658.serviceLayer_services_login_10.14.42.7_lastUpdate", "1360184362005");
user_pref("CT2737658.serviceLayer_services_login_10.14.65.43_lastUpdate", "1364037219245");
user_pref("CT2737658.serviceLayer_services_login_10.15.0.562_lastUpdate", "1366286869769");
user_pref("CT2737658.serviceLayer_services_login_10.15.2.523_lastUpdate", "1368542957166");
user_pref("CT2737658.serviceLayer_services_login_10.16.2.509_lastUpdate", "1372048976608");
user_pref("CT2737658.serviceLayer_services_login_10.16.4.519_lastUpdate", "1374590150468");
user_pref("CT2737658.serviceLayer_services_login_10.16.70.505_lastUpdate", "1377687001146");
user_pref("CT2737658.serviceLayer_services_login_10.19.2.505_lastUpdate", "1379108745195");
user_pref("CT2737658.serviceLayer_services_login_10.20.0.513_lastUpdate", "1380175648427");
user_pref("CT2737658.serviceLayer_services_login_10.20.1.508_lastUpdate", "1382370400285");
user_pref("CT2737658.serviceLayer_services_login_10.21.1.507_lastUpdate", "1384473182646");
user_pref("CT2737658.serviceLayer_services_login_10.22.3.518_lastUpdate", "1385063165279");
user_pref("CT2737658.serviceLayer_services_login_10.22.5.510_lastUpdate", "1386882622060");
user_pref("CT2737658.serviceLayer_services_login_10.23.0.822_lastUpdate", "1396895770329");
user_pref("CT2737658.serviceLayer_services_login_10.29.0.520_lastUpdate", "1399217237201");
user_pref("CT2737658.serviceLayer_services_login_10.30.1.502_lastUpdate", "1400695082284");
user_pref("CT2737658.serviceLayer_services_login_10.31.0.526_lastUpdate", "1401318658291");
user_pref("CT2737658.serviceLayer_services_login_10.31.2.501_lastUpdate", "1403799600997");
user_pref("CT2737658.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1376581276737");
user_pref("CT2737658.serviceLayer_services_searchAPI_lastUpdate", "1409181057756");
user_pref("CT2737658.serviceLayer_services_serviceMap_lastUpdate", "1409181056744");
user_pref("CT2737658.serviceLayer_services_toolbarContextMenu_lastUpdate", "1376581277381");
user_pref("CT2737658.serviceLayer_services_toolbarSettings_lastUpdate", "1409227775668");
user_pref("CT2737658.serviceLayer_services_translation_lastUpdate", "1409181056544");
user_pref("CT2737658.serviceLayer_services_userApps_lastUpdate", "1357513855301");
user_pref("CT2737658.settingsINI", true);
user_pref("CT2737658.shouldFirstTimeDialog", "false");
user_pref("CT2737658.showToolbarPermission", "false");
user_pref("CT2737658.smartbar.CTID", "CT2737658");
user_pref("CT2737658.smartbar.Uninstall", "0");
user_pref("CT2737658.smartbar.homepage", true);
user_pref("CT2737658.smartbar.toolbarName", "FreeOnlineRadioPlayerRecorder ");
user_pref("CT2737658.startPage", "userChanged");
user_pref("CT2737658.toolbarBornServerTime", "27-6-2014");
user_pref("CT2737658.toolbarCurrentServerTime", "27-6-2014");
user_pref("CT2737658.toolbarLoginClientTime", "Tue Mar 26 2013 17:48:15 GMT+0100");
user_pref("CT2737658_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1409227768554,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}
user_pref("Smartbar.ConduitHomepagesList", "");
user_pref("Smartbar.ConduitSearchEngineList", "FreeOnlineRadioPlayerRecorder Customized Web Search");
user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2737658&SearchSource=2&CUI=SB_CUI&q=");
user_pref("Smartbar.TBHomepagesList", "");
user_pref("Smartbar.TBSearchEngineList", "FreeOnlineRadioPlayerRecorder Customized Web Search");
user_pref("Smartbar.TBSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2737658&SearchSource=2&CUI=SB_CUI&q=");
user_pref("Smartbar.keywordURLSelectedCTID", "");
user_pref("browser.search.defaulturl", "hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&");
user_pref("keyword.URL", "hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&");
user_pref("plugin.state.npconduitfirefoxplugin", 2);
user_pref("smartBar.searchInNewTabOwner", "CT2737658");
user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT2737658&SearchSource=13&CUI=SB_CUI");
user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2737658&SearchSource=2&CUI=SB_CUI&q=,hxxp://search.conduit.com/ResultsExt.a
user_pref("smartbar.homepageList", "hxxp://search.conduit.com/?ctid=CT2737658&SearchSource=13&CUI=SB_CUI");
user_pref("smartbar.machineId", "LMODDVX7UE3RZSP/1TWQO1I2IOG19TR/CUY4M7XT+PLEN2VLVPMUYADLNUJTLE44EAK6AIGYERSPGGNUHR9ZIG");
user_pref("smartbar.originalHomepage", "hxxp://www.seznam.cz/");
user_pref("smartbar.originalSearchAddressUrl", "");
user_pref("smartbar.originalSearchEngine", "Google");
user_pref("smartbar.searchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2737658&SearchSource=2&CUI=SB_CUI&q=,hxxp://search.conduit.com/ResultsExt.aspx?cti
Emptied folder: C:\Users\Karol\AppData\Roaming\mozilla\firefox\profiles\obw3cq37.default\minidumps [222 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 28.08.2014 at 14:16:55,85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[vyosek]

Ano, pockam si jeste na AdwCleaner

[MyNameIsCady]

# AdwCleaner v3.308 - Report created 28/08/2014 at 19:45:32
# Updated 20/08/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Karol - KAROL-HP
# Running from : C:\Users\Karol\Desktop\adwcleaner_3.308.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Users\Karol\AppData\Local\Conduit
Folder Deleted : C:\Users\Karol\AppData\LocalLow\CT2737658
Folder Deleted : C:\Users\Karol\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Karol\AppData\Roaming\SimilarAddon
Folder Deleted : C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\obw3cq37.default\Smartbar
Folder Deleted : C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\obw3cq37.default\ValueApps
Folder Deleted : C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\obw3cq37.default\CT2737658
Folder Deleted : C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\obw3cq37.default\Extensions\{f999a48b-1950-4d81-9971-79018f807b4b}
Folder Deleted : C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
File Deleted : C:\Users\Karol\AppData\Local\Temp\Uninstall.exe

