VIRY.CZ

Prosim o kontrolu logu, mam podezreni na vir. Dekuji.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Eliška at 2014-09-08 15:42:57
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 5 GB (9%) free of 50 GB
Total RAM: 3583 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:43:02, on 8.9.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Users\Eliška\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\SupTab\HpUI.exe
C:\Program Files (x86)\Winamp\winampa.exe
D:\Programy\ACDSee\ACDSee\14.0\ACDSeeInTouch2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\osaui.exe
C:\Program Files (x86)\SupTab\Loader32.exe
C:\Users\Eliška\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Eliška\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Eliška\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Eliška\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Eliška\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\Origin\OriginClientService.exe
C:\Users\Eliška\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Eliška\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Eliška.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1 ... XX5QF2W682
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1 ... XX5QF2W682
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1 ... XX5QF2W682
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1 ... XX5QF2W682
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: CrossriderApp0063311 - {11111111-1111-1111-1111-110611331111} - C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-bho.dll
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll
O2 - BHO: innoApp - {59e47ef9-5163-4e82-9c17-3d6f63dda496} - C:\Program Files (x86)\innoApp\innoAppbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [ACSW14EN] "D:\Programy\ACDSee\ACDSee\14.0\ACDSeeInTouch2.exe" /pid ACSW14EN
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [OfficeSubscriptionAgent] "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\osaui.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Google Update] "C:\Users\Eliška\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [Badoo Desktop] C:\ProgramData\Badoo\Badoo Desktop\1.6.55.1183\Badoo.Desktop.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = ?
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: Torntv Downloader (trntv) - Unknown owner - C:\Users\Eliška\AppData\Roaming\TornTV.com\TornTVSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update innoApp - Unknown owner - C:\Program Files (x86)\innoApp\updateinnoApp.exe
O23 - Service: Util innoApp - Unknown owner - C:\Program Files (x86)\innoApp\bin\utilinnoApp.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12698 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\ProgramData\IePluginServices\PluginService.exe -service
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE"
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
MSOIDSvcm.exe 1880
"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\osa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
"C:\Program Files (x86)\innoApp\updateinnoApp.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"C:\Users\Eliška\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\SupTab\HpUI.exe" -run
"C:\Program Files (x86)\Winamp\winampa.exe"
"D:\Programy\ACDSee\ACDSee\14.0\ACDSeeInTouch2.exe" /pid ACSW14EN
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\SupTab\Loader64.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\osaui.exe"
"C:\Program Files (x86)\SupTab\Loader32.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Users\Eliška\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Eliška\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3288.0.563761994\1792733267" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17 --gpu-vendor-id=0x1002 --gpu-device-id=0x7280 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.56.1.16 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Eliška\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_36/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --renderer-print-preview --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="3288.1.893248964\226381956" /prefetch:673131151
"C:\Users\Eliška\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_36/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --renderer-print-preview --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="3288.2.825632816\1446670664" /prefetch:673131151
"C:\Users\Eliška\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_36/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --renderer-print-preview --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="3288.3.787791042\1039402784" /prefetch:673131151
"C:\Program Files (x86)\Origin\Origin.exe" /Installed:9.4.22.2815
"C:\Program Files (x86)\Origin\OriginClientService.exe" C:\Program Files (x86)\Origin\OriginClientService.exe -args:iKQn3onPoXVtjeLciJbh918l2iQg7U5Z
taskeng.exe {C58F8E8B-A774-4735-9900-34DC0610CFE8}
"C:\Program Files (x86)\TheTorntv V10\b09351af-629b-405f-86d7-2f3223828534-6.exe" /rawdata=NvY4o/Zlp8BJTANrfjGc8/xTxYJyQcUQQzvkSR10p2zu7I+LSg951/FNyfshR4qhwBNhPQ/+DT81bqVyG0WEZF4Ncs0IKB1REZvrp9YXUbk4Rjt0hCLgTo7DmvlIeDECU57ZBhhkiCR8bthOEMSZs8AoHjtfc4bJdwnbh6spwTPFtsvSL0P9uY2naTY+ul8C2e2Glm1f6R0rgcu0TOCUOnR1R7TN60ohJ3PbtwoEWGkpsZnsLl2L9cmYC1cTJL4NE3gSbHRh8Xf+FBXkRlgWwIDEnKYoLj/FNNBoOO6n/lrjei0635DuMXP5cLXPvGTsulOBOl2XO2dCLo4AH0iJsTx32PlbDafJf/PhbiYSjvZZLeb/W72D2s5eXtSTR/uQPZS4Rb/18sxQ0I/v9oJgJGSnn7UD7RqnKRuv19BCggaE8lkInKsXlgHiv5q4ap+zAUlLFSQsYH78KVelhM//RuSrujp2nIL5mIR/hVkDpTYTv4Z/VmtnlBzzZt5PBDLLo+uXcb6vzngOVAYkzBaiKVEexPBmBxa6AZFVoWnrWQqnQgogxmHKZIpzpxobN09L7gbcmoMFEY2mkSJIZsqgpkX/ZJXlVl8oN2k2n7hh8H6lWKB/s82KzHRvFXXX4rE8XT5fAVyIofoxU5ss3933qetCivisIMaEXcM1ASm5fTtrjvDPU+e3McfjSgQxnPWOsteruIp+oX6d+m8YRkXJgiwKmYQj7k8vy9UQm5VD7nQzuzOzJMP+gVhBnODulTjZdYOpRUo1fXTWj2aX9zp/idSGNOvCITpMVlkWcETltI0CblVyYS68WuqF9Zot1E8o0E7x01XVB52eudtFXvTwRLKZ5580sZgLhSNacMcncyBKbP5da/rwk5c6hui9Ga+EGcOabCbikdVoo+ofwUbtL0zlSzVc32rnJps51xni5aT0y2PXVMxHK7lzhIlo2A3GPuPMeZFUlyYxKHhV0qk6Rwf+LzQjcoyzdKf8gjVOwCIuRqwGil7ClFacBRBhBX5JuD/YnArx4itcYZIEsXB4lBI+O94I+FObSRqscNEX1EUjHCyrhDB1Xkq8NxjkwF8MMY5Ja+XysVQAdJJbMrDcXf3EzUzxLpfmSwuidA/X3n++JiWduTnB79gwdsKuwE7i2+TK0ucGM3kwbWgEL3WmOcAjkS/TezLWcYKm0wZd19I6hn2hrmIb4Bq1KorVGB+eSXUCCs/R6uJn+f65Dap4B8XIvhCskfsmJ2uXjyfvaW8OS1CaEfRTWxDWp7dkhIeRHELyBI9yQvEW8eXRUhV/9Mkld8RDqg3rF9i765a8JJRZEZZ8i56CEIphKvGmb0iKjHsJyDIJFq1a2ThqhKsYIQCc8g/t0yo+7kdBjcPAb21OtYG5P3HI+vF0FQD4fDlHl61/0S6fdAcLuUvgc+w2Jd9kE3cYmL3DZ5PDabhlj4zTDzIFg7IwwjPdQ26BzPKHv3xUF/WYB2/dAtavV39HDuzEAJYhe0H3dMEoMJcf1sVDR64wkqjre0hL1PGpDp1G
"C:\Users\Eliška\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_36/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="3288.14.2031900930\903282582" /prefetch:673131151