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweeetPlayer bundle\SweeetPlayer bundle.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Key Deleted : HKCU\Software\b5fc7b4e77c78228bfbffe7fef976276
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5555CC4C-FA2B-4D69-8296-B6AE5E95C0B7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{63BEF061-5EFC-4753-9806-ED0573BC7C4B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0E44BB13-2523-468B-BF51-58D5F52A84F6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B8D33FC5-4D02-4948-8552-D5DD3732F669}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9782B5AA-E2BC-4525-9211-A7E2D6905990}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\DVDVideoSoftTB
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\5EC33E4FBA7A86F47A7E0FAA48FED2E9
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\5EC33E4FBA7A86F47A7E0FAA48FED2E9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E7F552EF334C802D75A55F0F6344722
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5EC33E4FBA7A86F47A7E0FAA48FED2E9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239


-\\ Mozilla Firefox v31.0 (x86 cs)

[ File : C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\obw3cq37.default\prefs.js ]

Line Deleted : user_pref("CT2737658.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2737658.FirstTime", "true");
Line Deleted : user_pref("CT2737658.FirstTimeFF3", "true");
Line Deleted : user_pref("CT2737658.RestartDialogFirstTime", "false");
Line Deleted : user_pref("CT2737658.UserID", "UN76005570869119552");
Line Deleted : user_pref("CT2737658.countryCode", "CZ");
Line Deleted : user_pref("CT2737658.dum", "2");
Line Deleted : user_pref("CT2737658.fixPageNotFoundErrorByUser", "TRUE");
Line Deleted : user_pref("CT2737658.fullUserID", "UN76005570869119552.UP.20130630120405");
Line Deleted : user_pref("CT2737658.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT2737658.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2737658.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?gd=&ctid=CT2737658&octid=CT2737658&ISID=ISID_ID&SearchSource=15&CUI=UN76005570869119552&Lay=1[...]
Line Deleted : user_pref("CT2737658.lastVersion", "10.33.0.517");
Line Deleted : user_pref("CT2737658.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsIm9wdGlvbnNEaWFsb2ciOnsiZGlzcGxheU5h[...]
Line Deleted : user_pref("CT2737658.mam_gk_installer_preapproved.enc", "RkFMU0U=");
Line Deleted : user_pref("CT2737658.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHMgZW5yaWNoZXMgeW91ciB3ZWIg[...]
Line Deleted : user_pref("CT2737658.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fforum.viry.cz%2Fviewtopic.php%3Ff%3D13%26t%3D139866%26sid%3D8ae0c9b4a0f22973980245d08d5b84b5[...]
Line Deleted : user_pref("CT2737658.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2737658.performedDomainChangesMigration", "true");
Line Deleted : user_pref("CT2737658.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT2737658.searchSuggestEnabledByUser", "True");
Line Deleted : user_pref("CT2737658.searchUninstallUserMode", "7");
Line Deleted : user_pref("CT2737658.searchUserMode", "7");
Line Deleted : user_pref("CT2737658.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2737658.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2737658.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT2737658.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2737658\"}");
Line Deleted : user_pref("CT2737658.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://FreeOnlineRadioPlayerRecorder.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT2737658.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"FreeOnlineRadioPlayerRecorder \"}");
Line Deleted : user_pref("CT2737658.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2737658.serviceLayer_services_Configuration_lastUpdate", "1409228383068");
Line Deleted : user_pref("CT2737658.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1409228384077");
Line Deleted : user_pref("CT2737658.serviceLayer_services_appsMetadata_lastUpdate", "1409228383582");
Line Deleted : user_pref("CT2737658.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1409228383423");
Line Deleted : user_pref("CT2737658.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1409228383691");
Line Deleted : user_pref("CT2737658.serviceLayer_services_searchAPI_lastUpdate", "1409228383563");
Line Deleted : user_pref("CT2737658.serviceLayer_services_serviceMap_lastUpdate", "1409228381711");
Line Deleted : user_pref("CT2737658.serviceLayer_services_setupAPI_lastUpdate", "1409228383082");
Line Deleted : user_pref("CT2737658.serviceLayer_services_toolbarContextMenu_lastUpdate", "1409228383602");
Line Deleted : user_pref("CT2737658.serviceLayer_services_toolbarSettings_lastUpdate", "1409228384162");
Line Deleted : user_pref("CT2737658.serviceLayer_services_translation_lastUpdate", "1409228384047");
Line Deleted : user_pref("CT2737658.settingsINI", true);
Line Deleted : user_pref("CT2737658.showToolbarPermission", "false");
Line Deleted : user_pref("CT2737658.smartbar.CTID", "CT2737658");
Line Deleted : user_pref("CT2737658.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT2737658.smartbar.toolbarName", "FreeOnlineRadioPlayerRecorder ");
Line Deleted : user_pref("CT2737658.toolbarCurrentServerTime", "27-6-2014");
Line Deleted : user_pref("CT2737658.toolbarInstallDate", "28-08-2014 14:19:43");
Line Deleted : user_pref("CT2737658.toolbarLoginClientTime", "Thu Aug 28 2014 14:19:42 GMT+0200");
Line Deleted : user_pref("CT2737658_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1409228379203,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("smartbar.machineId", "LMODDVX7UE3RZSP/1TWQO1I2IOG19TR/CUY4M7XT+PLEN2VLVPMUYADLNUJTLE44EAK6AIGYERSPGGNUHR9ZIG");
Line Deleted : user_pref("valueApps.CT2737658.mam_gk_currentVersion", "312E31342E312E32");
Line Deleted : user_pref("valueApps.CT2737658.mam_gk_currentVersion.storedInFile", false);
Line Deleted : user_pref("valueApps.CT2737658.mam_gk_globalKeysMigratedToLocalStorage", "31");
Line Deleted : user_pref("valueApps.CT2737658.mam_gk_globalKeysMigratedToLocalStorage.storedInFile", false);
Line Deleted : user_pref("valueApps.CT2737658.mam_gk_migrated_from_ls", "31");
Line Deleted : user_pref("valueApps.CT2737658.mam_gk_migrated_from_ls.storedInFile", false);
Line Deleted : user_pref("valueApps.CT2737658.mam_gk_userBornDate", "4E2F41");
Line Deleted : user_pref("valueApps.CT2737658.mam_gk_userBornDate.storedInFile", false);

-\\ Google Chrome v36.0.1985.143

[ File : C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh
Deleted [Extension] : nikpibnbobmbdbheedjfogjlikpgpnhp

*************************

AdwCleaner[R0].txt - [16691 octets] - [28/08/2014 16:55:47]
AdwCleaner[S0].txt - [15516 octets] - [28/08/2014 19:45:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15577 octets] ##########

[vyosek]

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[MyNameIsCady]

Avast mi to blokuje, prý je v tom malware. Mám to ignorovat a nějak to stáhnout i tak?