"C:\Users\Eliška\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_36/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="3288.22.1482999557\1220635608" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Users\Eliška\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\b09351af-629b-405f-86d7-2f3223828534-1.job - C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-codedownloader.exe /rawdata=SlK8vkqj5lXtJPPOyiieggKb4hCA3mldZ/Hu7woBW8rSULPmOo5lgKzynVHE0JJTjWAUbQe9iMiZLFD3s6CZRcLl1F+OONeOhfYU0WYFSNxMljVUxhQDsO9b/WZl6G7kXWOU6692aCjFB0TM0+S1l4JtaktHV6fSAxcdKnwV2g6XsTiMAe11Y3WZZzN7Y4w9eaFDoGo1Tclsl50Mgb5VlUE9EspcV0f4wsVQKku+xRI/Bwc7wbgNgn2xF4eq3nru0ay027rc7jfAK1MxMPn97ErctIAWFZ8Dtx34iRvwRYZ8GeQcTzhyGDPLjUxf9f4M0PdxslBH9IltGCMwiOMQnsN+ySqC34Gf61Mf7EOAnz6T/n+7RXkFqcYewu+ZeuNh0gNRXWftx4kxeoh6qyUk0kuT4pQ6sTZSrb4pZXRvFkGcnOTHtBwU5am/JrGERINvAVcn7i4mCef+x8IpdAuAz3yrVpU2guu7qfZIwCUZFRRC/goCaGV7/qwloo1Y9+22CXpMBNWhsiZjWBryoUcgkA+YLHvaT1znFRN2naEIdGkfRADq2ecFVIxH171DwtWf1ySeHYP0bqlfe2RwRSWd2xMvtI36E0MN2fLqI6CkTbP7/qEVCL7uCBx0pcufAejs6kGMdK94A9+0CL6OZf+s8Jzh05yEiRH9wdfU2qpOXj2dmZdDqDea7E5Vn1kjaxlr5hcIF70iIscEAR2lFbnb4U3OJXCHOKm4sbJrukC+d2N1CgM6HKPXQn5U3WVX9+mnIcPIT/c+WpycHMK7wWLqnDd+QxFtzF3gFOCc/cO3BKBRCc1Cm2II8rgn4DCSKF1zf/NXqYdd1F400lLBF4EuaVqyNqVNEt5TxRz9OlTK1zDE7Wc5svW3lov0NQQzqeVVBwCzTHsVatW6515D0bRwc8NAbppghbl3eJU0Wa5ulGkA50EoYGzbJhMVeMjunU+15wfSm2uXfsqDZSLXXdlRN8+2Thki0eUGdMKNN67hhYh9Bq0xh4EHa5IQG8F+qc7+t5AEfY/tC68QMbQpNCR9vCjF2goxdLIGtXa1kIlSEz1isIrKdKLYJ2h4Hc3t39mbveJCFLBzMvE1rJS7jjc4hZdsd9vcXiwOzUVL5dA05445UWtCS7DPVYoOi2N5oPOlTj+Eqzfa2xJm0+njOcOnTcUXTtXE3lW7kvockfBk7xM=
C:\Windows\tasks\b09351af-629b-405f-86d7-2f3223828534-11.job - C:\Program Files (x86)\TheTorntv V10\b09351af-629b-405f-86d7-2f3223828534-11.exe /rawdata=NZ3y/0KEwsp9P2DlFxGgSLgNc4Iq/YMxfrf6A/OjgHJ3J9YDQqrlFvESvepsmPy5FEtavzxmJJndwHPogXb61cdAwnnnotawitYQObqNaH6Syrkwlu2sYsCz2T91U16ZEXozHVCmquP0Z7Byy+XkRousn3z/0A8aIKoaeOjGSPlToCAn9N4rMxKf43cvhSXf3kOXtSXJJhvFzjqYdo+1Up2FYYvW5MuES/uFlFKNAsFvdTZjY6b4h5zqWDGmbrJATyxMCLhPK6SwirN9amAf3K394usgtm9NJalZQMhrJdOdBDZkTHoqmuFMm7MxDImjfqdViAym+rAxqRcfmOwXGKaVBYvhPLo9KwuVJXq+EkDBrBfBvery4fpBAvyEeYdlJ8+lFubFJRXmVWHv3Tmt8wf7WylPQtmad3hV9PNEvt/Ag3usrweS3Sm0xutQL7X2RFDwXpuw0is91fAZ1fLBkVQFNInE4kfQxCiEs1APFSSR5c2x4q3ESlQX2RAkj/nFLxyntxmt4LhCMXkz1Zj8bu77Fs9p6oReUuOlhkJ4IEwablihCklE99DeV7HPsDva8Y7y97tm3YQ/2EPncVsBmN4ZP28sGnyPei3O8fn61PI1rOPW0MtqiHO2WnTKU+/Yop0NH2W0rs9g37zKbHDBPXLqRqs+wk54bTW3rZ+Acx1WkEd1WPD0B5s+sLuCKl5p9gGe+Exav1JzeauobdvrocZcNjs4NrKlqs6hIG2ErE2i1X6tNh9Ld9Ru2itWh5IgxZGm/M8/2jFMO+6Er0D/wUGYU1XHwP5OGHC+lnEzcNxfVfGHTNFtY0eFUY2fpccB4bInmSmiYOEuprgmuzgXJKt6UZgaNgU2eiIOaRqILFBp9UcDo7EleOoSoSQOC8+95Jn1vx3nvlGTaW4IGB1MFVRAF8Ed1247mLbx5rNcNUj6lRAr9V80ITzADSQqxnyR/QdcuVeSG/fSR4CNP6v98fw32gggKPwowJOlmUb/QMiHJJvLHlke8ajThhw9OSXNFw4zsqlR76odj6/Ldzf4o7oPL9/R8f5PYE64V+dLR6WCTsZXxR4N331Uotv6vzfSyLbrrhaGXHb6ocXQbKY7R6/BBlxYeI87n3Ud3UGTKFiXB5sEaGUcgeX209rSVUZqokpUqN3hjpWaaFtnoft1lKAOunvkTQo40wgXpMXg5Zxfi3fc/wHUKTEMZAbhBZcWExNqABhNHHHUuGJPx+i/qjiPOZWTlPoo/TZcOcC/ts3FeyAASMi69+AmJyj1ziTD4f+BYqbIxafo659b5R66o+pGFh+6z3iD5pV+/HcLymTYHGKJy87Rsblc6Wzt2IgEFxL75klCPJpo7nHBSSnBtoC1DnpPkdBRc2HUcyYk2NKF0ETowsx58vF1KFbNgxPs6IZXe+abpkf4enqjLKhCyQCeLfwmrcGtq6wLovWIIDv7U1cgziS/WoEsHLckfaV3N4xL6Q/fy/l/HREDHR5ren8gmHbh5AYDGf3uwoGY3L+Gbr1d8OKnNL/J9VdEdf+oacv1TdlpKXpVz7CdBm1QpHAlQowMXjpfBCpa6oIf8qFlUCo5GHBTMKpd71FArW/MFimuDr2uGwlAOgWDagziHs8/eTEpG3TM2rG5Tf6GlULNoEEi5RaSb5bA1MSuOD6fE6ZcOMOmTFbTBN5zi6mpXkZRIZeU7/CVbfvFGutZea5FCddpYtaEcSKTjDLDiNzrx2tHLmzwOUbCTa8qqIk+WBsrO6EMCYvzq3/cQbLX3xO3FkZGiT7iDXqAGNCEvt2XM6gSzsq3Tx0l5dgSrl07Hbb9z903kXJybgL6dbDhgNiKaRM0DnNk2TT+lYfZGqQNO9dx16Idkm5twhP9qspu4EU2wbWjKRo0DbKYkvfX3eY/JdvLY7K/pBh2YjFJPJX+JiqVBT8S/njOht8hW4gP+ZG0vhpO/YEADTLrIoXUAs/Iw+nq6N+EMDMMEQqT+6TVAzbSqyQ8KB3XKuc0Rr9UbVG9oS1ZMh3tEtUdo1+/1QOt1k6bxTyc2ViUylGZpmO1
C:\Windows\tasks\b09351af-629b-405f-86d7-2f3223828534-2.job - C:\Program Files (x86)\TheTorntv V10\b09351af-629b-405f-86d7-2f3223828534-2.exe /rawdata=YBRU8s+gLt45OLasEgiJe8MfTG2c30KRPwwbqcKZCf3M1e7isZuoRsm0rzKlmabKr726VEDpo9BAcmSfu8+Km9bwTYM/Gi1Phz/O0MZbmF8WoHvLfNwA/B/nXsgxSFFuvYWUfsUdzEkwtdmK2Cnx83cyxXdkxg/FfohHSG2fJ8ijBe7OwNr9vb1jnwWSa3awFb3aSbEzPmRxTj1z//2vGCAGt7hUXNQH1d9Iw8ugCVNAR2ufa0gbA+oaHHwXzhWfD6xmWdcoo1y5vg9AGeWAfIE8wADKmMj8XSuWRZvfgNcV62zGqXOMG8agIjCqZI95tjxKVOPzcz9eMakrd9NBd6roDgDCcpfPN8XQF5dxf8WB7uForWpbBwhkxlh67aVI546ZwxfkLiomyQR4CVxnP2YS5V9zAYZqZXSlfxqbqyUkA0AD369ZqKL30BAniaO0e6pmsMX88EbsP7sM43cmG4wcD77iQ/yqnUN5Op+ChMczhtdJI7tcnKtrmVLK/9QxlNLychMWzJi4JvWaOJ7rKlzSjBL/kTpYBa5Zn7lKnM3qRBNmPTLI2bsMtD889a6xKTXgtkHZ/ZGKzUwLSizr+Ux6uqbaXamy4X5woBvofSVCv1SZFBSZS9oe+g6Yye94TPz8ovE/1CqSblTY/opk4eHIithzbbmeP5E5iT245tbFrw9Yp2mMs4dCQm9BJrUgDBGBVBNmuGAhKMk7kIQFdlTfO/2Rh1IDNnC5+vjk59povQy7DgOPqNhSWxGaitMqNxS9l7QfnmbIcuHvJ27ZiNtomeOZ1cZ+ogW5sBH92McyHfxeA9+sDgB04PzsR3sNzqx8LJeDlrRuMmbMxCSUJg==
C:\Windows\tasks\b09351af-629b-405f-86d7-2f3223828534-3.job - C:\Program Files (x86)\TheTorntv V10\b09351af-629b-405f-86d7-2f3223828534-3.exe /rawdata=tvzdF3zccEN0iWsBhCXMX7TmSy6rvgGbiW3a4zFwGbX5kI7cmIYMf/xB6mz4zEDpUKrxqq/3uvgyKgQHmNWjBP934rZ0JmpZCs6MXD9E52eBG2mZBVGg7rtND6HdhsgUm0MQBdVwAVNSZTnJ+AG2II+VvzuxU3NWNGw6eYKjKZIWxKKQtrSsJcfSoxYRRhuaKoWjVysn7t2rmsydvquTSXqiq1+UAnFM9bbAF42mjz4cB6CoLmL6/fyDqm9nZy0cDrpuXWREprau/El8GNSt1AlzTEqzJJ44rTakq4ghG8PNsCzSeR+1bjZNHCmL5uciVkDfrsYOsyJLrnU9Mcc/QaxqK6yAjJE0CwkKqxy+rw77glWFj0gIycBmcp1/zGN6LJOfbEgVbiaEBpnfE0KeXKYcVDaWAAUbIObohK1JQvwZ4d//36dsGCtQierFSDqWfoIc/61iFQO6F07OzYfojGfgoPNbDk6CG2roQlPsHEdZMnVbtdNJEWPg47AUAH9tAr4ilqycvRhbt5P/r8qLRgeSDXqzjK3F1pFOccPiRbwY5ymXoH4BDy3U9PrTNZigP8MWGWxz+bc+eYNBmrBoCSuv73t7eZphYdEi5rKLyRi5vJ8Hl1+x4AGdR0hOhcjlY1p2NcjB/hwaX0JP0bEZrqdPZmcvbiYhibBgYNxQk9u2UNvVWYfCtxg523THTB1a0BwVvZBW074Qrz7LSxJasyh9MpTe2tFHe7Ux3G/23n2GV68+USJLqTGUdHrKm7Fbgw9M9NB+TUAMijZaZX/r4Ll534Z1Z9cI8tYDI2vLj26dA1pFbRDxj4FEs2Cj1d/DDXSAth7kGA6Jwt+gLsc3HlDDMRQuqE8JG8Bshv7Oee9S3yZypTgDmM1cR92Qi7nkMmOhp/zoU9c5EeDM3k7zwPwbF1Pf2DMk2PrjD+UVqApBMtYfHdZ+8vydRe6cyYhuoCqiIS50ijbmRl/nROi6QbJnGZ+XAI+YJQ9y7gCUE76XhUQbZFgqG30YApCsnkwzUYxk3A4hhT98CqYwpMDelvxDqm9Y8wlsxdORaK2g1B9n2hhPVK3MfC+0LQtS4YF3K1oPi/dv6IBfWzXHy050b/K+SJ6cWEsDMGRVzKctVviY3wC2BSdaMiNok2wVDqtQJCWtw+UK6yy7TNpSrMJrlx7MYwqBDvrRf7l7a5wU/EsIpWNz/m4i0ekmTj9njrtWYsTIh2qAjdMS+i1lhnOaUO+Fq5Ze8QOZS7C+Vfe0Lj3VUTbND6p8+pEfrmrbWUZ721c4A4Q97uA5emgGqtWaWTPy5h9l1eOzfGilv8R3y975iQgDMSo7Zfk7TuZLyi60U3EqoycwMZpgBqbh53cjVg==
C:\Windows\tasks\b09351af-629b-405f-86d7-2f3223828534-4.job - C:\Program Files (x86)\TheTorntv V10\b09351af-629b-405f-86d7-2f3223828534-4.exe /rawdata=QtoO4AtN99trDdfdnlC/lbXzX+Z9IwDotQ2ETTncMyq6LXQrlUdkJYGcAPiEDlXnz/U/VM/Qp42kptoGmCMlODVoaH+Jne5SQjTVRgtl2xT+VP9R7Hcl8SqJ5w4Rgrz9Xlr+f/9V29hyV8cXSoF/LRgdYpbCHZ7wUlUGM+kRNcBR9/FVyoIqCYLw/D9jsNjfBhJcK4qP74xULoC7kx/1MfMSV4R16/h379aVowcCpREAY7NBDmHsqzB4DRxmtzIp+9AC9TBIDlzjMqpqYC0Qh/moA3gHovdm4Zm9TG0/qvMZGeWh1S+xjJStSn3/UcmlI/mmUxCcBwgw/zZMHeTboqACZWgAL7MenRebGbnROZ8Z/QoX0KDHiC1dccrNrgoEd+2dS3sPEYZ5ZOkbwqA9ubqTwPZdE8rLjexGoYqzDC1TUqUs15xJw3nwKGhaI+Lt+iXvkRHXrRLWVNXIfUFdUBBjMUG+8UGvBhADlb4TCDIaVvjBFGb6Y0Q3KofJ+mD8AzKVcYLo3hitMOZPuEFQB/3mUdtQl51ORBCnoLkr+bv8mwQcKwHbN/IrrkpUWCJFOZbl35FJLc08E2PWgVaXgKvWspA0+cNQ6r543kT7EPck//78R21RPnjkL+rWGukt7Q2lG7vi+8RX+LsDEQsviMv1KIFcTEbZpv1aqt4o1WY6Ea+IWGaodATDYhcVHLtP7lcVd+LLWkcgznpw8Qic+/gyzM1HkdYk163JSyBj5xtkgAkeOZVYt97Um4xOeszdHbNA95QDeGB19MBLYTl7MZDqCKL+KyjobogILZX+HCgtFLHaI75J/3mvftXD7nDPE45MHUaDkQ61qIfXb3L7yYvclW7XDNDYm7zb++ys/fw/yuSpmlnhiN8QgGzxBrEauVHO8dGwV1EVYAvE3YhGHkhQRQa378/k9PeRLP8vML3HE3072ufMM2WQS3HyTvwlrs+T4AsTM2Z/y+24BbumhXP5OkOQL3TH8hJT2CFeI/IoqxWMJY+vHh/3dDH8c1P9rPPovW6YDeb5llHDBFwnM5x5bvkrIn+KiBkH57ZlOPkZ7NZ1HxIT1HYITZSdlAYld9l9UbhnirMnjHmTqNE2p47M0PBmf/bM659U4Up3L16nUmAPdApZVLu9/duJe+rzlB6a5tenmsCnSkPn+txV0HTb8mZDsuIQ7VQiN4EKtoi6+tHTAE4wJx4Iomp4QDWskpjr6HjX95XnSYXyLzIfnZVA5zjoWNXlaWp15gXJ3sevgNdNEc8u9kOBfJutzHdTAe/QfrvSVBxysIZ9LVmRd8YsyX8mHaM2Z16qvo3vM4rg39+iAeJspq+M2YEDTE5YMvAa/E8jQlX2tiAzx0GQmWCy5FhnN/nujnm5Mzo84LreqGkByni6ayHO2O5mlheCHB6EjDrGewQGH2NzL48hIesOEZUGmLhLGlfdYc69dhamNMx6P2j6BFnN84hdWVYS+yBcCF20HvbDmvB6RSIOIUUnHwAxF0b0M2X2h1dGu7AF9qqt5/jYxn/PA0um0w0fN/d+HFmdW7AHHl9f3g6GNZcPE5HCQJV/SD2dFMC5r9+Iop5nb1bcSOgy77RgFPjPDBceqiYiL5ceGADBPkY2OeLrwIIRYtYpW3+NAaRppawPnbDKqWpuqi4wCA1/LHup8k8z4cwH6gcblCWw12hv2tQeiRSZBV/f7pzxb3lm2G8=
C:\Windows\tasks\b09351af-629b-405f-86d7-2f3223828534-5.job - C:\Program Files (x86)\TheTorntv V10\b09351af-629b-405f-86d7-2f3223828534-5.exe /rawdata=tpS6hX2v33JMCu0G1nA8DCNFWgqWefuBiEhYoH3lGXALNbbGEuXH1rM50Lu8hoQWIsnBp8YKqgAvfvauQky7SAQhxCncsqWaiKA0h+B6fAEd7jjsJDgKEW/+h81G5K0Bql/IrMipP4fbcWdingr98Zhgf+6NClJu7MbIy2KXiQOTtfWpY7QmSQOb55LrRi8NJIZt56v++ifi/uDOnh0i6narIXWECwZc8WY/fpnszpy258Tsr/QnPLK5i5qjO+NcA+OXTWOQB8NzFJpSZhUBZZKdTF3xIl4z1bcVIF1lS6WKqhCpnl6w1P3b+WprbmOd1/CpMQ1J1R6yRvM0v51JGlbf2nQuC9x5zKIs/CEUpcqSb7iRafFJSmeSPgwyqCyqy/uF3oI2F/30MblNC+Jmb+aU0VUAJVwcW2glUIZjKFcRFJ5B5QYJOWCiBN9xEAgMGes/Gj7asJaVBO8J3gSEbE880v2YlNg4Xxnffh4/7qZEpZx3X1TOqmeRyFYDVAvxsCTYe//nRN7CgA1YcCW424Yzl9X0DwyintHwZGDIld1ZILiIyXdjtJpkx4FneCVCmtS2xTl/QV6l78B6SyQFoKTysag6LcKx31btLoEwQPYBqm9nMRptAwzny4a+7RbVt9wW8toe23SFtEeh7d3qOYZ5LReGWeY/UCS1RvIHlZHCHsoTc1+yAw0BjN21mgvwAuuXhwMB3+Rrx+5x05zihFXr0v/166DVtm50SHf4M0hYUtOIICitY2SL+iofypL2sK218kJcfB8t/7Htl5C2FrtFM3Ewv1D6TXMl6bjqpBpo6tSLMEd7C8UB+5QgUISMSvyAQrb/KiCqeIldKUHOCnE49dMvU5bvU+p/ECQvgps0u7QUKtmVTNfI1slpzev6uv+2yc1jukr+Nk7lS6v2UU74jndYVdE50dMUgiFWS3FDIQkwKMYi1gRtwZK9UyfuMzJPcZBtvtSuTyp0JNlEBPknEzvTKlz4EA4Y9A7ea59+6a6tELh116SWUkfjO631
C:\Windows\tasks\b09351af-629b-405f-86d7-2f3223828534-5_user.job - C:\Program Files (x86)\TheTorntv V10\b09351af-629b-405f-86d7-2f3223828534-5.exe /rawdata=tpS6hX2v33JMCu0G1nA8DCNFWgqWefuBiEhYoH3lGXALNbbGEuXH1rM50Lu8hoQWIsnBp8YKqgAvfvauQky7SAQhxCncsqWaiKA0h+B6fAEd7jjsJDgKEW/+h81G5K0Bql/IrMipP4fbcWdingr98Zhgf+6NClJu7MbIy2KXiQOTtfWpY7QmSQOb55LrRi8NJIZt56v++ifi/uDOnh0i6narIXWECwZc8WY/fpnszpy258Tsr/QnPLK5i5qjO+NcA+OXTWOQB8NzFJpSZhUBZZKdTF3xIl4z1bcVIF1lS6WKqhCpnl6w1P3b+WprbmOd1/CpMQ1J1R6yRvM0v51JGlbf2nQuC9x5zKIs/CEUpcqSb7iRafFJSmeSPgwyqCyqy/uF3oI2F/30MblNC+Jmb+aU0VUAJVwcW2glUIZjKFcRFJ5B5QYJOWCiBN9xEAgMGes/Gj7asJaVBO8J3gSEbE880v2YlNg4Xxnffh4/7qZEpZx3X1TOqmeRyFYDVAvxsCTYe//nRN7CgA1YcCW424Yzl9X0DwyintHwZGDIld1ZILiIyXdjtJpkx4FneCVCmtS2xTl/QV6l78B6SyQFoKTysag6LcKx31btLoEwQPYBqm9nMRptAwzny4a+7RbVt9wW8toe23SFtEeh7d3qOYZ5LReGWeY/UCS1RvIHlZHCHsoTc1+yAw0BjN21mgvwAuuXhwMB3+Rrx+5x05zihFXr0v/166DVtm50SHf4M0hYUtOIICitY2SL+iofypL2sK218kJcfB8t/7Htl5C2FrtFM3Ewv1D6TXMl6bjqpBpo6tSLMEd7C8UB+5QgUISMSvyAQrb/KiCqeIldKUHOCp93kOfh/pvIlUeAR8iHSvPyFGvD3l14kS+5R17j4KEZnuMTv12U9NpGE/6vZh/DU2du/LyiOIYI2jjz8vqMONN6shDhxQsfyR/9rY7WkqD7rDePqgtF879uj5B/RSXcSueoBbkdcPZacRZr15Sk3CQ1e6/UYx9aCdNIAxX0SLnC
C:\Windows\tasks\b09351af-629b-405f-86d7-2f3223828534-6.job - C:\Program Files (x86)\TheTorntv V10\b09351af-629b-405f-86d7-2f3223828534-6.exe /rawdata=NvY4o/Zlp8BJTANrfjGc8/xTxYJyQcUQQzvkSR10p2zu7I+LSg951/FNyfshR4qhwBNhPQ/+DT81bqVyG0WEZF4Ncs0IKB1REZvrp9YXUbk4Rjt0hCLgTo7DmvlIeDECU57ZBhhkiCR8bthOEMSZs8AoHjtfc4bJdwnbh6spwTPFtsvSL0P9uY2naTY+ul8C2e2Glm1f6R0rgcu0TOCUOnR1R7TN60ohJ3PbtwoEWGkpsZnsLl2L9cmYC1cTJL4NE3gSbHRh8Xf+FBXkRlgWwIDEnKYoLj/FNNBoOO6n/lrjei0635DuMXP5cLXPvGTsulOBOl2XO2dCLo4AH0iJsTx32PlbDafJf/PhbiYSjvZZLeb/W72D2s5eXtSTR/uQPZS4Rb/18sxQ0I/v9oJgJGSnn7UD7RqnKRuv19BCggaE8lkInKsXlgHiv5q4ap+zAUlLFSQsYH78KVelhM//RuSrujp2nIL5mIR/hVkDpTYTv4Z/VmtnlBzzZt5PBDLLo+uXcb6vzngOVAYkzBaiKVEexPBmBxa6AZFVoWnrWQqnQgogxmHKZIpzpxobN09L7gbcmoMFEY2mkSJIZsqgpkX/ZJXlVl8oN2k2n7hh8H6lWKB/s82KzHRvFXXX4rE8XT5fAVyIofoxU5ss3933qetCivisIMaEXcM1ASm5fTtrjvDPU+e3McfjSgQxnPWOsteruIp+oX6d+m8YRkXJgiwKmYQj7k8vy9UQm5VD7nQzuzOzJMP+gVhBnODulTjZdYOpRUo1fXTWj2aX9zp/idSGNOvCITpMVlkWcETltI0CblVyYS68WuqF9Zot1E8o0E7x01XVB52eudtFXvTwRLKZ5580sZgLhSNacMcncyBKbP5da/rwk5c6hui9Ga+EGcOabCbikdVoo+ofwUbtL0zlSzVc32rnJps51xni5aT0y2PXVMxHK7lzhIlo2A3GPuPMeZFUlyYxKHhV0qk6Rwf+LzQjcoyzdKf8gjVOwCIuRqwGil7ClFacBRBhBX5JuD/YnArx4itcYZIEsXB4lBI+O94I+FObSRqscNEX1EUjHCyrhDB1Xkq8NxjkwF8MMY5Ja+XysVQAdJJbMrDcXf3EzUzxLpfmSwuidA/X3n++JiWduTnB79gwdsKuwE7i2+TK0ucGM3kwbWgEL3WmOcAjkS/TezLWcYKm0wZd19I6hn2hrmIb4Bq1KorVGB+eSXUCCs/R6uJn+f65Dap4B8XIvhCskfsmJ2uXjyfvaW8OS1CaEfRTWxDWp7dkhIeRHELyBI9yQvEW8eXRUhV/9Mkld8RDqg3rF9i765a8JJRZEZZ8i56CEIphKvGmb0iKjHsJyDIJFq1a2ThqhKsYIQCc8g/t0yo+7kdBjcPAb21OtYG5P3HI+vF0FQD4fDlHl61/0S6fdAcLuUvgc+w2Jd9kE3cYmL3DZ5PDabhlj4zTDzIFg7IwwjPdQ26BzPKHv3xUF/WYB2/dAtavV39HDuzEAJYhe0H3dMEoMJcf1sVDR64wkqjre0hL1PGpDp1G
C:\Windows\tasks\b09351af-629b-405f-86d7-2f3223828534-7.job - C:\Program Files (x86)\TheTorntv V10\b09351af-629b-405f-86d7-2f3223828534-7.exe /rawdata=vr0J469dzU3jP/pV6oYHytAy9npzdTeNrLgUG+XwA/H7Kdoz9urG75QSM7pnrfOpPoRM7xmdrfEDnI+JAJZqAJDHkghNzSZBCwQsuQfvumMiZ0PUC/q0B5b+z9SW03T/NiJxQpG7i7an7KH0NSljEc6svJ+T/XgY7W1DlbnFEuSbf5s5m9L8QmHR08YN5nyr/7mh0tUFIV459UZmoNJfZbuP5Sderzu4KP5eWPEV+rgEG8QHVeO6JtuNNmeRwDe97NAhXKMryFB+iXX1Ps7F2N3dneaDemc/4t8Oy83S48rqi8wNmwaG9YoNomqaRq/Dwo+f1qh7L7xj0kqKVPEWgcBRdTGUMweu/b8LXjL9NeJc6tskVDC4xoC2bcLCTu7Kubu9gx4rkJb9JiV+Kyhj2FH99Q4R9LdRKF0JhKbTkC/3J8KCnhQQKm8s8mShZbPZj0QC3XLu+fo0jltiYwlKcpQXyZg/SpbCb+zWv3GO+QvleyE/tGME9IFP74lmBRWbWyQgjz+lQ4gK9Lrjb7NjGIjzitlfe8JPb3XTJESLQ/Zct0Lo+pCK/LJ1CjP99SStS+j7f/XPNJQcw52TzM+j64ZIzDIHAwfpPMEasOQZJAmh1Xx3tgOp6TTgVOj0FdMMGCwArRKoYVIGGtCns+ZHWQUdeqslsU3+Kd5QobqhR9Wf7Rjin/SiNFJw9ZYcovPMV2622o3D+FcOsGTybgwKqxNxUJ1BQzj5fPycSgO+lAhO3mD3VIhMeEaY18B0S8mY7lxkxv+M3v6SAxh7fdK5iffyZOBlcm9khyhX+I6uwgvME3K0M9OJcuhuNkiSgJJFThwz9jJV0ImdH9r2TwJUg6maKXevJPExkqlAbCnkxxeKB+FeLL4XW7RqZ1M3Ci5iSbQUIPrd/pp1MDRZcbVPMufVhelFGDMV6QR7vKqweAaXWwE+JDzdhEumx/sUcPl/YXd19uoP/EIu3fLqh7YlTWO0Cn4sRACNZ+Prh/Oy0lV2a9RI7KDXEM1bhSCGVtgQRR95NCUN8crUtGOxgNhUB6HiZWwXLTGXJbihf2wr/W7QloKqtJCVljjIFCb2z1nk8xFafnxqukoIwfrg/h3fDyRW4U6OWGtFEWcB9UFyqL6SpIqUFVONJc8UmxwXpVLbrKeHQRj0/2xN0g9Hpfw8qJ2LGkiI+RnFJbxFODgqGaqa8zn1yimKjWqd3YoXAgZixri7fLKxFB830yp7OKYR2PMthwuzHTGorpnoSlaU3a7ET2MCvgCp1xixDB3UZb2Tzip3QD23o7tXPAdlJAa6GdMo8j1CAzH+Mz/HuuuzrxSq0zSUSxbsjIX1QXjAJBfwCRLS1COGS8Fxw3QxpvPXxw==
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2870595826-3786535739-3639980620-1000Core.job - C:\Users\Eliška\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2870595826-3786535739-3639980620-1000UA.job - C:\Users\Eliška\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\ORXAQNY.job - C:\Users\Eli�ka\AppData\Roaming\ORXAQNY.exe /infocmdline=cH6FS22VI7zlBFiii0LkzwUGFOCAQxfCo/oX5rX8rdkJ4TpfUIVrFbgY+khOHIeu39HZ52jnL89W9LbKQ3pemK/lxEp0TWrQnFkY5p0fUfLkztVhIfwBGiB4tMHPaHTCs1Vnlyw3MxGCTPyz6vj9Quiog/f0qG/zprj0sopYoXq9Z0XEbf+igkfvIrE/fCOlONKRMdPolAcRxRW+lHu7LJbzMB+R3CPGpHSyyr5YH244ZJwJM+j/OEQSoC11xyDlZLzc6W7EnHNkEwnywEga/XTSDVLDcG092YpjznBAVp4wTi4OniTNijzKbbsiN2nAr2tEgVgDrr9DKhpnhbUutYsTrbLK851evs1LDs2uFISyPdKRp4SJzCSsHilkV0x3AkRnUORNHL2TQP9GkZl4933PGcCb3q0WlbHH/Z8x4iR7j9W+38+JcHKb8xVbzaSR8avks15RboyKSN822wYLZu2kdQ2HqJdDCrhzF1MFC8KgLRSZEg1O1lS99eFTtC6AqA5POcZgiGcz88A0D/owDv2EW28VYmjIYUpcNAfwwBd8A7nOqSIXtDw3Vqe0JeZHQr6Yp/Ves+OqMM8587Ryv2iCkwpevi6rrr9x9A4crcJfU6S+2xTNAyYBSdpWy9qW1vh9vSUNyhCrdLSjq0PfHww9PoW/hIZdMw4hjfXxM70=
C:\Windows\tasks\YNYESL.job - C:\Users\Eli�ka\AppData\Roaming\YNYESL.exe /infocmdline=rIeOrYSjUEqeXS9PCNYSeeIo2vK+rZvFhq9o5UNplernW5afHKHPGln0XNxpchJEu7aAX4ZMWFqWgQRP97fudbvkMeQSTum8tECeKQ150jIYBjrlgFG6r1w6jCsazDP9OfkWbzLOjD7y3UTFgp+HSzSlZAseZObCxE9sig0BhtJzZxjT6osSTaXMBFGSgkkRJtmEcE+3eEA0oh5Axi/IvAII9tIhl61C7F1XqRMD2XUI4GjTf5j52mF24BKscNEa/nSkmqTbUyFQIz7e272SOppJD0kQDQrHwQ11QzwPThkGUlSPs0lge/JaAd3kwfwX53a36+ZynmvYUMCiSSZQK1Fb5BL2DjwWXq0wuqIyoQpcKYAl/Iti8WfRzM/0cA7gDBVxrQZNslaesdWnri0lYBSukvzr5aETZm6k5289TATnGO99cAAOBOL1WyHGhnpy6JEOt325SNmPM3rywl/WYxin53BuR99kSAphYXSh0NGSd59QJlCSbcQ2Hrd1WTkG