[vyosek]

Docasne vypnete Avast, program je cisty a jedna se o falesnou detekci

[MyNameIsCady]

Nejde mi to za boha spustit, vždy to hlásí stejnou chybu: zoek.exe není platná aplikace typu Win32

[vyosek]

Dejte tedy log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

[MyNameIsCady]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Karol at 2014-08-30 18:55:08
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 188 GB (41%) free of 461 GB
Total RAM: 3691 MB (58% free)

HijackThis download failed

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 3720112
\??\C:\Windows\system32\conhost.exe "53565430445204798765770976-64996398242165072413704843751035947045-1892402804
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesService64.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2088
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
atieclxx
"taskhost.exe"
taskeng.exe {BE34AA4B-1EC7-4418-9BE2-E90B32998B7F}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesApp64.exe" /TUStart /pid:2056
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" -quickstart
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" "-quickstart" "-env:OOO_CWD=2C:\\Program Files (x86)\\OpenOffice.org 3\\program"
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\AVG PC TuneUp 2014\TUAutoUpdateCheck.exe" /notify

"C:\Users\Karol\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2746505849-1622842176-3222786117-1001Core.job - C:\Users\Karol\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2746505849-1622842176-3222786117-1001UA.job - C:\Users\Karol\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\obw3cq37.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/?clid=22668"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.179 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0]
"Description"=RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0]
"Description"=RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0]
"Description"=RealNetworks(tm) RealDownloader Peppe rFlash Video Shim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282]
"Description"=RealPlayer Download Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@realnetworks.com/npdlplugin;version=1]
"Description"=RealDownloader Plugin
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.179 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\obw3cq37.default\extensions\
donottrackplus@abine.com
sitematcher_src@sitematcher_src.com

C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\obw3cq37.default\searchplugins\
freeonlineradioplayerrecorder-customized-web-search.xml
seznam-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-27 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-10 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2012-11-29 539888]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-03-03 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-06 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-27 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-08-16 3942048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-03-03 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{f999a48b-1950-4d81-9971-79018f807b4b} - FreeOnlineRadioPlayerRecorder Toolbar - C:\Users\Karol\AppData\LocalLow\CT2737658\ldrtbFree.dll []
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01 1089288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-01-12 6602856]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-12-21 2480936]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-01-06 615584]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-01-06 379040]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-07-21 8192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=c:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-06-16 221184]
"Facebook Update"=C:\Users\Karol\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-09 138096]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20584608]
"b5fc7b4e77c78228bfbffe7fef976276"=C:\Users\Karol\AppData\Local\Temp\chost.exe .. []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-03-04 336384]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2010-11-09 586296]
"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2010-12-13 318520]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-04-23 43848]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-05-26 152392]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-27 4085896]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