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331111}]
TheTorntv V10 - C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-bho64.dll [2014-09-07 750952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-07 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331111}]
TheTorntv V10 - C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-bho.dll [2014-09-07 556904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
IETabPage Class - C:\Program Files (x86)\SupTab\SupTab.dll [2014-09-07 515464]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59e47ef9-5163-4e82-9c17-3d6f63dda496}]
innoApp - C:\Program Files (x86)\innoApp\innoAppbho.dll [2014-09-07 250136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-07 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-10-13 19549320]
"Google Update"=C:\Users\Eliška\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-03 136176]
"DAEMON Tools Lite"=D:\Programy\DAEMON Tools Lite\DTLite.exe [2012-01-19 3477312]
"ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2012-12-17 59872]
"Badoo Desktop"=C:\ProgramData\Badoo\Badoo Desktop\1.6.55.1183\Badoo.Desktop.exe []
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2013-04-22 720064]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-02-06 43848]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-10-24 421888]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-11-09 343168]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2011-12-09 74752]
"ACSW14EN"=D:\Programy\ACDSee\ACDSee\14.0\ACDSeeInTouch2.exe [2011-11-17 1231472]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-11-02 152392]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-07 4085896]
"OfficeSubscriptionAgent"=C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\osaui.exe [2011-11-16 932160]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]

C:\Users\Eliška\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Eliška\AppData\Roaming\Dropbox\bin\Dropbox.exe
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-08 15:42:58 ----D---- C:\Program Files\trend micro
2014-09-08 15:42:57 ----D---- C:\rsit
2014-09-08 14:15:20 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-09-08 14:15:12 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-09-08 14:15:12 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-09-08 14:15:12 ----A---- C:\Windows\SYSWOW64\java.exe
2014-09-08 14:08:55 ----D---- C:\ProgramData\Package Cache
2014-09-07 19:39:57 ----A---- C:\Windows\system32\drivers\{3c3ae2b4-4a36-40c4-a356-ffc1820b7ece}Gw64.sys
2014-09-07 19:37:04 ----D---- C:\Users\Eliška\AppData\Roaming\Opera Software
2014-09-07 19:36:43 ----D---- C:\Program Files (x86)\Opera
2014-09-07 19:36:16 ----D---- C:\ProgramData\IePluginServices
2014-09-07 19:36:07 ----D---- C:\ProgramData\WindowsMangerProtect
2014-09-07 19:36:05 ----D---- C:\Program Files (x86)\SupTab
2014-09-07 19:34:21 ----D---- C:\Program Files (x86)\innoApp
2014-09-07 19:32:48 ----A---- C:\Users\Eliška\AppData\Roaming\YNYESL.exe
2014-09-07 19:32:10 ----A---- C:\Users\Eliška\AppData\Roaming\ORXAQNY.exe
2014-09-07 19:32:02 ----D---- C:\Program Files (x86)\globalUpdate
2014-09-07 19:32:00 ----D---- C:\Program Files (x86)\TheTorntv V10
2014-09-07 19:30:53 ----D---- C:\Users\Eliška\AppData\Roaming\TornTV.com
2014-08-29 16:11:29 ----A---- C:\Windows\system32\win32k.sys
2014-08-29 16:11:28 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-29 16:11:28 ----A---- C:\Windows\system32\gdi32.dll
2014-08-27 10:58:30 ----A---- C:\Windows\system32\wups2.dll
2014-08-27 10:58:30 ----A---- C:\Windows\system32\wucltux.dll
2014-08-27 10:58:30 ----A---- C:\Windows\system32\wuauclt.exe
2014-08-27 10:58:29 ----A---- C:\Windows\system32\wuaueng.dll
2014-08-27 10:58:02 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-08-27 10:58:02 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-08-27 10:58:02 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-08-27 10:58:02 ----A---- C:\Windows\system32\wups.dll
2014-08-27 10:58:02 ----A---- C:\Windows\system32\wudriver.dll
2014-08-27 10:58:02 ----A---- C:\Windows\system32\wuapi.dll
2014-08-27 10:57:34 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-08-27 10:57:34 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-08-27 10:57:34 ----A---- C:\Windows\system32\wuwebv.dll
2014-08-27 10:57:34 ----A---- C:\Windows\system32\wuapp.exe
2014-08-23 03:58:23 ----ASH---- C:\pagefile.sys
2014-08-23 03:34:16 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-08-23 03:30:57 ----D---- C:\Windows\Migration
2014-08-23 03:03:04 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-23 03:03:04 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-08-23 03:03:04 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-23 03:03:04 ----A---- C:\Windows\system32\icardagt.exe
2014-08-23 03:03:02 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-08-23 03:03:02 ----A---- C:\Windows\system32\icardres.dll
2014-08-23 03:02:38 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-23 03:02:37 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-22 13:53:59 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-08-22 13:53:59 ----A---- C:\Windows\system32\tzres.dll
2014-08-22 13:51:57 ----A---- C:\Windows\system32\msi.dll
2014-08-22 13:51:56 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-22 13:51:56 ----A---- C:\Windows\system32\authui.dll
2014-08-22 13:51:55 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-22 13:51:55 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-08-22 13:51:55 ----A---- C:\Windows\system32\msihnd.dll
2014-08-22 13:51:55 ----A---- C:\Windows\system32\consent.exe
2014-08-22 13:51:40 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-08-22 13:51:40 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-08-22 13:51:40 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-08-22 13:51:39 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-08-22 13:51:39 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-22 13:51:39 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-08-22 13:51:39 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-08-22 13:51:39 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-22 13:51:39 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-08-22 13:51:38 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-08-22 13:51:38 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-08-22 13:51:37 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-08-22 13:51:37 ----A---- C:\Windows\system32\iernonce.dll
2014-08-22 13:51:37 ----A---- C:\Windows\system32\ie4uinit.exe
2014-08-22 13:51:36 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-08-22 13:51:36 ----A---- C:\Windows\system32\urlmon.dll
2014-08-22 13:51:35 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-08-22 13:51:35 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-08-22 13:51:35 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-08-22 13:51:35 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-08-22 13:51:34 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-08-22 13:51:34 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-08-22 13:51:34 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-22 13:51:34 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-22 13:51:33 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-08-22 13:51:32 ----A---- C:\Windows\system32\iesetup.dll
2014-08-22 13:51:32 ----A---- C:\Windows\system32\iedkcs32.dll
2014-08-22 13:51:31 ----A---- C:\Windows\system32\iertutil.dll
2014-08-22 13:51:30 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-08-22 13:51:30 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-08-22 13:51:29 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-08-22 13:51:29 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-08-22 13:51:29 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-08-22 13:51:28 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-08-22 13:51:28 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-22 13:51:26 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-08-22 13:51:26 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-08-22 13:51:25 ----A---- C:\Windows\system32\ieui.dll
2014-08-22 13:51:25 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-22 13:51:24 ----A---- C:\Windows\system32\ieframe.dll
2014-08-22 13:51:23 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-08-22 13:51:23 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-22 13:51:23 ----A---- C:\Windows\system32\jscript9diag.dll
2014-08-22 13:51:23 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-22 13:51:22 ----A---- C:\Windows\system32\vbscript.dll
2014-08-22 13:51:22 ----A---- C:\Windows\system32\jscript9.dll
2014-08-22 13:51:22 ----A---- C:\Windows\system32\ieapfltr.dll
2014-08-22 13:51:21 ----A---- C:\Windows\system32\wininet.dll
2014-08-22 13:51:20 ----A---- C:\Windows\system32\msrating.dll
2014-08-22 13:51:20 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-08-22 13:51:18 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-22 13:51:18 ----A---- C:\Windows\system32\mshtml.dll
2014-08-19 10:45:08 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-08-19 10:45:08 ----A---- C:\Windows\system32\shell32.dll
2014-08-19 09:24:43 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-19 09:24:43 ----A---- C:\Windows\system32\rpcrt4.dll
2014-08-19 09:24:09 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-19 09:22:32 ----A---- C:\Windows\system32\aepdu.dll
2014-08-19 09:22:29 ----A---- C:\Windows\system32\aeinv.dll

======List of files/folders modified in the last 1 month======

2014-09-08 15:43:02 ----D---- C:\Windows\Prefetch
2014-09-08 15:42:59 ----D---- C:\Windows\Temp
2014-09-08 15:42:58 ----D---- C:\Program Files
2014-09-08 15:26:32 ----D---- C:\Users\Eliška\AppData\Roaming\Skype
2014-09-08 15:02:38 ----D---- C:\Windows\system32\config
2014-09-08 14:51:06 ----SHD---- C:\System Volume Information
2014-09-08 14:18:34 ----D---- C:\Users\Eliška\AppData\Roaming\Origin
2014-09-08 14:18:34 ----D---- C:\ProgramData\Origin
2014-09-08 14:17:41 ----D---- C:\Program Files (x86)\Origin
2014-09-08 14:15:46 ----D---- C:\ProgramData\Oracle
2014-09-08 14:15:36 ----D---- C:\Windows\system32\Tasks
2014-09-08 14:15:28 ----SHD---- C:\Windows\Installer
2014-09-08 14:15:27 ----D---- C:\Program Files (x86)\Common Files
2014-09-08 14:15:20 ----D---- C:\Windows\SysWOW64
2014-09-08 14:15:11 ----D---- C:\Program Files (x86)\Java
2014-09-08 14:09:13 ----D---- C:\Windows\System32
2014-09-08 14:08:55 ----HD---- C:\ProgramData
2014-09-08 14:02:43 ----D---- C:\Windows\inf
2014-09-08 14:02:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-08 13:56:25 ----D---- C:\Users\Eliška\AppData\Roaming\Dropbox
2014-09-07 20:28:27 ----A---- C:\Windows\win.ini
2014-09-07 20:17:58 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-09-07 19:40:56 ----D---- C:\Users\Eliška\AppData\Roaming\uTorrent
2014-09-07 19:39:57 ----D---- C:\Windows\system32\drivers
2014-09-07 19:36:43 ----RD---- C:\Program Files (x86)
2014-09-07 19:33:56 ----D---- C:\Windows\Tasks
2014-08-30 03:20:57 ----D---- C:\Windows\system32\catroot2
2014-08-30 03:19:49 ----D---- C:\Windows\winsxs
2014-08-29 19:06:44 ----D---- C:\Windows
2014-08-29 16:09:13 ----D---- C:\Windows\system32\catroot
2014-08-29 16:00:47 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-08-29 16:00:47 ----D---- C:\Windows\system32\cs-CZ
2014-08-27 03:21:41 ----D---- C:\Windows\Microsoft.NET
2014-08-23 04:14:07 ----RSD---- C:\Windows\assembly
2014-08-23 03:56:23 ----D---- C:\Windows\SYSWOW64\en-US
2014-08-23 03:56:23 ----D---- C:\Windows\system32\en-US
2014-08-23 03:56:23 ----D---- C:\Windows\PolicyDefinitions
2014-08-23 03:56:23 ----D---- C:\Program Files\Internet Explorer
2014-08-23 03:56:22 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-23 03:38:30 ----D---- C:\ProgramData\Microsoft Help
2014-08-23 03:30:57 ----SD---- C:\ProgramData\Microsoft
2014-08-23 03:21:08 ----D---- C:\Windows\system32\MRT
2014-08-23 03:12:13 ----A---- C:\Windows\system32\MRT.exe
2014-08-19 10:46:08 ----SD---- C:\Windows\system32\CompatTel
2014-08-19 10:46:08 ----D---- C:\Windows\ehome

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-08-07 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-08-07 224896]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 {3c3ae2b4-4a36-40c4-a356-ffc1820b7ece}Gw64;{3c3ae2b4-4a36-40c4-a356-ffc1820b7ece}Gw64; C:\Windows\system32\drivers\{3c3ae2b4-4a36-40c4-a356-ffc1820b7ece}Gw64.sys [2014-09-07 61112]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-03-07 22600]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-08-07 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-08-07 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-08-07 427360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-05 283200]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-08-07 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-08-07 79184]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-08-07 92008]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-11-10 325632]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-10-17 93712]
S3 cpuz135;cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys []
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2013-07-25 23040]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-05-18 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-05-18 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-05-18 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-05-18 9216]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-11-10 204288]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-01-07 43336]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-08-07 50344]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IePluginServices;IePlugin Services; C:\ProgramData\IePluginServices\PluginService.exe [2014-09-07 715656]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 msoidsvc;Microsoft Online Services Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2012-05-17 2079520]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-30 935208]
R2 osubsvc;Agent odběrů systému Microsoft Office 2010; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\osa.exe [2011-11-16 493384]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
R2 Update innoApp;Update innoApp; C:\Program Files (x86)\innoApp\updateinnoApp.exe [2014-09-07 323352]
R2 WindowsMangerProtect;WindowsMangerProtect Service; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [2014-09-07 528896]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 641352]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-09-07 68608]
S2 trntv;Torntv Downloader; C:\Users\Eliška\AppData\Roaming\TornTV.com\TornTVSvc.exe []
S2 Util innoApp;Util innoApp; C:\Program Files (x86)\innoApp\bin\utilinnoApp.exe [2014-09-08 323352]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-28 262320]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-12-09 135584]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-09-07 68608]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-14 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Eliçka on po 08.09.2014 at 16:13:06,09
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2786678
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611331111}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C585717B-31E7-435D-9206-4805D6F0C0CC}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Eliçka\AppData\Roaming\torntv.com"
Successfully deleted: [Folder] "C:\Users\Eliçka\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Eliçka\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Users\Eliçka\AppData\Roaming\microsoft\windows\start menu\programs\torntv.com"
Successfully deleted: [Folder] "C:\ProgramData\ask"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 08.09.2014 at 16:23:23,69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



# AdwCleaner v3.309 - Report created 08/09/2014 at 16:25:35
# Updated 02/09/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Eliška - ELIŠKA-PC
# Running from : C:\Users\Eliška\Desktop\adwcleaner_3.309.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : IePluginServices
Service Deleted : WindowsMangerProtect
Service Deleted : {3c3ae2b4-4a36-40c4-a356-ffc1820b7ece}Gw64

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Users\Eliška\AppData\Local\Conduit
Folder Deleted : C:\Users\Eliška\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Eliška\AppData\Roaming\Mozilla\Firefox\Profiles\6bin9i69.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Deleted : C:\Users\Eliška\AppData\Roaming\Mozilla\Firefox\Profiles\d2cpjgty.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
File Deleted : C:\Windows\System32\drivers\{3c3ae2b4-4a36-40c4-a356-ffc1820b7ece}Gw64.sys
File Deleted : C:\Users\Eliška\AppData\Roaming\Mozilla\Firefox\Profiles\6bin9i69.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Eliška\AppData\Roaming\Mozilla\Firefox\Profiles\d2cpjgty.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Eliška\AppData\Roaming\Mozilla\Firefox\Profiles\1g6mf265.default\user.js
File Deleted : C:\Users\Eliška\AppData\Roaming\Mozilla\Firefox\Profiles\6bin9i69.default\user.js
File Deleted : C:\Users\Eliška\AppData\Roaming\Mozilla\Firefox\Profiles\d2cpjgty.default\user.js
File Deleted : C:\Users\Eliška\AppData\Roaming\Mozilla\Firefox\Profiles\mfz53bt0.default\user.js
File Deleted : C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx
File Deleted : C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Eliška\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Eliška\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\istartsurfSoftware
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\supWPM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v

[ File : C:\Users\Eliška\AppData\Roaming\Mozilla\Firefox\Profiles\1g6mf265.default\prefs.js ]


[ File : C:\Users\Eliška\AppData\Roaming\Mozilla\Firefox\Profiles\6bin9i69.default\prefs.js ]

Line Deleted : user_pref("icqtoolbar.skip_default_search", "yes");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://start.icq.com/skins7/");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.showPc", false);

[ File : C:\Users\Eliška\AppData\Roaming\Mozilla\Firefox\Profiles\d2cpjgty.default\prefs.js ]

Line Deleted : user_pref("icqtoolbar.skip_default_search", "yes");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://start.icq.com/skins7/");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.showPc", false);

[ File : C:\Users\Eliška\AppData\Roaming\Mozilla\Firefox\Profiles\mfz53bt0.default\prefs.js ]

Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
Line Deleted : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
Line Deleted : user_pref("icqtoolbar.showPc", false);