C:\Users\Karol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.3.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-08-28 16:58:10 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-08-28 16:54:55 ----D---- C:\AdwCleaner
2014-08-28 13:57:22 ----A---- C:\Windows\system32\win32k.sys
2014-08-28 13:57:21 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-28 13:57:21 ----A---- C:\Windows\system32\gdi32.dll
2014-08-28 13:45:54 ----D---- C:\Windows\ERUNT
2014-08-28 01:24:34 ----D---- C:\Users\Karol\AppData\Roaming\DropboxMaster
2014-08-28 01:20:26 ----D---- C:\Users\Karol\AppData\Roaming\Dropbox
2014-08-28 01:17:46 ----D---- C:\rsit
2014-08-28 01:17:46 ----D---- C:\Program Files\trend micro
2014-08-27 20:13:57 ----D---- C:\Users\Karol\AppData\Roaming\AVAST Software
2014-08-27 20:07:09 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-08-27 20:07:08 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-08-27 20:07:07 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-08-27 20:07:06 ----A---- C:\Windows\system32\drivers\aswsp.sys
2014-08-27 20:07:05 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-08-27 20:07:02 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-08-27 20:07:00 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-08-27 20:06:58 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-08-27 20:06:41 ----A---- C:\Windows\system32\aswBoot.exe
2014-08-27 20:06:19 ----A---- C:\Windows\avastSS.scr
2014-08-27 20:02:40 ----D---- C:\Program Files\AVAST Software
2014-08-27 19:58:17 ----D---- C:\ProgramData\AVAST Software
2014-08-27 19:53:10 ----SHD---- C:\Config.Msi
2014-08-27 04:23:29 ----D---- C:\Program Files (x86)\Free Samples Vol. 1 by Dj Luczan
2014-08-27 04:12:08 ----D---- C:\Windows\SYSWOW64\bitstreams
2014-08-27 04:12:08 ----AS---- C:\Windows\SYSWOW64\zlib1.dll
2014-08-27 04:12:08 ----AS---- C:\Windows\SYSWOW64\ssleay32.dll
2014-08-27 04:12:08 ----AS---- C:\Windows\SYSWOW64\pthreadVC2.dll
2014-08-27 04:12:08 ----AS---- C:\Windows\SYSWOW64\pthreadGC2.dll
2014-08-27 04:12:08 ----AS---- C:\Windows\SYSWOW64\libssh2.dll
2014-08-27 04:12:08 ----AS---- C:\Windows\SYSWOW64\librtmp.dll
2014-08-27 04:12:08 ----AS---- C:\Windows\SYSWOW64\libidn-11.dll
2014-08-27 04:12:08 ----AS---- C:\Windows\SYSWOW64\libeay32.dll
2014-08-27 04:12:08 ----AS---- C:\Windows\SYSWOW64\libcurl-4.dll
2014-08-27 04:12:07 ----AS---- C:\Windows\SYSWOW64\cudart32_50_35.dll
2014-08-27 04:12:05 ----D---- C:\Program Files (x86)\winzip 17 cz full free
2014-08-26 02:01:23 ----D---- C:\ProgramData\PDFC
2014-08-25 22:15:31 ----D---- C:\Extracted
2014-08-14 03:05:10 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-14 03:05:10 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-14 03:05:09 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-08-14 03:05:09 ----A---- C:\Windows\system32\icardagt.exe
2014-08-14 03:05:04 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-08-14 03:05:04 ----A---- C:\Windows\system32\icardres.dll
2014-08-14 03:04:16 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-14 03:04:16 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:42:47 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-08-13 20:42:47 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-08-13 20:42:47 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-08-13 20:42:47 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-08-13 20:42:47 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-08-13 20:42:47 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:42:47 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:42:47 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:42:47 ----A---- C:\Windows\system32\KBDRU.DLL
2014-08-13 20:42:47 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:42:38 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-08-13 20:42:38 ----A---- C:\Windows\system32\tzres.dll
2014-08-13 20:42:20 ----A---- C:\Windows\system32\msi.dll
2014-08-13 20:42:19 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-13 20:42:19 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-08-13 20:42:19 ----A---- C:\Windows\system32\authui.dll
2014-08-13 20:42:18 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-13 20:42:18 ----A---- C:\Windows\system32\msihnd.dll
2014-08-13 20:42:18 ----A---- C:\Windows\system32\consent.exe
2014-08-13 20:42:08 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-13 20:42:03 ----A---- C:\Windows\system32\shell32.dll
2014-08-13 20:42:02 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-08-13 20:41:49 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-08-13 20:41:49 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-08-13 20:41:48 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-08-13 20:41:48 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-08-13 20:41:47 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-08-13 20:41:47 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:41:47 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:41:46 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-08-13 20:41:46 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-08-13 20:41:46 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-08-13 20:41:46 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:41:42 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-08-13 20:41:42 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-08-13 20:41:42 ----A---- C:\Windows\system32\iernonce.dll
2014-08-13 20:41:42 ----A---- C:\Windows\system32\ie4uinit.exe
2014-08-13 20:41:40 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-08-13 20:41:40 ----A---- C:\Windows\system32\urlmon.dll
2014-08-13 20:41:40 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:41:39 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-08-13 20:41:39 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:41:38 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-08-13 20:41:38 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-08-13 20:41:38 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-08-13 20:41:38 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-13 20:41:38 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-13 20:41:36 ----A---- C:\Windows\system32\iesetup.dll