-\\ Google Chrome v

[ File : C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}
Deleted [Search Provider] : hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=icq-fx-plug&q={searchTerms}&ch_id=icq-fx-plug
Deleted [Search Provider] : hxxp://www.daemon-search.com/search/web?q={searchTerms}
Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=ff&src=crm&tb=ATU3&o=15380&locale=en_EU&apn_uid=b62221b8-fb74-4c9e-a4f9-8e403788e468&apn_ptnrs=UJ&apn_sauid=94DBCBEC-BB1F-4A8D-963A-4E0561433772&apn_dtid=YYYYYYYYCZ&q={searchTerms}&
Deleted [Extension] : bejbohlohkkgompgecdcbbglkpjfjgdj
Deleted [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma

*************************

AdwCleaner[R0].txt - [15434 octets] - [08/09/2014 16:24:07]
AdwCleaner[S0].txt - [13683 octets] - [08/09/2014 16:25:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13744 octets] ##########

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Zoek.exe v5.0.0.0 Updated 08-September-2014
Tool run by Eliçka on po 08.09.2014 at 16:48:19,73.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\ELIKA~1\Desktop\zoek (1).exe [Scan all users] [Script inserted]

==== System Restore Info ======================

8.9.2014 16:49:23 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util innoApp deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util innoApp deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util innoApp deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util innoApp deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update innoApp deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update innoApp deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update innoApp deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update innoApp deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\ELIKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\1g6mf265.default\prefs.js:

Added to C:\Users\ELIKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\1g6mf265.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\ELIKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\6bin9i69.default\prefs.js:
user_pref("browser.search.defaultenginename", "ICQ Search");
user_pref("browser.search.selectedEngine", "ICQ Search");

Added to C:\Users\ELIKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\6bin9i69.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\ELIKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\d2cpjgty.default\prefs.js:
user_pref("browser.search.defaultenginename", "ICQ Search");
user_pref("browser.search.selectedEngine", "ICQ Search");

Added to C:\Users\ELIKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\d2cpjgty.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\ELIKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\mfz53bt0.default\prefs.js:

Added to C:\Users\ELIKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\mfz53bt0.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\ELIKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\1g6mf265.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_08.09.2014_1703_.backup

ProfilePath: C:\Users\ELIKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\6bin9i69.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_08.09.2014_1703_.backup

ProfilePath: C:\Users\ELIKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\d2cpjgty.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_08.09.2014_1703_.backup

ProfilePath: C:\Users\ELIKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\mfz53bt0.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_08.09.2014_1703_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~3\Package Cache deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\PROGRA~2\innoApp deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [07.08.2014 03:03]

==== Firefox Extensions ======================

ProfilePath: C:\Users\ELIKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\d2cpjgty.default
- Undetermined - C:\Program Files (x86)\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}

ProfilePath: C:\Users\ELIKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\mfz53bt0.default
- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

==== Firefox Plugins ======================


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[07.08.2014 03:03]

Angry Birds - ELIKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj
Seznam Li\u0161ti\u010Dka - Email - ELIKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam Li\u0161ti\u010Dka - Slovn\u00EDk - ELIKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Facebook Colour Changer - ELIKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpllmoilcakpgbeodibeifcfnndoheam
P\u0159ep\u00EDn\u00E1n\u00ED Mapy.cz a Google Maps\u2122 - ELIKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghjhjccnjnjmklfmgohipnifagbaaee
iPiccy Photo Editor - ELIKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\imokeandodnlammaoenbgcnbhigjbpjh
Mahjong Solitaire - ELIKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\neojceinbonpjjcokpokpeobkhcpiloc
Superstitious App - ELIKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkdfgmoncjbgdkjdmmdocgpoalhgjnck
Facebook Notifications - ELIKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo
Seznam Lištička - Rychlá volba - ELIKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
Rollip - Photo Effects - ELIKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooikhmcdpofogemaldinihdhidaokcmp
20-20 3D Viewer for IKEA - ELIKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp

==== Chromium Startpages ======================

C:\Users\ELIKA~1\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.seznam.cz/",
"startup_urls": [ "http://www.seznam.cz/" ],


==== Chrome Fix ======================

C:\Users\ELIKA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Users\ELIKA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\ELIKA~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\ELIKA~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ELIKA~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ELIKA~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\ELIKA~1\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ELIKA~1\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\ELIKA~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=19 folders=16 13611629 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\ELIKA~1\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\ELIKA~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on po 08.09.2014 at 17:10:57,73 ======================

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-09-2014 01
Ran by Eliška at 2014-09-08 19:08:57
Running from C:\Users\Eliška\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Nero SoundTrax Help (x32 Version: 4.0.15.0 - Nero AG) Hidden
µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30488 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ACDSee 14 (HKLM-x32\...\{6F5A71BD-9EC9-4A59-BFBD-CA63CFB4885D}) (Version: 14.2.157 - ACD Systems International Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.6.0.6090 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 3 64-bit (HKLM\...\{1387BA33-3FAC-49E9-B545-0E8D3BBC550B}) (Version: 3.0.2 - Adobe)
Adobe Reader X (10.1.11) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
AMD Catalyst Install Manager (HKLM\...\{0BD776F3-057D-4C11-020C-4FA9B13D04F9}) (Version: 3.0.855.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.61109.2218 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2011.1109.2212.39826 - Název společnosti:) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.1109.2212.39826 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.1109.2212.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2011.1109.2212.39826 - Advanced Micro Devices, Inc.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.2.0287 - DT Soft Ltd)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version: - Microsoft)
DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
iCloud (HKLM\...\{D0CB24F4-084F-40DE-B6B9-A03626E682F0}) (Version: 2.1.1.3 - Apple Inc.)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Menu Templates - Starter Kit (x32 Version: 9.0.4.0 - Nero AG) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Czech) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (Czech) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office Subscription (Czech) 2010 (x32 Version: 14.0.6114.5000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSSUB) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus Subscription 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Online Services Logonassistent (HKLM\...\{46E637E2-AC34-4B45-B5DF-D20903A3DB61}) (Version: 7.250.4303.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Templates - Starter Kit (x32 Version: 9.0.4.0 - Nero AG) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 (HKLM-x32\...\{ad9cab9a-14bf-4fb4-9397-8bb65be5d97c}) (Version: - Nero AG)
Nero BurningROM (x32 Version: 9.0.0.0 - Nero AG) Hidden
Nero BurnRights (x32 Version: 2.99.6.100 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 0.0.0.1 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero CoverDesigner (x32 Version: 4.0.5.100 - Nero AG) Hidden
Nero CoverDesigner Help (x32 Version: 4.0.0.0 - Nero AG) Hidden
Nero Disc Copy Gadget (x32 Version: 1.53.0.0 - Nero AG) Hidden
Nero Disc Copy Gadget Help (x32 Version: 2.0.0.0 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 4.99.5.105 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 3.99.5.105 - Nero AG) Hidden
Nero Express (x32 Version: 9.0.0.0 - Nero AG) Hidden
Nero InfoTool (x32 Version: 5.99.5.105 - Nero AG) Hidden
Nero Installer (x32 Version: 2.0.0.1 - Nero AG) Hidden
Nero Live (x32 Version: 1.0.164.0 - Nero AG) Hidden
Nero Live Help (x32 Version: 1.0.162.0 - Nero AG) Hidden
Nero PhotoSnap (x32 Version: 1.53.2.0 - Nero AG) Hidden
Nero PhotoSnap Help (x32 Version: 1.53.2.0 - Nero AG) Hidden
Nero Recode (x32 Version: 3.53.0.0 - Nero AG) Hidden
Nero Recode Help (x32 Version: 3.53.0.0 - Nero AG) Hidden
Nero Rescue Agent (x32 Version: 1.99.0.1 - Nero AG) Hidden
Nero RescueAgent Help (x32 Version: 1.99.0.1 - Nero AG) Hidden
Nero ShowTime (x32 Version: 4.99.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.0.10.100 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.0.0.0 - Nero AG) Hidden
Nero Vision (x32 Version: 0.0.0.1 - Nero AG) Hidden
Nero Vision (x32 Version: 6.0.6.100 - Nero AG) Hidden
Nero WaveEditor (x32 Version: 5.0.18.0 - Nero AG) Hidden
Nero WaveEditor Help (x32 Version: 5.0.15.0 - Nero AG) Hidden
NeroBurningROM (x32 Version: 9.0.9.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.0.9.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
rajče průvodce verze 1.59.45.260 (HKLM-x32\...\rajče.net_is1) (Version: - rajče.net)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Skype™ 5.5 (HKLM-x32\...\{F1CECE09-7CBE-4E98-B435-DA87CDA86167}) (Version: 5.5.124 - Skype Technologies S.A.)
SoundTrax (x32 Version: 4.0.18.0 - Nero AG) Hidden
Switch (HKLM-x32\...\Switch) (Version: - NCH Swift Sound)
System Requirements Lab Detection (HKLM-x32\...\{C454398F-37B2-4CE1-9C4D-E95B1450FF08}) (Version: 2.0.0.0 - Husdawg, LLC)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSSUB_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSSUB_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSSUB_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSSUB_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSSUB_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSSUB_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}_Office14.PROPLUSSUB_{D02AE7ED-5B00-4251-B7D5-F9590899EEEA}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}_Office14.PROPLUSSUB_{7F5448C9-AC6C-41E4-8C35-66288813014C}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSSUB_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
Winamp (HKLM-x32\...\Winamp) (Version: 5.623 - Nullsoft, Inc)
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2870595826-3786535739-3639980620-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Eliška\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2870595826-3786535739-3639980620-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Eliška\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2870595826-3786535739-3639980620-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Eliška\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2870595826-3786535739-3639980620-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Eliška\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2870595826-3786535739-3639980620-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eliška\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2870595826-3786535739-3639980620-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eliška\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2870595826-3786535739-3639980620-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eliška\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2870595826-3786535739-3639980620-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eliška\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2870595826-3786535739-3639980620-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eliška\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2870595826-3786535739-3639980620-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eliška\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2870595826-3786535739-3639980620-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eliška\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2870595826-3786535739-3639980620-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eliška\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2870595826-3786535739-3639980620-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Eliška\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

08-09-2014 15:28:47 Installed System Requirements Lab Detection

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-09-08 16:49 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {12A8C946-93EE-4274-8643-6CBEED1A4EB7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2870595826-3786535739-3639980620-1000Core => C:\Users\Eliška\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-03] (Google Inc.)
Task: {2A13B2D9-50F1-4D05-A8F1-BC713A4F0A2E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3527054F-3807-4CDD-8AD1-0D4DB9A9095B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2870595826-3786535739-3639980620-1000UA => C:\Users\Eliška\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-03] (Google Inc.)
Task: {4F2240FA-D0CF-4ADA-BE67-C42CFB27FB28} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-07] (AVAST Software)
Task: {CABD8A46-21CC-4D2B-AB60-770D77582D52} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-28] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2870595826-3786535739-3639980620-1000Core.job => C:\Users\Eliaka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2870595826-3786535739-3639980620-1000UA.job => C:\Users\Eliaka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ORXAQNY.job => C:\Users\Eliý˙ka\AppData\Roaming\ORXAQNY.exe
Task: C:\Windows\Tasks\YNYESL.job => C:\Users\Eliý˙ka\AppData\Roaming\YNYESL.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-11-09 23:10 - 2011-11-09 23:10 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-08-07 03:03 - 2014-08-07 03:03 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-08 13:58 - 2014-09-08 13:58 - 02845184 _____ () C:\Program Files\AVAST Software\Avast\defs\14090800\algo.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-09-08 18:30 - 2014-09-08 18:30 - 00043008 _____ () c:\users\elika~1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpklptun.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Eliška\AppData\Roaming\Dropbox\bin\libcef.dll
2014-08-07 03:03 - 2014-08-07 03:03 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/08/2014 07:07:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (09/08/2014 07:07:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (09/08/2014 06:42:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (09/08/2014 06:42:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (09/08/2014 06:36:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (09/08/2014 06:36:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (09/08/2014 06:34:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (09/08/2014 06:34:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (09/08/2014 06:32:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (09/08/2014 06:32:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."


System errors:
=============
Error: (09/08/2014 06:29:19 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (17:43:33, ‎8.‎9.‎2014) bylo neočekávané.

Error: (09/08/2014 05:03:00 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (09/08/2014 05:02:59 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (09/08/2014 05:02:59 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (09/08/2014 05:02:58 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (09/08/2014 05:02:58 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (09/08/2014 05:02:57 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (09/08/2014 05:02:57 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (09/08/2014 05:02:56 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (09/08/2014 05:02:56 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


Microsoft Office Sessions:
=========================
Error: (09/08/2014 07:07:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (09/08/2014 07:07:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (09/08/2014 06:42:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (09/08/2014 06:42:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (09/08/2014 06:36:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (09/08/2014 06:36:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (09/08/2014 06:34:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (09/08/2014 06:34:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (09/08/2014 06:32:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (09/08/2014 06:32:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 45%
Total physical RAM: 3583.18 MB
Available physical RAM: 1943.18 MB
Total Pagefile: 7164.54 MB
Available Pagefile: 5253.82 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:48.74 GB) (Free:6.21 GB) NTFS
Drive d: (data) (Fixed) (Total:249.25 GB) (Free:80.41 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 892C1AF7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=48.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=249.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Jeste dejte log FRST.txt

Musel sem to pustit znovu, predtim se mi neudelal ten frst log, takze nove tady:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2014 01
Ran by Eliška (administrator) on ELIŠKA-PC on 08-09-2014 19:08:03
Running from C:\Users\Eliška\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\osa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVCM.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Dropbox, Inc.) C:\Users\Eliška\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(ACD Systems) D:\Programy\ACDSee\ACDSee\14.0\ACDSeeInTouch2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\osaui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(forum.viry.cz) C:\Users\Eliška\Downloads\FRSTLauncher.exe
(Google Inc.) C:\Users\Eliška\AppData\Local\Google\Update\GoogleUpdate.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-11-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)
HKLM-x32\...\Run: [ACSW14EN] => D:\Programy\ACDSee\ACDSee\14.0\ACDSeeInTouch2.exe [1231472 2011-11-17] (ACD Systems)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-07] (AVAST Software)
HKLM-x32\...\Run: [OfficeSubscriptionAgent] => C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\osaui.exe [932160 2011-11-16] (Microsoft Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-2870595826-3786535739-3639980620-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [19549320 2011-10-13] (Skype Technologies S.A.)
HKU\S-1-5-21-2870595826-3786535739-3639980620-1000\...\Run: [Google Update] => "C:\Users\Eliaka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-2870595826-3786535739-3639980620-1000\...\Run: [DAEMON Tools Lite] => D:\Programy\DAEMON Tools Lite\DTLite.exe [3477312 2012-01-19] (DT Soft Ltd)
HKU\S-1-5-21-2870595826-3786535739-3639980620-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59872 2012-12-17] (Apple Inc.)
HKU\S-1-5-21-2870595826-3786535739-3639980620-1000\...\Run: [Badoo Desktop] => C:\ProgramData\Badoo\Badoo Desktop\1.6.55.1183\Badoo.Desktop.exe
HKU\S-1-5-21-2870595826-3786535739-3639980620-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
Startup: C:\Users\Eliška\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Eliška\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Eliška\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-11]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR NewTab: Default -> "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSearchKeyword: Default -> C9B99788914330A55D42D85E585A298DB00A8DE38C1F26911D2A8DBD5CC2ECCB
CHR DefaultSearchProvider: Default -> 61E215D60B9FCD7FF356E604696A4DDA0E23E99A32C630E89746014E4F83294E
CHR DefaultSearchURL: Default -> D8F602532CFD352FA5F500B87A80479610C0E9E248171896A279FB69786807EB
CHR Profile: C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-08]
CHR Extension: (Dokumenty Google) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-08]
CHR Extension: (Disk Google) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-08]
CHR Extension: (YouTube) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-03]
CHR Extension: (Vyhledávání Google) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-03]
CHR Extension: (Tabulky Google) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-08]
CHR Extension: (Word Online) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2014-09-08]
CHR Extension: (avast! Online Security) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-08-12]
CHR Extension: (Peněženka Google) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-09-08]
CHR Extension: (Slinky Glamour) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\phcgjdgneipghoeikoeenifpknfkjpil [2014-09-08]
CHR Extension: (Gmail) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-07]
CHR StartMenuInternet: Google Chrome - C:\Users\Eliška\AppData\Local\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-07] (AVAST Software)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 msoidsvc; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2079520 2012-05-17] (Microsoft Corp.)
R2 osubsvc; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\osa.exe [493384 2011-11-16] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-07] ()
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-03-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-07] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-07] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-05] (DT Soft Ltd)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-08 19:08 - 2014-09-08 19:08 - 00016008 _____ () C:\Users\Eliška\Desktop\FRST.txt
2014-09-08 19:07 - 2014-09-08 19:08 - 00000000 ____D () C:\FRST
2014-09-08 19:07 - 2014-09-08 19:07 - 00112640 _____ (forum.viry.cz) C:\Users\Eliška\Downloads\FRSTLauncher.exe
2014-09-08 17:29 - 2014-09-08 17:29 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-09-08 17:28 - 2014-09-08 17:28 - 00667648 _____ () C:\Users\Eliška\Downloads\Detection.msi
2014-09-08 17:27 - 2014-09-08 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-08 17:27 - 2014-09-08 17:26 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-08 17:27 - 2014-09-08 17:26 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-09-08 17:27 - 2014-09-08 17:26 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-09-08 17:27 - 2014-09-08 17:26 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-08 17:20 - 2014-09-08 17:20 - 00918440 _____ (Oracle Corporation) C:\Users\Eliška\Downloads\chromeinstall-7u67.exe
2014-09-08 17:07 - 2014-09-08 16:48 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-08 16:49 - 2014-09-08 17:10 - 00014543 _____ () C:\zoek-results.log
2014-09-08 16:48 - 2014-09-08 17:05 - 00000000 ____D () C:\zoek_backup
2014-09-08 16:48 - 2014-09-08 16:48 - 01288704 _____ () C:\Users\Eliška\Desktop\zoek (1).exe
2014-09-08 16:47 - 2014-09-08 16:47 - 01287719 _____ () C:\Users\Eliška\Desktop\zoek.exe
2014-09-08 16:25 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-08 16:24 - 2014-09-08 16:25 - 00000000 ____D () C:\AdwCleaner
2014-09-08 16:23 - 2014-09-08 16:23 - 00002995 _____ () C:\Users\Eliška\Desktop\JRT.txt
2014-09-08 16:13 - 2014-09-08 16:13 - 00000000 ____D () C:\Windows\ERUNT
2014-09-08 16:12 - 2014-09-08 16:12 - 01370467 _____ () C:\Users\Eliška\Desktop\adwcleaner_3.309.exe
2014-09-08 16:12 - 2014-09-08 16:12 - 01016261 _____ (Thisisu) C:\Users\Eliška\Desktop\JRT.exe
2014-09-08 15:58 - 2014-09-08 15:58 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-08 15:58 - 2014-09-08 15:58 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-09-08 15:42 - 2014-09-08 15:43 - 00000000 ____D () C:\rsit
2014-09-08 15:42 - 2014-09-08 15:43 - 00000000 ____D () C:\Program Files\trend micro
2014-09-08 15:42 - 2014-09-08 15:42 - 01222144 _____ () C:\Users\Eliška\Desktop\RSITx64.exe
2014-09-08 15:41 - 2014-09-08 15:41 - 00112640 _____ (forum.viry.cz) C:\Users\Eliška\Desktop\Nepotvrzeno 106847.crdownload
2014-09-08 15:39 - 2014-09-08 15:40 - 02105344 _____ (Farbar) C:\Users\Eliška\Desktop\FRST64.exe
2014-09-08 14:15 - 2014-09-08 14:15 - 00003368 _____ () C:\Windows\System32\Tasks\{C63D91A1-47F5-494F-AFEB-15ECBB5A6D5D}
2014-09-08 14:13 - 2014-09-08 14:15 - 00004145 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-07 19:50 - 2014-09-07 19:50 - 00000000 __SHD () C:\Users\Eliška\AppData\Local\EmieUserList
2014-09-07 19:50 - 2014-09-07 19:50 - 00000000 __SHD () C:\Users\Eliška\AppData\Local\EmieSiteList
2014-09-07 19:37 - 2014-09-07 19:50 - 00000000 ____D () C:\Users\Eliška\AppData\Roaming\Opera Software
2014-09-07 19:37 - 2014-09-07 19:50 - 00000000 ____D () C:\Users\Eliška\AppData\Local\Opera Software
2014-09-07 19:36 - 2014-09-07 19:50 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-09-07 19:32 - 2014-09-07 19:32 - 01899368 _____ (esc) C:\Users\Eliška\AppData\Roaming\ORXAQNY.exe
2014-09-07 19:32 - 2014-09-07 19:32 - 01450856 _____ (esc) C:\Users\Eliška\AppData\Roaming\YNYESL.exe
2014-09-07 19:32 - 2014-09-07 19:32 - 00001688 _____ () C:\Windows\Tasks\ORXAQNY.job
2014-09-07 19:32 - 2014-09-07 19:32 - 00001342 _____ () C:\Windows\Tasks\YNYESL.job
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Eliška\AppData\Roaming\YNYESL
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Eliška\AppData\Roaming\ORXAQNY
2014-08-29 16:11 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-29 16:11 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-29 16:11 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 10:58 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-27 10:58 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-27 10:58 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-27 10:58 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-27 10:58 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-27 10:58 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-27 10:58 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-27 10:58 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-27 10:58 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-27 10:58 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-27 10:57 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-27 10:57 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-27 10:57 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-27 10:57 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-26 14:14 - 2014-08-26 14:14 - 00000000 ____D () C:\Users\Eliška\Desktop\Verči svatba 2014
2014-08-23 03:34 - 2014-08-27 03:04 - 01559340 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-23 03:03 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-23 03:03 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-23 03:03 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-23 03:03 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-23 03:03 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-23 03:03 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-23 03:02 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-23 03:02 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-22 13:53 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-22 13:53 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-22 13:51 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-22 13:51 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-22 13:51 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-22 13:51 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-22 13:51 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-22 13:51 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-22 13:51 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-22 13:51 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-22 13:51 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-22 13:51 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-22 13:51 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-22 13:51 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-22 13:51 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-22 13:51 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-22 13:51 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-22 13:51 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-22 13:51 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-22 13:51 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-22 13:51 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-22 13:51 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-22 13:51 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-22 13:51 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-22 13:51 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-22 13:51 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-22 13:51 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-22 13:51 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-22 13:51 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-22 13:51 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-22 13:51 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-22 13:51 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-22 13:51 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-22 13:51 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-22 13:51 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-22 13:51 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-22 13:51 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-22 13:51 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-22 13:51 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-22 13:51 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-22 13:51 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-22 13:51 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-22 13:51 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-22 13:51 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-22 13:51 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-22 13:51 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-22 13:51 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-22 13:51 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-22 13:51 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-22 13:51 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-22 13:51 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-22 13:51 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-22 13:51 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-22 13:51 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-22 13:51 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-22 13:51 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-22 13:51 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-22 13:51 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-22 13:51 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-22 13:51 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-22 13:51 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-22 13:51 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-22 13:51 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-22 13:51 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-22 13:51 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-19 10:45 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-19 10:45 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-19 09:24 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-19 09:24 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-19 09:24 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-19 09:22 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-19 09:22 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-08 19:08 - 2014-09-08 19:08 - 00016008 _____ () C:\Users\Eliška\Desktop\FRST.txt
2014-09-08 19:08 - 2014-09-08 19:07 - 00000000 ____D () C:\FRST
2014-09-08 19:08 - 2012-02-03 15:57 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2870595826-3786535739-3639980620-1000UA.job
2014-09-08 19:07 - 2014-09-08 19:07 - 00112640 _____ (forum.viry.cz) C:\Users\Eliška\Downloads\FRSTLauncher.exe
2014-09-08 19:06 - 2012-01-11 19:36 - 01990807 _____ () C:\Windows\WindowsUpdate.log
2014-09-08 18:37 - 2009-07-14 06:45 - 00026672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-08 18:37 - 2009-07-14 06:45 - 00026672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-08 18:30 - 2013-03-04 12:55 - 00000000 ____D () C:\Users\Eliška\AppData\Roaming\Dropbox
2014-09-08 18:30 - 2012-07-28 10:07 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-08 18:29 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-08 18:29 - 2009-07-14 06:51 - 00063856 _____ () C:\Windows\setupact.log
2014-09-08 17:29 - 2014-09-08 17:29 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-09-08 17:29 - 2014-01-16 12:38 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-08 17:28 - 2014-09-08 17:28 - 00667648 _____ () C:\Users\Eliška\Downloads\Detection.msi
2014-09-08 17:27 - 2014-09-08 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-08 17:26 - 2014-09-08 17:27 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-08 17:26 - 2014-09-08 17:27 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-09-08 17:26 - 2014-09-08 17:27 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-09-08 17:26 - 2014-09-08 17:27 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-08 17:26 - 2012-01-11 19:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-08 17:20 - 2014-09-08 17:20 - 00918440 _____ (Oracle Corporation) C:\Users\Eliška\Downloads\chromeinstall-7u67.exe
2014-09-08 17:10 - 2014-09-08 16:49 - 00014543 _____ () C:\zoek-results.log
2014-09-08 17:09 - 2012-01-11 21:04 - 00269186 _____ () C:\Windows\PFRO.log
2014-09-08 17:05 - 2014-09-08 16:48 - 00000000 ____D () C:\zoek_backup
2014-09-08 16:48 - 2014-09-08 17:07 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-08 16:48 - 2014-09-08 16:48 - 01288704 _____ () C:\Users\Eliška\Desktop\zoek (1).exe
2014-09-08 16:47 - 2014-09-08 16:47 - 01287719 _____ () C:\Users\Eliška\Desktop\zoek.exe
2014-09-08 16:27 - 2009-07-14 06:45 - 00418648 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-08 16:25 - 2014-09-08 16:24 - 00000000 ____D () C:\AdwCleaner
2014-09-08 16:25 - 2012-01-11 19:39 - 00000931 _____ () C:\Users\Eliška\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-08 16:23 - 2014-09-08 16:23 - 00002995 _____ () C:\Users\Eliška\Desktop\JRT.txt
2014-09-08 16:13 - 2014-09-08 16:13 - 00000000 ____D () C:\Windows\ERUNT
2014-09-08 16:12 - 2014-09-08 16:12 - 01370467 _____ () C:\Users\Eliška\Desktop\adwcleaner_3.309.exe
2014-09-08 16:12 - 2014-09-08 16:12 - 01016261 _____ (Thisisu) C:\Users\Eliška\Desktop\JRT.exe
2014-09-08 16:12 - 2012-01-11 21:08 - 00109296 _____ () C:\Users\Eliška\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-08 15:58 - 2014-09-08 15:58 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-08 15:58 - 2014-09-08 15:58 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-09-08 15:58 - 2012-01-11 19:57 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-09-08 15:54 - 2012-01-11 20:55 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-08 15:47 - 2012-06-11 22:32 - 00000000 ____D () C:\ProgramData\Origin
2014-09-08 15:43 - 2014-09-08 15:42 - 00000000 ____D () C:\rsit
2014-09-08 15:43 - 2014-09-08 15:42 - 00000000 ____D () C:\Program Files\trend micro
2014-09-08 15:42 - 2014-09-08 15:42 - 01222144 _____ () C:\Users\Eliška\Desktop\RSITx64.exe
2014-09-08 15:41 - 2014-09-08 15:41 - 00112640 _____ (forum.viry.cz) C:\Users\Eliška\Desktop\Nepotvrzeno 106847.crdownload
2014-09-08 15:40 - 2014-09-08 15:39 - 02105344 _____ (Farbar) C:\Users\Eliška\Desktop\FRST64.exe
2014-09-08 15:26 - 2012-01-11 20:25 - 00000000 ____D () C:\Users\Eliška\AppData\Roaming\Skype
2014-09-08 14:18 - 2012-06-11 22:32 - 00000000 ____D () C:\Users\Eliška\AppData\Roaming\Origin
2014-09-08 14:15 - 2014-09-08 14:15 - 00003368 _____ () C:\Windows\System32\Tasks\{C63D91A1-47F5-494F-AFEB-15ECBB5A6D5D}
2014-09-08 14:15 - 2014-09-08 14:13 - 00004145 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-08 14:02 - 2009-07-14 12:49 - 00668882 _____ () C:\Windows\system32\perfh005.dat
2014-09-08 14:02 - 2009-07-14 12:49 - 00141542 _____ () C:\Windows\system32\perfc005.dat
2014-09-08 14:02 - 2009-07-14 07:13 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-08 13:55 - 2012-07-10 16:55 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-07 21:14 - 2012-02-03 15:57 - 00002335 _____ () C:\Users\Eliška\Desktop\Google Chrome.lnk
2014-09-07 20:28 - 2009-07-14 04:34 - 00000580 _____ () C:\Windows\win.ini
2014-09-07 20:17 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-07 19:53 - 2012-06-11 23:25 - 00000000 ____D () C:\Users\Eliška\Documents\Electronic Arts
2014-09-07 19:50 - 2014-09-07 19:50 - 00000000 __SHD () C:\Users\Eliška\AppData\Local\EmieUserList
2014-09-07 19:50 - 2014-09-07 19:50 - 00000000 __SHD () C:\Users\Eliška\AppData\Local\EmieSiteList
2014-09-07 19:50 - 2014-09-07 19:37 - 00000000 ____D () C:\Users\Eliška\AppData\Roaming\Opera Software
2014-09-07 19:50 - 2014-09-07 19:37 - 00000000 ____D () C:\Users\Eliška\AppData\Local\Opera Software
2014-09-07 19:50 - 2014-09-07 19:36 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-09-07 19:40 - 2014-03-04 22:37 - 00000000 ____D () C:\Users\Eliška\AppData\Roaming\uTorrent
2014-09-07 19:32 - 2014-09-07 19:32 - 01899368 _____ (esc) C:\Users\Eliška\AppData\Roaming\ORXAQNY.exe
2014-09-07 19:32 - 2014-09-07 19:32 - 01450856 _____ (esc) C:\Users\Eliška\AppData\Roaming\YNYESL.exe
2014-09-07 19:32 - 2014-09-07 19:32 - 00001688 _____ () C:\Windows\Tasks\ORXAQNY.job
2014-09-07 19:32 - 2014-09-07 19:32 - 00001342 _____ () C:\Windows\Tasks\YNYESL.job
2014-09-07 19:13 - 2012-02-03 15:57 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2870595826-3786535739-3639980620-1000Core.job
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Eliška\AppData\Roaming\YNYESL
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Eliška\AppData\Roaming\ORXAQNY
2014-08-27 03:04 - 2014-08-23 03:34 - 01559340 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-26 14:14 - 2014-08-26 14:14 - 00000000 ____D () C:\Users\Eliška\Desktop\Verči svatba 2014
2014-08-23 04:07 - 2014-08-29 16:11 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-23 03:45 - 2014-08-29 16:11 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 03:38 - 2012-01-11 21:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-23 03:21 - 2013-08-15 16:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-23 03:12 - 2012-01-11 20:48 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-23 02:59 - 2014-08-29 16:11 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 13:49 - 2013-03-04 12:58 - 00000982 _____ () C:\Users\Eliška\Desktop\Dropbox.lnk
2014-08-22 13:49 - 2013-03-04 12:56 - 00000000 ____D () C:\Users\Eliška\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-19 10:46 - 2014-05-06 22:49 - 00000000 ___SD () C:\Windows\system32\CompatTel