2014-08-13 20:41:36 ----A---- C:\Windows\system32\iedkcs32.dll
2014-08-13 20:41:34 ----A---- C:\Windows\system32\iertutil.dll
2014-08-13 20:41:33 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-08-13 20:41:33 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-08-13 20:41:33 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-08-13 20:41:32 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-08-13 20:41:32 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-08-13 20:41:32 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-08-13 20:41:31 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-13 20:41:30 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-08-13 20:41:30 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-08-13 20:41:26 ----A---- C:\Windows\system32\ieui.dll
2014-08-13 20:41:26 ----A---- C:\Windows\system32\ieframe.dll
2014-08-13 20:41:26 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-13 20:41:25 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:41:25 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-13 20:41:25 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-13 20:41:24 ----A---- C:\Windows\system32\vbscript.dll
2014-08-13 20:41:24 ----A---- C:\Windows\system32\jscript9diag.dll
2014-08-13 20:41:24 ----A---- C:\Windows\system32\jscript9.dll
2014-08-13 20:41:23 ----A---- C:\Windows\system32\wininet.dll
2014-08-13 20:41:23 ----A---- C:\Windows\system32\ieapfltr.dll
2014-08-13 20:41:22 ----A---- C:\Windows\system32\msrating.dll
2014-08-13 20:41:22 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:41:21 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:41:21 ----A---- C:\Windows\system32\mshtml.dll
2014-08-13 20:38:31 ----A---- C:\Windows\system32\rpcrt4.dll
2014-08-13 20:38:30 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-13 20:38:29 ----A---- C:\Windows\system32\aepdu.dll
2014-08-13 20:38:28 ----A---- C:\Windows\system32\aeinv.dll
2014-08-02 15:34:45 ----A---- C:\Windows\system32\wups2.dll
2014-08-02 15:34:45 ----A---- C:\Windows\system32\wucltux.dll
2014-08-02 15:34:45 ----A---- C:\Windows\system32\wuaueng.dll
2014-08-02 15:34:45 ----A---- C:\Windows\system32\wuauclt.exe
2014-08-02 15:34:21 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-08-02 15:34:21 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-08-02 15:34:21 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-08-02 15:34:21 ----A---- C:\Windows\system32\wups.dll
2014-08-02 15:34:21 ----A---- C:\Windows\system32\wudriver.dll
2014-08-02 15:34:21 ----A---- C:\Windows\system32\wuapi.dll
2014-08-02 15:32:55 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-08-02 15:32:54 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-08-02 15:32:54 ----A---- C:\Windows\system32\wuwebv.dll
2014-08-02 15:32:53 ----A---- C:\Windows\system32\wuapp.exe

======List of files/folders modified in the last 1 month======

2014-08-30 18:54:17 ----D---- C:\Windows\Temp
2014-08-30 18:45:22 ----D---- C:\Windows\system32\config
2014-08-29 14:34:57 ----D---- C:\Windows\system32\Tasks
2014-08-29 09:10:16 ----D---- C:\Windows\winsxs
2014-08-29 09:06:49 ----D---- C:\Windows\SysWOW64
2014-08-29 09:06:49 ----D---- C:\Windows\System32
2014-08-29 03:01:30 ----SHD---- C:\System Volume Information
2014-08-28 14:01:14 ----RD---- C:\Program Files (x86)
2014-08-28 13:53:32 ----D---- C:\Windows\system32\catroot
2014-08-28 13:45:54 ----D---- C:\Windows
2014-08-28 01:28:13 ----D---- C:\Program Files (x86)\IrfanView
2014-08-28 01:28:13 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2014-08-28 01:17:46 ----RD---- C:\Program Files
2014-08-27 21:58:47 ----D---- C:\Program Files (x86)\sweetpacks bundle uninstaller_SweetPlayer_1348381
2014-08-27 20:19:10 ----D---- C:\Windows\system32\drivers
2014-08-27 20:16:52 ----D---- C:\Windows\inf
2014-08-27 20:09:35 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2014-08-27 19:58:17 ----HD---- C:\ProgramData
2014-08-27 19:54:57 ----D---- C:\Windows\system32\catroot2
2014-08-27 19:54:09 ----SHD---- C:\Windows\Installer
2014-08-27 19:53:36 ----D---- C:\Windows\system32\DriverStore
2014-08-27 18:46:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-26 02:01:15 ----SD---- C:\Users\Karol\AppData\Roaming\Microsoft
2014-08-25 22:17:56 ----D---- C:\Program Files (x86)\Google
2014-08-25 22:16:34 ----D---- C:\Windows\Tasks
2014-08-25 01:20:53 ----D---- C:\Users\Karol\AppData\Roaming\BSplayer PRO
2014-08-25 01:06:43 ----D---- C:\Users\Karol\AppData\Roaming\Audacity
2014-08-15 20:21:17 ----D---- C:\Windows\Microsoft.NET
2014-08-15 16:38:48 ----RSD---- C:\Windows\assembly
2014-08-14 04:45:58 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-08-14 04:07:22 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-08-14 04:07:22 ----D---- C:\Windows\system32\cs-CZ
2014-08-14 04:07:22 ----D---- C:\Windows\ehome
2014-08-14 04:07:16 ----RSD---- C:\Windows\Fonts
2014-08-14 04:06:24 ----D---- C:\Program Files\Internet Explorer
2014-08-14 04:06:20 ----D---- C:\Windows\SYSWOW64\en-US
2014-08-14 04:06:17 ----D---- C:\Windows\PolicyDefinitions
2014-08-14 04:06:15 ----D---- C:\Windows\system32\en-US
2014-08-14 04:06:10 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-14 03:46:30 ----D---- C:\ProgramData\Microsoft Help
2014-08-14 03:29:20 ----D---- C:\Windows\system32\MRT
2014-08-14 03:21:40 ----A---- C:\Windows\system32\MRT.exe
2014-08-14 03:02:55 ----SD---- C:\Windows\system32\CompatTel
2014-08-12 22:03:09 ----D---- C:\Windows\Minidump
2014-08-05 09:20:00 ----N---- C:\Windows\system32\MpSigStub.exe
2014-08-02 16:43:02 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-31 13:14:05 ----D---- C:\Program Files (x86)\Mozilla Firefox.bak

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2010-11-12 77952]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2010-11-12 37504]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-08-27 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-08-27 224896]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-08-27 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-08-27 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-08-27 427360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-03-09 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-08-27 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-08-27 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-08-27 92008]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-21 146432]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-03-05 8283136]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-03-04 295424]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-01-06 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-02-10 2717696]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-03-01 115216]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-01-06 298144]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-01-06 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-01-06 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-01-06 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-01-06 154272]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-01-06 279200]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2011-02-09 31088]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-01-12 2709224]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-02-15 335464]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-05 436840]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-12-21 1402416]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesDriver64.sys [2013-09-18 14112]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-11-29 44672]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-03-04 203776]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-03-04 354304]
R2 AMD Reservation Manager;AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-01-06 138400]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-01-06 53920]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-08-27 50344]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-02-04 92216]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2010-12-28 1817088]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesService64.exe [2014-04-15 2185528]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-02-04 797240]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-05-26 641352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-25 116648]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-14 262320]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-25 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-23 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-04 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[vyosek]

Tohle je RSIT, ja chtel FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100 takze poprosim o nej...

[MyNameIsCady]

Omlouvám se, teď už jsem otevřela správnou věc:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-08-2014
Ran by Karol (administrator) on KAROL-HP on 30-08-2014 19:19:39
Running from C:\Users\Karol\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(AVG) C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG) C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesApp64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVG) C:\Program Files (x86)\AVG PC TuneUp 2014\TUAutoUpdateCheck.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6602856 2011-01-12] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-21] (Synaptics Incorporated)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-01-06] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2011-01-06] (Atheros Commnucations)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520 2010-12-13] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-27] (AVAST Software)
HKU\S-1-5-21-2746505849-1622842176-3222786117-1001\...\Run: [ISUSPM Startup] => c:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
HKU\S-1-5-21-2746505849-1622842176-3222786117-1001\...\Run: [Facebook Update] => C:\Users\Karol\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-09] (Facebook Inc.)
HKU\S-1-5-21-2746505849-1622842176-3222786117-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKU\S-1-5-21-2746505849-1622842176-3222786117-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2746505849-1622842176-3222786117-1001\...\Run: [b5fc7b4e77c78228bfbffe7fef976276] => "C:\Users\Karol\AppData\Local\Temp\chost.exe" .. <===== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Karol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Karol\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Karol\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Karol\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Karol\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Karol\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Karol\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Karol\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
URLSearchHook: HKLM-x32 - FreeOnlineRadioPlayerRecorder Toolbar - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Users\Karol\AppData\LocalLow\CT2737658\ldrtbFree.dll No File
URLSearchHook: HKCU - FreeOnlineRadioPlayerRecorder Toolbar - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Users\Karol\AppData\LocalLow\CT2737658\ldrtbFree.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM-x32 - FreeOnlineRadioPlayerRecorder Toolbar - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Users\Karol\AppData\LocalLow\CT2737658\ldrtbFree.dll No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 89.203.231.10 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\obw3cq37.default
FF DefaultSearchEngine: Seznam
FF SearchEngineOrder.1: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: https://www.seznam.cz/?clid=22668
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Karol\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\obw3cq37.default\searchplugins\freeonlineradioplayerrecorder-customized-web-search.xml
FF SearchPlugin: C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\obw3cq37.default\searchplugins\seznam-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\obw3cq37.default\Extensions\donottrackplus@abine.com [2014-07-13]
FF Extension: Site Matcher - C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\obw3cq37.default\Extensions\sitematcher_src@sitematcher_src.com [2014-07-11]
FF Extension: Click to call with Skype - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-07-23]
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-07]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-27]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-01-28]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HomePage: Default ->
CHR Profile: C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-25]
CHR Extension: (Google Drive) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-25]
CHR Extension: (YouTube) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-25]
CHR Extension: (Recherche Google) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-25]
CHR Extension: (RealDownloader) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-08-25]
CHR Extension: (Click to call with Skype) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-08-25]
CHR Extension: (No Name) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2014-08-25]
CHR Extension: (Google Wallet) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-25]
CHR Extension: (Gmail) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-25]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-27]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-08-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [354304 2011-03-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [194496 2010-06-17] (Advanced Micro Devices)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-06] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [53920 2011-01-06] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-27] (AVAST Software)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2010-12-28] (Realsil Microelectronics Inc.) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesService64.exe [2185528 2014-04-15] (AVG)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [42808 2014-04-15] (AVG)
S2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-02-25] (Xobni Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-27] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-27] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-09] (DT Soft Ltd)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-30 19:19 - 2014-08-30 19:21 - 00022567 _____ () C:\Users\Karol\Desktop\FRST.txt
2014-08-30 19:16 - 2014-08-30 19:19 - 00000000 ____D () C:\FRST
2014-08-30 18:38 - 2014-08-30 18:43 - 02103808 _____ (Farbar) C:\Users\Karol\Desktop\FRST64.exe
2014-08-29 14:34 - 2014-08-29 14:34 - 00002928 _____ () C:\Windows\System32\Tasks\{DB18E0F1-F2AA-4554-9B96-F29A9158795F}
2014-08-29 14:34 - 2014-08-29 14:34 - 00002928 _____ () C:\Windows\System32\Tasks\{57C50D16-D03E-4678-8F3B-6FBE2AEF87E1}
2014-08-29 09:22 - 2014-08-29 09:22 - 01288595 _____ () C:\Users\Karol\Desktop\zoek.exe
2014-08-29 09:13 - 2014-08-29 09:13 - 00003340 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2746505849-1622842176-3222786117-1001
2014-08-28 16:58 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-28 16:54 - 2014-08-28 19:46 - 00000000 ____D () C:\AdwCleaner
2014-08-28 14:16 - 2014-08-28 14:16 - 00033479 _____ () C:\Users\Karol\Desktop\JRT.txt
2014-08-28 13:57 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 13:57 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 13:57 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-28 13:45 - 2014-08-28 13:45 - 00000000 ____D () C:\Windows\ERUNT
2014-08-28 13:44 - 2014-08-28 13:44 - 01364531 _____ () C:\Users\Karol\Desktop\adwcleaner_3.308.exe
2014-08-28 13:43 - 2014-08-28 13:43 - 01016261 _____ (Thisisu) C:\Users\Karol\Desktop\JRT.exe
2014-08-28 01:24 - 2014-08-28 01:24 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\DropboxMaster
2014-08-28 01:23 - 2014-08-28 01:23 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-28 01:20 - 2014-08-28 01:24 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\Dropbox
2014-08-28 01:17 - 2014-08-30 18:55 - 00000000 ____D () C:\Program Files\trend micro
2014-08-28 01:17 - 2014-08-28 01:28 - 00000000 ____D () C:\rsit
2014-08-28 01:15 - 2014-08-28 01:15 - 01222144 _____ () C:\Users\Karol\Desktop\RSITx64.exe
2014-08-28 01:06 - 2014-08-29 09:13 - 00003206 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2746505849-1622842176-3222786117-1001
2014-08-27 20:13 - 2014-08-27 20:13 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\AVAST Software
2014-08-27 20:09 - 2014-08-27 20:13 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-27 20:09 - 2014-08-27 20:09 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-27 20:09 - 2014-08-27 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-27 20:07 - 2014-08-27 20:09 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-27 20:07 - 2014-08-27 20:06 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-27 20:07 - 2014-08-27 20:06 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-27 20:07 - 2014-08-27 20:06 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-27 20:07 - 2014-08-27 20:06 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-27 20:07 - 2014-08-27 20:06 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-27 20:07 - 2014-08-27 20:06 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-27 20:06 - 2014-08-27 20:06 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-27 20:06 - 2014-08-27 20:06 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-27 20:06 - 2014-08-27 20:06 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-27 20:02 - 2014-08-27 20:02 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-27 20:01 - 2014-08-27 20:01 - 00000003 _____ () C:\Users\Karol\stut
2014-08-27 19:58 - 2014-08-27 20:02 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-27 19:58 - 2014-08-27 19:58 - 00000000 _____ () C:\Users\Karol\rgut
2014-08-27 04:23 - 2014-08-27 04:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Samples Vol. 1 by Dj Luczan
2014-08-27 04:23 - 2014-08-27 04:23 - 00000000 ____D () C:\Program Files (x86)\Free Samples Vol. 1 by Dj Luczan
2014-08-27 04:12 - 2014-08-27 21:50 - 00000000 ____D () C:\Program Files (x86)\winzip 17 cz full free
2014-08-27 04:12 - 2014-08-27 04:12 - 00000000 ____D () C:\Windows\SysWOW64\bitstreams
2014-08-27 04:12 - 2014-08-27 04:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\winzip 17 cz full free
2014-08-27 04:12 - 2013-10-26 20:30 - 01704448 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2014-08-27 04:12 - 2013-10-26 20:30 - 00538126 ____S () C:\Windows\SysWOW64\libcurl-4.dll
2014-08-27 04:12 - 2013-10-26 20:30 - 00364544 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2014-08-27 04:12 - 2013-10-26 20:30 - 00192512 ____S () C:\Windows\SysWOW64\libidn-11.dll
2014-08-27 04:12 - 2013-10-26 20:30 - 00171008 ____S (The libssh2 library, http://www.libssh2.org/) C:\Windows\SysWOW64\libssh2.dll
2014-08-27 04:12 - 2013-10-26 20:30 - 00133632 ____S () C:\Windows\SysWOW64\librtmp.dll
2014-08-27 04:12 - 2013-10-26 20:30 - 00044727 ____S () C:\Windows\SysWOW64\diablo130302.cl
2014-08-27 04:12 - 2013-10-26 20:30 - 00043810 ____S () C:\Windows\SysWOW64\poclbm130302.cl
2014-08-27 04:12 - 2013-10-26 20:30 - 00030802 ____S () C:\Windows\SysWOW64\diakgcn121016.cl
2014-08-27 04:12 - 2013-10-26 20:30 - 00023825 ____S () C:\Windows\SysWOW64\scrypt130511.cl
2014-08-27 04:12 - 2013-10-26 20:30 - 00013062 ____S () C:\Windows\SysWOW64\phatk121016.cl
2014-08-27 04:12 - 2013-06-12 15:15 - 00119888 ____S (Open Source Software community LGPL) C:\Windows\SysWOW64\pthreadGC2.dll
2014-08-27 04:12 - 2013-06-12 15:15 - 00100864 ____S () C:\Windows\SysWOW64\zlib1.dll
2014-08-27 04:12 - 2012-09-25 23:46 - 00472424 ____S (NVIDIA Corporation) C:\Windows\SysWOW64\cudart32_50_35.dll
2014-08-27 04:12 - 2012-05-27 01:36 - 00055808 ____S (Open Source Software community LGPL) C:\Windows\SysWOW64\pthreadVC2.dll
2014-08-26 16:10 - 2014-08-26 16:11 - 04860576 _____ (AVAST Software) C:\Users\Karol\Desktop\avast_free_antivirus_setup_online.exe
2014-08-26 02:01 - 2014-08-26 02:01 - 00000000 ____D () C:\ProgramData\PDFC
2014-08-25 22:18 - 2014-08-25 22:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-25 22:16 - 2014-08-30 18:32 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-25 22:16 - 2014-08-30 18:27 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-25 22:16 - 2014-08-25 22:22 - 00003946 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-25 22:16 - 2014-08-25 22:22 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-25 22:15 - 2014-08-27 21:41 - 00000000 ____D () C:\Extracted
2014-08-25 01:18 - 2014-08-25 01:18 - 10672540 _____ () C:\Users\Karol\Desktop\wannabe.wmv
2014-08-24 22:39 - 2014-08-24 22:39 - 00000000 ____D () C:\Users\Karol\AppData\Local\Adobe
2014-08-14 03:05 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 03:05 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 03:05 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 03:05 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 03:05 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 03:05 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 03:04 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 03:04 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:42 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:42 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:42 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:42 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:42 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:42 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:42 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:42 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:42 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:42 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:42 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:42 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:42 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:42 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:42 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:42 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:42 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:42 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:42 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:42 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:42 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:42 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:42 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:41 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:41 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:41 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:41 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:41 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:41 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:41 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:41 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:41 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:41 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:41 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:41 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:41 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:41 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:41 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:41 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:41 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:41 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:41 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:41 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:41 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:41 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:41 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:41 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:41 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:41 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:41 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:41 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:41 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:41 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:41 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:41 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:41 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:41 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:41 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:41 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:41 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:41 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:41 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:41 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:41 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:41 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:41 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:41 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:41 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:41 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:41 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:41 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:41 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:41 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:41 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:41 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:41 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:41 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:41 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:41 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:38 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:38 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-13 20:38 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:38 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-12 22:03 - 2014-08-12 22:03 - 00373432 _____ () C:\Windows\Minidump\081214-35162-01.dmp
2014-08-08 18:55 - 2014-08-08 18:56 - 00641784 _____ () C:\Windows\Minidump\080814-31933-01.dmp
2014-08-07 02:55 - 2014-08-07 02:55 - 00373448 _____ () C:\Windows\Minidump\080714-34757-01.dmp
2014-08-05 17:45 - 2014-08-05 17:45 - 01044256 _____ () C:\Windows\Minidump\080514-35240-01.dmp
2014-08-04 17:10 - 2014-08-04 17:11 - 00373424 _____ () C:\Windows\Minidump\080414-36753-01.dmp
2014-08-02 16:43 - 2014-08-28 19:53 - 00001280 _____ () C:\Windows\PFRO.log
2014-08-02 15:34 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-02 15:34 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-02 15:34 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-02 15:34 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-02 15:34 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-02 15:34 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-02 15:34 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-02 15:34 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-02 15:34 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-02 15:34 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-02 15:32 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-02 15:32 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-02 15:32 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-02 15:32 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-07-31 12:51 - 2014-07-31 12:51 - 00373432 _____ () C:\Windows\Minidump\073114-38875-01.dmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-30 19:21 - 2014-08-30 19:19 - 00022567 _____ () C:\Users\Karol\Desktop\FRST.txt
2014-08-30 19:21 - 2012-04-09 14:18 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-30 19:19 - 2014-08-30 19:16 - 00000000 ____D () C:\FRST
2014-08-30 19:00 - 2012-01-22 16:01 - 00000000 ____D () C:\Users\Karol\Documents\Youcam
2014-08-30 18:56 - 2012-02-20 01:03 - 01491664 _____ () C:\Windows\WindowsUpdate.log
2014-08-30 18:55 - 2014-08-28 01:17 - 00000000 ____D () C:\Program Files\trend micro
2014-08-30 18:43 - 2014-08-30 18:38 - 02103808 _____ (Farbar) C:\Users\Karol\Desktop\FRST64.exe
2014-08-30 18:32 - 2014-08-25 22:16 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-30 18:27 - 2014-08-25 22:16 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-30 18:27 - 2013-01-09 17:21 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2746505849-1622842176-3222786117-1001Core.job
2014-08-30 18:21 - 2013-01-09 17:21 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2746505849-1622842176-3222786117-1001UA.job
2014-08-30 18:21 - 2011-08-27 12:55 - 00000035 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini
2014-08-29 14:34 - 2014-08-29 14:34 - 00002928 _____ () C:\Windows\System32\Tasks\{DB18E0F1-F2AA-4554-9B96-F29A9158795F}
2014-08-29 14:34 - 2014-08-29 14:34 - 00002928 _____ () C:\Windows\System32\Tasks\{57C50D16-D03E-4678-8F3B-6FBE2AEF87E1}
2014-08-29 09:22 - 2014-08-29 09:22 - 01288595 _____ () C:\Users\Karol\Desktop\zoek.exe
2014-08-29 09:19 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-29 09:19 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-29 09:13 - 2014-08-29 09:13 - 00003340 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2746505849-1622842176-3222786117-1001
2014-08-29 09:13 - 2014-08-28 01:06 - 00003206 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2746505849-1622842176-3222786117-1001
2014-08-29 09:09 - 2014-07-01 00:20 - 00006328 _____ () C:\Windows\setupact.log
2014-08-29 09:09 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-29 09:09 - 2009-07-14 06:45 - 00440152 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-28 21:34 - 2011-11-25 23:25 - 00003970 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{852E2CC2-24A6-4686-AD7D-BC6319EB0106}
2014-08-28 19:53 - 2014-08-02 16:43 - 00001280 _____ () C:\Windows\PFRO.log
2014-08-28 19:46 - 2014-08-28 16:54 - 00000000 ____D () C:\AdwCleaner
2014-08-28 19:45 - 2014-07-11 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweeetPlayer bundle
2014-08-28 14:16 - 2014-08-28 14:16 - 00033479 _____ () C:\Users\Karol\Desktop\JRT.txt
2014-08-28 13:58 - 2011-12-03 23:28 - 00000000 ____D () C:\Users\Karol\AppData\Local\CrashDumps
2014-08-28 13:45 - 2014-08-28 13:45 - 00000000 ____D () C:\Windows\ERUNT
2014-08-28 13:44 - 2014-08-28 13:44 - 01364531 _____ () C:\Users\Karol\Desktop\adwcleaner_3.308.exe
2014-08-28 13:43 - 2014-08-28 13:43 - 01016261 _____ (Thisisu) C:\Users\Karol\Desktop\JRT.exe
2014-08-28 01:50 - 2011-12-03 21:49 - 00001130 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-08-28 01:50 - 2011-12-03 21:49 - 00001130 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-28 01:28 - 2014-08-28 01:17 - 00000000 ____D () C:\rsit
2014-08-28 01:28 - 2013-03-09 16:31 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-08-28 01:28 - 2012-02-14 20:38 - 00000000 ____D () C:\Program Files (x86)\IrfanView
2014-08-28 01:24 - 2014-08-28 01:24 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\DropboxMaster
2014-08-28 01:24 - 2014-08-28 01:20 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\Dropbox
2014-08-28 01:23 - 2014-08-28 01:23 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-28 01:15 - 2014-08-28 01:15 - 01222144 _____ () C:\Users\Karol\Desktop\RSITx64.exe
2014-08-27 21:58 - 2014-07-11 18:14 - 00000000 ____D () C:\Program Files (x86)\sweetpacks bundle uninstaller_SweetPlayer_1348381
2014-08-27 21:50 - 2014-08-27 04:12 - 00000000 ____D () C:\Program Files (x86)\winzip 17 cz full free
2014-08-27 21:41 - 2014-08-25 22:15 - 00000000 ____D () C:\Extracted
2014-08-27 20:13 - 2014-08-27 20:13 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\AVAST Software
2014-08-27 20:13 - 2014-08-27 20:09 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-27 20:09 - 2014-08-27 20:09 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-27 20:09 - 2014-08-27 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-27 20:09 - 2014-08-27 20:07 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-27 20:09 - 2011-12-03 21:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-08-27 20:06 - 2014-08-27 20:07 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-27 20:06 - 2014-08-27 20:07 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-27 20:06 - 2014-08-27 20:07 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-27 20:06 - 2014-08-27 20:07 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-27 20:06 - 2014-08-27 20:07 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-27 20:06 - 2014-08-27 20:07 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-27 20:06 - 2014-08-27 20:06 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-27 20:06 - 2014-08-27 20:06 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-27 20:06 - 2014-08-27 20:06 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-27 20:02 - 2014-08-27 20:02 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-27 20:02 - 2014-08-27 19:58 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-27 20:01 - 2014-08-27 20:01 - 00000003 _____ () C:\Users\Karol\stut
2014-08-27 20:01 - 2011-11-25 23:17 - 00000000 ____D () C:\Users\Karol
2014-08-27 19:58 - 2014-08-27 19:58 - 00000000 _____ () C:\Users\Karol\rgut
2014-08-27 18:46 - 2011-05-11 01:54 - 00669132 _____ () C:\Windows\system32\perfh005.dat
2014-08-27 18:46 - 2011-05-11 01:54 - 00141760 _____ () C:\Windows\system32\perfc005.dat
2014-08-27 18:46 - 2009-07-14 07:13 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-27 14:53 - 2011-12-26 17:03 - 00000000 ___RD () C:\Users\Karol\Desktop\CAROLINE
2014-08-27 04:23 - 2014-08-27 04:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Samples Vol. 1 by Dj Luczan
2014-08-27 04:23 - 2014-08-27 04:23 - 00000000 ____D () C:\Program Files (x86)\Free Samples Vol. 1 by Dj Luczan
2014-08-27 04:19 - 2012-02-01 21:07 - 00000000 ____D () C:\Users\Karol\Desktop\Filmy
2014-08-27 04:16 - 2012-02-01 21:07 - 00000000 ____D () C:\Users\Karol\Desktop\Seriály
2014-08-27 04:12 - 2014-08-27 04:12 - 00000000 ____D () C:\Windows\SysWOW64\bitstreams
2014-08-27 04:12 - 2014-08-27 04:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\winzip 17 cz full free
2014-08-26 16:11 - 2014-08-26 16:10 - 04860576 _____ (AVAST Software) C:\Users\Karol\Desktop\avast_free_antivirus_setup_online.exe
2014-08-26 02:01 - 2014-08-26 02:01 - 00000000 ____D () C:\ProgramData\PDFC
2014-08-25 22:22 - 2014-08-25 22:16 - 00003946 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-25 22:22 - 2014-08-25 22:16 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-25 22:18 - 2014-08-25 22:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-25 22:17 - 2013-01-07 01:31 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-25 01:20 - 2012-03-30 18:29 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\BSplayer PRO
2014-08-25 01:18 - 2014-08-25 01:18 - 10672540 _____ () C:\Users\Karol\Desktop\wannabe.wmv
2014-08-25 01:06 - 2012-11-24 22:53 - 00000000 ____D () C:\Users\Karol\AppData\Roaming\Audacity
2014-08-24 22:39 - 2014-08-24 22:39 - 00000000 ____D () C:\Users\Karol\AppData\Local\Adobe
2014-08-23 04:07 - 2014-08-28 13:57 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 13:57 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 13:57 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-14 04:46 - 2012-04-09 14:18 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-14 04:45 - 2012-04-09 14:17 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-14 04:45 - 2012-01-24 18:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-14 04:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 03:46 - 2012-01-13 23:59 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 03:29 - 2013-08-15 03:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 03:21 - 2012-01-14 16:27 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 03:02 - 2014-05-07 06:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-12 22:03 - 2014-08-12 22:03 - 00373432 _____ () C:\Windows\Minidump\081214-35162-01.dmp
2014-08-12 22:03 - 2012-02-20 00:59 - 00000000 ____D () C:\Windows\Minidump
2014-08-12 22:02 - 2014-07-16 02:38 - 396051126 _____ () C:\Windows\MEMORY.DMP
2014-08-12 03:35 - 2011-11-25 23:25 - 00000000 ____D () C:\Users\Karol\Documents\Bluetooth Folder
2014-08-08 18:56 - 2014-08-08 18:55 - 00641784 _____ () C:\Windows\Minidump\080814-31933-01.dmp
2014-08-07 04:06 - 2014-08-13 20:38 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:38 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 02:55 - 2014-08-07 02:55 - 00373448 _____ () C:\Windows\Minidump\080714-34757-01.dmp
2014-08-05 17:45 - 2014-08-05 17:45 - 01044256 _____ () C:\Windows\Minidump\080514-35240-01.dmp
2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 17:11 - 2014-08-04 17:10 - 00373424 _____ () C:\Windows\Minidump\080414-36753-01.dmp
2014-08-02 16:43 - 2012-05-10 06:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-01 01:41 - 2014-08-13 20:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-13 20:41 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 13:14 - 2014-06-10 19:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-07-31 12:51 - 2014-07-31 12:51 - 00373432 _____ () C:\Windows\Minidump\073114-38875-01.dmp

Some content of TEMP:
====================
C:\Users\Karol\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmdbmjy.dll
C:\Users\Karol\AppData\Local\Temp\lowproc.exe
C:\Users\Karol\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Karol\AppData\Local\Temp\Quarantine.exe
C:\Users\Karol\AppData\Local\Temp\rnsetup0.exe
C:\Users\Karol\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe
C:\Users\Karol\AppData\Local\Temp\stubhelper.dll
C:\Users\Karol\AppData\Local\Temp\WSSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-18 23:40

==================== End Of Log ============================