Some content of TEMP:
====================
C:\Users\Eliška\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpklptun.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-07 22:02




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:48.74 GB) (Free:6.21 GB) NTFS
Drive d: (data) (Fixed) (Total:249.25 GB) (Free:80.41 GB) NTFS

Available physical RAM: 1943.18 MB
Total physical RAM: 3583.18 MB
Percentage of memory in use: 45%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 892C1AF7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=48.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=249.2 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2870595826-3786535739-3639980620-1000Core.job => C:\Users\Eliaka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2870595826-3786535739-3639980620-1000UA.job => C:\Users\Eliaka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ORXAQNY.job => C:\Users\Eliý˙ka\AppData\Roaming\ORXAQNY.exe
Task: C:\Windows\Tasks\YNYESL.job => C:\Users\Eliý˙ka\AppData\Roaming\YNYESL.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Eli�ka\Desktop" je 926 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2014 01
Ran by Eliška (administrator) on ELIŠKA-PC on 08-09-2014 20:31:36
Running from C:\Users\Eliška\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\osa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVCM.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Dropbox, Inc.) C:\Users\Eliška\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(ACD Systems) D:\Programy\ACDSee\ACDSee\14.0\ACDSeeInTouch2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\osaui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe
(forum.viry.cz) C:\Users\Eliška\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-11-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)
HKLM-x32\...\Run: [ACSW14EN] => D:\Programy\ACDSee\ACDSee\14.0\ACDSeeInTouch2.exe [1231472 2011-11-17] (ACD Systems)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-07] (AVAST Software)
HKLM-x32\...\Run: [OfficeSubscriptionAgent] => C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\osaui.exe [932160 2011-11-16] (Microsoft Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-2870595826-3786535739-3639980620-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [19549320 2011-10-13] (Skype Technologies S.A.)
HKU\S-1-5-21-2870595826-3786535739-3639980620-1000\...\Run: [Google Update] => "C:\Users\Eliaka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-2870595826-3786535739-3639980620-1000\...\Run: [DAEMON Tools Lite] => D:\Programy\DAEMON Tools Lite\DTLite.exe [3477312 2012-01-19] (DT Soft Ltd)
HKU\S-1-5-21-2870595826-3786535739-3639980620-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59872 2012-12-17] (Apple Inc.)
HKU\S-1-5-21-2870595826-3786535739-3639980620-1000\...\Run: [Badoo Desktop] => C:\ProgramData\Badoo\Badoo Desktop\1.6.55.1183\Badoo.Desktop.exe
HKU\S-1-5-21-2870595826-3786535739-3639980620-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
Startup: C:\Users\Eliška\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Eliška\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Eliška\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-11]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR NewTab: Default -> "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSearchKeyword: Default -> C9B99788914330A55D42D85E585A298DB00A8DE38C1F26911D2A8DBD5CC2ECCB
CHR DefaultSearchProvider: Default -> 61E215D60B9FCD7FF356E604696A4DDA0E23E99A32C630E89746014E4F83294E
CHR DefaultSearchURL: Default -> D8F602532CFD352FA5F500B87A80479610C0E9E248171896A279FB69786807EB
CHR Profile: C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-08]
CHR Extension: (Dokumenty Google) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-08]
CHR Extension: (Disk Google) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-08]
CHR Extension: (YouTube) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-03]
CHR Extension: (Vyhledávání Google) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-03]
CHR Extension: (Tabulky Google) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-08]
CHR Extension: (Word Online) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2014-09-08]
CHR Extension: (avast! Online Security) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-08-12]
CHR Extension: (Peněženka Google) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-09-08]
CHR Extension: (Slinky Glamour) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\phcgjdgneipghoeikoeenifpknfkjpil [2014-09-08]
CHR Extension: (Gmail) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-07]
CHR StartMenuInternet: Google Chrome - C:\Users\Eliška\AppData\Local\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-07] (AVAST Software)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 msoidsvc; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2079520 2012-05-17] (Microsoft Corp.)
R2 osubsvc; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\osa.exe [493384 2011-11-16] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-07] ()
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-03-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-07] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-07] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-05] (DT Soft Ltd)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-08 20:31 - 2014-09-08 20:31 - 00112640 _____ (forum.viry.cz) C:\Users\Eliška\Desktop\FRSTLauncher.exe
2014-09-08 19:23 - 2014-09-08 20:31 - 00015913 _____ () C:\Users\Eliška\Desktop\FRST.txt
2014-09-08 19:09 - 2014-09-08 19:09 - 00044004 _____ () C:\Users\Eliška\Desktop\FRST3.txt
2014-09-08 19:07 - 2014-09-08 20:31 - 00000000 ____D () C:\FRST
2014-09-08 17:29 - 2014-09-08 17:29 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-09-08 17:28 - 2014-09-08 17:28 - 00667648 _____ () C:\Users\Eliška\Downloads\Detection.msi
2014-09-08 17:27 - 2014-09-08 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-08 17:27 - 2014-09-08 17:26 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-08 17:27 - 2014-09-08 17:26 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-09-08 17:27 - 2014-09-08 17:26 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-09-08 17:27 - 2014-09-08 17:26 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-08 17:20 - 2014-09-08 17:20 - 00918440 _____ (Oracle Corporation) C:\Users\Eliška\Downloads\chromeinstall-7u67.exe
2014-09-08 17:07 - 2014-09-08 16:48 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-08 16:49 - 2014-09-08 17:10 - 00014543 _____ () C:\zoek-results.log
2014-09-08 16:48 - 2014-09-08 17:05 - 00000000 ____D () C:\zoek_backup
2014-09-08 16:48 - 2014-09-08 16:48 - 01288704 _____ () C:\Users\Eliška\Desktop\zoek (1).exe
2014-09-08 16:47 - 2014-09-08 16:47 - 01287719 _____ () C:\Users\Eliška\Desktop\zoek.exe
2014-09-08 16:25 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-08 16:24 - 2014-09-08 16:25 - 00000000 ____D () C:\AdwCleaner
2014-09-08 16:23 - 2014-09-08 16:23 - 00002995 _____ () C:\Users\Eliška\Desktop\JRT.txt
2014-09-08 16:13 - 2014-09-08 16:13 - 00000000 ____D () C:\Windows\ERUNT
2014-09-08 16:12 - 2014-09-08 16:12 - 01370467 _____ () C:\Users\Eliška\Desktop\adwcleaner_3.309.exe
2014-09-08 16:12 - 2014-09-08 16:12 - 01016261 _____ (Thisisu) C:\Users\Eliška\Desktop\JRT.exe
2014-09-08 15:58 - 2014-09-08 15:58 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-08 15:58 - 2014-09-08 15:58 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-09-08 15:42 - 2014-09-08 15:43 - 00000000 ____D () C:\rsit
2014-09-08 15:42 - 2014-09-08 15:43 - 00000000 ____D () C:\Program Files\trend micro
2014-09-08 15:42 - 2014-09-08 15:42 - 01222144 _____ () C:\Users\Eliška\Desktop\RSITx64.exe
2014-09-08 15:41 - 2014-09-08 15:41 - 00112640 _____ (forum.viry.cz) C:\Users\Eliška\Desktop\Nepotvrzeno 106847.crdownload
2014-09-08 15:39 - 2014-09-08 15:40 - 02105344 _____ (Farbar) C:\Users\Eliška\Desktop\FRST64.exe
2014-09-08 14:15 - 2014-09-08 14:15 - 00003368 _____ () C:\Windows\System32\Tasks\{C63D91A1-47F5-494F-AFEB-15ECBB5A6D5D}
2014-09-08 14:13 - 2014-09-08 14:15 - 00004145 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-07 19:50 - 2014-09-07 19:50 - 00000000 __SHD () C:\Users\Eliška\AppData\Local\EmieUserList
2014-09-07 19:50 - 2014-09-07 19:50 - 00000000 __SHD () C:\Users\Eliška\AppData\Local\EmieSiteList
2014-09-07 19:37 - 2014-09-07 19:50 - 00000000 ____D () C:\Users\Eliška\AppData\Roaming\Opera Software
2014-09-07 19:37 - 2014-09-07 19:50 - 00000000 ____D () C:\Users\Eliška\AppData\Local\Opera Software
2014-09-07 19:36 - 2014-09-07 19:50 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-09-07 19:32 - 2014-09-07 19:32 - 01899368 _____ (esc) C:\Users\Eliška\AppData\Roaming\ORXAQNY.exe
2014-09-07 19:32 - 2014-09-07 19:32 - 01450856 _____ (esc) C:\Users\Eliška\AppData\Roaming\YNYESL.exe
2014-09-07 19:32 - 2014-09-07 19:32 - 00001688 _____ () C:\Windows\Tasks\ORXAQNY.job
2014-09-07 19:32 - 2014-09-07 19:32 - 00001342 _____ () C:\Windows\Tasks\YNYESL.job
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Eliška\AppData\Roaming\YNYESL
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Eliška\AppData\Roaming\ORXAQNY
2014-08-29 16:11 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-29 16:11 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-29 16:11 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 10:58 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-27 10:58 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-27 10:58 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-27 10:58 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-27 10:58 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-27 10:58 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-27 10:58 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-27 10:58 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-27 10:58 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-27 10:58 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-27 10:57 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-27 10:57 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-27 10:57 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-27 10:57 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-26 14:14 - 2014-08-26 14:14 - 00000000 ____D () C:\Users\Eliška\Desktop\Verči svatba 2014
2014-08-23 03:34 - 2014-08-27 03:04 - 01559340 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-23 03:03 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-23 03:03 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-23 03:03 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-23 03:03 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-23 03:03 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-23 03:03 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-23 03:02 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-23 03:02 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-22 13:53 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-22 13:53 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-22 13:51 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-22 13:51 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-22 13:51 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-22 13:51 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-22 13:51 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-22 13:51 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-22 13:51 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-22 13:51 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-22 13:51 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-22 13:51 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-22 13:51 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-22 13:51 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-22 13:51 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-22 13:51 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-22 13:51 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-22 13:51 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-22 13:51 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-22 13:51 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-22 13:51 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-22 13:51 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-22 13:51 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-22 13:51 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-22 13:51 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-22 13:51 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-22 13:51 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-22 13:51 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-22 13:51 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-22 13:51 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-22 13:51 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-22 13:51 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-22 13:51 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-22 13:51 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-22 13:51 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-22 13:51 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-22 13:51 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-22 13:51 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-22 13:51 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-22 13:51 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-22 13:51 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-22 13:51 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-22 13:51 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-22 13:51 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-22 13:51 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-22 13:51 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-22 13:51 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-22 13:51 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-22 13:51 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-22 13:51 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-22 13:51 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-22 13:51 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-22 13:51 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-22 13:51 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-22 13:51 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-22 13:51 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-22 13:51 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-22 13:51 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-22 13:51 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-22 13:51 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-22 13:51 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-22 13:51 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-22 13:51 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-22 13:51 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-22 13:51 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-19 10:45 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-19 10:45 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-19 09:24 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-19 09:24 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-19 09:24 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-19 09:22 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-19 09:22 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-08 20:31 - 2014-09-08 20:31 - 00112640 _____ (forum.viry.cz) C:\Users\Eliška\Desktop\FRSTLauncher.exe
2014-09-08 20:31 - 2014-09-08 19:23 - 00015913 _____ () C:\Users\Eliška\Desktop\FRST.txt
2014-09-08 20:31 - 2014-09-08 19:07 - 00000000 ____D () C:\FRST
2014-09-08 20:30 - 2012-07-28 10:07 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-08 20:08 - 2012-02-03 15:57 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2870595826-3786535739-3639980620-1000UA.job
2014-09-08 19:09 - 2014-09-08 19:09 - 00044004 _____ () C:\Users\Eliška\Desktop\FRST3.txt
2014-09-08 19:06 - 2012-01-11 19:36 - 01990807 _____ () C:\Windows\WindowsUpdate.log
2014-09-08 18:37 - 2009-07-14 06:45 - 00026672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-08 18:37 - 2009-07-14 06:45 - 00026672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-08 18:30 - 2013-03-04 12:55 - 00000000 ____D () C:\Users\Eliška\AppData\Roaming\Dropbox
2014-09-08 18:29 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-08 18:29 - 2009-07-14 06:51 - 00063856 _____ () C:\Windows\setupact.log
2014-09-08 17:29 - 2014-09-08 17:29 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-09-08 17:29 - 2014-01-16 12:38 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-08 17:28 - 2014-09-08 17:28 - 00667648 _____ () C:\Users\Eliška\Downloads\Detection.msi
2014-09-08 17:27 - 2014-09-08 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-08 17:26 - 2014-09-08 17:27 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-08 17:26 - 2014-09-08 17:27 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-09-08 17:26 - 2014-09-08 17:27 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-09-08 17:26 - 2014-09-08 17:27 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-08 17:26 - 2012-01-11 19:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-08 17:20 - 2014-09-08 17:20 - 00918440 _____ (Oracle Corporation) C:\Users\Eliška\Downloads\chromeinstall-7u67.exe
2014-09-08 17:10 - 2014-09-08 16:49 - 00014543 _____ () C:\zoek-results.log
2014-09-08 17:09 - 2012-01-11 21:04 - 00269186 _____ () C:\Windows\PFRO.log
2014-09-08 17:05 - 2014-09-08 16:48 - 00000000 ____D () C:\zoek_backup
2014-09-08 16:48 - 2014-09-08 17:07 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-08 16:48 - 2014-09-08 16:48 - 01288704 _____ () C:\Users\Eliška\Desktop\zoek (1).exe
2014-09-08 16:47 - 2014-09-08 16:47 - 01287719 _____ () C:\Users\Eliška\Desktop\zoek.exe
2014-09-08 16:27 - 2009-07-14 06:45 - 00418648 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-08 16:25 - 2014-09-08 16:24 - 00000000 ____D () C:\AdwCleaner
2014-09-08 16:25 - 2012-01-11 19:39 - 00000931 _____ () C:\Users\Eliška\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-08 16:23 - 2014-09-08 16:23 - 00002995 _____ () C:\Users\Eliška\Desktop\JRT.txt
2014-09-08 16:13 - 2014-09-08 16:13 - 00000000 ____D () C:\Windows\ERUNT
2014-09-08 16:12 - 2014-09-08 16:12 - 01370467 _____ () C:\Users\Eliška\Desktop\adwcleaner_3.309.exe
2014-09-08 16:12 - 2014-09-08 16:12 - 01016261 _____ (Thisisu) C:\Users\Eliška\Desktop\JRT.exe
2014-09-08 16:12 - 2012-01-11 21:08 - 00109296 _____ () C:\Users\Eliška\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-08 15:58 - 2014-09-08 15:58 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-08 15:58 - 2014-09-08 15:58 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-09-08 15:58 - 2012-01-11 19:57 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-09-08 15:54 - 2012-01-11 20:55 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-08 15:47 - 2012-06-11 22:32 - 00000000 ____D () C:\ProgramData\Origin
2014-09-08 15:43 - 2014-09-08 15:42 - 00000000 ____D () C:\rsit
2014-09-08 15:43 - 2014-09-08 15:42 - 00000000 ____D () C:\Program Files\trend micro
2014-09-08 15:42 - 2014-09-08 15:42 - 01222144 _____ () C:\Users\Eliška\Desktop\RSITx64.exe
2014-09-08 15:41 - 2014-09-08 15:41 - 00112640 _____ (forum.viry.cz) C:\Users\Eliška\Desktop\Nepotvrzeno 106847.crdownload
2014-09-08 15:40 - 2014-09-08 15:39 - 02105344 _____ (Farbar) C:\Users\Eliška\Desktop\FRST64.exe
2014-09-08 15:26 - 2012-01-11 20:25 - 00000000 ____D () C:\Users\Eliška\AppData\Roaming\Skype
2014-09-08 14:18 - 2012-06-11 22:32 - 00000000 ____D () C:\Users\Eliška\AppData\Roaming\Origin
2014-09-08 14:15 - 2014-09-08 14:15 - 00003368 _____ () C:\Windows\System32\Tasks\{C63D91A1-47F5-494F-AFEB-15ECBB5A6D5D}
2014-09-08 14:15 - 2014-09-08 14:13 - 00004145 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-08 14:02 - 2009-07-14 12:49 - 00668882 _____ () C:\Windows\system32\perfh005.dat
2014-09-08 14:02 - 2009-07-14 12:49 - 00141542 _____ () C:\Windows\system32\perfc005.dat
2014-09-08 14:02 - 2009-07-14 07:13 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-08 13:55 - 2012-07-10 16:55 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-07 21:14 - 2012-02-03 15:57 - 00002335 _____ () C:\Users\Eliška\Desktop\Google Chrome.lnk
2014-09-07 20:28 - 2009-07-14 04:34 - 00000580 _____ () C:\Windows\win.ini
2014-09-07 20:17 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-07 19:53 - 2012-06-11 23:25 - 00000000 ____D () C:\Users\Eliška\Documents\Electronic Arts
2014-09-07 19:50 - 2014-09-07 19:50 - 00000000 __SHD () C:\Users\Eliška\AppData\Local\EmieUserList
2014-09-07 19:50 - 2014-09-07 19:50 - 00000000 __SHD () C:\Users\Eliška\AppData\Local\EmieSiteList
2014-09-07 19:50 - 2014-09-07 19:37 - 00000000 ____D () C:\Users\Eliška\AppData\Roaming\Opera Software
2014-09-07 19:50 - 2014-09-07 19:37 - 00000000 ____D () C:\Users\Eliška\AppData\Local\Opera Software
2014-09-07 19:50 - 2014-09-07 19:36 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-09-07 19:40 - 2014-03-04 22:37 - 00000000 ____D () C:\Users\Eliška\AppData\Roaming\uTorrent
2014-09-07 19:32 - 2014-09-07 19:32 - 01899368 _____ (esc) C:\Users\Eliška\AppData\Roaming\ORXAQNY.exe
2014-09-07 19:32 - 2014-09-07 19:32 - 01450856 _____ (esc) C:\Users\Eliška\AppData\Roaming\YNYESL.exe
2014-09-07 19:32 - 2014-09-07 19:32 - 00001688 _____ () C:\Windows\Tasks\ORXAQNY.job
2014-09-07 19:32 - 2014-09-07 19:32 - 00001342 _____ () C:\Windows\Tasks\YNYESL.job
2014-09-07 19:13 - 2012-02-03 15:57 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2870595826-3786535739-3639980620-1000Core.job
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Eliška\AppData\Roaming\YNYESL
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Eliška\AppData\Roaming\ORXAQNY
2014-08-27 03:04 - 2014-08-23 03:34 - 01559340 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-26 14:14 - 2014-08-26 14:14 - 00000000 ____D () C:\Users\Eliška\Desktop\Verči svatba 2014
2014-08-23 04:07 - 2014-08-29 16:11 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-23 03:45 - 2014-08-29 16:11 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 03:38 - 2012-01-11 21:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-23 03:21 - 2013-08-15 16:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-23 03:12 - 2012-01-11 20:48 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-23 02:59 - 2014-08-29 16:11 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 13:49 - 2013-03-04 12:58 - 00000982 _____ () C:\Users\Eliška\Desktop\Dropbox.lnk
2014-08-22 13:49 - 2013-03-04 12:56 - 00000000 ____D () C:\Users\Eliška\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-19 10:46 - 2014-05-06 22:49 - 00000000 ___SD () C:\Windows\system32\CompatTel

Some content of TEMP:
====================
C:\Users\Eliška\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpklptun.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-07 22:02




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:48.74 GB) (Free:6.21 GB) NTFS
Drive d: (data) (Fixed) (Total:249.25 GB) (Free:80.41 GB) NTFS

Available physical RAM: 2055.34 MB
Total physical RAM: 3583.18 MB
Percentage of memory in use: 42%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 892C1AF7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=48.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=249.2 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2870595826-3786535739-3639980620-1000Core.job => C:\Users\Eliaka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2870595826-3786535739-3639980620-1000UA.job => C:\Users\Eliaka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ORXAQNY.job => C:\Users\Eliý˙ka\AppData\Roaming\ORXAQNY.exe
Task: C:\Windows\Tasks\YNYESL.job => C:\Users\Eliý˙ka\AppData\Roaming\YNYESL.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Eli�ka\Desktop" je 926 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
  HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
  HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)
  HKLM-x32\...\Run: [ACSW14EN] => D:\Programy\ACDSee\ACDSee\14.0\ACDSeeInTouch2.exe [1231472 2011-11-17] (ACD Systems)
  HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
  HKLM-x32\...\Run: [OfficeSubscriptionAgent] => C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\osaui.exe [932160 2011-11-16] (Microsoft Corporation)
  HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
  HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
  HKU\S-1-5-21-2870595826-3786535739-3639980620-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [19549320 2011-10-13] (Skype Technologies S.A.)
  HKU\S-1-5-21-2870595826-3786535739-3639980620-1000\...\Run: [Google Update] => "C:\Users\Eliaka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
  HKU\S-1-5-21-2870595826-3786535739-3639980620-1000\...\Run: [DAEMON Tools Lite] => D:\Programy\DAEMON Tools Lite\DTLite.exe [3477312 2012-01-19] (DT Soft Ltd)
  HKU\S-1-5-21-2870595826-3786535739-3639980620-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59872 2012-12-17] (Apple Inc.)
  HKU\S-1-5-21-2870595826-3786535739-3639980620-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
  
  Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
  Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
  
  CHR NewTab: Default -> "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
  CHR DefaultSearchKeyword: Default -> C9B99788914330A55D42D85E585A298DB00A8DE38C1F26911D2A8DBD5CC2ECCB
  CHR DefaultSearchProvider: Default -> 61E215D60B9FCD7FF356E604696A4DDA0E23E99A32C630E89746014E4F83294E
  CHR DefaultSearchURL: Default -> D8F602532CFD352FA5F500B87A80479610C0E9E248171896A279FB69786807EB
  CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
  
  2014-09-08 19:08 - 2014-09-08 19:08 - 00016008 _____ () C:\Users\Eliška\Desktop\FRST.txt
  2014-09-08 19:07 - 2014-09-08 19:07 - 00112640 _____ (forum.viry.cz) C:\Users\Eliška\Downloads\FRSTLauncher.exe
  2014-09-08 17:07 - 2014-09-08 16:48 - 00024064 _____ () C:\Windows\zoek-delete.exe
  2014-09-08 16:49 - 2014-09-08 17:10 - 00014543 _____ () C:\zoek-results.log
  2014-09-08 16:48 - 2014-09-08 17:05 - 00000000 ____D () C:\zoek_backup
  2014-09-08 16:48 - 2014-09-08 16:48 - 01288704 _____ () C:\Users\Eliška\Desktop\zoek (1).exe
  2014-09-08 16:47 - 2014-09-08 16:47 - 01287719 _____ () C:\Users\Eliška\Desktop\zoek.exe
  2014-09-08 16:25 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
  2014-09-08 16:24 - 2014-09-08 16:25 - 00000000 ____D () C:\AdwCleaner
  2014-09-08 16:23 - 2014-09-08 16:23 - 00002995 _____ () C:\Users\Eliška\Desktop\JRT.txt
  2014-09-08 16:13 - 2014-09-08 16:13 - 00000000 ____D () C:\Windows\ERUNT
  2014-09-08 16:12 - 2014-09-08 16:12 - 01370467 _____ () C:\Users\Eliška\Desktop\adwcleaner_3.309.exe
  2014-09-08 16:12 - 2014-09-08 16:12 - 01016261 _____ (Thisisu) C:\Users\Eliška\Desktop\JRT.exe
  2014-09-08 15:42 - 2014-09-08 15:43 - 00000000 ____D () C:\rsit
  2014-09-08 15:42 - 2014-09-08 15:43 - 00000000 ____D () C:\Program Files\trend micro
  2014-09-08 15:42 - 2014-09-08 15:42 - 01222144 _____ () C:\Users\Eliška\Desktop\RSITx64.exe
  2014-09-08 15:41 - 2014-09-08 15:41 - 00112640 _____ (forum.viry.cz) C:\Users\Eliška\Desktop\Nepotvrzeno 106847.crdownload
  2014-09-07 19:32 - 2014-09-07 19:32 - 01899368 _____ (esc) C:\Users\Eliška\AppData\Roaming\ORXAQNY.exe
  2014-09-07 19:32 - 2014-09-07 19:32 - 01450856 _____ (esc) C:\Users\Eliška\AppData\Roaming\YNYESL.exe
  2014-09-07 19:32 - 2014-09-07 19:32 - 00001688 _____ () C:\Windows\Tasks\ORXAQNY.job
  2014-09-07 19:32 - 2014-09-07 19:32 - 00001342 _____ () C:\Windows\Tasks\YNYESL.job
  2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Eliška\AppData\Roaming\YNYESL
  2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Eliška\AppData\Roaming\ORXAQNY
  
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2870595826-3786535739-3639980620-1000Core.job => C:\Users\Eliaka\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2870595826-3786535739-3639980620-1000UA.job => C:\Users\Eliaka\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\ORXAQNY.job => C:\Users\Eliý˙ka\AppData\Roaming\ORXAQNY.exe
  Task: C:\Windows\Tasks\YNYESL.job => C:\Users\Eliý˙ka\AppData\Roaming\YNYESL.exe
  
  Hosts:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt