prosím o kontrolu, zpomalené načítání, nechtěné eklamy v prohlížeči.
Logfile of random's system information tool 1.10 (written by random/random)
Run by ew at 2014-09-26 16:57:29
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 20 GB (7%) free of 292 GB
Total RAM: 3067 MB (58% free)
======Listing Processes==
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe"
C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 23069824
\??\C:\Windows\system32\conhost.exe "-1260717448-12656433892138259134-1915836499-58773011-1405512631-20571312282061734288
atieclxx
"C:\Windows\system32\Dwm.exe"
C:\ProgramData\IePluginServices\PluginService.exe -service
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
taskeng.exe {D40E9534-42DF-4209-AF5E-914634E09032}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\SupTab\HpUI.exe" -run
crypserv.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\SupTab\Loader64.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
szndesktop.exe default start
"C:\Users\ew\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "1220914111621554617-88903145218960389362125969206797403511370615946-1220019242
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe -start -scm
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d977e65c-ef6c-4112-a4b6-d4ad3a60d936 -SystemEventPortName:HostProcess-99175c11-6d31-440e-9101-ab6b45991165 -IoCancelEventPortName:HostProcess-b258692a-e71f-438e-8953-2ac3b2a33aa1 -NonStateChangingEventPortName:HostProcess-961f0ea5-8abb-4ae6-a06a-e18e75aff638 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:54c35ae4-7e67-46e5-8953-16507842d084 -DeviceGroupId:WpdFsGroup
"F:\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\3429cce2-09b3-423a-aded-b7faa0dbe26a.job - C:\Program Files (x86)\HD01-V2.1V25.09\3429cce2-09b3-423a-aded-b7faa0dbe26a.exe /agentregpath='HD01-V2.1V25.09' /appid=63831 /srcid='002128' /subid='0' /zdata='0' /bic=ADF4B755E47F49DDA2C42CB03E0E8317IE /verifier=9e81367ae29fd65fd99bfeda0b25c9b1 /installerversion=1_35_09_16 /installationtime=1411688620 /statsdomain=http://stats.newclientstaticsrv.com /errorsdomain=http://errors.newclientstaticsrv.com /extensionname='Information' /torpedoiesleeps=1000 /torpedoieplugins=93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 /monetizationdomain=http://logs.newclientstaticsrv.com /runfrom='task' /externallog=''
C:\Windows\tasks\36316498-b3d9-47dd-98ae-f60936fb007c-1.job - C:\Program Files (x86)\Apps Hat\Apps Hat-codedownloader.exe /rawdata=KfmK0yoeXsD1mzF4+RxuVgKScxomlCFjb1o90mYOW2lQX3lXLzwg3gicZIBheCAVLLdqVALAaG4q66SP5mBXKvX4vQaG4fN9L8NGRrRMVC3MqaIcGlpkdBKDM/axrgoY6j5ttlr2XsgncWiydLyvw3erzedesjg337rCZl/Rt1N9b1Hr0YSWhNG9fLpAT0wnb0HQk9a6El0I/ppV7H+VD+SqpE/qXlvzvF9O+tZ89bHWuyYTjSdzvKrWWyRzHyT2yduprVePShLNYFzq/seaLYmfYXyHbxdWqK5LPwgeITF183nsrBryHqXEAX/M0YCMp3UxZxw/09PTFiBf+z5ydgeCsXXea9UXfOlsQOaNYk8374ui7yoFZo+JRVGjMLaIvSevyvz0q3VaZ05uWkXmm8QPyrWbUIChCv0MzDlTAwUQzMpkUtLQfz9+E7VOkqPJp2jaiArJSuf4Fiqj5epEfoW6u+HaWJBWXrBtF8BAaO4ayYSVKaD3SW7VFyzgwPqxKTAqHFqbNPdmn/QZFgOrxkJ/KuRRhzk4R7swmssCp4SOyg3hHFPptS1FTTXlSTyBagVeZ+pLBhZi09SAyUUtaZwKKb4opkHCV/qYkzLkARBiEGVghi5FpLL7OaQXgq1ILWoXR53nNXGk8F/z5R9rJ4bYKndxVSqmzykdv5G0JzuQohA1ycDPtU9HiAtAjOCHgAMLL/fJ6m8HpQZ9M9MdecMSPvErrTXpKzJyXQ0yA1Wj//cg0wahuN5/AT/8kCj02WEYVtr8Zt7aLgOKVvH4s1dB8B3kDiECUEkg/mUKF4PELmsHFjwFxAiXw5bCUUoUbzl1/On+/7avZc6xGuuQjj/Ci4J1+nxoysfOrbD5mjYX/eRG15NlNIcbiiMRfnwTqSOK/5SBPQtgVPctg+OXAsOtw8hPUIGjO+d9ID6YK6EUzFqRYwDSH4qlPcWAnIsRt08MTolRmxW9NtXFookAguopADHqMgAOf7+Cg7gj0r8V7wcNrEGjGmYqG+NBY7yGhBMDeh2o3uqFqgvaGmhvBQeumSFnbV/eamJKPnT/6VgMeSjMMenITVKixgJMtoc+SSrcE5ufpKo2IMax44p1qi7aQHolFNDsAVITKh9pTaSVY4Besy/ZM3ZaFRhu8kuIuhk+m8rHvhjcWpN0e4cmQbDF9hqozAeqFSDGRl22/hY=
C:\Windows\tasks\36316498-b3d9-47dd-98ae-f60936fb007c-11.job - C:\Program Files (x86)\Apps Hat\36316498-b3d9-47dd-98ae-f60936fb007c-11.exe /rawdata=uWDA2BEit7tA0VjaddfUw+jvSTA1qMiCbyytCcA1/yC2VqoNZzoirthjGo190Szd3LsE12Ijaqqt2m8aRFuCRi3gwvQ3Vpdt9wQeVQyhuL7J6B3p8tH6tfYeoHjUQENs6lclYRLWxufxPoJZUb+LldR2ymfEWPSwdA+kwBOyP9Nh0WVKhr8tCogwNPt5sjzMg2lHIlwEDghlQoZcB8Gcg1LnVsIzKB7Ed+d8lyEOd6RRAmL0JuoElmGIX33BiNpw2zGiYCkUyaIMnUUD4ED4RlrpbLiN/1MNMtBeHEhVJ0Dr7W7z45ZG6QcOEoaYmWowFMevgQCgVbjnuZ6rev2m0Dx3Ik/cWrp6QadjS2i/+Tsit0ZxY0RJcgJ++xt5BtyQK/YvwNHqJFROlPvVgH8auzV2jF3lSbc7J+v29hfuXvQdVUqNmxbxFdPpmGP1g0Tx2cqus+N++1iGZVuQ/KFPNV6YT0x4r6FyL6YA5YV8BKVBlowyUn5yuVyQZo9N/owWYHss2YEyHK/BM3S86DosSXGPaFJhWiKXJT0oHQrFXhwZrAzGXW7ucZpUm2EpK0LbQ+EGEiP4bvTPCfz6J7RA2WLQ/13JHKbvPx7dD09xJmdFicE9WtPPSTU8GJAKQinFfCFODKnQ8UoVU3jS1Vsodq2miToGdsUhBUa0FDHyo6ym9fhQktfHVKX/KQ7wCy7WDZEBEi3zs3gjpNJHK5hPml6LaGl6u1VYj+Nzr1A6HsOp49S1PF4dAZFE0b4WNbxsEcT0eeXIT4Wkc7J70GQml2gpRzyt32+yAoIkhTmY07jbFDBSBuZTNzBh+bcZkldNdH9hJMh0oUjiM3Kb2nKZUpDhctsqzzXgNXelZ1yI+hH4w3bqQe7DRBqJanmOQI8wHlwpbja8lWDlCI+ipSPZfKisiliuXWww7sueYReRv+X9v4wPDzzOM6I2VlUW0rcEhKxjxaSys2kYgxT80EP88htEKYl41wW9EvI13Osrv3hXX47B6gYEu3WMlm5s00JfgbgcGQy6bHpumYXydCA5LkmspTxbaW7GZhA/AlmBzem5740vN9YY3fxKW6JHZwPK9Z3xmqcBuN0kXsOMZAitOkB6G/7NHPefeSxGGfPF/iDtRkaS1ebyg+GRKdCIJRvjXQWc1MISYDU3lIONFXp85oxP6d7aALnP+qTRzb6P8xVHibDvBa+OnOFT9UVjWGkmxlNyTZP5nGnx3hoH8YVSKH0EsVVnkByetea8QlKF+nALS++rVzeXdnpwIbtc4a8+E4TF6ZYoWcAlYPquBoLDFEC82+h4vIAnbXWwcZnExq59LVd34P/g0isXfKCUg2FTpKHTAkZpJP9CPqwqhroPuVCK73a4kC1NG528r1h24pTX5vhcpU8BWKyAfKG/7kpkjT7TDLNJuq+ceO4rNSEtkCx/qTl2ZY5xFYW7ordNH9b73/SK2RXatlMCHDw7KLG4Hdg06wWXtSoX2dR9LzZ5IOfCNAGD98CHkCgJ8Yfb1PPRf9vlT60U+FbmCuD+z0iRnawsLyk4WuwPXeix5XAUGIWxjKUdGWdDS/Nfw4OXRJUjINdU/p/SdeTPk1VXyhp2ednSk0BH4TZjXEuYnZNjh/RDYPZhmQHAHLfuH18bGU7GbcXn3N6bBTuJX7f54rFO1XYfDIVRThqN6ZLQPKFOcMRorypL5PqKbCys9PLf3cB+rZg4jFcxrMoonjjVeFL/5/xHfVqrDlJ/TJOSYKRToQaID5i0ccbfuhHCKnF3s2H8InWSsR7cq4BUAb22G/n8Shyc4dGYvdQ0uAbN3xe0oDkdR924fEiPfshFG1JS07iLAS4PRd6vDtKKJsaoCvk8qsEDot/pwb5utM7NRgkDzSjUzTTGrSI/Wdv9FcclIjtT0IJho+PHKbFMDOZHtUKNzPHAhXb0G7TqjlxpBoVH97ID3dp+B5+/q1ljtcYTy5zgwTmo90LmocwD9CWaaFQQ1Y63022UJ4V9kO9nme2mpQ5uXpmdZZA86xmL7gHNeNq2G+FJ6F4NAPl5WROq8UY6
C:\Windows\tasks\36316498-b3d9-47dd-98ae-f60936fb007c-2.job - C:\Program Files (x86)\Apps Hat\36316498-b3d9-47dd-98ae-f60936fb007c-2.exe /rawdata=rql0xumhPSJZRXCQv6QicReLgzq2mI02v3Zwj4sJE9cmZev5UD/lQutoRn/mC39hU4wTK/X3VmBtjacQUzbKXwMNnBbdEMsrROcJPW/Wdm+xlymgnqlRo2NdKE3xRijGwY6UgaYDZL8hf1f4eaGD27qG5HOrdzKUNQ3C+s9SyucnxJUIZsWiNNEZs8nWZ186zzbdIs+LKaaV9viB+Snusz8nU1E58w5R9z46GQzE7PIKaXfsx8N6xhTwFi0fxFdk3YEG+mThnIKJ+vYCzAYBGGK7l5OsC6uy4QWtm9f8PPXZPyNR3taz8XJPPF4hgdN7aWBS1bR0JWvqhBwqWRFRsUP9VRCGj8Hnhq1/z+LTyWSB7W5Ht8+UHDzBk133kZGnn9HEq1Ic5PPJ9Whimf3GhMrpJgo4/8uOUCOjqtzt8SW2vsjLLmrdUC9ZUc5qdRrpbYObLc4+Ua6pd/6fj1pdgrHVyTr3uwnFr9iJ7vyQAR2VjT/O1uvvw9ZIvl1/IMcwdNSVSgJZPFZHbfO1SlV43TI39SgFzNJoOTlwkwJ8VFbpKL7KNSzasMlD1qXLjxqGa8o1buEQU7jZPGSnxRcfV45mntDsN+r7LLnEiglDWj1WtUU5CV+Bj6TeaWoFismXfPmrQxxcAT/0h9GFRY3qZeYo+b/L0iecT/tEpfuzyyl0zv7Mze4e9Hm2lEHW8IfIuike1vp3rgnMmQxB5M9o23fz0MfKQE7drN1/0HSgiTwswJZ67Ho/8ACrcckg97A3pjNd2gMovuK75mvItO2w7MzUGGj2qeF/HWTWg4H0dGFjsti89HyKy5hCpaHrtZFreitqaoFCCliUzxFXPLqHUg==
C:\Windows\tasks\36316498-b3d9-47dd-98ae-f60936fb007c-4.job - C:\Program Files (x86)\Apps Hat\36316498-b3d9-47dd-98ae-f60936fb007c-4.exe /rawdata=QB1/hod8PSetVGAZZ2IjkhKKwzy6vjiR0VOWT39g5H+qJ9/+fgwRVCDRRpUNen+aSsl/T+yJmzYBgDEFdaUKm+nMqrqlgIwsCvnmXbuD8BfbfD2nzMPsLQ5yoeYMw+09fB9OgyqHGFNZ4ilrs+d5bLTBRbSHQWF/SUl2v5yyAdWdHJpXONtZdmFwQHzIfjSe2/mXEarJ7qbNQ5ihwPHEw91Xy5VAGfvpQMJTYp65MkbwHmBQfiOPqf9GkkMx7/qeb/qGXHpyD9i/ViGb1oEQ1S8/Dqz+cin5SwzPtGqlmkUpH3ZnMGxW9uaMO79pDwSuvcnDPErbFxS8m8QjX0HnE11TVGqBNQXyb71TBV/+s3nmZN9pTtxOjD9FOHuLo6eUrVwO4kuAcTX/RSU4oUTsOiWNHKxGpynsCFst6GSlguEqC7hIOrAGnEx0CkUd8+knggynGt+RrxqfhqyPrpurowh2xOXN+twgo7Ll52LQVEcbYWUM7sL6Ztek9YcNsZwjbVqdfwoh1ycYzby1IgVSEO+Q5CAjtRBFY0kumz3ThNkkYAFmflm1MRveZ6YR9iNKJOhQjLOy8+ewhpiKfhsNvcI7gLR3Sw2J0w5FGQKLuaoZDHHDhle64oEWhxiosesB57Hwx+G5NjkV0t6ALaVW0xY5NeGlkP68uWXUr6F3SX1nyCE9b7Tq1yOP8U7H9ahHQ9c42ejMwfaFpmVxy4U0EGzgwlL70pd7sxh5F5BR5Yth+3CFUUGGrqFrLBqQMpwIfLxI1/jLnVu7884H62ynY1jgQdkoHvVL5fi5k8dsipQznHuWaAoSO/Sp/4y/WILepc0M6WiMLrylAkpOC+dAaYmJrtHs/O1EkyfiSoFUUf+KUq39Je9GXGyF0ZFGZEsBdAxe6LytkRYTDMTZwkYpGoNAqM67cgkjAWpi153ZB4b8jYUc2YJFwvD2b2Ze5Rry2ACzc8l7SthS/zGbbgpmUzYZBXoRcRMN/apIdSR2cLwKqggY447PBZPIxERonpfSUgVPU6PbdqMKIX+OUcP53vg7Aud/MGi4rGn6FxnIs1lrXWLs/ivpLJ5DQpcCdwJRiTefOQW5sYEFP1XGMf3coqqgzBGQd65jdZm1Z8zawQdxFFeG9E2SgzI2e7WmP6egD8ryTVDIpiqsv1nGG8PDBjLJqFK4i6fdoOqzT6whsb8MCExh64nSYZ2PG2vxy8rXiZp3ojHfvk+kIqrmD4Su6tSWLghol0/PUIxC6FFW7KMFLxsyNVzfvHcb4xH2LkFScZJ6Vt+zg/2lMxL31GTD+/9wC5MMDyuAcrxSYqWGFFIF1ROeEH96Xr+Z6T5oOXxMlnwtbFScBGxTyd0Et1LaVbJSaayPd++ADvNzDUTjY5Aki47WWDNvuGjn2wqEh/9C2aYMOA4+LNIPrW8cvZpbRYrHJySjPMJuzUXz3Y40zopGIkmEQBAH9oQ26MrDJXcRhiMkFqGXEc4o2buHyr++yKXW2GwYuRal3pSyCPiPPX5Z9y2lkVyCM5GD+O9vn4EMVfZN21v1xA0NoHvQbGFKU6YvSGF8kS0GU4O92jEb+0cZWNd++4pnz8PURWQ89M5siNFFgfooer3225a10Ur++gUxwo0IBLTnqNoYH948s8T3/1ALzF2uHT1xhlXaM3VcJnWDfEkSQctV0Y8wUGTiswuAeItCQgx8L5qA4rFOF5gbe5xgw8JYGy706uryP0elCyzOdhgwp4ImAoBi0hJ1JD9X/8H+wrvHUgnLTb1azhiXWas+2tIa4SRN+owtes7oZHfM0l3Q56BJ6tM5vfwtEM0KwhG3EMBWgFctwPCD17zFG+cVjVsuJOQwuA4mMy0xI0AxJQJ5CHxvMtkLRJH4lUYf8MDQxcZmOqAHB/TbYUkIB9CQsl8TIn63oW1rY6sBB5s40oHdhphqHy+K9oEscflAFUE4qcD3BHRn+HMMX0o46cPoRy8ovXSXJi7+qRgYwVsJjUz5hjnOdLhFDRFek547JITRG9rqy/4dil3SsLdaqJ9oyrIEyZiMqBx1TddO
C:\Windows\tasks\36316498-b3d9-47dd-98ae-f60936fb007c-5.job - C:\Program Files (x86)\Apps Hat\36316498-b3d9-47dd-98ae-f60936fb007c-5.exe /rawdata=lHRIDVggaSQ5mD9C1t4Sr0Hh6xxevk7LQ4tU3YQ8uHeOIMsS6+wm2oVBup3JIFFxxsNGrx98DhUdtV5Dkwvxt/IdtqR3AaV9V0guACnt/E7YZ2GXvd/EGgRBF7Rn67h6WJLiqpdFgevez5HsPGg7WDBrvJTV0vRHLpS5KpP59CugmKmjMnXnjtbc1cpU1uoWE12ATqPF819dVURdPSK2y7grfbotOBybsQD4tbnGr6tMaHGMhJvkgOpwMWi3KZ2kabyQES0AHpit6L/omKi3D60zkZHFPU9mKoN7wRp0YmKSupXsyz0Uavt+uRJCvH/6IP1NVZ+hdWaYui/VL1Q5ZzpONCyZDhtiSp954rxdhT1fC0xPsjBLBHTzzkDPOSIeEyPgR8Ovot780AllCQdAEHlB25dPzXbWcyMyxH48B11wurK9xe4/ZGecF3jp9Cu4LHvigINNgesMFE2JdCPvFrxFtrvO90rXHJx9H84jq6u1C/Iwwr3kw1Mu3XHLXl4LwFalOjEyI6AHgU+QyW+E5cGOPbISZyiI5typ45eFdmPLpArYv3UdzXxwl4Pze2qbSx4jw2Rb29ECd+2JV6Zw6kNpRhYSbWL1g6v+EOII+PIEuFcyvGi8EHklPiWbJN78VjlypkXSeb6WPZ53D1xBEOp8ekFKyc43aeOYHDnpk61pVSDiFyXOpXyaafcEmHuYs8972SxEVqSWH5brwJ0PovesaU3gQo/DTP4BdB3pKHiNxvsB1GYMGm5JbjiCMJAyVOPPRCZQLKdTGcL4XfzUN9J5E2Da4JXazjvptelFfNLDzAgfiDFVUgDEWvOUybzyrjzOZaqgU0ig2pWgHBb6Ibww3ywYOmL9Nw+hRR5j6vznpiWR+dhl7/K0RB+4Y/zjEy++WOkDJdh62iXGBHrkK58ZQBC2gUGkx0G5Xv+GrUNQxLJ0UVbSBuaRqi1o9z0vV3v6gitlepFIfiCbYuDNGL+dcd2mVz+5apd1BseeOMc/nPgUvvfGu8eZ6XzW+3q+
C:\Windows\tasks\36316498-b3d9-47dd-98ae-f60936fb007c-5_user.job - C:\Program Files (x86)\Apps Hat\36316498-b3d9-47dd-98ae-f60936fb007c-5.exe /rawdata=lHRIDVggaSQ5mD9C1t4Sr0Hh6xxevk7LQ4tU3YQ8uHeOIMsS6+wm2oVBup3JIFFxxsNGrx98DhUdtV5Dkwvxt/IdtqR3AaV9V0guACnt/E7YZ2GXvd/EGgRBF7Rn67h6WJLiqpdFgevez5HsPGg7WDBrvJTV0vRHLpS5KpP59CugmKmjMnXnjtbc1cpU1uoWE12ATqPF819dVURdPSK2y7grfbotOBybsQD4tbnGr6tMaHGMhJvkgOpwMWi3KZ2kabyQES0AHpit6L/omKi3D60zkZHFPU9mKoN7wRp0YmKSupXsyz0Uavt+uRJCvH/6IP1NVZ+hdWaYui/VL1Q5ZzpONCyZDhtiSp954rxdhT1fC0xPsjBLBHTzzkDPOSIeEyPgR8Ovot780AllCQdAEHlB25dPzXbWcyMyxH48B11wurK9xe4/ZGecF3jp9Cu4LHvigINNgesMFE2JdCPvFrxFtrvO90rXHJx9H84jq6u1C/Iwwr3kw1Mu3XHLXl4LwFalOjEyI6AHgU+QyW+E5cGOPbISZyiI5typ45eFdmPLpArYv3UdzXxwl4Pze2qbSx4jw2Rb29ECd+2JV6Zw6kNpRhYSbWL1g6v+EOII+PIEuFcyvGi8EHklPiWbJN78VjlypkXSeb6WPZ53D1xBEOp8ekFKyc43aeOYHDnpk61pVSDiFyXOpXyaafcEmHuYs8972SxEVqSWH5brwJ0PovesaU3gQo/DTP4BdB3pKHiNxvsB1GYMGm5JbjiCMJAyVOPPRCZQLKdTGcL4XfzUN9J5E2Da4JXazjvptelFfNLDzAgfiDFVUgDEWvOUybzyrjzOZaqgU0ig2pWgHBb6IYNL41G78gtmWY0IVstNn9CoaXNXg+TtGingQWR25XMwuiVGaYXJ4QIpfcp+/uFZZ5WVupKf0EcGoX2Z3o7qoJ/2cdSpD4IkQ5ZIorXZiRMK4NpupEy9MSPRoy8KEIx1jUHrr0SSgGzzd4hgwE1X6cqDhHbTpTYJ5X8BObqVuXcI
C:\Windows\tasks\36316498-b3d9-47dd-98ae-f60936fb007c-6.job - C:\Program Files (x86)\Apps Hat\36316498-b3d9-47dd-98ae-f60936fb007c-6.exe /rawdata=POjJFrdHYHnX4+3QSX6pLU+6IVKW5vEcNJefVtIG4zg3rlzyEBmESqy/Okev8XEnd7FcKq1nijjmM0Ra1zA0+APSTRVvhFMlsv+wy0V5inGdkds7XWp1KmWXYgUi4eCKaH+rjlZzb7mXuXmucDp9NNPxlaQg9Afj+NKIxpw5J2A8dyJP3Fq6ekGnY0tov/k7IrdGcWNESXICfvsbeQbckCv2L8DR6iRUTpT71YB/Grs1doxd5Um3Oyfr9vYX7l70HVVKjZsW8RXT6Zhj9YNE8dnKrrPjfvtYhmVbkPyhTzVemE9MeK+hci+mAOWFfASlQZaMMlJ+crlckGaPTf6MFmB7LNmBMhyvwTN0vOg6LElxj2hSYVoilyU9KB0KxV4cGawMxl1u7nGaVJthKStC20PhBhIj+G70zwn8+ie0QNli0P9dyRym7z8e3Q9PcSZnRYnBPVrTz0k1PBiQCkIpxXwhTgyp0PFKFVN40tVbKHatpok6BnbFIQVGtBQx8qOsH45RCr7LwgjZstxSozC5+y4UW75n72F2RvIVanK91nvhn7H+hf/AEjngfkFgwH22vhPHyhp68hqMCP4Je8GEifU8Uj5Ajdbp6jBjmAFiSw6+S2m5TSQ7dasdclMRK8QnwKmLIQ15jT4gwrnGCKQofC+DqLm7sEOgCBTdKUN3Zu4LqaOCiQfsMxjzNZVPZ1xhwnKP3V2nIFFGiqE2rdPb6iG31VVOBNygyPkRtdRGMLKkGqCud7lHLZ8sygmAchL9aEuYegzaRJPUwnN6biA0iwE0+IBLb+AzPvV9e+5mOCJr9XxP/XjlbpH01Tx4pgWyFhDHBI/ZIKzKgG/uV4802lfMHaHKyP0kFvKGU+g6Xb7sr0spge67inETbY/Z0hpv5vpj5Y4eELryRFYMRtS7gDknl9hLZ4oflI+8IgMWL3hlam7WJ+0H3h+8N/kq1nLl8rgbtRzJIzzrrph8/gKePnZbexcv+LdqEE46V2GsK4cb7yxPJYBsP6yY7WjL2JnwFFrr5fnyGvPYlGxK58pN8Ld6qKPuI18/vlrOyfYC9ypZ2XUXXo7CZb5q4pdMwwEsU7hprgREmWXCzGOatqkFUoP9qSYZFF6pK0Yi32iyL3JsfHi5zngKz0KR/x2uokVfyUDDkEfVrjQnY0Cgvj7KiWopDQvCNG13VXr4ixll3w2XBrkxiXO4w7oJLPIqSf9OvQENXOX8gPXf8YbdlGecladg33fsVXpE9vPMNi3VgjTBA/oqovygnP3yKta1SGgTufiS5igRp/QFiziQaByA+QUf6q4G4NRuUvpMCByZ3sOBqQBOGZz0cEzVP3zXRNTcAL6iMj1iDSg1SRsykkBXDcco6CYOHX+sq/85uawjhhJe+Ld47kNYBgiNkcEltFSz9vBl5ckG13sbCpnIguhXwiZnh0TTPb9pTX2e2Nb2VFdwu/IqgSvP1RBVZNg9EXK/JkIvS/8TbZo7XiewqvF/DNdNEmm82xAWCSNxHqNL/T2xjBNui7J8Rp0PW1bO+pku
C:\Windows\tasks\36316498-b3d9-47dd-98ae-f60936fb007c-7.job - C:\Program Files (x86)\Apps Hat\36316498-b3d9-47dd-98ae-f60936fb007c-7.exe /rawdata=EK3e4atAVIlzET0OKJltlKDwl9em3veFP5QdyQlnIj8TVQHPJRPdnIwm8XmNavY1phPY741HfMRX1EcWZcgGtebGRDpi7gphAPi0kBLSsksFrd1qX47e4itngWUsH//kgwfCPSMH1EqesiXDd/LCMgdS/eg+cOzKJD8PJwAyOH266l8pE/Gm50MS27VHt5snxecAmIaXmHwfxtB/v1hp/eAAhzlUxXI0UKG6ndYhhBav0OOUAwodNHSUx1xKehOnqJxvLMlN33pcLaShW5MqnUwCSkfibKcQvYm75Cu+WYYO+P6YBFsgdITCia5AikBp+MeOdevMQkTeM1rJ0tEk+48L0tBalNqokjoi2+WPbO39mY5yj+GpIDyHzD6NjaWDY5/yk9HCJsY6Fw0K0jZIhUOzyiGMqV3y97eFrlFW/bOAcV0uKP5uhQA097/ptIZWmvQAGkySLhdW9Rw1P9fODQlh60MJChH63dnQYj3+AAS0SYbH1gcZfZu6790T+kCRT/030dJ/d2xjV6ZIVgocleLaZ2zVL1qe1Qst4U0wVatmxjfr+I8+wOgCEcjuEZY0PlOwsYlJDSvXjuc49Rfigq16Vs+b0VS3G/hzGvX2xVUgyAAt+cFOdcnM6Mz2JzHCgFIY8lMmiqJqyY1vAHDOydRQvG5njymS9tiWghuP+uMlTerHReNZwY9Vp3Cen3mqJVbHWKukV+5BHKXDKdRMRoWRsXbZkRcnIQvG1cWf0SRKb4pyLbay2eoDulUbG4VEXs/hP0nqJDZOnhuhq98jc3aMlcyHF5jRg+4x9+PGbUjXwDaAXkdkuGQ2NrDcNTvxyaj4Gkz8LoZnjIclRp60i2f3pGpiZGEEfi157lVptSq48bS3Q0QzNSFjwPaN+LTnji5ON4sc+Gm2XIeqz/negf0nf56ACHmwZCQ3jdCxqaYEilcdJjzPOU8jcHfkaTfwBjPO9XQ0GaL6QoYIvmpcrTN/BxSBlqwxvXwqRVOc4Q4ee0Xqd/yDnbFqEdass20FxHHQhsEfhe7rod1jMfiR6Yc1c8A0ZRxVbWeXIRB7HjU+vqdjOoK/ML3P5uzuxT2yXopejMXLuWeeCgXtDZXsFdxwi8guzz3Fkbq4MSXtPWiGfIS0OAtxvP0K6QslwAdqd+02YBVF24n03jIhh5McmBP2RgC9GlV3n1USoqzPSkMcRtIQNsx4Z77jhGG0LkXPUA2HhiEtr1CO7kEK2/J2xLug/KngmsRljMnWTZR3g2VuegPgtvMzBUkHalIa6AuXKCUC+1cTUc3O3ZVyw9OYoQhncHfkCKV91+p5osqckmB/mFQgep34U21Vrexw1X+FPD8DSVtsOXkw2gmefVjIrg==
C:\Windows\tasks\52348e63-6d15-4d4b-ab93-b42c991e1495.job - C:\Program Files (x86)\Internet Speed Checker\52348e63-6d15-4d4b-ab93-b42c991e1495.exe /agentregpath='Internet Speed Checker' /appid=61752 /srcid='001726' /subid='0' /zdata='0' /bic=ADF4B755E47F49DDA2C42CB03E0E8317IE /verifier=9e81367ae29fd65fd99bfeda0b25c9b1 /installerversion=1_35_09_16 /installationtime=1411691468 /statsdomain=http://stats.newclientstaticsrv.com /errorsdomain=http://errors.newclientstaticsrv.com /extensionname='Information' /torpedoiesleeps=1000 /torpedoieplugins=93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 /monetizationdomain=http://logs.newclientstaticsrv.com /runfrom='task' /externallog=''
C:\Windows\tasks\55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-1.job - C:\Program Files (x86)\Internet Speed Checker\Internet Speed Checker-codedownloader.exe /rawdata=ZUItHPgJG4+ITSffUvbg67rrztIlFqpkb9OCXauBouUxlFywlTmmwPv4qmQ+AV2oGwl34yZVIkTYgOW95U3NpPegFKvxe8bUqcuzH7B+7MdFe7dDlmpsDluXT1xhvh53pPaojtGC41XpMNCBuRD6XHhLYfLm/NET4OI3+zR/lQ8bGjhI0FFfCcxDoxDn5V5Pt/odBNCEJy3SP+mhD/EBjDTDH3GATLHY0DZ3EIJ/nf8WKsq8yVJDbKx+SCGqPx05pv53Jrj9Bhv9/8/DzwU2Eff+WZarofImoC2f//yDtsaYjUjOVgE9k22aG98ky8tajdExNDccZA4Fhh2SRs2gRAXitCo2zV+qX5qv4WJlUiwL/kzVluDMLmpi/aVT+D97Qm5d6QzOUKAOs0p79Ej1xVjGBvxb/zKY78ZPOF88XrtaSJ2Poqp9O4rwPI4cV84IxN+bUJ0M64Sr8Tr5iZ0A3HckGKiVWx3q/5vHNaLk2CYL2+S5U4NbKIZDZoIK2ZtjOyuBDLfy0A+yqNN13dx4HZf/m26gvXMmg6PIa5WWDdByAeXq+uo6hFvc5RZfuDolRGnMgcjKZhsXphJLti6rW+NB+H0Yab5PaFhky4M5fYJNYZefeBMWwVTnMxWtKUUsYsQswl3fPVXVxr4XF2uGEl65DYTG4gnefG7dJAKC5BgdIelXZ9m+f++J7EsGXnfvtK1HuCsnhN/+a/6H016nXERKFyjCp4gMrJQ7oW5mgfgkeQQeVh5nmoMiBKAdpopLmGWgvyTB39y7RnOJol9sTyd5mbYJZDZJ2e83pJLcu0XTo2ub/ezlSdzZxvQhOfDpPBzlc4Qr2YNZ8ovwdDpOrbObFkWS/9Om0IEZdBB0O5js2keJ6nKEruHP2Q+bdwT8UWa94Oo8HW8ogTRnCgA8NO25A5NiIXXGVV0QQpouJCV1ksaTxH1c502cGe3WpLgeNY2kQrgo9C5NaDkAWQweLExZ6mfFpFsUAKiaLWhbaWpdlG1Iqa+UNi8IgalyFoadWt2C5JPM1zhkbp6xaIJBVxM8fIY/pUbqcjI1JPs095oOHda5vb9WW7VbGUlawPB0gQqxR9yvjqpLmWkldneengMdHY33L/3ZqSw0Wj2E3nK1CnWf5Sqtu8WDQ6r6XrgZk+WW9njW9n+RxLXvQkh5KdFN8xFHLjw9KkrNW4olvus=
C:\Windows\tasks\55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-11.job - C:\Program Files (x86)\Internet Speed Checker\55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-11.exe /rawdata=ont1yOYfonaJRj5RfBZxfd71Rq6RrGsDtHV4pZjQOAV3vzf/K7/Ct8NJyNuZD7ANP0slRv4N1XkEfm3dM3zL/wg5JWYxr8N5BVGfVQC0cr/i9AOwhSAucUqjVYYRmtNJR+CPmXcoSQjrlGQAEeT3vgLsnKEBDL5WlSzH4s2COtxbnhCOrrEXkvS9OG+majw9HT3T3Wi6iv2pL6XZylWwPdVdoUU+K00RzTZCubC7zkzyTlTTtPwcX3H2eGU/Jv9RfmKFUyaUCu/BgZrnkSRi2uodq2T2hHUUeBl06OEvkozxGPuWjx/OvnXMVT01qfm5SvPm7T0bJp/5Yu/Z+oYD5VHPABTvSkAvCCW37lUYkYN5uCNfJx/U/hiDQFtAvHp9fLHmmA729rSvEEDxjgtaiK8QXoX2n7wFiqUcz/gyMek9S6lT0F7T0csJ8IKuxKo2+SdaiRtpSrlJHUCXng9UGG5jWmmtzHHLeKJdBL8+Qv9D6VEiL+HtXTxQzFQZkyscQpVXvQibRHtmqN8hXkuDPms5L0q2n6dq2Z8n5OitQcypqD0rLLcuYwnsnCajWjLoBrji+3/AvTl2ir/QbfmXC3mRXIcLk2g1RmzL+jfBMKRO8WasVGcIDK2lwVyRLU96NQYxLIiEFAttAsMrJfvKc3Y8Vhen13GBQhkRCYx8aYlTkwT80ZtaREDyndz/slALaXyzNqU9eDN2PhItuJF2s2KM3pJIGFw3SzeDG7efGK+WDHKDT+9PfmjbY5YvLsbmT6RitdCl96+25hBakqsS59mGcZab0ult7Zt8fG0F7pA5v9uE2RLQ/fMWTYv9IU2oPidcCIR8GSdYJEyonVEYvWoLH3zSz2G6/o/uMkNh5w9mzTQdHh0DuDTI0odCbjvphD5Oj2fxOahzWm3hcx9IO9nZBuuaIUOANUWBoKx7zxZCk6lmCDrPEY0gtosHSCrMCHW1/61ZObpCDuMYvcRLAMHZwU89cTFcxfLgSaGyYoGP/nKjxtAicMMc9wZ+uNJVa+Ff1PddUCM/FTM9hmeWCmutKcGgmk7062IaEm1YdT0URGr7Oyaf+wmPAIzymta8VSz8DGnN2Wnl+0w1w6bbjOIb/u8Av7uPBiVVLI/ziN+LxeAw8OAE9exgTnHrw/Uu66Qm7fGpzHClrYE2QRdtQPpjK6S/oOYerzsrEPG4ae+6GEvQQ8SPj4x7ZA0KpGkvyuRhJDWwbkrs+Xd42NKJxqUV8LdPFTCtKTy63Fji+0JcRfpV5lHGYSjMcUxVark3MHn+bPy49yrPL6dQuJ4bssmeSwgqAjw7gdPFrkFpcqu3a8Xddq0Nei0WxGoRGg4txENtoA2pgiIpQx5coF/8DcMvj4DbAtJs2upCuTakjPzDxrCOxNlaXbetow0TRafHfxXe9cv8ZaN1FgA1Btc9mhicrAiF8TpHZMLQp5WGwydM3TJh9VzTgWNadEjd2x7jwXvhIDHMIo8hKiQ7jOrP9ayObMMOMuZdwqHx1LJ4C9A0hWuH2R6OzWKWXrYgrWSySevjvQLclsKXZG6MG/A68mSnDgoY+8M3DHZRB5Rw853QgYD7px3EhCcjqWktQ8gLb4+tVIuuEuiplB3MpiguzXhNarCBvZIOU1xMYmaKuGhP56MlpWLjQyNabqh4KMdCIEZrGK0XctMXuH+ocMAEtLOVWjkRlJTqOqjRttuKrNNmQjjrq72DrnQMZaKH1KhlCt87g3t6ligfpA4414u+S1RsIg/ZToN2rnSgRCYy4ttVVoE6pVMKrupmwS+Q8QHv7ybUEbBmHXkTBFFCCvKSuHN0mPB+j623KAO9EZZcqHMmOyDNLTzkDqxLTF2vooTi6XiyrY1VieXrzb5ehxGtr7cEjajtKw1RKTQ0LDvZxrLox4iRq8Oc36nTt7Zy69Ey0n8DW+aDzR9nSHUIhfK4LlMy7UYD/1JhfwiT/972Vo4bIb66+iTpPE+srx9VExscB2e9os+iFYECWzBA/acdpeYCZ1DHa9jcJouLa/MxNqLGWUaqR9/1AqRgac7OXKV5
C:\Windows\tasks\55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-2.job - C:\Program Files (x86)\Internet Speed Checker\55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-2.exe /rawdata=f/2PN+l2AhCja8Nh2T2Vb/IY7QfJ0mWdEMbZpMpoWkl64abmAux1N7/3UQyZcLo+eELpFXF5OqjZBaqcDdaM1BcUZUwRRJu2ANrE9kOu1ITsianZssequTNZ00vmWXbiZfO8o9cV3gExxMJDMi2wssjphkctsziY53MeypTuU31mw2rrPsgQ02O7iGMFcykBh2EjVsEv+HnQqzeVieV29hjwRoZLzDDXh0O3sLoA2ZcbB/LnFsdKIgLNwYQWXHYNb3jqyU7upAzykMQ7WHByTE13Mf1b7LTFV0v/Ac2gm8GDRBURE6SMpMNfDIj6RtlzCGJptJ9nedhVanSAGfGFgZXaMx42hTFdX9RvH0zpEi9xkE1R9YNz63ve375Dc+9NWXV1ZOwtkvP81S53D3JFmOJq2ktFptBNVAQwVyhx0BlOttwaSh8WCPt/nQyZJqTIacDBkvcVjtB3+wfwh0cZzOPEkDczn77nvnGzo5uXW2AYA0uYIYjJyU9lfj9KUVL8w+hIfSwdHfvjUYabMQBVO6IWXZnonRaQWLkyFF3WFzUc462CBvb7yi23CKgJei2mYxynQYA4Q9gQWfRlnlXG0dQXa0JkwvZ3ewP5f6gyKS32V5v1Q7//rCwhytbJyxN3ycc0nza3xlEgRmY77lJtagtsRi4NyKZRwFsslrsJEtZCOV4TlYjLG5hZiZFia2dQ3hg+FDc2uaM4E7f/hQhBiroml4sztWLyBdA1dZyBFZwWXfBM5kZAcfDwHc6xcDw/QHGsu5TySJYfDkhPkF/CovOAPveiccJoCr0vTgkTRDWLdm/k79kos40UvwxmLPhvPQ7+GpPBOd7dRcDE0V39Fw==
C:\Windows\tasks\55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-4.job - C:\Program Files (x86)\Internet Speed Checker\55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-4.exe /rawdata=v2Bt7cZMpdDABLLWCXC9u859J3krO7Jxq2usYTmhwob8kydjDlG5bwe/Frsmx7fQ/TGtncOkf5o5aWfCqdj4Nl/fTxnh3xRMFOcPwAvbwEi+tj5H9JeK0gpjA1FUAiFbUtTD9YeaQeTTT4IJrCZIT4jSMjoqg7tEgp54mq+ViE0RknyNeaLdEFWo4Hb771twDlPQyqdrOz6sWyPh6ObVtfCxO13gj1goO0ZuTLb2/rz/kiFP7rw/ophAXEoiYQTkNeQ+FbDLDFO2zGEtzIlVKQc6VNn0yG9wUQjBOkgTCbUwh9SWFgeGhfCnjHCNOO40ZvljN10mcjILFN2Nw+5CdDFrXOVdQcd2Yt8v0pVbBUZJlaXdXD7x4slkUOUsn6OgEOrTbRa9Ce2auPu77QInukMinx9KnL0QYzxia5Ux3xylmemAq1Uh1Z3jnnN4E+hFysJYzcWr/OZDM14S00cWi7dSiGGYYRcFy+KeA1bOof3omyxBuq+KDt7cITIC7TFCPZO0Uj391LWTGNS8npVpqFQHPaCQ9VvejxkIjRBEAwVb2Q2ek9bK0s74ynG4gnn8c+qTYknDK86u8xyIk86zTlJtY6QTORFOJ6SC2NQ/keg1rqqtZiZSHfeo9SISszqlSuIfqtcOS2QN437nHFBC5+FqfL4iCBJa4aA9tCQEdEpwRvXTdIlLdqK5STChecpc37pmJm3lEIJ14+rBhoh49RQ557HIdTRuhbrK6HPQEnl99gaZV1eks3KrTnx2fqsD0Hc1ps17AvFhWOMcLGT5KxFEpB260nYY69rmk6kdAiggaoZH0jqDiXrH7H5/O2nxYVSOXV/mExuiTX1ZDcG+t5UUKJWIDv9618bVBFcUP7hoZSUTqn4AS0EIlKyd/lL+Xuy3/+BazmlY4GDQePCMY21iCzsSZ+ZmEskDbYmLE2zgkPVVOwQY2/CNCWpHdhlvFjOifL7QdSPRhGjCNosCwix5ltAA+CpWiZhW9Ceo90bmA1jOHOh9vYaXtmOGW+mWjTPakKBi1tE3h2t1A5m5tZ7JAw2cxvJ7hBCbX5EKFz6uXBFHVQuA9KyYYhevZ05Xrp5RbzY1SUMdG8dMUv8XrKqphRg/iVmGMYXd+mIyh1JcjLg0Y/0kH4Ew3d+TRBN/f0xftg71YJW4G3TBJeafPPxLXyVjX4MzmucmKfOin3CSLYBvUEmABU+f6BwOBgnKsy6xUbN5vwfDoeKUMCTfyymO0mkQKcHmPytxx1BDRlRX16kspERotghsQyuune8biLCj8N+819lnA2CWsxQZlW5x3/gm0TDtcBYOOZHDRCFT0WW6v+8n6bfc2JVXetHX9V2o7RrMHRyZpZPgH1By0qN0wZStEzeRlF7cQUgO7LPONEK9AzKUwwxAk19oNvuvsoIVfxzeO48oZATsi71GXeU/cL2YzjbiJ+wjafXGdgG9xAEDqdba5aePLtl1PCMEBlIdY4i2QxnGzapEbSg+gtcv7Lf5ZD817EWY6/Dd/AR5xqDRIWMkYI8nJy+6PnuDjuDw3IzLDr3t/a8IWkkkRJwCisZ8VXp6/vteawiVE2WSqs6nEiz6B4rfA76tSFqD7o7HxnGG7O12hJKtdfYyXejZUTBMWuz8EIRdHz0hZZbgAFi+1RThRPAiJa0zBrfhxciaQ69XHp7Ye4HxWDm1513Xo8uOp7b3Fpi63YMLqOQ=
C:\Windows\tasks\55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-5.job - C:\Program Files (x86)\Internet Speed Checker\55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-5.exe /rawdata=dSGEXwX64P5CjYimj9PsbBU1/dj18A1GCotl2LufMBzkB5WayWAd7dc56NMXtVZ9Cc4BliBFbfVLkpxLqyf6VnVqqkFC3tPdCjK2yTsulNgqaQ0WZjpVWX7ZBVIpgaor1RPsy5NBwKvlOdzxepK3YP5zxLcp+4Vg3tBh0twxuUCybJMrYe5wflaA+j5yeoYPOo2Y747DfrrfCfhL+pOku6FciV0jBU4q91fYZKAjV4+5/fFu2+4/DDOmi2T3a3LLTAsigIP0Uk3nj4eqf0EqsXlCmjBB/DfcXcWbMBhUNyxO47qu2PhQkRlAuw4xKAmaSaC1JG0nS4e/isoHGYF7+10JqpMxsO2Sftv0kmce+1h1gHlFIYd3RU7JSoM0Aek7w4yvpT6H4eVZ4vRXE0S9os7Xhu9SUJUrN7jVUOungavRjFvumROk7E0YA8h52/wms6y15lcBYpYSnOsJ3jrV7ZNqucW/89t9IEfJnWpfD5dJLsNBshf2vzN8XjtTXVSlCCEyVfMI2jMlxWpHe/kmS3Hi6Vdq0sikqrstWTKyK03+jGEX1H6fiBW88RXYs+1MPl5G6kGxvqm+n1GQYLzLauZsnqlXCEA/Dl4huksX0coOYb9dO7FdaWqJWlsJLTfo87f3vud6aaUp/1EM3MgCjuzyVksdQ1/nFPvurfzz0PNqdzhB0mAmhkPaAUe1J3Q8ltyHUIUtMMwX8le8Uv5lx+GJAzxrXE9LmEz4kjDP87A0/wmY9d9n6Rzq+NFzzgEw9YEWVwrsOky1TX5CcaOL22BkHcopwnKlyir8jX4p9IeBXw8Q3ysrRBqWjGM1OC+qg3tTqAHn/lSytLJjyO2lfCaNZSibEU0SUOrew+tMdgfrzkCm2JbhjBqsX5TReNWpY3zj5HrlJJfAq5jIQIBipLNVor8vG1vLHozzo/22eGONgz+2jbGKy9+z7IsAIUEFewwt5mJdufyLERlBQe2NYBaDfVQYafg2m+vamlVWNrMEWxgl664kD7mcZ6AMOyVc
C:\Windows\tasks\55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-5_user.job - C:\Program Files (x86)\Internet Speed Checker\55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-5.exe /rawdata=dSGEXwX64P5CjYimj9PsbBU1/dj18A1GCotl2LufMBzkB5WayWAd7dc56NMXtVZ9Cc4BliBFbfVLkpxLqyf6VnVqqkFC3tPdCjK2yTsulNgqaQ0WZjpVWX7ZBVIpgaor1RPsy5NBwKvlOdzxepK3YP5zxLcp+4Vg3tBh0twxuUCybJMrYe5wflaA+j5yeoYPOo2Y747DfrrfCfhL+pOku6FciV0jBU4q91fYZKAjV4+5/fFu2+4/DDOmi2T3a3LLTAsigIP0Uk3nj4eqf0EqsXlCmjBB/DfcXcWbMBhUNyxO47qu2PhQkRlAuw4xKAmaSaC1JG0nS4e/isoHGYF7+10JqpMxsO2Sftv0kmce+1h1gHlFIYd3RU7JSoM0Aek7w4yvpT6H4eVZ4vRXE0S9os7Xhu9SUJUrN7jVUOungavRjFvumROk7E0YA8h52/wms6y15lcBYpYSnOsJ3jrV7ZNqucW/89t9IEfJnWpfD5dJLsNBshf2vzN8XjtTXVSlCCEyVfMI2jMlxWpHe/kmS3Hi6Vdq0sikqrstWTKyK03+jGEX1H6fiBW88RXYs+1MPl5G6kGxvqm+n1GQYLzLauZsnqlXCEA/Dl4huksX0coOYb9dO7FdaWqJWlsJLTfo87f3vud6aaUp/1EM3MgCjuzyVksdQ1/nFPvurfzz0PNqdzhB0mAmhkPaAUe1J3Q8ltyHUIUtMMwX8le8Uv5lx+GJAzxrXE9LmEz4kjDP87A0/wmY9d9n6Rzq+NFzzgEw9YEWVwrsOky1TX5CcaOL22BkHcopwnKlyir8jX4p9IeBXw8Q3ysrRBqWjGM1OC+qg3tTqAHn/lSytLJjyO2lfK+BPwZ2VQP1Zq9ipzayNLvox9pFSp6yrnJzf/3f8vD7QL+hySqNXs3CppWzl+pDHdI6SJWILYpkBUbwUXlW/r6iwZ6kp/xBR/L+4tckkySstvjWIm50C+64GH00SH0AmQyo0iMs/0fNXbnz/E/hiaVwWHhQXFwnrr9vJIZ3bt4B
C:\Windows\tasks\55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-6.job - C:\Program Files (x86)\Internet Speed Checker\55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-6.exe /rawdata=ssDctFhqlcTXw73uiXwMi4GHASPPhO0IPcSP8ERf18KXXvPYxujxcK5vjG4V/u+toHkc80fCMjIJDh/CS1dGX13QbbOZVg9Zbe+7YY8vImMAiMM8OtCt17D8TjXSplFVnWN2H53K0AN5P19gQc8y31Yo5oRqjQJUMcX0pCBeihQxa1zlXUHHdmLfL9KVWwVGSZWl3Vw+8eLJZFDlLJ+joBDq020WvQntmrj7u+0CJ7pDIp8fSpy9EGM8YmuVMd8cpZnpgKtVIdWd455zeBPoRcrCWM3Fq/zmQzNeEtNHFou3UohhmGEXBcvingNWzqH96JssQbqvig7e3CEyAu0xQj2TtFI9/dS1kxjUvJ6VaahUBz2gkPVb3o8ZCI0QRAMFW9kNnpPWytLO+MpxuIJ5/HPqk2JJwyvOrvMciJPOs05SbWOkEzkRTiekgtjUP5HoNa6qrWYmUh33qPUiErM6pUriH6rXDktkDeN+5xxQQufhany+IggSWuGgPbQkBHRKWeom4LscI/wq5YMj2CEOseVsVW4PZXVk2FORYtVZbZa2EPhhAMpqsdiROozuSP6/9EIzL4ld97PfBie9SQ8KdZz0piPT03rNR97rb6vTpRngceSfdpcHEz563Ozniz2KHACe8AcFsMlyWzmoXZ9TTywKY7CdhVICyDR42GtLNYuSxbT8s8AMaC8JtGJdDSCMuz9UDqdaEhAt/A9Ya20/+XjkRAjXC+o7QBReHSSxgmIYOfKhiuik/CL1qySVD13BRFpkg9BoNjIby7b5O4uRNL60Z7xJD4oWVt/GEGOIEOSzB9vabvW2XgZ2bchMCvIrEg0cnbn/JMnjKRD4YOhmM6clqlCCY6aQz7/OW+2zBgL9ZnAtsSG+O1eLKrgcReoidH1veZQ9M+xwX0kJRbIJg5/4V7GJxlNsGbbsgfldxhI2mbRkdbbJIsEWFEMfXGBe0VPXAXUPmgPNoG+RHYGKQ+0vh/3t5ox3eB/BwXxmS7ySn3eq+MHy18lnitmWpqEiSa3L7/IVG6RbD8gfgS8pyHUj1j9mr4PYOKVsVaLNFZXjlN/K0fFQyCeUvwR7+/gVChmochc14+UKYa4yiGDdO40caOD67RRvPQ1YdjJxXSx9WGYUOMCfFE+YcJgLv/EYDsBY+XoQjnmP4jYpDWIQTeRd6oD8GOxzL3sJVBr2O7OMYh8cLdPrMjTWxzS10b/yigjkNwBt1f6f5fUv9ZuD4ZYuTquPAwuQHFf3V5hymeiUosDSGXWWQNbCJ+9Z8d8nt6vu8UzRWWaeYVZ3BNm98X9sIkU/3Kurbpro4Stawk5dq/uHeGTfF/tKk7ynjE8sGxcDpE9R7DFMPT7ljFdkv8VQfD/Er2Aw8XDC/sPSVAh3FHPrv8cUVSfiEgCnLPAS5xlbdWVfjnNW0PU4TGyuOTAFrFw6y5iyl8g5xsFRjAHN402anDlvWiQTF8vt/o7j1ucY94q4Jo7DI2DgTgMCsbSF0/QaUPjKzCVFWjQjBSVQ+Pf/iw1wZgkWdHEpJjwK
C:\Windows\tasks\55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-7.job - C:\Program Files (x86)\Internet Speed Checker\55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-7.exe /rawdata=tUKsZW077W5/4AO3V/J8WT1H0gJLMDA6iMUEZPSotKcvSBztraGSbychRkTiKUz+OsVB0o/rPIjjQPZcIEvop05VAj9/t/hRh4ROW2rUg6jrxFcnM1gk9iuEBgRl+C3gttxxAGL43VAOerb/G2/idtxK3Rz7mBIJ1SoRV5o1Sex6mpE2Gj6M8QQzblZDeIpVD62toBjwTrOkFEF/W6HXq42EmC2HpU2I1PSXyS5xZkQQIxd74MuAzIcx+IdnVhKnN0LvNJ8imkz5NM1LpNFZN+iYqxlYir0ZC8aZUUc6tLGEZZlvetmZt2VSVsiU6VmcEd8wAqKCc0ELfZYvVpFSclXpw7Hm+Xti4WCdIGuOEabzuxjFOELgLlUf90wpSUsSPwB1RI0eFDVPlBFZ2oAy8NS21Zjl80ogm+7V32b9jQt8vVMTsn5Kme1Ot4IJKIsJfNC0W2fRBO/o4KKtChdSMNcAuJzxKEB6+qdM4yO2jNuZSCg+e8Qy9bhogJjGXythosjnMi+hNfRMv0pUSriAfbTAitt8KmnzL3+ej0J9yYE27V5Yl7bqZ33QT9vSJT+nVYHIzI5fGvLWegCZDgvSGs8MjopBSp01qe5fOLgqel779dOyFx+u74cUMlzdkqjMD2k6w5YLKSm8GWRLYFpSGVt3jgJLljbCU5+zCOAFgibAXVgpICQmJk8fM543hoexE5pCfE/rtGBGb3dmecfjEW3QqzEA468bmedBqIGsy09CgoLarmuO6AZPj7nWbpJT7muB6p3VGBdSX/7ElBOU/Na3qVxLJApZI1yTX6ZLhYP6iBPR3p7siFAlaMMVIh3b2fiX2E6KMp4hZvtm8QHzKpPIL+i42yFPgy/b1dkgt31HNws+lve9k8mShsbVeFfejgkC+iC6Pd1Hv3bv7GfKqsXIeYaHsLwPgG0b7JR0ztqEGszcbAokzIHhTAGXluCrMxbQqfcndlWtIDeFXbkvHSxYZ7xTCP6s9dytKhj+2o8KkiJKWpLWHf0yOKWGwiM0e8C8ZRUWZL9S6xJ2H0dpX5UEEOU7tHYc9yM2B3xoIX0lo0uhb3U3zlepZe6Fr+zI73gKi2XHESfzP9QQZmiTrRquqKW2mMeHSrDkU75ZEI5Lfsc5x3bwPFX8aKfO5ZiObB14sSzSNl6TKjOq0FMWBxhQWynHOnufrUXkUgT6wCfCs3h1BIQh0NCF8/OHPb/Nl4bvJXPURizRwHNUfuWCdqhY80730WPXlExnOhFcvkvsfjnndc7QDPBWGmk43YOvTqcncPERcQOtr1AyGvmkcrzkQgFdbfqT2e3S/vc7HqBCNiCcV+cttWSSJ9tPmpGAcQ5/TY1YN65HNmO9H7aDtZYRlHOcXWJOUKLLX3H2GmucYSAZChGboKrewsKJB5/R1fGCmlOAdQJYDPvFtCwi7Cdydczcu5nfwthIjPWejmmeHs+uiZmkL8j1VjZDunkgQM2W9AB42dSs2U84YJ2hNbxp+A8JZCgTWrdd7fKGNfvwN5guH0dUMWBwffkjrOW+
C:\Windows\tasks\5f7f0f9c-b021-4cd4-b265-11573a04931b.job - C:\Program Files (x86)\Internet Speed Checker\5f7f0f9c-b021-4cd4-b265-11573a04931b.exe 001726 ADF4B755E47F49DDA2C42CB03E0E8317IE 61752 1411691468 93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 Internet Speed Checker
C:\Windows\tasks\a4aab26f-feea-4400-a051-b1c4f0bd8bb7-1.job - C:\Program Files (x86)\HD01-V2.1V25.09\HD01-V2.1V25.09-codedownloader.exe /rawdata=QUKr7fFCLBDQJEVp1Vad7VVPJ1QWUBj0oawYCHiElJ675gIfQv4ewS3dO0g9Hu4Hluj7FpGqMBB2EXFeQ2nFKdec/9R6RVEauYM7pMESWjM9xsmXrltgKjaj/Iv5uGN2k5Cm28SkFaX6i0do+jjmRxfo8D5gDTt3nHXNpzW2Hs5v9GbySmeYb/Gh+pG7rzzE7djKZ829EgEKR9B1OeknFCvn/fjk31S9Mq76X7O2FJowMJpljGBUVfKeaE6kkMlEyGF85YZuURaXwGC+Y3cFgerFKVyAp4121jgQ+AdRvoT3DNIuT/ysUOIM5YDVfoe6UZJehdJdyJaFItMqinL1bcY/2WFcsQBKiMk/1j7zDsM1CEvbOOE385szaVQV+iNxjuiLROZBHpLRNQA4Xr/aiIFhkKyvkP01FpVYvSc5LOJ7XjPWZN6bOCkUYvvKdR9r2u1LMikPKCY/VzM3cDfYkVvsIg2+4fUFnp3tAQY5ehpo3jvrrTOPSM0tRQ1lK8fPEwIC6eAwIJf3e6X3LTWq6dfCdrJhgFur7Gmr8tH+g4qzpAqXlvdCleYlVsmf8uVMw7WyD4qy80pR4M30oK82ITSGQe9SRMRaqOStpT3mFGeC5qzaOygkH+COv3amXKEZf6+goxCoSJejs24XR3BtmaaRcw2vW/sSLEsMCaHX0Q0kIH+xWk/vQtceKzQ6kGbPDGCwWjKPia9PL8jPuK0OlAW40ZOMJTQMIZ7carXrTpCO8rKMuEq6hUB4rDYoP+ejML6jBtEidld3j5qqYO5OQ7RA5RbWIDVNddbVaGqIo5u9vMXC4q7TEtjLlpQ9difSUoJsh1V8BxW6JJ2wfWNqhgvmsTvaof3GmHuOE99r5ZGDM/92D9On6cJsXqpMYAoKgc7fOe5vn/M7+rUfcoonuhaGDUPEbsmOAJEW1PfiLuj9P1dYiXGu+m0Bm/FGo+LPELsO+lCrFxSVKdsuXk3hRvfKYhpjaGxChwacKCwslgUSJCurUd8azggyhIuWWZsxF+2e/fi+VelO394F72SdUUlEaZswCfSWx8or5DMrnAHsUWme06HZk57SPGOHFjenhq25PPV47q/cjss5+AHEfWfdi1skQuSHTIZkE2qv0wpe3xPQRxLHvLxXLzuPD2V/eiPLAf52oLxFDBJ5P0demKaHkVZdq11tkKLCyp8sEPA=
C:\Windows\tasks\a4aab26f-feea-4400-a051-b1c4f0bd8bb7-11.job - C:\Program Files (x86)\HD01-V2.1V25.09\a4aab26f-feea-4400-a051-b1c4f0bd8bb7-11.exe /rawdata=WTRTyJG19w59EUrReqybmcmSde6WTmU/pT4BA1MK/ySjBIoTf5rTLgTmbAWpFNDRkonSCBzThXKyzxTltqkMI2GHaiHvLGfriyXSUpcCipVeiNdlmsqco14ZtJjUcbAvvEOjQqssfoVI3V61NHDvYygEcnoikF3L/NVyTwfHPhc9YoJ1S5KGxLu8prGA/BvgCLvQ5SqiIyW27/i89smK1IMFemoVjD7xrFiTrqUuFn1O6GIE+P90B4xX62XQUehXWBoQdIhwr/BDP2YehA50R90xnMkRQPN7KDwSJsMUWvtPstD+MYtx6QBa82bbh4s/pjCHVRD6VWbjw9hm0XTn3DFrXOVdQcd2Yt8v0pVbBUZJlaXdXD7x4slkUOUsn6OgEOrTbRa9Ce2auPu77QInukMinx9KnL0QYzxia5Ux3xylmemAq1Uh1Z3jnnN4E+hFysJYzcWr/OZDM14S00cWi7dSiGGYYRcFy+KeA1bOof3omyxBuq+KDt7cITIC7TFCjkILGr7d4hKOmMrPlXHg6pklP57qvefNSdLCCAbBBoaipQelbly4YK0c+xC9935UxKkntepZro9LS4yOqI4ut/QUwN3EACHaQAavVkJYhVOXPgt9KG81MUjczooISsHvHeaEnPrwxvikW76rzLmqbEgzUnfMYVw8JdNhkreN5+WHrpj/FkUABkUp8x9pyAlK+mvK0r20EFFQHY35bltuJaHwAsP7J3ZZyc3yu4zr6g1NI3Y5a9CuU7iCUu+2ctg/cgnKNNz1grd7KJLAd8d3RdEEpR27LEoFPaipX89ugPyd/EDUeerEED65mOAfpkfThzj9elWokew9eKioiwdoNJZo/3cfq4VAl8ykWCYE0SJHR5n7KxInyGWWaVuJsXYIzA4X27OOxfVY2GFiNPohXJbglYD5HOJ5/cCYGRQRjh3kFdUCNV77KZLrntiYRBpd6blhBrYSZJ2ayxeDWOQ6w1ToheYrx2iJzR8LdP6NJBCnlwxdYhRjBck2gmWAuWtqUxAjBch0kIBCqjfUIRbiKupXe5iIwqAoYx6HJJR9a46DSvSAkp5p4Uc2ok+sBzSqr4VxL8UCI0/XU2BHv3qZ0k2FLYdK9UXT0mCOS7HQpoahzv8K0Esqp1gVTjmqkQ7XYjvm+ciXWdHknIWvO3ZfUwOEAmc7kJY8FyaTFVqkgn4g40142Xgsyt30WWyEn0ncTSL2gqKPtHZVtqT+9Ij7eU8s9ws1w67irBPB62sD5cUm54wM/DLFeHlWWnWUfWEG3OX6AMRNZJVRJRdS8A5lTGc0TCxzHERYLHB+aTy3WIYkdbYtxEOkZul+QsAj1DoEQ9Lc7PpeyY/3uOA64V9mjEvy5ozYEz/yPsmtVdfwtdLYQmExnsOdAe1WcgLYJNyYo4hFnvsv3vBlZ7iw0qiviJFZaFuEtaTJ4Qbc3td9oME4bwVSdi0aJUZqOyAv0udZ73ti5+rj9rNd1LzW3enw/ollJ8GaMtTksr/sBWEkvwPuUEQ8YhNaC+JA2ZVNm8rxnPxqXI3lqW3nac3F0EF0x5rkANMEwCcFX71t+56QPXVvfn/o38KXnlY5eIGHPMchPKgAxATSozLEkzU86vfEj81oWmq5GfpUYCVIfVs6te+fvJItMAb9iumrSdmw49Q/fKtVClRt+zT96F6of/6KAtd1lBGUaXWxxlKgJCaOGcpq6bxW/gcA1lnTOrna5vNF6KrzXkKr9+LgGup/3e5VqoGXoywkaDPUBnKxI2a9OR01t44EzEMRZa+J3TXt5NNXBOpkG2yNnupvChgYbMKbezToZUexm+6mJv5sikN3mIx5/B1xcfluhdB4ASxKBbnswLhZ7REXfIU6qFbtzGu2lrFEIcolpLQhSz1hK9hDf1/ucRFeWRzWAmBAJO2Ff1Ufn0Fw010u0NQeFeGNdEgrkdGov1UDxDr+4CktR5YuaN/9ikhEyERb7qb7I40+plKPb2WB8SInZHpSVlRBLQGafMpOh2RZ00lkYibj0ajg2+tSv+WtNplxof9OEwpVSE8U
C:\Windows\tasks\a4aab26f-feea-4400-a051-b1c4f0bd8bb7-2.job - C:\Program Files (x86)\HD01-V2.1V25.09\a4aab26f-feea-4400-a051-b1c4f0bd8bb7-2.exe /rawdata=gmjO/bbRVAIUbjDAAPHZyGVYBXWjTdGfSWNLmQvOkr4ntJk+sbay3q+7YChaM3BR/8qIKSNMiUbo0TEWrbh4THUKiScUgXWfeTXXMk5gqBlIpBpz0feKTxmNcLSNAytXLfuhtRlJXqWcjhGtrQQd+UmUH5c3y7xcRhCPCzJaSROmzFAaQDArYiBBjgaRR9kUjq5wnfnWSh5tTkTVSqi7l29hRCP92V+f3Bk1I22y+JbHLRTFN3Hhm22fqYpcJQfh2536ovPNzVo3GHanVJTq8j8f9hRqWI61o+T6iUEmLHR9WMPWbnfJXMGjWX3BI07IlBdTSwY1QSyy7qaM34X0n5+VrEfb8FqKJX1xiD/tKWKj3VGS0V17Jrr5INZdZB34nsVDEUVkWo7pA5TC4i9zhhN3Nz+UP70qsdCt4RJ7tCx4asbeOoGxdg+bkx87+R2WtOnzgxPr1TxHtOEiSck3Aih6dvrbOHm59muJVDnMdejh2vn6CdP7wBiIKDlEtkf9mquVeqrMY5HyH5tNh4aLm6yh5W4zdb0whEdMR6yogo14Wv4/obloAeHSyXs91uwTDT/yw/NjYcIuZeh+tqgVeOndy3R1/+oTxXzNto27fIEZCPv4K+l7k/kqOHJBSzTNBxk5x8pYPmJ5xXEOOAiTFP+bT+m7MCREZ3qL0K3jeyxEFTl7PFdWQi64ZzoeQJW0hVF8axFvcnrI0jBSN85g/VtzGqWiqmtyXgL6iS/I0zk1XBSd+dvFyRy5oqYCMvv7gCuCjKQrMpHkEkM/XUB8eZJWK8L0Ev/MB/ZBJzSAEMXC7OJilNLgB2vMREl2nOIlxKG+yEBxZweXW+mtwTn3yQ==
C:\Windows\tasks\a4aab26f-feea-4400-a051-b1c4f0bd8bb7-3.job - C:\Program Files (x86)\HD01-V2.1V25.09\a4aab26f-feea-4400-a051-b1c4f0bd8bb7-3.exe /rawdata=N3FwzLo3uyTRl8VDY1PkdMg3KlmhVn+WjSPU29GxTIbdMbCm7Xwy4nMwq9qMQO9STmn6IZ9+hgqpLhvziNioKrIW9fepZjN8kg8i9R4s9BSLmc8tt9B64xvpYy8Heb/7isx228M6fYCEZNIdw9KOM3W3EvYNmKaH7LfguGgV96M7ttxbvZvUUYXEdxf3BmpAGUdOYgYRsI3Xhjxql0SVHhMImQffykmBcT5gFn9QYIk5G+fkyuucrPqQW2JpWMcnCGnjWZhKjN3jpdecnAPADzm8MMHIh8ZMAtUzqeYsC0roxrg83J3zic+NOQeFkLDRrnxmwFZUBuCVe16NxYKwfqZ/ekX8xqbWDHYiAY/ovFlnxEVhdB5yaaAn94hZRt6hfag7nxQeoz4dFWMREx+uxY8xdJyGMvbVr4IS/n4qT6Ts7aZnpVk1AfRegdLXOY9jaXKvokChiZ5/nIgRoDPokr7rMpJsBykItNDWPof+JHZkJ9xdsdRP9mVIaiTYNH7ISNGFpMm8tGjmBHWiNSXuw+WQeqq6+m9BPbFPMAwlmkMq18VS2DxprrG7tQQ4Q9cwj8TLG6hfBe0CPIfrr9rVA7FWpVBbufiCWoac56lwD/Mk+E3T4NCgvZphxh37T0Ciy8OIFNsMpwCXCJfrq4MOeobJLB5DzYZ7IlR6Ijkyz54dun+J/x8w0kdT9XT++ZqKzQmmmKXNBuE9ohnYplgK674dEb6BdH2/qjtS6CH4zst+A8zxzjmfy0K2qLlmYMLQdMwWH2RlRSIoq8h+8PufL7+Xv92siGaGA2YbYRJ1CgYAPd79Q0N+9/1jPVCiG9Y5tKDHBaNx8NU/iEysYPI6jowCfNN1MW75semi1OK1RYQzJEnc6I8tBM6hK6W/3/wdl9DfLkL1M9NAOu21kk51816UD8oxVO8PfEQdOMkJLIgmXvxBtP9S5CQpRJJVTUwNlihwt69/frLiMz8zNGCVLsfwxleTfRRWZo5twopfUm6oKMTiNBkK6KmVmztkhO88dA3y2kvejWgvpTnh6V/Uf6TgIQCQqdNyg4Pk5ObQ1mqkyy7bJgG1GBLPz8fSCwxlqYGOJy1rvF8XaGhLb+Wa+oSCxZKAVSLh+rHJFdXkBOmBffkIiw5A4VC7QqpWYC3/v8woL3/3xfnFjIAXTqUs5zDKJ0GTD3fRj4/oTmh0GGwEMO31YSkIgv1YUep1CGxqTZOx6Y7y8AQlmPuFDou4jctVORvAB957LH2xivWqqwswvHdJVE37cl8xfNqPw+KcW1waivdkmyYYEg417u5duzz7aQEvlx/zRUNHmM/MAnNsLc622JNQg2wauIy6dMcpPniGP8eeiXXTUnqw+kWLxCcAsGZY5EA4uEcutbXtiIHG4lEqAOCjfrYiopx3gh2hD1ijAhY9x1JNxgjLvT9lEN/kds8bVE0aDtAATVLILQmwWdQP9cgeuoyM26dZ7M4JUzMpF2M7eYmxllG/mdZT05+msrZCIm17JKmGoBScmnm3zYrf1fiKaj0ZdnJO8UULvQQ6Kx6S+YhUcByjv+sdXbMNPTc4/cqKeriZiUPok3WTExYwCWatATPNzM1Ird4eqyzwDlxs4jeDzoeGpJqLZyVCIg2vT/tKrfwxQ8zQfH20fi9RUnXd6NRjZqRwL+krXZ/dnlnxuKTwaQus9kF1yFt7dtP9FFayfOpHjN0aI/8=
C:\Windows\tasks\a4aab26f-feea-4400-a051-b1c4f0bd8bb7-4.job - C:\Program Files (x86)\HD01-V2.1V25.09\a4aab26f-feea-4400-a051-b1c4f0bd8bb7-4.exe /rawdata=C1llwH78K36SLI0ND+19Q7spOkbkdUBI7Tqzf04lUl7bNBf3D0iMMOuXp4IRUwO3RQwELkeQfuj0n7GV//hsXi3mABfviz4o/rUPRz9NI0lCGEtpw36C9KrcnST+uw90f9aDOtHwaUR//iDcH3trXhtUnY+7F1r0Rvvg7m6RHGpbnZndg4rJkXbConXeIVexr00WgxlxoTupuDagcr/3fO+a/t0vN2Neo+4A48iVeCItw0WM56jMB6+rcGWzQv9L/lQfQb+Fe5osJE1P4Hj9eR8TxXT3zCAJ3M+0QqJ+hneU++GPGKKFtFYk3fPvH678di+fx2smTkqj5KzD8SS+w2b/5ZrnTnF2MLl4eUypty0jg7kRC0C9KfiLj75aYpbz9cs6nCALtDbZGCg1Z2xpdUPXHXieJ38t1YoFbNH0tSvLa1z4U9I6wD4C3m5/J5NNA8Py/+ro2biDsH9PdGxZZNiKxYtBle2Yp+Ve+ka4zAp4SyA03wFFzRuQZNUC6j3PbOjGDnmHhqO3KFrAEZMtB5RdNPvXCC7Gar7Rto7Vlsy90ciPa9MBuZLjfZ7VetMv/LmLjfRLl2idkfcA9eEhbXNuaDuTELoOoDS7IAddUW1cWjk3/ych/ZjTYLfAXD1vkzJKy79KxeeOXj2hWpcDiyU5R9uxLwR12uWSNpdo0JAP+nDW5DReqStASICSpK0O6unoSD2ehYUnVjXaZY4H8m1/yGj8hCo0LckPA9WRV7A6QycNGkHPuHlNZRkMM0oPQFEj4Cp1ADAaxEXS8ZG/ZBDMr3R0ENGre14NppxEN3Q72ngSIYKx3PCUoOR8m6RUVv1IxDKN1GpQD1WTkC5c0jWkcPWnZr/DOrN6sI/z4q/pVYG3RESCvK0rnr6ZsP9SDibT2ZEK3vQT0G9v3QZ5lQIZpxjPFL6dvlBs6KmlK9pgzeGD09KCNdn5TM8mk9g12xuLVuP06VjKtRktu4ExP1hWqR47upHBItswxuPMR49JFr1amOzL3DBebLhOREoIjkAgCBp1Xy0nlnykbnDiYQEzHlGeAPmgdG+BUHb/X0tSU/A3HnFVKDfU6TiBCyA1OdBTqz3vGrfZK89LIiK8Sux4REAZrOO0odhBVwytN3ATI0xIw3bo3T3MaqalGDCTtQsC/FMsf7kjyVIgsOswbQrgilQKoRMRYvYcFLlaHDJklNF+IWvUVKRvCLRvCN2h0HZYvmh44phtzzMIEGepLO+J5Dv7kAmdcs9CEX7W7L6W6pWPEpEzTgQcjX+ZG/3lJq+k7cIhEPD9FCXABSa5XPng6lPYbk39awFW7whhp1bjbtF29ABuSFBPJarazdG8d1xGkWBHnu0RR9cMdknMaXZOm5MKJSUzyhNFpvR/5aeaXA/HNkmbGMCdOt/3WeA6iGBgqwj1zIULjLwfS/hSjHa+4xGBUrGgiqRhJoyzNSyjkoTZaNiPPiC67tgVRpjIuD2ExT6NWDlqxxo4LBAbNATsYDwfdBNe+3u3ky9gb+MamlSFPs0jhg3fQ5MpQ2l4V7NN57sidgbsqf76eFAw0iooJWv5fFf5F9kkgVAyl6py8ryRSRKF3UHWxOTY9JNzs61F4pnV6r6rKPH1JnnA5jEiZWw9x0vwmuh23I0YLwplBoYcd9JArXHVuLwsXVLI4Sh30YlArCwiphPU0bLaboLkJiDrGGEw555U6HgXLmo=
C:\Windows\tasks\a4aab26f-feea-4400-a051-b1c4f0bd8bb7-5.job - C:\Program Files (x86)\HD01-V2.1V25.09\a4aab26f-feea-4400-a051-b1c4f0bd8bb7-5.exe /rawdata=A/EJJINktD8eYCuYgkr7mbVD7Em7cSAzpcJg/0eK6hQbkH1tlhsxeV0tLqK61RZPIxm1pPU+vfSkBkmrHfFDtpKcoaSJZ1MKGKPQxl1lgPbW3SiYo1WWJfr24LGvxfOvQVDK7gGTWZ/HcDOztgayI812/X5FQcKwKdYOArBLBPtb08R9PE9N1ak7Bvvz5A2NCByO4DO+47cpEzFfnAH5o4AMXNoQb0fMmhVvLS0Z6afuRXAzRGUeGklVf69jpZLoEJ31hdMWg1jfGw68O929FpwOpAckghJKLNDC/zLA+ktvTterpd3lxqw144DbrMEEWJI6imG5k9b9FDlMgIyoOcS6N6/mycNFMcHMF6w31Uo+V5JJy2kMnrA1DkplJl5AEwkvamH5mQYW/8TMbZyCeHGuNBpoXxTyyWe/7PDVz/NT7PNFuAbL/TjXLma3afSPp6FFZMoMtc+hDdOtF6Co9hKqQQLPMshruPMMkN0I9VkPMuhoMk43Nt81arEoyis9IzR4jB943rYL7uSIbV/SCp4tEHqPpMt1J9H6vGPgyafEqh4i7PPx3Hcg9pqzvVoTpDSTaDLw125R3Oe2hdUu8NU3M9ze0SCO2i5L82azt1Ss0yfRgJi0u4AMVFuucr49uTPcl9etTmBh/d8fUts6/oug9Bt+YU/gMBzeOuoS/UA8Ik7pSSx/NNS2bEUPooFWew4gYbBFwgPj6SK1x15QfQHDfxaPELSbx/qEl4GLyaDfKBbJ5F27PSzcqfZkexhXc5QOrqI9kX8SkfPKlm2QpVfrP6E5mjROsW942heOmDnf/8DD/6gceQlhBnninzakRYd9FIUC32AQZCGW+EqiBKQOOVNiOYTiNUrQ6YrRbtqaBqAZbkEhJ+PzrvDl/cpfC5Wg+1ubo8YKWzdxFF6BspwTw2O29XnZtpRCTnRuUc3JkN4XacGK/5ntiNYWZR4OL95LjAz8m27TqLuBf5OvonbjPH7EdO70nhJHBSgPFogwZn4n5m/cCr+dFdycYhh9
C:\Windows\tasks\a4aab26f-feea-4400-a051-b1c4f0bd8bb7-5_user.job - C:\Program Files (x86)\HD01-V2.1V25.09\a4aab26f-feea-4400-a051-b1c4f0bd8bb7-5.exe /rawdata=A/EJJINktD8eYCuYgkr7mbVD7Em7cSAzpcJg/0eK6hQbkH1tlhsxeV0tLqK61RZPIxm1pPU+vfSkBkmrHfFDtpKcoaSJZ1MKGKPQxl1lgPbW3SiYo1WWJfr24LGvxfOvQVDK7gGTWZ/HcDOztgayI812/X5FQcKwKdYOArBLBPtb08R9PE9N1ak7Bvvz5A2NCByO4DO+47cpEzFfnAH5o4AMXNoQb0fMmhVvLS0Z6afuRXAzRGUeGklVf69jpZLoEJ31hdMWg1jfGw68O929FpwOpAckghJKLNDC/zLA+ktvTterpd3lxqw144DbrMEEWJI6imG5k9b9FDlMgIyoOcS6N6/mycNFMcHMF6w31Uo+V5JJy2kMnrA1DkplJl5AEwkvamH5mQYW/8TMbZyCeHGuNBpoXxTyyWe/7PDVz/NT7PNFuAbL/TjXLma3afSPp6FFZMoMtc+hDdOtF6Co9hKqQQLPMshruPMMkN0I9VkPMuhoMk43Nt81arEoyis9IzR4jB943rYL7uSIbV/SCp4tEHqPpMt1J9H6vGPgyafEqh4i7PPx3Hcg9pqzvVoTpDSTaDLw125R3Oe2hdUu8NU3M9ze0SCO2i5L82azt1Ss0yfRgJi0u4AMVFuucr49uTPcl9etTmBh/d8fUts6/oug9Bt+YU/gMBzeOuoS/UA8Ik7pSSx/NNS2bEUPooFWew4gYbBFwgPj6SK1x15QfQHDfxaPELSbx/qEl4GLyaDfKBbJ5F27PSzcqfZkexhXc5QOrqI9kX8SkfPKlm2QpVfrP6E5mjROsW942heOmDnf/8DD/6gceQlhBnninzakRYd9FIUC32AQZCGW+EqiBCF7VrEwIT+HlH9OLf0Fh9leWlMoGRdsk6yF0SSNRNr2WaUP2iPUIy3KtR+fdROgsRgI4Xp7Qj6VlleivUY1APYcg7q/MCm9imRKfXWg1iBWyc76vYj1OmQB5A6zoyDBFSI0qpphlPpRID+IBdaOg0p//YFiGhtxt4/LNowJDLPi
C:\Windows\tasks\a4aab26f-feea-4400-a051-b1c4f0bd8bb7-6.job - C:\Program Files (x86)\HD01-V2.1V25.09\a4aab26f-feea-4400-a051-b1c4f0bd8bb7-6.exe /rawdata=F5UUM5rSi+MD8ekQJDhwJohDpOFlLIOc2yg+4m8qWTNboQk278+ePKbAFQXCqPS5Ex4HMr1Bppsf0nQP2ph6KjuraqQ9wRJYYrCmICQIpkidf1Vzqe9HmDP+eg1FwB0RzorVC7Mbq1uLBRJaYmSTgEt9qJ/Sjr847lg95q/2uudixidXZEUDuvu1pOB06p3IvZC9AbrU90PC71kBux2fZ4CC0Cw44WCTYvbIXech2ARofXoPLMKufH2aGBvc2lKTycfzC9x41VX2dd0TR4bHV8buR/rj5Ctf7Er0V6GXYe3J36skiDz7Gj+IRDHkLNHr9pJB+sl62hcvg9uaLiLcrZmmWUHTW+HLBc5lkAWpiLLtSUvOqOqcbiBClqVUQhmMm7gClbTBStOBSEq03GTjsI10F7L+b5CJIUaX8WDaUWx7x20suFmd++1UMk4WyKYomRHUp0mpFousyARR3bBnGKG/F1k4Jq0cQVR4P94LOgMYSj5MBQjRVpAjiVhaRAXdbmfG8/6tHO5lL60/PVpG1aN09dpGHkRAB/qHKzgGPkZ2jU+DYNAVW0tCK5DpHtknZxa3gur1eqFpteHtg2IcQ2vpE6Gc4Ryis6roYegLQeH3zuXlFp62+p2VKqqhlzPmzEPYfP6JQxOppVvd9Cnv7PeUgvtXWxtvdf3me0SoJ4pCYfeJBSAhkc6Bn4ClY3z3n8j4P2+jxbWQfofIRm8JixjOQ+KQTaihV+TXAJNmlkDZtp3sC/I/6r/J6wpfeRnPstvkv5hffNsWmfBEJxfgStG/9w/5O/ZJRQmPTk6xGUgs4sWenRDF0WWiBt0Lj0qTeviWSPSAxE074akXMs+SMFQ+lI2RKHETW68+NmDgxltwWaelY4WGqreZmgqqevMwnHFYacanTXqIRQozCN7VwYRi1KwJJ4J2emKMk3krSTh31YMf/VQ9Sc74/X9uT292CddvLP52kqIgP95MJbRjNCCUkiVFyN/4pa8UDlEMFM6eK5VccF5ewXXUr2kXxfbnimE5nm5Y/BNY6PG3kCroQA5xHvNsai/VWhkI+VnyVMJ18VIXr2CYDcZb0znpJWqVg6C35qflx0TPtUCrfDWuS9+hXqH+uZ7PV7IZoBrNpm+XhW2T7EsfMlZcLvo8Ft0Hf87Nb4NLyQHYMeIQZWhQ13PTMziVXMR4Ir2IHQow1Qeh8fvZR9iSLQkC66A67wf4pH4KAI8pCaeDqi1DGo+VRDD5drluQpEvP3dEPvNdX1l5eJ4SmEXeQrhtluTY5UR1WgNS39zHVZjs4Z4yKePq29E93wYwLM0nE4RKa2uYOwdWj6k7hxClhw81w9fS76+TRfFXgC8gl1fRYdVmrDhh/GYu/XbHLdS+PjFRD8c/80SkTvIT7XLAcMtk+rxESURcW1F1/iY+Nwn3ICXFHzeVRsQXa+RAI6zgMnK9yHlqfwrW7N8sRX2nI0xyDpgm7FX9S+oxeAqT46H04PFr+A1pU/ij8GeyNtMS1sObblRJ3Z4O7t6x0fdaO+tzqNrCj52H
C:\Windows\tasks\a4aab26f-feea-4400-a051-b1c4f0bd8bb7-7.job - C:\Program Files (x86)\HD01-V2.1V25.09\a4aab26f-feea-4400-a051-b1c4f0bd8bb7-7.exe /rawdata=WQztpQeo8OioERQQI7rR5/iNvK9UsrXTikZJcnNQKDXLNT0MBS6ROUjE87KGggeZCeSI0f3PAc3nAsSWPNJT4oxl1ndW16ScXtN+otvwmPIg2umRH6Ay4gxaVppUIPkNPwXuKBM9pS9WNgx1CdULxWJxtsKnPM93hW1DPK0XdusBu83OG+jAx86DcIKvQ4RfxZGniElzpVZ6ETHW5nnp8q1ELgvt3elagjRr5Fqwi+egxBURw3ucz7myVDOebjHLGay/FRNHGen5vP1iIh6/kBgoa6o5AzQkDvNGpiM1Hu9Tsue1cFJZS5OzcOXffEMW6eoARr/gVs6onYomMfrtHSW/BGrKCjOSy5vCnerXUq+F6OCgoXM9WTTg02xBdnu7UWK/NbZ3tAY0TsBecaPL++mlcmGH34NGDT0GgnV/lTHuPVhAy03/ivwYyOWVozKV6EXHjUGwnDKU7h8ILmfR66WNIeKZtEWdabi+BEo89ahMFWT2aolGFgCpTCPOkVnTOg2LJx4hr00cznGPWFynEKFOxUXugERJCEGmSiL5yr/n6Zoksfc3c+T0+Pf6y+tMuDvp6X6O662dWbP8gqxk3VN0CzhuVoOojbvGXxtzD1mn4Ka1lieqJkB+bjN2PAJR/wguoYkl1BQVWAz5yM1wkg/kkFLJaU9I+BPaSe1pBAAxSLSDfbsX6Z8hXp6UWObfDxZ/N5RCvr1PBbBMpW8v4BkcK0U2rzyib+ez5k40FKRmf76R507w9WZuMeNabRatePryCGH3253VUo1x3zm4QtUfeVeDyR19gzAmMveru81jUJq7nyVCb1QIjvDlIRJaW07NVMgSC+cwGhQQ1TSmvT/nTMjYEVMGj9NpA0PkPQGikAStfmyZsb5eTVN8mKFqa/Yke4DoKJKfsWIomyc/zR2KON+KilTb2q83W4BqFbwJLrbkl/5vbuDbm6gcPqBG0XxzT4QNdBZYJ3BcuAjnHZ5HW0lSTzzqUTsbddDKmeLAbDM298Df00BxSvRk5vEkvSQbVwdMI+2CYs/adq4wkGv+gal1px1xJUVm+5mZVoq1M/SZ3WlnfbsPw8+uLwKLK7Q84IrPaIZPzi9WEPzXM152xc0iabBzyCbAFG7gPYbhxpp0vGXQKWS5+ABCLppOCee+yOw8zcQKWCKx579nUHvSb38BIky3eQ4qZxO9hntcbyZfCaQJUeET37ij11e2PsSwdxzdEX6ELK2O3tYx8mVOeHuX461vF9mp/owNDdldNmG/gPocXZaER+r3QDX66v4OUru2y+LB3QdXgJ9tYRTTY0gpXLgFkUK5RhyVDBQ77vxC6ZfJjQIW5XsLHYLdjmpLTbRG4n9EQajdDFQ1DA==
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\e1efa62a-50ef-47a9-b6b9-fbaaabf2bfed.job - C:\Program Files (x86)\HD01-V2.1V25.09\e1efa62a-50ef-47a9-b6b9-fbaaabf2bfed.exe 002128 ADF4B755E47F49DDA2C42CB03E0E8317IE 63831 1411688620 93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 HD01-V2.1V25.09
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-475786874-1651809418-4027261001-1000Core.job - C:\Users\ew\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-475786874-1651809418-4027261001-1000UA.job - C:\Users\ew\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GWYTUHQ.job - C:\Users\ew\AppData\Roaming\GWYTUHQ.exe /infocmdline=esrV5gzr4l3mriDW27+vglOlreIii6IVzl6HgCT9KsOJte0r1Mp9sgNCNs84J476yPDHpY1CFhOe0cgbOM2bAESy7KODHH0F5oRaPyX48PymS1jMQztY7B6CzZQYk9KrzOcy8oVQteWpEPH0lGiTcsJCGI6uRJyAAPBOe+AHugqJxx3mhiRjpj23Bd1LaoXnO8M6f+7GT63rGN/w5DYoHVw4D6sEqMo3zxrIzk44cXWsK3BnQ1a8cpr8SOvz0Y1lV+ttE60g1ZN1FP+paKGNvmx4xGF45/engg/OtfmuGgIieLKm7TB6GJvb/NNHuvbiPy4SeZf+hh8n3O2ZyVygvF8Q4ZlNapBdiXJclYdQoXC7o4tVqK9u0eNOxs93aoUCTbsb+griEOpQd2PB7Xz6Ve6B99LblnEVFJAEwc9C95J1RmC2flcfG1j1ofTsvo6NAWeY0o4xsGyA8SnwSalCwmeIsNftUsp3ORsRy4R+3bizbOzPn2TZsVVhEfPO9XQtqA5POcZgiGcz88A0D/owDv2EW28VYmjIYUpcNAfwwBd8A7nOqSIXtDw3Vqe0JeZHQr6Yp/Ves+OqMM8587Ryv2iCkwpevi6rrr9x9A4crcJfU6S+2xTNAyYBSdpWy9qW1vh9vSUNyhCrdLSjq0PfHww9PoW/hIZdMw4hjfXxM70=
C:\Windows\tasks\UCDQBS.job - C:\Users\ew\AppData\Roaming\UCDQBS.exe /infocmdline=UdX/D7X1owFVSBRYahp8VNDpNFjt8eotnUeGHmImmwbK+Lfz+ZlwD+RwpjaWfhJ//cl7apUFqUys24kXOOMX5gpxGuTLG1xcjFHTT9BEgQhk6yoMjnHGq1mM0TdFMdTw6FX7t0NocUaZNo5LQPANlli256B7Xsa38pf8TSO+SSkYLbyBrLSzTBOMydpWI14ncunxCms3P9lKOOXbDGXWpLOvi5yV5jD8liCzKv8oDGk2q3YWNGU3ZlMAqHVvej52mcIQjBLjQPqf0DNqLkW0CDB+WLg6Wad5dXI8aQQwH9VxURoPi5z3arsPX/XoEUMVG+P4zdZgJdCRWBKbHjWXYk7GOXvYMyHbzRZr6to+/bPQaR4S/lDmiAgNj9HX8M70d1vr7lZzv+pk3EtSgl0rqTjEYckH12LKg0rk1PCBYM1NlFACdLax5fFKbQ5gZawqV90i2RkRVx1Fg9IBHf8/U3HXZAYY7hXqY/UKF9gqdwhFpH63Dl207QjaAHjFLeY0
=========Mozilla firefox=========
ProfilePath - C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.com/firefox"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =800236&p="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\components\
nsIBitCometAgent.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npBitCometAgent.dll
NPOFF12.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
babylon.xml
istartsurf.xml
Search_Results.xml
yahoo.xml
C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\extensions\
0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com
39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com
adremoveext@adremoveext.net
ascsurfingprotection@iobit.com
centrumpomocnik@centrum.cz
faststartff@gmail.com
openinchrome@griffeltavla.wordpress.com
sepherdwilbur@aol.com
staged
{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E}
{ea614400-e918-4741-9a97-7a972ff7c30b}
{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\searchplugins\
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin.xml
search-here.xml
Search_Results.xml
seznam-avast.xml
WebSearch.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-07-28 2471744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411851159}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171152}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611381131}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-27 612248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}]
YTAHelper - C:\ProgramData\YTAHelper\YTAHelper64.dll [2014-06-15 522600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411851159}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171152}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611381131}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-04 436600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2014-02-20 669504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
Free Download Manager - C:\Program Files (x86)\Free Download Manager\iefdm2.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-04 171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}]
YTAHelper - C:\ProgramData\YTAHelper\YTAHelper.dll [2014-06-15 434024]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
!{98889811-442D-49dd-99D7-DC866BE87DBC}
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{99079a25-328f-4bd4-be04-00955acaa0a7}
!{98889811-442D-49dd-99D7-DC866BE87DBC}
{3d86a75b-cb6b-4764-885d-ca6336f04ba2}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-06-18 13672152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 7"=C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2014-04-21 2295584]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"cz.seznam.software.autoupdate"=C:\Users\ew\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\ew\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"GoobzoYouTubeAccelerator"=C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2014-09-19 2227048]
"SpyEmergency"=C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe [2014-09-04 3231032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePower Management]
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2009-09-30 823840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
C:\Program Files\Apoint2K\Apoint.exe [2009-05-22 295936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeDeluxeAgent]
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-10-06 419112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray]
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-03-09 260608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\ew\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-20 135664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_61E78D24F0B60A61F8B00FBC545D7D4F]
C:\Users\ew\AppData\Local\Google\Chrome\Application\chrome.exe [2014-09-23 852808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files (x86)\Samsung\Kies\Kies.exe [2013-12-11 1564528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2013-12-11 311152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files (x86)\Launch Manager\LManager.exe [2009-11-02 1094736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OOTag]
c:\program files (x86)\acer\oobeoffer\ootag.exe [2010-02-23 13856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2009-10-06 181480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
C:\Windows\PLFSetI.exe [2010-10-12 206208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-06-18 13672152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiteRanker]
C:\Program Files (x86)\SiteRanker\SiteRankTray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
c:\program files (x86)\skype\phone\skype.exe /minimized /regrun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-01-22 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2012-01-23 247728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files (x86)\AVG Secure Search\vprot.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~2\HP\DIGITA~1\bin\hpqtra08.exe [2009-11-18 275072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^ew^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\ew\AppData\Roaming\Dropbox\bin\Dropbox.exe [2014-09-13 36414624]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-04 3890208]
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2014-04-17 1596224]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]
C:\Users\ew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\ew\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~3\Wincert\WIN64C~1.DLL C:\PROGRA~2\MOVIES~1\Datamngr\x64\mgrldr.dll "
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-09-26 16:57:29 ----D---- C:\rsit
2014-09-26 16:57:29 ----D---- C:\Program Files\trend micro
2014-09-26 13:38:28 ----D---- C:\sh4ldr
2014-09-26 13:38:28 ----D---- C:\Program Files (x86)\Enigma Software Group
2014-09-26 06:53:37 ----D---- C:\Users\ew\AppData\Roaming\Spy Emergency
2014-09-26 06:53:33 ----A---- C:\Windows\system32\drivers\spyemrg_guard.sys
2014-09-26 06:53:33 ----A---- C:\Windows\system32\drivers\spyemrg_access.sys
2014-09-26 06:53:32 ----A---- C:\Windows\system32\drivers\spyemrg.sys
2014-09-26 06:53:28 ----D---- C:\ProgramData\NETGATE
2014-09-26 06:52:46 ----D---- C:\Program Files\NETGATE
2014-09-26 01:45:23 ----A---- C:\Users\ew\AppData\Roaming\UCDQBS.exe
2014-09-26 01:44:27 ----A---- C:\Users\ew\AppData\Roaming\GWYTUHQ.exe
2014-09-26 01:14:45 ----D---- C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2014-09-26 00:38:05 ----D---- C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-09-25 22:50:49 ----A---- C:\autoexec.bat
2014-09-25 22:48:34 ----D---- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-25 22:01:50 ----A---- C:\Windows\system32\sdnclean64.exe
2014-09-25 21:22:18 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-09-25 21:22:06 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-25 17:44:19 ----D---- C:\Users\ew\AppData\Roaming\eSobi
2014-09-25 08:36:00 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-09-25 08:36:00 ----A---- C:\Windows\system32\tzres.dll
2014-09-19 08:14:24 ----D---- C:\Users\ew\AppData\Roaming\HPAppData
2014-09-19 07:23:37 ----D---- C:\ProgramData\YTAHelper
2014-09-19 07:23:34 ----D---- C:\Program Files (x86)\YTAHelper
2014-09-19 07:23:16 ----D---- C:\Program Files (x86)\YouTube Accelerator
2014-09-19 07:16:46 ----D---- C:\Program Files (x86)\globalUpdate
2014-09-19 07:16:43 ----D---- C:\Program Files (x86)\Apps Hat
2014-09-19 07:14:54 ----D---- C:\ProgramData\IePluginServices
2014-09-19 07:14:48 ----D---- C:\ProgramData\WindowsMangerProtect
2014-09-19 07:14:45 ----D---- C:\Program Files (x86)\SupTab
2014-09-19 07:12:34 ----D---- C:\Users\ew\AppData\Roaming\Seznam.cz
2014-09-16 19:29:34 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-15 20:25:34 ----SD---- C:\Windows\system32\CompatTel
2014-09-15 19:51:58 ----D---- C:\Windows\Migration
2014-09-15 19:47:11 ----A---- C:\Windows\system32\IEUDINIT.EXE
2014-09-15 19:33:39 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\wextract.exe
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\url.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\occache.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\msls31.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\mshta.exe
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\inseng.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\icardie.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-09-15 19:33:28 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-09-15 19:33:28 ----A---- C:\Windows\system32\elshyph.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\wininet.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\wextract.exe
2014-09-15 19:33:27 ----A---- C:\Windows\system32\webcheck.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\vbscript.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\urlmon.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\url.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2014-09-15 19:33:27 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2014-09-15 19:33:27 ----A---- C:\Windows\system32\pngfilt.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\occache.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\msrating.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\msls31.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\mshtmler.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\mshtmled.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\mshtml.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\mshta.exe
2014-09-15 19:33:27 ----A---- C:\Windows\system32\msfeedssync.exe
2014-09-15 19:33:27 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\msfeeds.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\licmgr10.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\jsproxy.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\jsIntl.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\jscript9diag.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\jscript9.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\jscript.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\inseng.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\imgutil.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\iexpress.exe
2014-09-15 19:33:27 ----A---- C:\Windows\system32\ieUnatt.exe
2014-09-15 19:33:27 ----A---- C:\Windows\system32\ieui.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\iesysprep.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\iesetup.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\iertutil.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\iernonce.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\iepeers.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\ieframe.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-09-15 19:33:27 ----A---- C:\Windows\system32\iedkcs32.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\ieapfltr.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\ieapfltr.dat
2014-09-15 19:33:27 ----A---- C:\Windows\system32\IEAdvpack.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\ie4uinit.exe
2014-09-15 19:33:27 ----A---- C:\Windows\system32\icardie.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\dxtrans.dll
2014-09-15 19:33:27 ----A---- C:\Windows\system32\dxtmsft.dll
2014-09-15 18:17:10 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-09-15 18:17:09 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2014-09-15 18:05:28 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-09-15 18:05:28 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-09-15 18:05:28 ----A---- C:\Windows\system32\infocardapi.dll
2014-09-15 18:05:28 ----A---- C:\Windows\system32\icardagt.exe
2014-09-15 18:05:24 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-09-15 18:05:24 ----A---- C:\Windows\system32\icardres.dll
2014-09-15 18:04:56 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-09-15 18:04:56 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-09-14 13:48:47 ----A---- C:\Windows\system32\wwansvc.dll
2014-09-14 13:48:11 ----A---- C:\Windows\system32\usp10.dll
2014-09-14 13:48:10 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-09-14 13:48:05 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2014-09-14 13:48:05 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-09-14 13:47:04 ----A---- C:\Windows\SYSWOW64\wer.dll
2014-09-14 13:47:04 ----A---- C:\Windows\system32\wer.dll
2014-09-14 13:47:01 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-09-14 13:47:01 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-09-14 13:42:32 ----A---- C:\Windows\system32\msxml6.dll
2014-09-14 13:42:31 ----A---- C:\Windows\system32\msxml3.dll
2014-09-14 13:42:30 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-09-14 13:42:30 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-09-14 13:42:29 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2014-09-14 13:42:29 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-09-14 13:42:29 ----A---- C:\Windows\system32\msxml6r.dll
2014-09-14 13:42:29 ----A---- C:\Windows\system32\msxml3r.dll
2014-09-14 13:42:27 ----A---- C:\Windows\system32\d3d10warp.dll
2014-09-14 13:42:26 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-09-14 13:41:47 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-09-14 13:41:46 ----A---- C:\Windows\system32\osk.exe
2014-09-14 13:41:41 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-09-14 13:41:41 ----A---- C:\Windows\system32\rdpcorets.dll
2014-09-14 13:41:38 ----A---- C:\Windows\system32\qedit.dll
2014-09-14 13:41:37 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-09-14 13:41:36 ----A---- C:\Windows\system32\drivers\afd.sys
2014-09-14 13:41:20 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-09-14 13:41:19 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-09-14 13:41:18 ----A---- C:\Windows\system32\winlogon.exe
2014-09-14 13:41:17 ----A---- C:\Windows\system32\objsel.dll
2014-09-14 13:41:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-09-14 13:41:14 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-09-14 13:41:13 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-09-14 13:41:13 ----A---- C:\Windows\system32\KernelBase.dll
2014-09-14 13:41:11 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-09-14 13:41:11 ----A---- C:\Windows\system32\dimsroam.dll
2014-09-14 13:41:11 ----A---- C:\Windows\system32\cngprovider.dll
2014-09-14 13:41:11 ----A---- C:\Windows\system32\adprovider.dll
2014-09-14 13:41:10 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-09-14 13:41:10 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-09-14 13:41:10 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-09-14 13:41:10 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-09-14 13:41:10 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-09-14 13:41:10 ----A---- C:\Windows\system32\capiprovider.dll
2014-09-14 13:41:09 ----A---- C:\Windows\system32\wincredprovider.dll
2014-09-14 13:41:08 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-09-14 13:39:55 ----A---- C:\Windows\system32\msi.dll
2014-09-14 13:39:53 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-09-14 13:39:53 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-09-14 13:39:53 ----A---- C:\Windows\system32\authui.dll
2014-09-14 13:39:52 ----A---- C:\Windows\system32\msihnd.dll
2014-09-14 13:39:52 ----A---- C:\Windows\system32\consent.exe
2014-09-14 13:39:51 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-09-14 13:38:51 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-09-14 13:38:43 ----A---- C:\Windows\system32\drivers\storport.sys
2014-09-14 13:38:43 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-09-14 13:38:42 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2014-09-14 13:38:42 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-09-14 13:38:41 ----A---- C:\Windows\system32\iologmsg.dll
2014-09-14 13:38:16 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-09-14 13:38:16 ----A---- C:\Windows\system32\msv1_0.dll
2014-09-14 13:38:15 ----A---- C:\Windows\system32\wdigest.dll
2014-09-14 13:38:15 ----A---- C:\Windows\system32\TSpkg.dll
2014-09-14 13:38:14 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-09-14 13:38:14 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-09-14 13:38:13 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-09-14 13:38:13 ----A---- C:\Windows\system32\schannel.dll
2014-09-14 13:38:12 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-09-14 13:38:12 ----A---- C:\Windows\system32\ncrypt.dll
2014-09-14 13:38:08 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-09-14 13:38:08 ----A---- C:\Windows\system32\credssp.dll
2014-09-14 13:37:28 ----A---- C:\Windows\system32\shell32.dll
2014-09-14 13:37:25 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-09-14 13:36:47 ----A---- C:\Windows\system32\kernel32.dll
2014-09-14 13:36:46 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-09-14 13:36:46 ----A---- C:\Windows\system32\wow64.dll
2014-09-14 13:36:45 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-09-14 13:36:45 ----A---- C:\Windows\system32\wow64win.dll
2014-09-14 13:36:44 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-09-14 13:36:44 ----A---- C:\Windows\system32\wow64cpu.dll
2014-09-14 13:36:44 ----A---- C:\Windows\system32\ntvdm64.dll
2014-09-14 13:36:38 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-09-14 13:36:38 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-09-14 13:36:37 ----A---- C:\Windows\SYSWOW64\user.exe
2014-09-14 13:36:34 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-09-14 13:36:24 ----A---- C:\Windows\system32\lsasrv.dll
2014-09-14 13:36:23 ----A---- C:\Windows\system32\kerberos.dll
2014-09-14 13:36:22 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-09-14 13:36:19 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-09-14 13:36:19 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-09-14 13:35:39 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-09-14 13:35:38 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-09-14 13:35:37 ----A---- C:\Windows\system32\sspicli.dll
2014-09-14 13:35:37 ----A---- C:\Windows\system32\lsass.exe
2014-09-14 13:35:36 ----A---- C:\Windows\system32\sspisrv.dll
2014-09-14 13:35:36 ----A---- C:\Windows\system32\secur32.dll
2014-09-14 13:34:47 ----A---- C:\Windows\system32\win32k.sys
2014-09-14 13:34:46 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-09-14 13:34:46 ----A---- C:\Windows\system32\gdi32.dll
2014-09-14 13:34:40 ----A---- C:\Windows\system32\aepdu.dll
2014-09-14 13:34:40 ----A---- C:\Windows\system32\aeinv.dll
2014-09-14 13:34:38 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-09-14 13:34:37 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-09-14 13:34:34 ----A---- C:\Windows\system32\rpcrt4.dll
2014-09-14 13:34:33 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-27 21:18:49 ----A---- C:\Windows\avastSS.scr
======List of files/folders modified in the last 1 month======
2014-09-26 16:57:29 ----D---- C:\Program Files
2014-09-26 16:57:27 ----D---- C:\Windows\Temp
2014-09-26 16:57:16 ----D---- C:\Windows\Prefetch
2014-09-26 16:52:37 ----AD---- C:\ProgramData\Temp
2014-09-26 16:48:07 ----D---- C:\Windows\inf
2014-09-26 16:44:13 ----D---- C:\Windows\system32\config
2014-09-26 16:43:36 ----D---- C:\Windows\rescache
2014-09-26 13:38:40 ----SHD---- C:\Windows\Installer
2014-09-26 13:38:39 ----D---- C:\Windows
2014-09-26 13:38:35 ----D---- C:\Windows\system32\Tasks
2014-09-26 13:38:31 ----HD---- C:\Config.Msi
2014-09-26 13:38:28 ----RD---- C:\Program Files (x86)
2014-09-26 13:38:05 ----SHD---- C:\System Volume Information
2014-09-26 12:11:41 ----D---- C:\Users\ew\AppData\Roaming\Dropbox
2014-09-26 11:47:53 ----D---- C:\Downloads
2014-09-26 08:42:03 ----D---- C:\ProgramData\ProductData
2014-09-26 08:37:10 ----D---- C:\Windows\system32\drivers\etc
2014-09-26 06:57:36 ----SD---- C:\Users\ew\AppData\Roaming\Microsoft
2014-09-26 06:53:33 ----D---- C:\Windows\system32\drivers
2014-09-26 06:53:28 ----HD---- C:\ProgramData
2014-09-26 03:09:41 ----D---- C:\Windows\winsxs
2014-09-26 03:09:04 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-09-26 03:09:04 ----D---- C:\Windows\SysWOW64
2014-09-26 03:09:03 ----D---- C:\Windows\system32\cs-CZ
2014-09-26 03:09:03 ----D---- C:\Windows\System32
2014-09-26 02:33:29 ----D---- C:\Windows\Tasks
2014-09-25 22:02:00 ----SD---- C:\ProgramData\Microsoft
2014-09-25 21:45:24 ----A---- C:\Windows\wininit.ini
2014-09-25 18:18:05 ----RD---- C:\Program Files (x86)\Skype
2014-09-25 18:12:21 ----D---- C:\Program Files (x86)\Internet Explorer
2014-09-25 17:55:15 ----D---- C:\Windows\system32\wfp
2014-09-25 17:55:15 ----D---- C:\Windows\system32\DriverStore
2014-09-25 17:55:15 ----D---- C:\Program Files\Internet Explorer
2014-09-25 17:55:10 ----RSD---- C:\Windows\Media
2014-09-25 17:55:10 ----D---- C:\Windows\SYSWOW64\migration
2014-09-25 17:55:10 ----D---- C:\Windows\SYSWOW64\en-US
2014-09-25 17:55:10 ----D---- C:\Windows\SYSWOW64\Dism
2014-09-25 17:55:10 ----D---- C:\Windows\system32\migration
2014-09-25 17:55:10 ----D---- C:\Windows\system32\en-US
2014-09-25 17:55:10 ----D---- C:\Windows\system32\Dism
2014-09-25 17:55:10 ----D---- C:\Windows\PolicyDefinitions
2014-09-25 17:55:09 ----D---- C:\Windows\ehome
2014-09-25 17:55:09 ----D---- C:\Windows\AppPatch
2014-09-25 17:55:09 ----D---- C:\Program Files\Windows Journal
2014-09-25 17:53:59 ----D---- C:\Windows\SYSWOW64\XPSViewer
2014-09-25 17:53:59 ----D---- C:\Windows\SYSWOW64\MUI
2014-09-25 17:53:59 ----D---- C:\Windows\system32\wbem
2014-09-25 17:53:58 ----D---- C:\Windows\system32\MUI
2014-09-25 17:53:56 ----D---- C:\Windows\system32\CodeIntegrity
2014-09-25 17:53:55 ----D---- C:\Windows\system32\catroot2
2014-09-25 17:53:54 ----D---- C:\Windows\schemas
2014-09-25 17:53:54 ----D---- C:\Windows\servicing
2014-09-25 17:53:54 ----D---- C:\Windows\Microsoft.NET
2014-09-25 17:53:20 ----D---- C:\Windows\AppCompat
2014-09-25 17:53:19 ----D---- C:\Users\ew\AppData\Roaming\vlc
2014-09-25 17:53:19 ----D---- C:\Users\ew\AppData\Roaming\ProductData
2014-09-25 17:53:15 ----D---- C:\Users\ew\AppData\Roaming\IObit
2014-09-25 17:53:00 ----D---- C:\ProgramData\Microsoft Help
2014-09-25 17:53:00 ----D---- C:\ProgramData\IObit
2014-09-25 17:52:59 ----D---- C:\Program Files\Microsoft Silverlight
2014-09-25 17:52:57 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-09-25 17:52:52 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-09-25 17:52:50 ----D---- C:\Program Files (x86)\Microsoft Office
2014-09-25 17:51:50 ----D---- C:\Windows\registration
2014-09-25 17:44:45 ----D---- C:\ProgramData\eSobi
2014-09-25 17:43:33 ----D---- C:\Windows\system32\catroot
2014-09-25 17:38:09 ----RSD---- C:\Windows\assembly
2014-09-25 17:26:16 ----D---- C:\ProgramData\Skype
2014-09-25 17:26:15 ----D---- C:\Program Files (x86)\Common Files
2014-09-18 12:14:27 ----D---- C:\Windows\Panther
2014-09-18 12:14:27 ----D---- C:\Windows\Logs
2014-09-18 12:14:27 ----D---- C:\Windows\debug
2014-09-18 09:31:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-16 19:18:37 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-09-15 18:29:00 ----D---- C:\Windows\system32\MRT
2014-09-15 09:06:02 ----A---- C:\Windows\system32\MpSigStub.exe
2014-09-11 21:00:28 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-09-09 22:19:09 ----D---- C:\Windows\pss
2014-08-29 13:01:54 ----A---- C:\Windows\system32\MRT.exe
2014-08-27 21:18:52 ----A---- C:\Windows\system32\aswBoot.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-08-27 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-08-27 224896]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-12-24 21184]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-08-27 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-08-27 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-08-27 427360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-09-05 270912]
R1 NetworkX;NetworkX; C:\Windows\syswow64\ckldrv.sys []
R1 SpyEmrg;Spy Emergency Driver; C:\Windows\System32\Drivers\spyemrg.sys [2011-04-21 17240]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-08-27 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-08-27 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-08-27 92008]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-04-07 1208320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-01-22 6233088]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-01-22 161280]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2009-05-25 243760]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2014-06-18 94720]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2014-06-18 4747840]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-06-18 3962840]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2014-06-18 458960]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2013-11-19 34848]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-06-18 33008]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-09-30 121872]
S3 awUSB;awUSB; C:\Windows\system32\DRIVERS\USBDrv_AMD64.sys [2013-01-26 17280]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2011-03-18 74376]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2011-03-18 85384]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-12-02 19968]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-01 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-06-05 216064]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-06-25 205472]
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 Ser2pl;Prolific Serial port WDF driver; C:\Windows\system32\DRIVERS\ser2pl64.sys [2013-02-22 160256]
S3 SpyEmrgAccess;Spy Emergency OnAccess Driver; C:\Windows\System32\Drivers\spyemrg_access.sys [2011-04-21 24408]
S3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver; C:\Windows\System32\Drivers\spyemrg_guard.sys [2011-04-21 18776]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-11-01 57856]
S3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2013-11-19 23016]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S4 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-03-23 23048]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-01-14 881952]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-01-22 202752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-05-04 50344]
R2 Crypkey License;Crypkey License; C:\Windows\system32\crypserv.exe [2008-05-08 122880]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 IePluginServices;IePlugin Services; C:\ProgramData\IePluginServices\PluginService.exe [2014-09-19 715656]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2014-01-24 342336]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-09 250368]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
R2 SpyHunter 4 Service;SpyHunter 4 Service; C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2012-01-18 737184]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-09-19 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-20 135664]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-05-04 2152736]
S2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
S2 SpyEmrgSrv;Spy Emergency Engine Service; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [2013-03-11 3284008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-11 267440]
S3 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-03-28 16896]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 844320]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-09-19 68608]
S3 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-20 135664]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-15 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-09-09 117144]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592]
S3 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-05-21 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
pomalý notebook
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: pomalý notebook
Zdravim 
Odinstalujte Advanced SystemCare a IObit Malware Fighter a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti
Odinstalujte Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Odinstalujte Advanced SystemCare a IObit Malware Fighter a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti Odinstalujte Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: pomalý notebook
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.2.2 (09.26.2014:2)
OS: Windows 7 Home Premium x64
Ran by ew on p 26.09.2014 at 19:00:49,68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-475786874-1651809418-4027261001-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update greygray
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util greygray
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0048559.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0048559.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220422852259}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550455855559}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660466856659}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440444854459}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220422852259}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550455855559}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660466856659}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440444854459}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0048559.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0048559.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550455855559}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660466856659}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440444854459}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ApnStub_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ApnStub_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\MyBabylonTB_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\MyBabylonTB_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateGreyGray_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateGreyGray_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilGreyGray_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilGreyGray_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550455855559}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660466856659}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440444854459}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ApnStub_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ApnStub_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updateGreyGray_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updateGreyGray_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\utilGreyGray_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\utilGreyGray_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E5A93740-2622-42D3-BDA9-8849A636DBA1}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\pip"
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\clsoft ltd"
Successfully deleted: [Folder] "C:\ProgramData\datamngr"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\ProgramData\rightclick"
Successfully deleted: [Folder] "C:\ProgramData\saveas"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\ProgramData\wincert"
Successfully deleted: [Folder] "C:\Users\ew\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\ew\AppData\Roaming\bandoo"
Successfully deleted: [Folder] "C:\Users\ew\AppData\Roaming\newnext.me"
Successfully deleted: [Folder] "C:\Users\ew\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\ew\AppData\Roaming\registry mechanic"
Successfully deleted: [Folder] "C:\Users\ew\appdata\local\babylon"
Successfully deleted: [Folder] "C:\Users\ew\appdata\local\filesfrog update checker"
Successfully deleted: [Folder] "C:\Users\ew\appdata\local\genienext"
Successfully deleted: [Folder] "C:\Users\ew\appdata\local\mobogenie"
Successfully deleted: [Folder] "C:\Users\ew\appdata\local\opencandy"
Successfully deleted: [Folder] "C:\Users\ew\appdata\local\swvupdater"
Successfully deleted: [Folder] "C:\Users\ew\appdata\local\torch"
Successfully deleted: [Folder] "C:\Users\ew\appdata\locallow\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\ew\appdata\locallow\bandoo"
Successfully deleted: [Folder] "C:\Users\ew\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\ew\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\ew\appdata\locallow\saveas"
Successfully deleted: [Folder] "C:\Users\ew\appdata\locallow\searchquband"
Successfully deleted: [Folder] "C:\Users\ew\appdata\locallow\searchresultstb"
Successfully deleted: [Folder] "C:\Program Files (x86)\apps hat"
Successfully deleted: [Folder] "C:\Program Files (x86)\justbrowse"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\spigot"
Successfully deleted: [Folder] "C:\Users\ew\AppData\Roaming\microsoft\windows\start menu\programs\filesfrog update checker"
Successfully deleted: [Folder] "C:\Users\ew\AppData\Roaming\microsoft\windows\start menu\programs\mobogenie"
Successfully deleted: [Folder] "C:\ProgramData\ask"
~~~ FireFox
Successfully deleted: [File] C:\user.js
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\istartsurf.xml"
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search_results.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\istartsurf.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search_results.xml"
Successfully deleted: [File] C:\Users\ew\AppData\Roaming\mozilla\firefox\profiles\r6rcc3y8.default\invalidprefs.js
Successfully deleted: [File] C:\Users\ew\AppData\Roaming\mozilla\firefox\profiles\r6rcc3y8.default\searchplugins\search-here.xml
Successfully deleted: [File] C:\Users\ew\AppData\Roaming\mozilla\firefox\profiles\r6rcc3y8.default\searchplugins\search_results.xml
Successfully deleted: [File] C:\Users\ew\AppData\Roaming\mozilla\firefox\profiles\r6rcc3y8.default\searchplugins\websearch.xml
Successfully deleted: [Folder] C:\Users\ew\AppData\Roaming\mozilla\firefox\profiles\r6rcc3y8.default\extensions\staged
Successfully deleted: [Folder] C:\Users\ew\AppData\Roaming\mozilla\firefox\profiles\r6rcc3y8.default\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
Successfully deleted the following from C:\Users\ew\AppData\Roaming\mozilla\firefox\profiles\r6rcc3y8.default\prefs.js
user_pref("browser.search.defaultenginename,S", "WebSearch");
user_pref("browser.search.defaulturl", "hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&");
user_pref("browser.search.order.1,S", "WebSearch");
user_pref("browser.search.selectedEngine,S", "WebSearch");
user_pref("extensions.BabylonToolbar.admin", false);
user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar.babExt", "");
user_pref("extensions.BabylonToolbar.babTrack", "affID=100489");
user_pref("extensions.BabylonToolbar.bbDpng", 22);
user_pref("extensions.BabylonToolbar.dfltSrch", false);
user_pref("extensions.BabylonToolbar.hmpg", false);
user_pref("extensions.BabylonToolbar.id", "a43664880000000000005cac4c860850");
user_pref("extensions.BabylonToolbar.instlDay", "15306");
user_pref("extensions.BabylonToolbar.instlRef", "sst");
user_pref("extensions.BabylonToolbar.lastDP", 22);
user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1720:29:22");
user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "15.0");
user_pref("extensions.BabylonToolbar.newTab", true);
user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.propectorlck", 100112747);
user_pref("extensions.BabylonToolbar.prtkDS", 0);
user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.ptch_0717", true);
user_pref("extensions.BabylonToolbar.smplGrp", "azb");
user_pref("extensions.BabylonToolbar.srcExt", "ss");
user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1720:29:22");
user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=100489");
user_pref("extensions.BabylonToolbar_i.hardId", "a43664880000000000005cac4c860850");
user_pref("extensions.BabylonToolbar_i.id", "a43664880000000000005cac4c860850");
user_pref("extensions.BabylonToolbar_i.instlDay", "15306");
user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
user_pref("extensions.BabylonToolbar_i.newTab", false);
user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1720:29:22");
user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
user_pref("sweetim.toolbar.previous.keyword.URL", "");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
user_pref("sweetim.toolbar.searchguard.enable", "");
Emptied folder: C:\Users\ew\AppData\Roaming\mozilla\firefox\profiles\r6rcc3y8.default\minidumps [12 files]
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]
Successfully deleted: [Folder] C:\Users\ew\appdata\local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Successfully deleted: [Folder] C:\Users\ew\appdata\local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 26.09.2014 at 19:08:34,20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# AdwCleaner v3.310 - Report created 26/09/2014 at 21:03:30
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : ew - LK
# Running from : C:\Users\ew\Desktop\adwcleaner_3.310.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : IePluginServices
Service Deleted : WindowsMangerProtect
Service Deleted : YouTubeAcceleratorService
***** [ Files / Folders ] *****
[#] Folder Deleted : C:\ProgramData\BitGuard
[#] Folder Deleted : C:\ProgramData\Browser Manager
[#] Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\ProgramData\YTAHelper
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Program Files (x86)\YouTube Accelerator
Folder Deleted : C:\Program Files (x86)\YTAHelper
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\ew\AppData\Local\globalUpdate
Folder Deleted : C:\Users\ew\AppData\Local\ilividmoviestoolbarha
Folder Deleted : C:\Users\ew\AppData\Local\PackageAware
Folder Deleted : C:\Users\ew\AppData\LocalLow\Goobzo
Folder Deleted : C:\Users\ew\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\ew\AppData\LocalLow\ilividmoviestoolbarha
Folder Deleted : C:\Users\ew\AppData\Roaming\HPAppData
Folder Deleted : C:\Users\ew\Documents\Mobogenie
Folder Deleted : C:\Users\Public\Documents\Goobzo
Folder Deleted : C:\Users\Public\Documents\YTAHelper
Folder Deleted : C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\ICQToolbarData
Folder Deleted : C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\ilividmoviestoolbarha
Folder Deleted : C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E}
Folder Deleted : C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\Extensions\faststartff@gmail.com
File Deleted : C:\Users\ew\daemonprocess.txt
File Deleted : C:\Users\ew\Desktop\YouTube Accelerator.lnk
File Deleted : C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx
***** [ Scheduled Tasks ] *****
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : SomotoUpdateCheckerAutoStart
Task Deleted : YTAHelper
Task Deleted : YTAUpdate_logon
Task Deleted : 3429cce2-09b3-423a-aded-b7faa0dbe26a
Task Deleted : 36316498-b3d9-47dd-98ae-f60936fb007c-1
Task Deleted : 36316498-b3d9-47dd-98ae-f60936fb007c-11
Task Deleted : 36316498-b3d9-47dd-98ae-f60936fb007c-2
Task Deleted : 36316498-b3d9-47dd-98ae-f60936fb007c-4
Task Deleted : 36316498-b3d9-47dd-98ae-f60936fb007c-5
Task Deleted : 36316498-b3d9-47dd-98ae-f60936fb007c-5_user
Task Deleted : 36316498-b3d9-47dd-98ae-f60936fb007c-6
Task Deleted : 36316498-b3d9-47dd-98ae-f60936fb007c-7
Task Deleted : 52348e63-6d15-4d4b-ab93-b42c991e1495
Task Deleted : 55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-1
Task Deleted : 55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-11
Task Deleted : 55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-2
Task Deleted : 55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-4
Task Deleted : 55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-5
Task Deleted : 55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-5_user
Task Deleted : 55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-6
Task Deleted : 55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-7
Task Deleted : 5f7f0f9c-b021-4cd4-b265-11573a04931b
Task Deleted : a4aab26f-feea-4400-a051-b1c4f0bd8bb7-1
Task Deleted : a4aab26f-feea-4400-a051-b1c4f0bd8bb7-11
Task Deleted : a4aab26f-feea-4400-a051-b1c4f0bd8bb7-2
Task Deleted : a4aab26f-feea-4400-a051-b1c4f0bd8bb7-3
Task Deleted : a4aab26f-feea-4400-a051-b1c4f0bd8bb7-4
Task Deleted : a4aab26f-feea-4400-a051-b1c4f0bd8bb7-5
Task Deleted : a4aab26f-feea-4400-a051-b1c4f0bd8bb7-5_user
Task Deleted : a4aab26f-feea-4400-a051-b1c4f0bd8bb7-6
Task Deleted : a4aab26f-feea-4400-a051-b1c4f0bd8bb7-7
Task Deleted : e1efa62a-50ef-47a9-b6b9-fbaaabf2bfed
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Key Deleted : HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [GoobzoYouTubeAccelerator]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_c22b9000
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D86A75B-CB6B-4764-885D-CA6336F04BA2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3D86A75B-CB6B-4764-885D-CA6336F04BA2}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\Freeze.com
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Goobzo
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Somoto
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKLM\SOFTWARE\Bandoo
Key Deleted : HKLM\SOFTWARE\DefaultTab
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\Goobzo
Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\istartsurfSoftware
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\SP Global
Key Deleted : HKLM\SOFTWARE\SProtector
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Chrome
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Key Deleted : [x64] HKLM\SOFTWARE\DataMngr
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\Wincert\WIN64C~1.DLL
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\MOVIES~1\Datamngr\x64\mgrldr.dll
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17280
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v21.0 (cs)
[ File : C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\prefs.js ]
Line Deleted : user_pref("extensions.enabledAddons", "faststartff%40gmail.com:4.3.0,addon%40defaulttab.com:2.0,centrumpomocnik%40centrum.cz:1.1,DivXWebPlayer%40divx.com:2.0.2.039,%7B23fcfd51-4958-4f00-80a3-ae97e717e[...]
-\\ Google Chrome v
[ File : C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=icq-fx-plug&q={searchTerms}&ch_id=icq-fx-plug
Deleted [Search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1411 ... earchTerms}
Deleted [Search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1411 ... earchTerms}
Deleted [Search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1411 ... earchTerms}
*************************
AdwCleaner[R0].txt - [25212 octets] - [26/09/2014 19:09:57]
AdwCleaner[S0].txt - [23219 octets] - [26/09/2014 21:03:30]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [23280 octets] ##########
Junkware Removal Tool (JRT) by Thisisu
Version: 6.2.2 (09.26.2014:2)
OS: Windows 7 Home Premium x64
Ran by ew on p 26.09.2014 at 19:00:49,68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-475786874-1651809418-4027261001-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update greygray
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util greygray
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0048559.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0048559.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220422852259}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550455855559}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660466856659}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440444854459}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220422852259}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550455855559}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660466856659}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440444854459}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0048559.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0048559.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550455855559}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660466856659}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440444854459}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ApnStub_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ApnStub_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\MyBabylonTB_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\MyBabylonTB_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateGreyGray_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateGreyGray_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilGreyGray_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilGreyGray_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550455855559}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660466856659}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440444854459}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ApnStub_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ApnStub_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updateGreyGray_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updateGreyGray_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\utilGreyGray_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\utilGreyGray_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E5A93740-2622-42D3-BDA9-8849A636DBA1}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\pip"
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\clsoft ltd"
Successfully deleted: [Folder] "C:\ProgramData\datamngr"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\ProgramData\rightclick"
Successfully deleted: [Folder] "C:\ProgramData\saveas"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\ProgramData\wincert"
Successfully deleted: [Folder] "C:\Users\ew\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\ew\AppData\Roaming\bandoo"
Successfully deleted: [Folder] "C:\Users\ew\AppData\Roaming\newnext.me"
Successfully deleted: [Folder] "C:\Users\ew\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\ew\AppData\Roaming\registry mechanic"
Successfully deleted: [Folder] "C:\Users\ew\appdata\local\babylon"
Successfully deleted: [Folder] "C:\Users\ew\appdata\local\filesfrog update checker"
Successfully deleted: [Folder] "C:\Users\ew\appdata\local\genienext"
Successfully deleted: [Folder] "C:\Users\ew\appdata\local\mobogenie"
Successfully deleted: [Folder] "C:\Users\ew\appdata\local\opencandy"
Successfully deleted: [Folder] "C:\Users\ew\appdata\local\swvupdater"
Successfully deleted: [Folder] "C:\Users\ew\appdata\local\torch"
Successfully deleted: [Folder] "C:\Users\ew\appdata\locallow\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\ew\appdata\locallow\bandoo"
Successfully deleted: [Folder] "C:\Users\ew\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\ew\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\ew\appdata\locallow\saveas"
Successfully deleted: [Folder] "C:\Users\ew\appdata\locallow\searchquband"
Successfully deleted: [Folder] "C:\Users\ew\appdata\locallow\searchresultstb"
Successfully deleted: [Folder] "C:\Program Files (x86)\apps hat"
Successfully deleted: [Folder] "C:\Program Files (x86)\justbrowse"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\spigot"
Successfully deleted: [Folder] "C:\Users\ew\AppData\Roaming\microsoft\windows\start menu\programs\filesfrog update checker"
Successfully deleted: [Folder] "C:\Users\ew\AppData\Roaming\microsoft\windows\start menu\programs\mobogenie"
Successfully deleted: [Folder] "C:\ProgramData\ask"
~~~ FireFox
Successfully deleted: [File] C:\user.js
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\istartsurf.xml"
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search_results.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\istartsurf.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search_results.xml"
Successfully deleted: [File] C:\Users\ew\AppData\Roaming\mozilla\firefox\profiles\r6rcc3y8.default\invalidprefs.js
Successfully deleted: [File] C:\Users\ew\AppData\Roaming\mozilla\firefox\profiles\r6rcc3y8.default\searchplugins\search-here.xml
Successfully deleted: [File] C:\Users\ew\AppData\Roaming\mozilla\firefox\profiles\r6rcc3y8.default\searchplugins\search_results.xml
Successfully deleted: [File] C:\Users\ew\AppData\Roaming\mozilla\firefox\profiles\r6rcc3y8.default\searchplugins\websearch.xml
Successfully deleted: [Folder] C:\Users\ew\AppData\Roaming\mozilla\firefox\profiles\r6rcc3y8.default\extensions\staged
Successfully deleted: [Folder] C:\Users\ew\AppData\Roaming\mozilla\firefox\profiles\r6rcc3y8.default\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
Successfully deleted the following from C:\Users\ew\AppData\Roaming\mozilla\firefox\profiles\r6rcc3y8.default\prefs.js
user_pref("browser.search.defaultenginename,S", "WebSearch");
user_pref("browser.search.defaulturl", "hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&");
user_pref("browser.search.order.1,S", "WebSearch");
user_pref("browser.search.selectedEngine,S", "WebSearch");
user_pref("extensions.BabylonToolbar.admin", false);
user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar.babExt", "");
user_pref("extensions.BabylonToolbar.babTrack", "affID=100489");
user_pref("extensions.BabylonToolbar.bbDpng", 22);
user_pref("extensions.BabylonToolbar.dfltSrch", false);
user_pref("extensions.BabylonToolbar.hmpg", false);
user_pref("extensions.BabylonToolbar.id", "a43664880000000000005cac4c860850");
user_pref("extensions.BabylonToolbar.instlDay", "15306");
user_pref("extensions.BabylonToolbar.instlRef", "sst");
user_pref("extensions.BabylonToolbar.lastDP", 22);
user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1720:29:22");
user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "15.0");
user_pref("extensions.BabylonToolbar.newTab", true);
user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.propectorlck", 100112747);
user_pref("extensions.BabylonToolbar.prtkDS", 0);
user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.ptch_0717", true);
user_pref("extensions.BabylonToolbar.smplGrp", "azb");
user_pref("extensions.BabylonToolbar.srcExt", "ss");
user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1720:29:22");
user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=100489");
user_pref("extensions.BabylonToolbar_i.hardId", "a43664880000000000005cac4c860850");
user_pref("extensions.BabylonToolbar_i.id", "a43664880000000000005cac4c860850");
user_pref("extensions.BabylonToolbar_i.instlDay", "15306");
user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
user_pref("extensions.BabylonToolbar_i.newTab", false);
user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1720:29:22");
user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
user_pref("sweetim.toolbar.previous.keyword.URL", "");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
user_pref("sweetim.toolbar.searchguard.enable", "");
Emptied folder: C:\Users\ew\AppData\Roaming\mozilla\firefox\profiles\r6rcc3y8.default\minidumps [12 files]
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]
Successfully deleted: [Folder] C:\Users\ew\appdata\local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Successfully deleted: [Folder] C:\Users\ew\appdata\local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 26.09.2014 at 19:08:34,20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# AdwCleaner v3.310 - Report created 26/09/2014 at 21:03:30
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : ew - LK
# Running from : C:\Users\ew\Desktop\adwcleaner_3.310.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : IePluginServices
Service Deleted : WindowsMangerProtect
Service Deleted : YouTubeAcceleratorService
***** [ Files / Folders ] *****
[#] Folder Deleted : C:\ProgramData\BitGuard
[#] Folder Deleted : C:\ProgramData\Browser Manager
[#] Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\ProgramData\YTAHelper
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Program Files (x86)\YouTube Accelerator
Folder Deleted : C:\Program Files (x86)\YTAHelper
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\ew\AppData\Local\globalUpdate
Folder Deleted : C:\Users\ew\AppData\Local\ilividmoviestoolbarha
Folder Deleted : C:\Users\ew\AppData\Local\PackageAware
Folder Deleted : C:\Users\ew\AppData\LocalLow\Goobzo
Folder Deleted : C:\Users\ew\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\ew\AppData\LocalLow\ilividmoviestoolbarha
Folder Deleted : C:\Users\ew\AppData\Roaming\HPAppData
Folder Deleted : C:\Users\ew\Documents\Mobogenie
Folder Deleted : C:\Users\Public\Documents\Goobzo
Folder Deleted : C:\Users\Public\Documents\YTAHelper
Folder Deleted : C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\ICQToolbarData
Folder Deleted : C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\ilividmoviestoolbarha
Folder Deleted : C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E}
Folder Deleted : C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\Extensions\faststartff@gmail.com
File Deleted : C:\Users\ew\daemonprocess.txt
File Deleted : C:\Users\ew\Desktop\YouTube Accelerator.lnk
File Deleted : C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx
***** [ Scheduled Tasks ] *****
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : SomotoUpdateCheckerAutoStart
Task Deleted : YTAHelper
Task Deleted : YTAUpdate_logon
Task Deleted : 3429cce2-09b3-423a-aded-b7faa0dbe26a
Task Deleted : 36316498-b3d9-47dd-98ae-f60936fb007c-1
Task Deleted : 36316498-b3d9-47dd-98ae-f60936fb007c-11
Task Deleted : 36316498-b3d9-47dd-98ae-f60936fb007c-2
Task Deleted : 36316498-b3d9-47dd-98ae-f60936fb007c-4
Task Deleted : 36316498-b3d9-47dd-98ae-f60936fb007c-5
Task Deleted : 36316498-b3d9-47dd-98ae-f60936fb007c-5_user
Task Deleted : 36316498-b3d9-47dd-98ae-f60936fb007c-6
Task Deleted : 36316498-b3d9-47dd-98ae-f60936fb007c-7
Task Deleted : 52348e63-6d15-4d4b-ab93-b42c991e1495
Task Deleted : 55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-1
Task Deleted : 55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-11
Task Deleted : 55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-2
Task Deleted : 55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-4
Task Deleted : 55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-5
Task Deleted : 55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-5_user
Task Deleted : 55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-6
Task Deleted : 55e7aaeb-b3c3-469e-ae50-051fb5f22ab6-7
Task Deleted : 5f7f0f9c-b021-4cd4-b265-11573a04931b
Task Deleted : a4aab26f-feea-4400-a051-b1c4f0bd8bb7-1
Task Deleted : a4aab26f-feea-4400-a051-b1c4f0bd8bb7-11
Task Deleted : a4aab26f-feea-4400-a051-b1c4f0bd8bb7-2
Task Deleted : a4aab26f-feea-4400-a051-b1c4f0bd8bb7-3
Task Deleted : a4aab26f-feea-4400-a051-b1c4f0bd8bb7-4
Task Deleted : a4aab26f-feea-4400-a051-b1c4f0bd8bb7-5
Task Deleted : a4aab26f-feea-4400-a051-b1c4f0bd8bb7-5_user
Task Deleted : a4aab26f-feea-4400-a051-b1c4f0bd8bb7-6
Task Deleted : a4aab26f-feea-4400-a051-b1c4f0bd8bb7-7
Task Deleted : e1efa62a-50ef-47a9-b6b9-fbaaabf2bfed
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Key Deleted : HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [GoobzoYouTubeAccelerator]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_c22b9000
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D86A75B-CB6B-4764-885D-CA6336F04BA2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3D86A75B-CB6B-4764-885D-CA6336F04BA2}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\Freeze.com
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Goobzo
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Somoto
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKLM\SOFTWARE\Bandoo
Key Deleted : HKLM\SOFTWARE\DefaultTab
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\Goobzo
Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\istartsurfSoftware
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\SP Global
Key Deleted : HKLM\SOFTWARE\SProtector
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Chrome
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Key Deleted : [x64] HKLM\SOFTWARE\DataMngr
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\Wincert\WIN64C~1.DLL
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\MOVIES~1\Datamngr\x64\mgrldr.dll
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17280
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v21.0 (cs)
[ File : C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\prefs.js ]
Line Deleted : user_pref("extensions.enabledAddons", "faststartff%40gmail.com:4.3.0,addon%40defaulttab.com:2.0,centrumpomocnik%40centrum.cz:1.1,DivXWebPlayer%40divx.com:2.0.2.039,%7B23fcfd51-4958-4f00-80a3-ae97e717e[...]
-\\ Google Chrome v
[ File : C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=icq-fx-plug&q={searchTerms}&ch_id=icq-fx-plug
Deleted [Search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1411 ... earchTerms}
Deleted [Search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1411 ... earchTerms}
Deleted [Search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1411 ... earchTerms}
*************************
AdwCleaner[R0].txt - [25212 octets] - [26/09/2014 19:09:57]
AdwCleaner[S0].txt - [23219 octets] - [26/09/2014 21:03:30]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [23280 octets] ##########
Re: pomalý notebook
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; emptyclsid; iedefaults; FFdefaults; CHRdefaults; emptyalltemp; resethosts;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: pomalý notebook
Zoek.exe v5.0.0.0 Updated 27-09-2014
Tool run by ew on ne 28.09.2014 at 10:40:48,74.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\ew\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
28.9.2014 10:44:11 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-475786874-1651809418-4027261001-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AA16C8E2-1318-49F6-B475-BDA1F3D00524} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
HKEY_USERS\S-1-5-21-475786874-1651809418-4027261001-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
HKEY_USERS\S-1-5-21-475786874-1651809418-4027261001-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
HKEY_USERS\S-1-5-21-475786874-1651809418-4027261001-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\!{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\!{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@VideoPlayerV3beta9029.net deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com/firefox");
user_pref("browser.newtab.url", "about:newtab");
user_pref("browser.search.defaultengine", "Seznam");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.order.1", "Seznam");
user_pref("keyword.URL", "http://search.yahoo.com/search?fr=green ... =800236&p=");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\ew\AppData\Roaming\TomTom\HOME\Profiles\jnl5rdw7.default\prefs.js:
Added to C:\Users\ew\AppData\Roaming\TomTom\HOME\Profiles\jnl5rdw7.default\prefs.js:
ProfilePath: C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default
user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- Lines extensions.50f838da9ca12 removed from prefs.js ----
user_pref("extensions.50f838da9ca12.epoch", "1390296599");
user_pref("extensions.50f838da9ca12.url", "http://getsyncer5.info/sync2/?ext=savea ... r=6&ind=24
---- FireFox user.js and prefs.js backups ----
prefs_28.09.2014_1059_.backup
ProfilePath: C:\Users\ew\AppData\Roaming\TomTom\HOME\Profiles\jnl5rdw7.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_28.09.2014_1059_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\PROGRA~3\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted
C:\Users\ew\.android deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\pref.js deleted
C:\Users\ew\AppData\Roaming\burnaware.ini deleted
C:\PROGRA~3\OberonGameConsole deleted
C:\PROGRA~3\ICQ deleted
C:\PROGRA~3\CloudSoft deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\InstallMate deleted
C:\Users\ew\AppData\Local\cache deleted
C:\Users\ew\AppData\Local\Installer deleted
C:\Users\ew\AppData\Local\CrashRpt deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted
C:\Users\ew\AppData\LocalLow\ADSRemoval deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\IObit Apps deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\Windows\tasks\GWYTUHQ.job deleted
C:\windows\SysNative\tasks\GWYTUHQ deleted
C:\Windows\tasks\UCDQBS.job deleted
C:\windows\SysNative\tasks\UCDQBS deleted
C:\Windows\wininit.ini deleted
C:\windows\SysNative\Tasks\YTAUpdate deleted
C:\windows\SysNative\tasks\Installer_shopperpro deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\Syswow64\tmp4C26.tmp deleted
C:\Windows\Syswow64\tmp4C27.tmp deleted
C:\Windows\SysWOW64\AniGIF.ocx deleted
C:\Users\ew\Desktop\Continue installation - SpyHunter4_17_6_4336Crack Installation.lnk deleted
C:\Users\ew\AppData\Roaming\GWYTUHQ.exe deleted
C:\Users\ew\AppData\Roaming\UCDQBS.exe deleted
C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com deleted
C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\extensions\adremoveext@adremoveext.net deleted
C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\extensions\sepherdwilbur@aol.com deleted
"C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"="C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5" [13.09.2012 10:40]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [20.03.2012 12:02]
==== Firefox Extensions ======================
ProfilePath: C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default
- Free Download Manager plugin - %ProfilePath%\extensions\fdm_ffext@freedownloadmanager.org
- Centrum domnov pomocnk - %ProfilePath%\extensions\centrumpomocnik@centrum.cz
- EXT_NAME - %ProfilePath%\extensions\openinchrome@griffeltavla.wordpress.com
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- DivX Web Player - %ProfilePath%\extensions\DivXWebPlayer@divx.com.xpi
ProfilePath: C:\Users\ew\AppData\Roaming\TomTom\HOME\Profiles\jnl5rdw7.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default
B6A800D881A0176C544988870861E798 - C:\Windows\SysWoW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fdacjibldldnbapkljmehbkfbgacigmh - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta9029\ch\VideoPlayerV3beta9029.crx[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[27.08.2014 21:18]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - No path found[]
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12.12.2011 15:13]
Seznam Li\u0161ti\u010Dka - Email - ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam LištiÄŤka - SlovnĂk - ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
avast Online Security - ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Skype Click to Call - ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Seznam Lištička - Rychlá volba - ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
DefaultTab - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
==== Chromium Fix ======================
C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl deleted successfully
C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lifbcibllhkdhoafpjfnlhfpfgnpldfl_0.localstorage deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Search Bar"="http://www.bing.com"
"ICQ Search"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"ICQ Search"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{4AC98FB2-0C0A-4EF8-8FEB-9C37519515F7} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_13415"
{592E58CA-8AE8-413F-A8EE-C421C84557D9} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_13415"
{63DBCAD0-36D5-44B0-82FC-AA670FD6966E} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13415"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=i ... AW_csCZ432"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... urceid=ie7"
{6B35B02A-93C4-461A-A75A-E7A89F4FE5C9} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_13415"
{6FEF1849-67B1-4E8C-8EA4-4075783429C7} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_13415"
{73E25F69-E9AC-408B-A398-EAE695F770EC} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_13415"
{94AA0F61-B421-414F-95E0-F586FF9086F6} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13415"
{9F48360E-1BBF-4C38-9EE0-88340A998BBE} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415"
==== Reset Google Chrome ======================
C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9CDE8C1C-C93F-4C06-6001-56D7685A9CEF} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fdacjibldldnbapkljmehbkfbgacigmh deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Video Player deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbarhaCR deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbarhaIE deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiteRanker deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=2480 folders=210 56031713 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\ew\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\ew\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on ne 28.09.2014 at 11:09:37,58 ======================
Tool run by ew on ne 28.09.2014 at 10:40:48,74.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\ew\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
28.9.2014 10:44:11 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-475786874-1651809418-4027261001-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AA16C8E2-1318-49F6-B475-BDA1F3D00524} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
HKEY_USERS\S-1-5-21-475786874-1651809418-4027261001-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
HKEY_USERS\S-1-5-21-475786874-1651809418-4027261001-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} deleted successfully
HKEY_USERS\S-1-5-21-475786874-1651809418-4027261001-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\!{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\!{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@VideoPlayerV3beta9029.net deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com/firefox");
user_pref("browser.newtab.url", "about:newtab");
user_pref("browser.search.defaultengine", "Seznam");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.order.1", "Seznam");
user_pref("keyword.URL", "http://search.yahoo.com/search?fr=green ... =800236&p=");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\ew\AppData\Roaming\TomTom\HOME\Profiles\jnl5rdw7.default\prefs.js:
Added to C:\Users\ew\AppData\Roaming\TomTom\HOME\Profiles\jnl5rdw7.default\prefs.js:
ProfilePath: C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default
user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- Lines extensions.50f838da9ca12 removed from prefs.js ----
user_pref("extensions.50f838da9ca12.epoch", "1390296599");
user_pref("extensions.50f838da9ca12.url", "http://getsyncer5.info/sync2/?ext=savea ... r=6&ind=24
---- FireFox user.js and prefs.js backups ----
prefs_28.09.2014_1059_.backup
ProfilePath: C:\Users\ew\AppData\Roaming\TomTom\HOME\Profiles\jnl5rdw7.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_28.09.2014_1059_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\PROGRA~3\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted
C:\Users\ew\.android deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\pref.js deleted
C:\Users\ew\AppData\Roaming\burnaware.ini deleted
C:\PROGRA~3\OberonGameConsole deleted
C:\PROGRA~3\ICQ deleted
C:\PROGRA~3\CloudSoft deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\InstallMate deleted
C:\Users\ew\AppData\Local\cache deleted
C:\Users\ew\AppData\Local\Installer deleted
C:\Users\ew\AppData\Local\CrashRpt deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted
C:\Users\ew\AppData\LocalLow\ADSRemoval deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\IObit Apps deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\Windows\tasks\GWYTUHQ.job deleted
C:\windows\SysNative\tasks\GWYTUHQ deleted
C:\Windows\tasks\UCDQBS.job deleted
C:\windows\SysNative\tasks\UCDQBS deleted
C:\Windows\wininit.ini deleted
C:\windows\SysNative\Tasks\YTAUpdate deleted
C:\windows\SysNative\tasks\Installer_shopperpro deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\Syswow64\tmp4C26.tmp deleted
C:\Windows\Syswow64\tmp4C27.tmp deleted
C:\Windows\SysWOW64\AniGIF.ocx deleted
C:\Users\ew\Desktop\Continue installation - SpyHunter4_17_6_4336Crack Installation.lnk deleted
C:\Users\ew\AppData\Roaming\GWYTUHQ.exe deleted
C:\Users\ew\AppData\Roaming\UCDQBS.exe deleted
C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com deleted
C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\extensions\adremoveext@adremoveext.net deleted
C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\extensions\sepherdwilbur@aol.com deleted
"C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"="C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5" [13.09.2012 10:40]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [20.03.2012 12:02]
==== Firefox Extensions ======================
ProfilePath: C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default
- Free Download Manager plugin - %ProfilePath%\extensions\fdm_ffext@freedownloadmanager.org
- Centrum domnov pomocnk - %ProfilePath%\extensions\centrumpomocnik@centrum.cz
- EXT_NAME - %ProfilePath%\extensions\openinchrome@griffeltavla.wordpress.com
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- DivX Web Player - %ProfilePath%\extensions\DivXWebPlayer@divx.com.xpi
ProfilePath: C:\Users\ew\AppData\Roaming\TomTom\HOME\Profiles\jnl5rdw7.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default
B6A800D881A0176C544988870861E798 - C:\Windows\SysWoW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fdacjibldldnbapkljmehbkfbgacigmh - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta9029\ch\VideoPlayerV3beta9029.crx[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[27.08.2014 21:18]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - No path found[]
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12.12.2011 15:13]
Seznam Li\u0161ti\u010Dka - Email - ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam LištiÄŤka - SlovnĂk - ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
avast Online Security - ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Skype Click to Call - ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Seznam Lištička - Rychlá volba - ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
DefaultTab - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
==== Chromium Fix ======================
C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl deleted successfully
C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lifbcibllhkdhoafpjfnlhfpfgnpldfl_0.localstorage deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Search Bar"="http://www.bing.com"
"ICQ Search"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"ICQ Search"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{4AC98FB2-0C0A-4EF8-8FEB-9C37519515F7} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_13415"
{592E58CA-8AE8-413F-A8EE-C421C84557D9} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_13415"
{63DBCAD0-36D5-44B0-82FC-AA670FD6966E} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13415"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=i ... AW_csCZ432"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... urceid=ie7"
{6B35B02A-93C4-461A-A75A-E7A89F4FE5C9} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_13415"
{6FEF1849-67B1-4E8C-8EA4-4075783429C7} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_13415"
{73E25F69-E9AC-408B-A398-EAE695F770EC} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_13415"
{94AA0F61-B421-414F-95E0-F586FF9086F6} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13415"
{9F48360E-1BBF-4C38-9EE0-88340A998BBE} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415"
==== Reset Google Chrome ======================
C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9CDE8C1C-C93F-4C06-6001-56D7685A9CEF} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fdacjibldldnbapkljmehbkfbgacigmh deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Video Player deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbarhaCR deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbarhaIE deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiteRanker deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=2480 folders=210 56031713 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\ew\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\ew\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on ne 28.09.2014 at 11:09:37,58 ======================
Re: pomalý notebook
Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: pomalý notebook
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2014
Ran by ew (administrator) on LK on 28-09-2014 11:35:13
Running from C:\Users\ew\Desktop
Loaded Profile: ew (Available profiles: ew)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Users\ew\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\ew\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Users\ew\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ew\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ew\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ew\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ew\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\ew\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-06-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-07-04] (AVAST Software)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\ew\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\ew\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\MountPoints2: {11e16ab8-fc07-11e2-b3e0-00262d9ec5fe} - F:\StartVMCLite.exe
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\MountPoints2: {35c91dbd-a7f5-11e1-8c47-00262d9ec5fe} - F:\StartVMCLite.exe
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\MountPoints2: {b8fd632f-f297-11e0-a821-00262d9ec5fe} - F:\setup_vmc_lite.exe /checkApplicationPresence
Startup: C:\Users\ew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\ew\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: localhost:8080
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ACAW
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {4AC98FB2-0C0A-4EF8-8FEB-9C37519515F7} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKCU - {592E58CA-8AE8-413F-A8EE-C421C84557D9} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKCU - {63DBCAD0-36D5-44B0-82FC-AA670FD6966E} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... AW_csCZ432
SearchScopes: HKCU - {6B35B02A-93C4-461A-A75A-E7A89F4FE5C9} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKCU - {6FEF1849-67B1-4E8C-8EA4-4075783429C7} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKCU - {73E25F69-E9AC-408B-A398-EAE695F770EC} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKCU - {94AA0F61-B421-414F-95E0-F586FF9086F6} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {9F48360E-1BBF-4C38-9EE0-88340A998BBE} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{695C5697-620E-4D6E-974D-717D9DBDF831}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FireFox:
========
FF ProfilePath: C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\ew\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\ew\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\searchplugins\seznam-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Centrum doménový pomocník - C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\Extensions\centrumpomocnik@centrum.cz [2011-11-26]
FF Extension: {{EXT_NAME}} - C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\Extensions\openinchrome@griffeltavla.wordpress.com [2014-09-22]
FF Extension: Seznam lištička - C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-09-19]
FF Extension: DivX Web Player - C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\Extensions\DivXWebPlayer@divx.com.xpi [2011-10-19]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-03-20]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-05-20]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-09-13]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR Profile: C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-28]
CHR Extension: (Google Docs) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-28]
CHR Extension: (Google Drive) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-28]
CHR Extension: (Seznam Lištička - Email) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-01-04]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-09-19]
CHR Extension: (YouTube) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-15]
CHR Extension: (Google Search) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-15]
CHR Extension: (Google Sheets) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-28]
CHR Extension: (avast! Online Security) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-27]
CHR Extension: (Google Wallet) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-09-13]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-01-04]
CHR Extension: (Gmail) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-27]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR StartMenuInternet: Google Chrome - C:\Users\ew\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-04] (AVAST Software)
R2 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [250368 2010-03-09] (NewTech Infosystems, Inc.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SpyEmrgSrv; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [3284008 2013-03-11] (NETGATE Technologies s.r.o.)
S3 WorkshopDBService; C:\Program Files\Vivid WorkshopData ATI\WorkshopDBServer.exe [114688 2011-10-09] (Acresso) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-27] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-27] ()
S3 awUSB; C:\Windows\System32\DRIVERS\USBDrv_AMD64.sys [17280 2013-01-26] (Scott)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-09-05] (DT Soft Ltd)
R1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] ()
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-06-18] (Synaptics Incorporated)
R1 SpyEmrg; C:\Windows\System32\Drivers\spyemrg.sys [17240 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\Windows\System32\Drivers\spyemrg_access.sys [24408 2011-04-21] (NETGATE Technologies s.r.o.)
R3 SpyEmrgGuard; C:\Windows\System32\Drivers\spyemrg_guard.sys [18776 2011-04-21] (NETGATE Technologies s.r.o.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-28 11:35 - 2014-09-28 11:35 - 00018997 _____ () C:\Users\ew\Desktop\FRST.txt
2014-09-28 11:34 - 2014-09-28 11:35 - 00000000 ____D () C:\FRST
2014-09-28 11:33 - 2014-09-28 11:30 - 00112640 _____ (forum.viry.cz) C:\Users\ew\Desktop\FRSTLauncher.exe
2014-09-28 11:32 - 2014-09-28 11:30 - 02108928 _____ (Farbar) C:\Users\ew\Desktop\FRST64.exe
2014-09-28 11:26 - 2014-09-26 16:54 - 01222144 _____ () C:\Users\ew\Desktop\RSITx64.exe
2014-09-28 11:06 - 2014-09-28 10:40 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-28 10:43 - 2014-09-28 11:09 - 00020011 _____ () C:\zoek-results.log
2014-09-28 10:40 - 2014-09-28 11:03 - 00000000 ____D () C:\zoek_backup
2014-09-28 10:40 - 2014-09-28 10:39 - 01290752 _____ () C:\Users\ew\Desktop\zoek.exe
2014-09-26 21:16 - 2014-09-28 11:17 - 00054389 _____ () C:\Windows\WindowsUpdate.log
2014-09-26 21:06 - 2014-09-28 11:09 - 00000372 _____ () C:\Windows\error.log
2014-09-26 21:05 - 2014-09-28 11:08 - 00001454 _____ () C:\Windows\PFRO.log
2014-09-26 21:05 - 2014-09-28 11:08 - 00000168 _____ () C:\Windows\setupact.log
2014-09-26 21:05 - 2014-09-26 21:05 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-26 21:04 - 2014-09-28 11:08 - 00000084 _____ () C:\Windows\errord.log
2014-09-26 19:11 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-26 19:09 - 2014-09-26 21:04 - 00000000 ____D () C:\AdwCleaner
2014-09-26 19:08 - 2014-09-26 19:08 - 00019797 _____ () C:\Users\ew\Desktop\JRT.txt
2014-09-26 19:00 - 2014-09-26 19:00 - 00000000 ____D () C:\Windows\ERUNT
2014-09-26 18:51 - 2014-09-26 18:50 - 01699118 _____ (Thisisu) C:\Users\ew\Desktop\JRT.exe
2014-09-26 18:51 - 2014-09-26 18:50 - 01373475 _____ () C:\Users\ew\Desktop\adwcleaner_3.310.exe
2014-09-26 18:19 - 2014-09-26 18:19 - 00000000 ____D () C:\Windows\4E0C6314A8B84026AC15084E8B63AFB5.TMP
2014-09-26 18:16 - 2014-09-26 18:16 - 00002766 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-09-26 18:16 - 2014-09-26 18:16 - 00000786 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-26 18:16 - 2014-09-26 18:16 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-09-26 18:16 - 2014-09-26 18:16 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-26 16:57 - 2014-09-26 16:57 - 00000000 ____D () C:\rsit
2014-09-26 16:57 - 2014-09-26 16:57 - 00000000 ____D () C:\Program Files\trend micro
2014-09-26 13:38 - 2014-09-26 18:19 - 00000000 ____D () C:\sh4ldr
2014-09-26 13:38 - 2014-09-26 13:38 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2014-09-26 13:08 - 2014-09-26 13:08 - 00000000 ____D () C:\Users\ew\Documents\ProcAlyzer Dumps
2014-09-26 08:37 - 2009-06-10 23:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.bak
2014-09-26 06:53 - 2014-09-26 12:07 - 00000000 ____D () C:\Users\ew\AppData\Roaming\Spy Emergency
2014-09-26 06:53 - 2014-09-26 06:53 - 00000953 _____ () C:\Users\Public\Desktop\Spy Emergency.lnk
2014-09-26 06:53 - 2014-09-26 06:53 - 00000000 ____D () C:\ProgramData\NETGATE
2014-09-26 06:53 - 2014-09-26 06:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Emergency
2014-09-26 06:53 - 2011-04-21 11:31 - 00024408 _____ (NETGATE Technologies s.r.o.) C:\Windows\system32\Drivers\spyemrg_access.sys
2014-09-26 06:53 - 2011-04-21 11:31 - 00018776 _____ (NETGATE Technologies s.r.o.) C:\Windows\system32\Drivers\spyemrg_guard.sys
2014-09-26 06:53 - 2011-04-21 11:31 - 00017240 _____ (NETGATE Technologies s.r.o.) C:\Windows\system32\Drivers\spyemrg.sys
2014-09-26 06:52 - 2014-09-26 06:52 - 00000000 ____D () C:\Program Files\NETGATE
2014-09-26 01:14 - 2014-09-26 02:34 - 00000000 ____D () C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2014-09-26 00:54 - 2014-09-26 00:54 - 00003378 _____ () C:\Windows\System32\Tasks\{AEF62372-3432-4B1D-B8E9-923CA66067A9}
2014-09-26 00:38 - 2014-09-26 01:15 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-09-25 22:50 - 2014-09-25 22:50 - 00000000 _____ () C:\autoexec.bat
2014-09-25 22:48 - 2014-09-26 00:36 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-25 21:23 - 2014-09-25 21:23 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-09-25 21:22 - 2014-09-26 18:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-25 21:22 - 2014-09-25 22:05 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-25 17:48 - 2014-09-25 17:49 - 00006144 ___SH () C:\Users\ew\Documents\Thumbs.db
2014-09-25 17:44 - 2014-09-25 17:44 - 00000000 ____D () C:\Users\ew\AppData\Roaming\eSobi
2014-09-25 17:43 - 2014-09-25 17:43 - 00002749 _____ () C:\Users\Public\Desktop\eSobi v2.lnk
2014-09-25 08:36 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-25 08:36 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-19 08:21 - 2014-09-19 08:21 - 00000000 _____ () C:\asc_rdflag
2014-09-19 08:14 - 2014-09-19 08:14 - 00000000 __SHD () C:\Users\ew\AppData\Local\EmieUserList
2014-09-19 08:14 - 2014-09-19 08:14 - 00000000 __SHD () C:\Users\ew\AppData\Local\EmieSiteList
2014-09-19 07:12 - 2014-09-28 11:15 - 00000000 ____D () C:\Users\ew\AppData\Roaming\Seznam.cz
2014-09-16 19:29 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-15 20:25 - 2014-09-25 17:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-15 19:47 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-09-15 19:33 - 2014-09-15 19:33 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-15 19:33 - 2014-09-15 19:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-15 19:33 - 2014-09-15 19:33 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-15 19:33 - 2014-09-15 19:33 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-15 19:33 - 2014-09-15 19:33 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-09-15 19:33 - 2014-09-15 19:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-09-15 19:33 - 2014-09-15 19:33 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-09-15 19:33 - 2014-09-15 19:33 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-09-15 19:33 - 2014-09-15 19:33 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-09-15 19:33 - 2014-09-15 19:33 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-09-15 19:33 - 2014-09-15 19:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-15 18:17 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-15 18:17 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-15 18:05 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-09-15 18:05 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-09-15 18:05 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-09-15 18:05 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-09-15 18:05 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-09-15 18:05 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-09-15 18:04 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-09-15 18:04 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-14 13:48 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-14 13:48 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-14 13:48 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-09-14 13:48 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-09-14 13:48 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-09-14 13:47 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-14 13:47 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-14 13:47 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-09-14 13:47 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-09-14 13:42 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-14 13:42 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-14 13:42 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-09-14 13:42 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-09-14 13:42 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-09-14 13:42 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-09-14 13:42 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-09-14 13:42 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-09-14 13:42 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-09-14 13:42 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-09-14 13:41 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-14 13:41 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-14 13:41 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-09-14 13:41 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-09-14 13:41 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-09-14 13:41 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-14 13:41 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-09-14 13:41 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-14 13:41 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-09-14 13:41 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-09-14 13:41 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-09-14 13:41 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-09-14 13:41 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-09-14 13:41 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-09-14 13:41 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-09-14 13:41 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-09-14 13:41 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-09-14 13:41 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-09-14 13:41 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-09-14 13:41 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-09-14 13:41 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-09-14 13:41 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-09-14 13:41 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-09-14 13:41 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-09-14 13:41 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-09-14 13:41 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-09-14 13:41 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-09-14 13:39 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-14 13:39 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-14 13:39 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-14 13:39 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-14 13:39 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-14 13:39 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-14 13:39 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-09-14 13:38 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-14 13:38 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-14 13:38 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-09-14 13:38 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-09-14 13:38 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-09-14 13:38 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-09-14 13:38 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-09-14 13:38 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-09-14 13:38 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-09-14 13:38 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-09-14 13:38 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-09-14 13:38 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-09-14 13:38 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-09-14 13:38 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-09-14 13:38 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-09-14 13:38 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-09-14 13:38 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-09-14 13:38 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-09-14 13:37 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-14 13:37 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-14 13:36 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-14 13:36 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-14 13:36 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-14 13:36 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-14 13:36 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-14 13:36 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-09-14 13:36 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-09-14 13:36 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-09-14 13:36 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-09-14 13:36 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-09-14 13:36 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-09-14 13:36 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-09-14 13:36 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-09-14 13:36 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-09-14 13:36 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-09-14 13:36 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-09-14 13:36 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-14 13:35 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-09-14 13:35 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-09-14 13:35 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-09-14 13:35 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-09-14 13:35 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-09-14 13:35 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-09-14 13:34 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-14 13:34 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-14 13:34 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-14 13:34 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-14 13:34 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-14 13:34 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-14 13:34 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-09-14 13:34 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-09-14 13:34 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-09-14 00:25 - 2014-09-14 00:35 - 539269186 _____ () C:\Users\ew\Downloads\MX Simulator - Copy.rar
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\ew\AppData\Roaming\UCDQBS
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\ew\AppData\Roaming\GWYTUHQ
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-28 11:31 - 2011-05-20 19:04 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-28 11:20 - 2009-07-14 06:45 - 00025840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-28 11:20 - 2009-07-14 06:45 - 00025840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-28 11:11 - 2014-04-14 11:13 - 00000000 ___RD () C:\Users\ew\Dropbox
2014-09-28 11:11 - 2014-04-14 11:09 - 00000000 ____D () C:\Users\ew\AppData\Roaming\Dropbox
2014-09-28 11:10 - 2011-05-20 19:04 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-28 11:09 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-28 11:00 - 2012-07-08 11:40 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-28 11:00 - 2011-05-03 00:15 - 00000000 ____D () C:\Users\ew
2014-09-28 10:43 - 2011-06-06 20:53 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-475786874-1651809418-4027261001-1000UA.job
2014-09-28 10:32 - 2012-07-11 07:18 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-26 21:03 - 2010-10-12 05:40 - 00000000 ____D () C:\ProgramData\Temp
2014-09-26 20:42 - 2011-06-06 20:53 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-475786874-1651809418-4027261001-1000Core.job
2014-09-26 18:32 - 2013-01-16 21:54 - 00000000 ____D () C:\Users\ew\AppData\Roaming\TeamViewer
2014-09-26 18:32 - 2011-09-28 21:13 - 00000000 ____D () C:\Users\ew\AppData\Roaming\PhotoScape
2014-09-26 17:01 - 2010-10-12 06:21 - 00672424 _____ () C:\Windows\system32\perfh005.dat
2014-09-26 17:01 - 2010-10-12 06:21 - 00142988 _____ () C:\Windows\system32\perfc005.dat
2014-09-26 17:01 - 2009-07-14 07:13 - 01593310 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-26 16:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-26 09:25 - 2011-05-20 19:01 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-26 02:55 - 2011-05-03 15:21 - 00001397 _____ () C:\Users\ew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-26 01:44 - 2014-03-05 13:21 - 00002405 _____ () C:\Users\ew\Desktop\Google Chrome.lnk
2014-09-25 18:18 - 2011-06-28 16:27 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-25 17:58 - 2012-09-20 21:32 - 00000000 ____D () C:\Users\ew\Documents\Fotoknihalibor-soubory
2014-09-25 17:55 - 2011-05-29 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-25 17:55 - 2010-04-12 22:42 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-25 17:55 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media
2014-09-25 17:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-09-25 17:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-09-25 17:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-25 17:53 - 2014-07-28 08:51 - 00000000 ____D () C:\Users\ew\AppData\Roaming\ProductData
2014-09-25 17:53 - 2014-04-14 11:10 - 00000000 ____D () C:\Users\ew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-25 17:53 - 2013-03-13 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-25 17:53 - 2011-06-06 20:55 - 00000000 ____D () C:\Users\ew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-25 17:53 - 2011-05-29 21:37 - 00000000 ____D () C:\Users\ew\AppData\Roaming\vlc
2014-09-25 17:53 - 2011-05-23 21:07 - 00000000 ____D () C:\ProgramData\IObit
2014-09-25 17:53 - 2010-10-12 06:21 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-09-25 17:53 - 2010-04-12 22:06 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-25 17:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-09-25 17:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\MUI
2014-09-25 17:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\schemas
2014-09-25 17:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2014-09-25 17:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2014-09-25 17:52 - 2013-03-13 21:02 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-25 17:52 - 2011-06-01 08:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-09-25 17:52 - 2010-04-12 21:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-25 17:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-25 17:51 - 2013-03-25 20:43 - 00000000 ____D () C:\Users\ew\Documents\Moje naskenované obrázky
2014-09-25 17:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-09-25 17:44 - 2010-04-12 21:56 - 00000000 ____D () C:\ProgramData\eSobi
2014-09-25 17:43 - 2010-04-12 21:56 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSobi v2
2014-09-25 17:26 - 2011-06-28 16:27 - 00000000 ____D () C:\ProgramData\Skype
2014-09-19 08:31 - 2014-05-11 18:37 - 00002848 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (ew)
2014-09-19 08:29 - 2014-04-14 11:13 - 00001006 _____ () C:\Users\ew\Desktop\Dropbox.lnk
2014-09-19 08:21 - 2014-03-05 13:17 - 90193920 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-09-19 08:21 - 2014-03-05 13:17 - 00425984 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-09-19 08:21 - 2014-03-05 13:17 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-09-19 08:21 - 2014-03-05 13:17 - 00024576 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-09-19 07:38 - 2011-05-29 21:37 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-18 12:14 - 2009-07-27 22:41 - 00000000 ____D () C:\Windows\Panther
2014-09-16 19:18 - 2013-02-06 11:47 - 01568960 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-15 20:31 - 2009-07-14 06:45 - 00419712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-15 18:29 - 2013-10-02 08:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-15 09:06 - 2011-10-09 09:52 - 00278152 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-11 21:00 - 2012-07-08 11:40 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-11 21:00 - 2012-07-08 11:40 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-11 21:00 - 2011-05-20 19:07 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-09 22:19 - 2014-03-05 11:06 - 00000000 ____D () C:\Windows\pss
2014-08-29 13:01 - 2011-05-24 09:21 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Some content of TEMP:
====================
C:\Users\ew\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpr0sa3z.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-26 13:37
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (ACER) (Fixed) (Total:285.3 GB) (Free:20.9 GB) NTFS
Available physical RAM: 1754.55 MB
Total physical RAM: 3066.93 MB
Percentage of memory in use: 42%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 0A720A71)
Partition 1: (Not Active) - (Size=12.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285.3 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-475786874-1651809418-4027261001-1000Core.job => C:\Users\ew\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-475786874-1651809418-4027261001-1000UA.job => C:\Users\ew\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:182F0EEA
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Spy Emergency (Disabled - Up to date) {A77BE48A-B776-F747-8A39-C3ECDC95366D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\ew\Desktop" je 84 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePower Management
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint
C:\Program Files\Apoint2K\Apoint.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeDeluxeAgent
"C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\ew\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_61E78D24F0B60A61F8B00FBC545D7D4F
"C:\Users\ew\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload
C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager
C:\Program Files (x86)\Launch Manager\LManager.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OOTag
c:\program files (x86)\acer\oobeoffer\ootag.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie
"C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI
C:\Windows\PLFSetI.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk
C:\PROGRA~2\HP\DIGITA~1\bin\hpqtra08.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^ew^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk
C:\Users\ew\AppData\Roaming\Dropbox\bin\Dropbox.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DefaultOutboundAction REG_DWORD 0x0
DefaultInboundAction REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by ew (administrator) on LK on 28-09-2014 11:35:13
Running from C:\Users\ew\Desktop
Loaded Profile: ew (Available profiles: ew)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Users\ew\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\ew\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Users\ew\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ew\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ew\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ew\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ew\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\ew\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-06-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-07-04] (AVAST Software)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\ew\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\ew\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\MountPoints2: {11e16ab8-fc07-11e2-b3e0-00262d9ec5fe} - F:\StartVMCLite.exe
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\MountPoints2: {35c91dbd-a7f5-11e1-8c47-00262d9ec5fe} - F:\StartVMCLite.exe
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\MountPoints2: {b8fd632f-f297-11e0-a821-00262d9ec5fe} - F:\setup_vmc_lite.exe /checkApplicationPresence
Startup: C:\Users\ew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\ew\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: localhost:8080
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ACAW
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {4AC98FB2-0C0A-4EF8-8FEB-9C37519515F7} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKCU - {592E58CA-8AE8-413F-A8EE-C421C84557D9} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKCU - {63DBCAD0-36D5-44B0-82FC-AA670FD6966E} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... AW_csCZ432
SearchScopes: HKCU - {6B35B02A-93C4-461A-A75A-E7A89F4FE5C9} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKCU - {6FEF1849-67B1-4E8C-8EA4-4075783429C7} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKCU - {73E25F69-E9AC-408B-A398-EAE695F770EC} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKCU - {94AA0F61-B421-414F-95E0-F586FF9086F6} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {9F48360E-1BBF-4C38-9EE0-88340A998BBE} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{695C5697-620E-4D6E-974D-717D9DBDF831}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FireFox:
========
FF ProfilePath: C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\ew\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\ew\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\searchplugins\seznam-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Centrum doménový pomocník - C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\Extensions\centrumpomocnik@centrum.cz [2011-11-26]
FF Extension: {{EXT_NAME}} - C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\Extensions\openinchrome@griffeltavla.wordpress.com [2014-09-22]
FF Extension: Seznam lištička - C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-09-19]
FF Extension: DivX Web Player - C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\Extensions\DivXWebPlayer@divx.com.xpi [2011-10-19]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-03-20]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-05-20]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-09-13]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR Profile: C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-28]
CHR Extension: (Google Docs) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-28]
CHR Extension: (Google Drive) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-28]
CHR Extension: (Seznam Lištička - Email) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-01-04]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-09-19]
CHR Extension: (YouTube) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-15]
CHR Extension: (Google Search) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-15]
CHR Extension: (Google Sheets) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-28]
CHR Extension: (avast! Online Security) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-27]
CHR Extension: (Google Wallet) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-09-13]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-01-04]
CHR Extension: (Gmail) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-27]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR StartMenuInternet: Google Chrome - C:\Users\ew\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-04] (AVAST Software)
R2 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [250368 2010-03-09] (NewTech Infosystems, Inc.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SpyEmrgSrv; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [3284008 2013-03-11] (NETGATE Technologies s.r.o.)
S3 WorkshopDBService; C:\Program Files\Vivid WorkshopData ATI\WorkshopDBServer.exe [114688 2011-10-09] (Acresso) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-27] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-27] ()
S3 awUSB; C:\Windows\System32\DRIVERS\USBDrv_AMD64.sys [17280 2013-01-26] (Scott)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-09-05] (DT Soft Ltd)
R1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] ()
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-06-18] (Synaptics Incorporated)
R1 SpyEmrg; C:\Windows\System32\Drivers\spyemrg.sys [17240 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\Windows\System32\Drivers\spyemrg_access.sys [24408 2011-04-21] (NETGATE Technologies s.r.o.)
R3 SpyEmrgGuard; C:\Windows\System32\Drivers\spyemrg_guard.sys [18776 2011-04-21] (NETGATE Technologies s.r.o.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-28 11:35 - 2014-09-28 11:35 - 00018997 _____ () C:\Users\ew\Desktop\FRST.txt
2014-09-28 11:34 - 2014-09-28 11:35 - 00000000 ____D () C:\FRST
2014-09-28 11:33 - 2014-09-28 11:30 - 00112640 _____ (forum.viry.cz) C:\Users\ew\Desktop\FRSTLauncher.exe
2014-09-28 11:32 - 2014-09-28 11:30 - 02108928 _____ (Farbar) C:\Users\ew\Desktop\FRST64.exe
2014-09-28 11:26 - 2014-09-26 16:54 - 01222144 _____ () C:\Users\ew\Desktop\RSITx64.exe
2014-09-28 11:06 - 2014-09-28 10:40 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-28 10:43 - 2014-09-28 11:09 - 00020011 _____ () C:\zoek-results.log
2014-09-28 10:40 - 2014-09-28 11:03 - 00000000 ____D () C:\zoek_backup
2014-09-28 10:40 - 2014-09-28 10:39 - 01290752 _____ () C:\Users\ew\Desktop\zoek.exe
2014-09-26 21:16 - 2014-09-28 11:17 - 00054389 _____ () C:\Windows\WindowsUpdate.log
2014-09-26 21:06 - 2014-09-28 11:09 - 00000372 _____ () C:\Windows\error.log
2014-09-26 21:05 - 2014-09-28 11:08 - 00001454 _____ () C:\Windows\PFRO.log
2014-09-26 21:05 - 2014-09-28 11:08 - 00000168 _____ () C:\Windows\setupact.log
2014-09-26 21:05 - 2014-09-26 21:05 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-26 21:04 - 2014-09-28 11:08 - 00000084 _____ () C:\Windows\errord.log
2014-09-26 19:11 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-26 19:09 - 2014-09-26 21:04 - 00000000 ____D () C:\AdwCleaner
2014-09-26 19:08 - 2014-09-26 19:08 - 00019797 _____ () C:\Users\ew\Desktop\JRT.txt
2014-09-26 19:00 - 2014-09-26 19:00 - 00000000 ____D () C:\Windows\ERUNT
2014-09-26 18:51 - 2014-09-26 18:50 - 01699118 _____ (Thisisu) C:\Users\ew\Desktop\JRT.exe
2014-09-26 18:51 - 2014-09-26 18:50 - 01373475 _____ () C:\Users\ew\Desktop\adwcleaner_3.310.exe
2014-09-26 18:19 - 2014-09-26 18:19 - 00000000 ____D () C:\Windows\4E0C6314A8B84026AC15084E8B63AFB5.TMP
2014-09-26 18:16 - 2014-09-26 18:16 - 00002766 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-09-26 18:16 - 2014-09-26 18:16 - 00000786 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-26 18:16 - 2014-09-26 18:16 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-09-26 18:16 - 2014-09-26 18:16 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-26 16:57 - 2014-09-26 16:57 - 00000000 ____D () C:\rsit
2014-09-26 16:57 - 2014-09-26 16:57 - 00000000 ____D () C:\Program Files\trend micro
2014-09-26 13:38 - 2014-09-26 18:19 - 00000000 ____D () C:\sh4ldr
2014-09-26 13:38 - 2014-09-26 13:38 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2014-09-26 13:08 - 2014-09-26 13:08 - 00000000 ____D () C:\Users\ew\Documents\ProcAlyzer Dumps
2014-09-26 08:37 - 2009-06-10 23:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.bak
2014-09-26 06:53 - 2014-09-26 12:07 - 00000000 ____D () C:\Users\ew\AppData\Roaming\Spy Emergency
2014-09-26 06:53 - 2014-09-26 06:53 - 00000953 _____ () C:\Users\Public\Desktop\Spy Emergency.lnk
2014-09-26 06:53 - 2014-09-26 06:53 - 00000000 ____D () C:\ProgramData\NETGATE
2014-09-26 06:53 - 2014-09-26 06:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Emergency
2014-09-26 06:53 - 2011-04-21 11:31 - 00024408 _____ (NETGATE Technologies s.r.o.) C:\Windows\system32\Drivers\spyemrg_access.sys
2014-09-26 06:53 - 2011-04-21 11:31 - 00018776 _____ (NETGATE Technologies s.r.o.) C:\Windows\system32\Drivers\spyemrg_guard.sys
2014-09-26 06:53 - 2011-04-21 11:31 - 00017240 _____ (NETGATE Technologies s.r.o.) C:\Windows\system32\Drivers\spyemrg.sys
2014-09-26 06:52 - 2014-09-26 06:52 - 00000000 ____D () C:\Program Files\NETGATE
2014-09-26 01:14 - 2014-09-26 02:34 - 00000000 ____D () C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2014-09-26 00:54 - 2014-09-26 00:54 - 00003378 _____ () C:\Windows\System32\Tasks\{AEF62372-3432-4B1D-B8E9-923CA66067A9}
2014-09-26 00:38 - 2014-09-26 01:15 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-09-25 22:50 - 2014-09-25 22:50 - 00000000 _____ () C:\autoexec.bat
2014-09-25 22:48 - 2014-09-26 00:36 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-25 21:23 - 2014-09-25 21:23 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-09-25 21:22 - 2014-09-26 18:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-25 21:22 - 2014-09-25 22:05 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-25 17:48 - 2014-09-25 17:49 - 00006144 ___SH () C:\Users\ew\Documents\Thumbs.db
2014-09-25 17:44 - 2014-09-25 17:44 - 00000000 ____D () C:\Users\ew\AppData\Roaming\eSobi
2014-09-25 17:43 - 2014-09-25 17:43 - 00002749 _____ () C:\Users\Public\Desktop\eSobi v2.lnk
2014-09-25 08:36 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-25 08:36 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-19 08:21 - 2014-09-19 08:21 - 00000000 _____ () C:\asc_rdflag
2014-09-19 08:14 - 2014-09-19 08:14 - 00000000 __SHD () C:\Users\ew\AppData\Local\EmieUserList
2014-09-19 08:14 - 2014-09-19 08:14 - 00000000 __SHD () C:\Users\ew\AppData\Local\EmieSiteList
2014-09-19 07:12 - 2014-09-28 11:15 - 00000000 ____D () C:\Users\ew\AppData\Roaming\Seznam.cz
2014-09-16 19:29 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-15 20:25 - 2014-09-25 17:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-15 19:47 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-09-15 19:33 - 2014-09-15 19:33 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-15 19:33 - 2014-09-15 19:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-15 19:33 - 2014-09-15 19:33 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-15 19:33 - 2014-09-15 19:33 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-15 19:33 - 2014-09-15 19:33 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-09-15 19:33 - 2014-09-15 19:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-09-15 19:33 - 2014-09-15 19:33 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-09-15 19:33 - 2014-09-15 19:33 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-09-15 19:33 - 2014-09-15 19:33 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-09-15 19:33 - 2014-09-15 19:33 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-09-15 19:33 - 2014-09-15 19:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-15 18:17 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-15 18:17 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-15 18:05 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-09-15 18:05 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-09-15 18:05 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-09-15 18:05 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-09-15 18:05 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-09-15 18:05 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-09-15 18:04 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-09-15 18:04 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-14 13:48 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-14 13:48 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-14 13:48 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-09-14 13:48 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-09-14 13:48 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-09-14 13:47 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-14 13:47 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-14 13:47 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-09-14 13:47 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-09-14 13:42 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-14 13:42 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-14 13:42 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-09-14 13:42 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-09-14 13:42 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-09-14 13:42 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-09-14 13:42 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-09-14 13:42 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-09-14 13:42 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-09-14 13:42 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-09-14 13:41 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-14 13:41 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-14 13:41 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-09-14 13:41 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-09-14 13:41 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-09-14 13:41 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-14 13:41 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-09-14 13:41 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-14 13:41 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-09-14 13:41 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-09-14 13:41 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-09-14 13:41 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-09-14 13:41 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-09-14 13:41 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-09-14 13:41 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-09-14 13:41 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-09-14 13:41 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-09-14 13:41 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-09-14 13:41 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-09-14 13:41 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-09-14 13:41 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-09-14 13:41 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-09-14 13:41 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-09-14 13:41 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-09-14 13:41 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-09-14 13:41 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-09-14 13:41 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-09-14 13:39 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-14 13:39 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-14 13:39 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-14 13:39 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-14 13:39 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-14 13:39 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-14 13:39 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-09-14 13:38 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-14 13:38 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-14 13:38 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-09-14 13:38 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-09-14 13:38 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-09-14 13:38 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-09-14 13:38 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-09-14 13:38 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-09-14 13:38 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-09-14 13:38 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-09-14 13:38 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-09-14 13:38 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-09-14 13:38 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-09-14 13:38 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-09-14 13:38 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-09-14 13:38 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-09-14 13:38 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-09-14 13:38 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-09-14 13:37 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-14 13:37 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-14 13:36 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-14 13:36 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-14 13:36 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-14 13:36 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-14 13:36 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-14 13:36 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-09-14 13:36 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-09-14 13:36 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-09-14 13:36 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-09-14 13:36 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-09-14 13:36 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-09-14 13:36 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-09-14 13:36 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-09-14 13:36 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-09-14 13:36 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-09-14 13:36 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-09-14 13:36 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-14 13:35 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-09-14 13:35 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-09-14 13:35 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-09-14 13:35 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-09-14 13:35 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-09-14 13:35 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-09-14 13:34 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-14 13:34 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-14 13:34 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-14 13:34 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-14 13:34 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-14 13:34 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-14 13:34 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-09-14 13:34 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-09-14 13:34 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-09-14 00:25 - 2014-09-14 00:35 - 539269186 _____ () C:\Users\ew\Downloads\MX Simulator - Copy.rar
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\ew\AppData\Roaming\UCDQBS
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\ew\AppData\Roaming\GWYTUHQ
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-28 11:31 - 2011-05-20 19:04 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-28 11:20 - 2009-07-14 06:45 - 00025840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-28 11:20 - 2009-07-14 06:45 - 00025840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-28 11:11 - 2014-04-14 11:13 - 00000000 ___RD () C:\Users\ew\Dropbox
2014-09-28 11:11 - 2014-04-14 11:09 - 00000000 ____D () C:\Users\ew\AppData\Roaming\Dropbox
2014-09-28 11:10 - 2011-05-20 19:04 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-28 11:09 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-28 11:00 - 2012-07-08 11:40 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-28 11:00 - 2011-05-03 00:15 - 00000000 ____D () C:\Users\ew
2014-09-28 10:43 - 2011-06-06 20:53 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-475786874-1651809418-4027261001-1000UA.job
2014-09-28 10:32 - 2012-07-11 07:18 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-26 21:03 - 2010-10-12 05:40 - 00000000 ____D () C:\ProgramData\Temp
2014-09-26 20:42 - 2011-06-06 20:53 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-475786874-1651809418-4027261001-1000Core.job
2014-09-26 18:32 - 2013-01-16 21:54 - 00000000 ____D () C:\Users\ew\AppData\Roaming\TeamViewer
2014-09-26 18:32 - 2011-09-28 21:13 - 00000000 ____D () C:\Users\ew\AppData\Roaming\PhotoScape
2014-09-26 17:01 - 2010-10-12 06:21 - 00672424 _____ () C:\Windows\system32\perfh005.dat
2014-09-26 17:01 - 2010-10-12 06:21 - 00142988 _____ () C:\Windows\system32\perfc005.dat
2014-09-26 17:01 - 2009-07-14 07:13 - 01593310 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-26 16:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-26 09:25 - 2011-05-20 19:01 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-26 02:55 - 2011-05-03 15:21 - 00001397 _____ () C:\Users\ew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-26 01:44 - 2014-03-05 13:21 - 00002405 _____ () C:\Users\ew\Desktop\Google Chrome.lnk
2014-09-25 18:18 - 2011-06-28 16:27 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-25 17:58 - 2012-09-20 21:32 - 00000000 ____D () C:\Users\ew\Documents\Fotoknihalibor-soubory
2014-09-25 17:55 - 2011-05-29 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-25 17:55 - 2010-04-12 22:42 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-25 17:55 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media
2014-09-25 17:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-09-25 17:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-09-25 17:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-25 17:53 - 2014-07-28 08:51 - 00000000 ____D () C:\Users\ew\AppData\Roaming\ProductData
2014-09-25 17:53 - 2014-04-14 11:10 - 00000000 ____D () C:\Users\ew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-25 17:53 - 2013-03-13 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-25 17:53 - 2011-06-06 20:55 - 00000000 ____D () C:\Users\ew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-25 17:53 - 2011-05-29 21:37 - 00000000 ____D () C:\Users\ew\AppData\Roaming\vlc
2014-09-25 17:53 - 2011-05-23 21:07 - 00000000 ____D () C:\ProgramData\IObit
2014-09-25 17:53 - 2010-10-12 06:21 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-09-25 17:53 - 2010-04-12 22:06 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-25 17:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-09-25 17:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\MUI
2014-09-25 17:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\schemas
2014-09-25 17:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2014-09-25 17:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2014-09-25 17:52 - 2013-03-13 21:02 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-25 17:52 - 2011-06-01 08:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-09-25 17:52 - 2010-04-12 21:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-25 17:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-25 17:51 - 2013-03-25 20:43 - 00000000 ____D () C:\Users\ew\Documents\Moje naskenované obrázky
2014-09-25 17:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-09-25 17:44 - 2010-04-12 21:56 - 00000000 ____D () C:\ProgramData\eSobi
2014-09-25 17:43 - 2010-04-12 21:56 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSobi v2
2014-09-25 17:26 - 2011-06-28 16:27 - 00000000 ____D () C:\ProgramData\Skype
2014-09-19 08:31 - 2014-05-11 18:37 - 00002848 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (ew)
2014-09-19 08:29 - 2014-04-14 11:13 - 00001006 _____ () C:\Users\ew\Desktop\Dropbox.lnk
2014-09-19 08:21 - 2014-03-05 13:17 - 90193920 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-09-19 08:21 - 2014-03-05 13:17 - 00425984 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-09-19 08:21 - 2014-03-05 13:17 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-09-19 08:21 - 2014-03-05 13:17 - 00024576 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-09-19 07:38 - 2011-05-29 21:37 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-18 12:14 - 2009-07-27 22:41 - 00000000 ____D () C:\Windows\Panther
2014-09-16 19:18 - 2013-02-06 11:47 - 01568960 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-15 20:31 - 2009-07-14 06:45 - 00419712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-15 18:29 - 2013-10-02 08:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-15 09:06 - 2011-10-09 09:52 - 00278152 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-11 21:00 - 2012-07-08 11:40 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-11 21:00 - 2012-07-08 11:40 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-11 21:00 - 2011-05-20 19:07 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-09 22:19 - 2014-03-05 11:06 - 00000000 ____D () C:\Windows\pss
2014-08-29 13:01 - 2011-05-24 09:21 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Some content of TEMP:
====================
C:\Users\ew\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpr0sa3z.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-26 13:37
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (ACER) (Fixed) (Total:285.3 GB) (Free:20.9 GB) NTFS
Available physical RAM: 1754.55 MB
Total physical RAM: 3066.93 MB
Percentage of memory in use: 42%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 0A720A71)
Partition 1: (Not Active) - (Size=12.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285.3 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-475786874-1651809418-4027261001-1000Core.job => C:\Users\ew\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-475786874-1651809418-4027261001-1000UA.job => C:\Users\ew\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:182F0EEA
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Spy Emergency (Disabled - Up to date) {A77BE48A-B776-F747-8A39-C3ECDC95366D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\ew\Desktop" je 84 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePower Management
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint
C:\Program Files\Apoint2K\Apoint.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeDeluxeAgent
"C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\ew\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_61E78D24F0B60A61F8B00FBC545D7D4F
"C:\Users\ew\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload
C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager
C:\Program Files (x86)\Launch Manager\LManager.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OOTag
c:\program files (x86)\acer\oobeoffer\ootag.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie
"C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI
C:\Windows\PLFSetI.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk
C:\PROGRA~2\HP\DIGITA~1\bin\hpqtra08.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^ew^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk
C:\Users\ew\AppData\Roaming\Dropbox\bin\Dropbox.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DefaultOutboundAction REG_DWORD 0x0
DefaultInboundAction REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- (11.13 KiB) Staženo 36 x
Re: pomalý notebook
Odinstalujte Spy Emergency a Spybot Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start CloseProcesses: HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] () HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd) HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\ew\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] () HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\ew\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] () HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\MountPoints2: {11e16ab8-fc07-11e2-b3e0-00262d9ec5fe} - F:\StartVMCLite.exe HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\MountPoints2: {35c91dbd-a7f5-11e1-8c47-00262d9ec5fe} - F:\StartVMCLite.exe HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\MountPoints2: {b8fd632f-f297-11e0-a821-00262d9ec5fe} - F:\setup_vmc_lite.exe /checkApplicationPresence ProxyServer: localhost:8080 Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] S3 dgderdrv; System32\drivers\dgderdrv.sys [X] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X] S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X] C:\Program Files (x86)\IObit 2014-09-28 11:35 - 2014-09-28 11:35 - 00018997 _____ () C:\Users\ew\Desktop\FRST.txt 2014-09-28 11:33 - 2014-09-28 11:30 - 00112640 _____ (forum.viry.cz) C:\Users\ew\Desktop\FRSTLauncher.exe 2014-09-28 11:26 - 2014-09-26 16:54 - 01222144 _____ () C:\Users\ew\Desktop\RSITx64.exe 2014-09-28 11:06 - 2014-09-28 10:40 - 00024064 _____ () C:\Windows\zoek-delete.exe 2014-09-28 10:43 - 2014-09-28 11:09 - 00020011 _____ () C:\zoek-results.log 2014-09-28 10:40 - 2014-09-28 11:03 - 00000000 ____D () C:\zoek_backup 2014-09-28 10:40 - 2014-09-28 10:39 - 01290752 _____ () C:\Users\ew\Desktop\zoek.exe 2014-09-26 21:16 - 2014-09-28 11:17 - 00054389 _____ () C:\Windows\WindowsUpdate.log 2014-09-26 21:06 - 2014-09-28 11:09 - 00000372 _____ () C:\Windows\error.log 2014-09-26 21:05 - 2014-09-28 11:08 - 00001454 _____ () C:\Windows\PFRO.log 2014-09-26 21:05 - 2014-09-28 11:08 - 00000168 _____ () C:\Windows\setupact.log 2014-09-26 21:05 - 2014-09-26 21:05 - 00000000 _____ () C:\Windows\setuperr.log 2014-09-26 21:04 - 2014-09-28 11:08 - 00000084 _____ () C:\Windows\errord.log 2014-09-26 19:11 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-09-26 19:09 - 2014-09-26 21:04 - 00000000 ____D () C:\AdwCleaner 2014-09-26 19:08 - 2014-09-26 19:08 - 00019797 _____ () C:\Users\ew\Desktop\JRT.txt 2014-09-26 19:00 - 2014-09-26 19:00 - 00000000 ____D () C:\Windows\ERUNT 2014-09-26 18:51 - 2014-09-26 18:50 - 01699118 _____ (Thisisu) C:\Users\ew\Desktop\JRT.exe 2014-09-26 18:51 - 2014-09-26 18:50 - 01373475 _____ () C:\Users\ew\Desktop\adwcleaner_3.310.exe 2014-09-26 18:19 - 2014-09-26 18:19 - 00000000 ____D () C:\Windows\4E0C6314A8B84026AC15084E8B63AFB5.TMP 2014-09-26 18:16 - 2014-09-26 18:16 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled 2014-09-26 16:57 - 2014-09-26 16:57 - 00000000 ____D () C:\rsit 2014-09-26 16:57 - 2014-09-26 16:57 - 00000000 ____D () C:\Program Files\trend micro 2014-09-26 13:38 - 2014-09-26 18:19 - 00000000 ____D () C:\sh4ldr 2014-09-26 13:38 - 2014-09-26 13:38 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group 2014-09-25 21:23 - 2014-09-25 21:23 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-09-25 21:22 - 2014-09-26 18:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-09-25 21:22 - 2014-09-25 22:05 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-475786874-1651809418-4027261001-1000Core.job => C:\Users\ew\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-475786874-1651809418-4027261001-1000UA.job => C:\Users\ew\AppData\Local\Google\Update\GoogleUpdate.exe AlternateDataStreams: C:\ProgramData\Temp:0B9176C0 AlternateDataStreams: C:\ProgramData\Temp:182F0EEA AlternateDataStreams: C:\ProgramData\Temp:56E2E879 AlternateDataStreams: C:\ProgramData\Temp:AB689DEA AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_61E78D24F0B60A61F8B00FBC545D7D4F" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe" /f Task: {1D2A4983-0F0E-4118-A669-EE589348AF70} - \YTAUpdate No Task File <==== ATTENTION Task: {57E2EE64-CBEE-463A-9769-B83598A04177} - System32\Tasks\Game_Booster_Startup => C:\Program Files (x86)\IObit\Game Booster\gbtray.exe Task: {A65EE04A-000B-447F-BC05-F37DD3926A0E} - \Installer_shopperpro No Task File <==== ATTENTION Hosts: EmptyTemp: Reboot: End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: pomalý notebook
Version: 27-09-2014
Ran by ew at 2014-10-02 08:53:40 Run:1
Running from C:\Users\ew\Desktop
Loaded Profile: ew (Available profiles: ew)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\ew\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\ew\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\MountPoints2: {11e16ab8-fc07-11e2-b3e0-00262d9ec5fe} - F:\StartVMCLite.exe
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\MountPoints2: {35c91dbd-a7f5-11e1-8c47-00262d9ec5fe} - F:\StartVMCLite.exe
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\MountPoints2: {b8fd632f-f297-11e0-a821-00262d9ec5fe} - F:\setup_vmc_lite.exe /checkApplicationPresence
ProxyServer: localhost:8080
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
C:\Program Files (x86)\IObit
2014-09-28 11:35 - 2014-09-28 11:35 - 00018997 _____ () C:\Users\ew\Desktop\FRST.txt
2014-09-28 11:33 - 2014-09-28 11:30 - 00112640 _____ (forum.viry.cz) C:\Users\ew\Desktop\FRSTLauncher.exe
2014-09-28 11:26 - 2014-09-26 16:54 - 01222144 _____ () C:\Users\ew\Desktop\RSITx64.exe
2014-09-28 11:06 - 2014-09-28 10:40 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-28 10:43 - 2014-09-28 11:09 - 00020011 _____ () C:\zoek-results.log
2014-09-28 10:40 - 2014-09-28 11:03 - 00000000 ____D () C:\zoek_backup
2014-09-28 10:40 - 2014-09-28 10:39 - 01290752 _____ () C:\Users\ew\Desktop\zoek.exe
2014-09-26 21:16 - 2014-09-28 11:17 - 00054389 _____ () C:\Windows\WindowsUpdate.log
2014-09-26 21:06 - 2014-09-28 11:09 - 00000372 _____ () C:\Windows\error.log
2014-09-26 21:05 - 2014-09-28 11:08 - 00001454 _____ () C:\Windows\PFRO.log
2014-09-26 21:05 - 2014-09-28 11:08 - 00000168 _____ () C:\Windows\setupact.log
2014-09-26 21:05 - 2014-09-26 21:05 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-26 21:04 - 2014-09-28 11:08 - 00000084 _____ () C:\Windows\errord.log
2014-09-26 19:11 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-26 19:09 - 2014-09-26 21:04 - 00000000 ____D () C:\AdwCleaner
2014-09-26 19:08 - 2014-09-26 19:08 - 00019797 _____ () C:\Users\ew\Desktop\JRT.txt
2014-09-26 19:00 - 2014-09-26 19:00 - 00000000 ____D () C:\Windows\ERUNT
2014-09-26 18:51 - 2014-09-26 18:50 - 01699118 _____ (Thisisu) C:\Users\ew\Desktop\JRT.exe
2014-09-26 18:51 - 2014-09-26 18:50 - 01373475 _____ () C:\Users\ew\Desktop\adwcleaner_3.310.exe
2014-09-26 18:19 - 2014-09-26 18:19 - 00000000 ____D () C:\Windows\4E0C6314A8B84026AC15084E8B63AFB5.TMP
2014-09-26 18:16 - 2014-09-26 18:16 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-09-26 16:57 - 2014-09-26 16:57 - 00000000 ____D () C:\rsit
2014-09-26 16:57 - 2014-09-26 16:57 - 00000000 ____D () C:\Program Files\trend micro
2014-09-26 13:38 - 2014-09-26 18:19 - 00000000 ____D () C:\sh4ldr
2014-09-26 13:38 - 2014-09-26 13:38 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2014-09-25 21:23 - 2014-09-25 21:23 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-09-25 21:22 - 2014-09-26 18:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-25 21:22 - 2014-09-25 22:05 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-475786874-1651809418-4027261001-1000Core.job => C:\Users\ew\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-475786874-1651809418-4027261001-1000UA.job => C:\Users\ew\AppData\Local\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:182F0EEA
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_61E78D24F0B60A61F8B00FBC545D7D4F" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe" /f
Task: {1D2A4983-0F0E-4118-A669-EE589348AF70} - \YTAUpdate No Task File <==== ATTENTION
Task: {57E2EE64-CBEE-463A-9769-B83598A04177} - System32\Tasks\Game_Booster_Startup => C:\Program Files (x86)\IObit\Game Booster\gbtray.exe
Task: {A65EE04A-000B-447F-BC05-F37DD3926A0E} - \Installer_shopperpro No Task File <==== ATTENTION
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value deleted successfully.
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value deleted successfully.
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value deleted successfully.
"HKU\S-1-5-21-475786874-1651809418-4027261001-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{11e16ab8-fc07-11e2-b3e0-00262d9ec5fe}" => Key deleted successfully.
"HKCR\CLSID\{11e16ab8-fc07-11e2-b3e0-00262d9ec5fe}" => Key not found.
"HKU\S-1-5-21-475786874-1651809418-4027261001-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{35c91dbd-a7f5-11e1-8c47-00262d9ec5fe}" => Key deleted successfully.
"HKCR\CLSID\{35c91dbd-a7f5-11e1-8c47-00262d9ec5fe}" => Key not found.
"HKU\S-1-5-21-475786874-1651809418-4027261001-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b8fd632f-f297-11e0-a821-00262d9ec5fe}" => Key deleted successfully.
"HKCR\CLSID\{b8fd632f-f297-11e0-a821-00262d9ec5fe}" => Key not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully.
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
"HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => Key not found.
"HKCR\PROTOCOLS\Handler\skypec2c" => Key deleted successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key not found.
"HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c" => Key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi => Moved successfully.
dgderdrv => Service deleted successfully.
EagleX64 => Service deleted successfully.
esgiguard => Service deleted successfully.
RtsUIR => Service deleted successfully.
USBCCID => Service deleted successfully.
"C:\Program Files (x86)\IObit" => File/Directory not found.
C:\Users\ew\Desktop\FRST.txt => Moved successfully.
C:\Users\ew\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\ew\Desktop\RSITx64.exe => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\ew\Desktop\zoek.exe => Moved successfully.
Could not move "C:\Windows\WindowsUpdate.log" => Scheduled to move on reboot.
C:\Windows\error.log => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\Windows\errord.log => Moved successfully.
C:\Windows\SysWOW64\sqlite3.dll => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\ew\Desktop\JRT.txt => Moved successfully.
C:\Windows\ERUNT => Moved successfully.
C:\Users\ew\Desktop\JRT.exe => Moved successfully.
C:\Users\ew\Desktop\adwcleaner_3.310.exe => Moved successfully.
C:\Windows\4E0C6314A8B84026AC15084E8B63AFB5.TMP => Moved successfully.
C:\Windows\Tasks\ImCleanDisabled => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\sh4ldr => Moved successfully.
C:\Program Files (x86)\Enigma Software Group => Moved successfully.
C:\Windows\System32\Tasks\Safer-Networking => Moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy 2 => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-475786874-1651809418-4027261001-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-475786874-1651809418-4027261001-1000UA.job => Moved successfully.
C:\ProgramData\Temp => ":0B9176C0" ADS removed successfully.
C:\ProgramData\Temp => ":182F0EEA" ADS removed successfully.
C:\ProgramData\Temp => ":56E2E879" ADS removed successfully.
C:\ProgramData\Temp => ":AB689DEA" ADS removed successfully.
C:\ProgramData\Temp => ":ABE89FFE" ADS removed successfully.
C:\ProgramData\Temp => ":D1B5B4F1" ADS removed successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM =========
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========
Chyba: Syst‚m nenalezl zadaně klˇź registru nebo po§adovanou hodnotu.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_61E78D24F0B60A61F8B00FBC545D7D4F" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1D2A4983-0F0E-4118-A669-EE589348AF70}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D2A4983-0F0E-4118-A669-EE589348AF70}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTAUpdate" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{57E2EE64-CBEE-463A-9769-B83598A04177}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57E2EE64-CBEE-463A-9769-B83598A04177}" => Key deleted successfully.
C:\Windows\System32\Tasks\Game_Booster_Startup => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Game_Booster_Startup" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A65EE04A-000B-447F-BC05-F37DD3926A0E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A65EE04A-000B-447F-BC05-F37DD3926A0E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Installer_shopperpro" => Key deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 129.3 MB temporary data.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-10-02 08:57:20)<=
C:\Windows\WindowsUpdate.log => Is moved successfully.
==== End of Fixlog ====
Ran by ew at 2014-10-02 08:53:40 Run:1
Running from C:\Users\ew\Desktop
Loaded Profile: ew (Available profiles: ew)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\ew\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\ew\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\MountPoints2: {11e16ab8-fc07-11e2-b3e0-00262d9ec5fe} - F:\StartVMCLite.exe
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\MountPoints2: {35c91dbd-a7f5-11e1-8c47-00262d9ec5fe} - F:\StartVMCLite.exe
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\...\MountPoints2: {b8fd632f-f297-11e0-a821-00262d9ec5fe} - F:\setup_vmc_lite.exe /checkApplicationPresence
ProxyServer: localhost:8080
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
C:\Program Files (x86)\IObit
2014-09-28 11:35 - 2014-09-28 11:35 - 00018997 _____ () C:\Users\ew\Desktop\FRST.txt
2014-09-28 11:33 - 2014-09-28 11:30 - 00112640 _____ (forum.viry.cz) C:\Users\ew\Desktop\FRSTLauncher.exe
2014-09-28 11:26 - 2014-09-26 16:54 - 01222144 _____ () C:\Users\ew\Desktop\RSITx64.exe
2014-09-28 11:06 - 2014-09-28 10:40 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-28 10:43 - 2014-09-28 11:09 - 00020011 _____ () C:\zoek-results.log
2014-09-28 10:40 - 2014-09-28 11:03 - 00000000 ____D () C:\zoek_backup
2014-09-28 10:40 - 2014-09-28 10:39 - 01290752 _____ () C:\Users\ew\Desktop\zoek.exe
2014-09-26 21:16 - 2014-09-28 11:17 - 00054389 _____ () C:\Windows\WindowsUpdate.log
2014-09-26 21:06 - 2014-09-28 11:09 - 00000372 _____ () C:\Windows\error.log
2014-09-26 21:05 - 2014-09-28 11:08 - 00001454 _____ () C:\Windows\PFRO.log
2014-09-26 21:05 - 2014-09-28 11:08 - 00000168 _____ () C:\Windows\setupact.log
2014-09-26 21:05 - 2014-09-26 21:05 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-26 21:04 - 2014-09-28 11:08 - 00000084 _____ () C:\Windows\errord.log
2014-09-26 19:11 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-26 19:09 - 2014-09-26 21:04 - 00000000 ____D () C:\AdwCleaner
2014-09-26 19:08 - 2014-09-26 19:08 - 00019797 _____ () C:\Users\ew\Desktop\JRT.txt
2014-09-26 19:00 - 2014-09-26 19:00 - 00000000 ____D () C:\Windows\ERUNT
2014-09-26 18:51 - 2014-09-26 18:50 - 01699118 _____ (Thisisu) C:\Users\ew\Desktop\JRT.exe
2014-09-26 18:51 - 2014-09-26 18:50 - 01373475 _____ () C:\Users\ew\Desktop\adwcleaner_3.310.exe
2014-09-26 18:19 - 2014-09-26 18:19 - 00000000 ____D () C:\Windows\4E0C6314A8B84026AC15084E8B63AFB5.TMP
2014-09-26 18:16 - 2014-09-26 18:16 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-09-26 16:57 - 2014-09-26 16:57 - 00000000 ____D () C:\rsit
2014-09-26 16:57 - 2014-09-26 16:57 - 00000000 ____D () C:\Program Files\trend micro
2014-09-26 13:38 - 2014-09-26 18:19 - 00000000 ____D () C:\sh4ldr
2014-09-26 13:38 - 2014-09-26 13:38 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2014-09-25 21:23 - 2014-09-25 21:23 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-09-25 21:22 - 2014-09-26 18:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-25 21:22 - 2014-09-25 22:05 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-475786874-1651809418-4027261001-1000Core.job => C:\Users\ew\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-475786874-1651809418-4027261001-1000UA.job => C:\Users\ew\AppData\Local\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:182F0EEA
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_61E78D24F0B60A61F8B00FBC545D7D4F" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe" /f
Task: {1D2A4983-0F0E-4118-A669-EE589348AF70} - \YTAUpdate No Task File <==== ATTENTION
Task: {57E2EE64-CBEE-463A-9769-B83598A04177} - System32\Tasks\Game_Booster_Startup => C:\Program Files (x86)\IObit\Game Booster\gbtray.exe
Task: {A65EE04A-000B-447F-BC05-F37DD3926A0E} - \Installer_shopperpro No Task File <==== ATTENTION
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value deleted successfully.
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value deleted successfully.
HKU\S-1-5-21-475786874-1651809418-4027261001-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value deleted successfully.
"HKU\S-1-5-21-475786874-1651809418-4027261001-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{11e16ab8-fc07-11e2-b3e0-00262d9ec5fe}" => Key deleted successfully.
"HKCR\CLSID\{11e16ab8-fc07-11e2-b3e0-00262d9ec5fe}" => Key not found.
"HKU\S-1-5-21-475786874-1651809418-4027261001-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{35c91dbd-a7f5-11e1-8c47-00262d9ec5fe}" => Key deleted successfully.
"HKCR\CLSID\{35c91dbd-a7f5-11e1-8c47-00262d9ec5fe}" => Key not found.
"HKU\S-1-5-21-475786874-1651809418-4027261001-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b8fd632f-f297-11e0-a821-00262d9ec5fe}" => Key deleted successfully.
"HKCR\CLSID\{b8fd632f-f297-11e0-a821-00262d9ec5fe}" => Key not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully.
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
"HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => Key not found.
"HKCR\PROTOCOLS\Handler\skypec2c" => Key deleted successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key not found.
"HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c" => Key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi => Moved successfully.
dgderdrv => Service deleted successfully.
EagleX64 => Service deleted successfully.
esgiguard => Service deleted successfully.
RtsUIR => Service deleted successfully.
USBCCID => Service deleted successfully.
"C:\Program Files (x86)\IObit" => File/Directory not found.
C:\Users\ew\Desktop\FRST.txt => Moved successfully.
C:\Users\ew\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\ew\Desktop\RSITx64.exe => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\ew\Desktop\zoek.exe => Moved successfully.
Could not move "C:\Windows\WindowsUpdate.log" => Scheduled to move on reboot.
C:\Windows\error.log => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\Windows\errord.log => Moved successfully.
C:\Windows\SysWOW64\sqlite3.dll => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\ew\Desktop\JRT.txt => Moved successfully.
C:\Windows\ERUNT => Moved successfully.
C:\Users\ew\Desktop\JRT.exe => Moved successfully.
C:\Users\ew\Desktop\adwcleaner_3.310.exe => Moved successfully.
C:\Windows\4E0C6314A8B84026AC15084E8B63AFB5.TMP => Moved successfully.
C:\Windows\Tasks\ImCleanDisabled => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\sh4ldr => Moved successfully.
C:\Program Files (x86)\Enigma Software Group => Moved successfully.
C:\Windows\System32\Tasks\Safer-Networking => Moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy 2 => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-475786874-1651809418-4027261001-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-475786874-1651809418-4027261001-1000UA.job => Moved successfully.
C:\ProgramData\Temp => ":0B9176C0" ADS removed successfully.
C:\ProgramData\Temp => ":182F0EEA" ADS removed successfully.
C:\ProgramData\Temp => ":56E2E879" ADS removed successfully.
C:\ProgramData\Temp => ":AB689DEA" ADS removed successfully.
C:\ProgramData\Temp => ":ABE89FFE" ADS removed successfully.
C:\ProgramData\Temp => ":D1B5B4F1" ADS removed successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM =========
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========
Chyba: Syst‚m nenalezl zadaně klˇź registru nebo po§adovanou hodnotu.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_61E78D24F0B60A61F8B00FBC545D7D4F" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1D2A4983-0F0E-4118-A669-EE589348AF70}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D2A4983-0F0E-4118-A669-EE589348AF70}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTAUpdate" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{57E2EE64-CBEE-463A-9769-B83598A04177}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57E2EE64-CBEE-463A-9769-B83598A04177}" => Key deleted successfully.
C:\Windows\System32\Tasks\Game_Booster_Startup => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Game_Booster_Startup" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A65EE04A-000B-447F-BC05-F37DD3926A0E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A65EE04A-000B-447F-BC05-F37DD3926A0E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Installer_shopperpro" => Key deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 129.3 MB temporary data.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-10-02 08:57:20)<=
C:\Windows\WindowsUpdate.log => Is moved successfully.
==== End of Fixlog ====
Re: pomalý notebook
Jak se chova PC??
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: pomalý notebook
odezva je mnohem rychlejší, otravné reklamy zmizely. Nefunguje stahování z prohlížeče, kdy při stáhnutí vyskočí okno, kde hlásí zablokovaný plugin a při odblokování to napíše chybu s free download managerem, ale ten tam nainstalovaný není.
Není to můj ntb, tak nevím jestli tam v minulosti byl a je třeba ho znovu naistalovat?
Není to můj ntb, tak nevím jestli tam v minulosti byl a je třeba ho znovu naistalovat?
- Přílohy
-
- Výstřižek.JPG (24.08 KiB) Zobrazeno 1587 x
Re: pomalý notebook
Ve kterem prohlizeci je tato chyba?? Dejte novy log z FRST"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: pomalý notebook
chyba je v Google Chrome, pokud to samé stahuji v IE, vše proběhne normálně.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2014
Ran by ew (administrator) on LK on 02-10-2014 16:11:08
Running from C:\Users\ew\Desktop
Loaded Profile: ew (Available profiles: ew)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Google Inc.) C:\Users\ew\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ew\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ew\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ew\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\ew\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-06-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-07-04] (AVAST Software)
Startup: C:\Users\ew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\ew\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: localhost:8080
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ACAW
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {4AC98FB2-0C0A-4EF8-8FEB-9C37519515F7} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKCU - {592E58CA-8AE8-413F-A8EE-C421C84557D9} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKCU - {63DBCAD0-36D5-44B0-82FC-AA670FD6966E} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... AW_csCZ432
SearchScopes: HKCU - {6B35B02A-93C4-461A-A75A-E7A89F4FE5C9} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKCU - {6FEF1849-67B1-4E8C-8EA4-4075783429C7} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKCU - {73E25F69-E9AC-408B-A398-EAE695F770EC} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKCU - {94AA0F61-B421-414F-95E0-F586FF9086F6} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {9F48360E-1BBF-4C38-9EE0-88340A998BBE} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{695C5697-620E-4D6E-974D-717D9DBDF831}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FireFox:
========
FF ProfilePath: C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\ew\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\ew\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\searchplugins\seznam-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Centrum doménový pomocník - C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\Extensions\centrumpomocnik@centrum.cz [2011-11-26]
FF Extension: {{EXT_NAME}} - C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\Extensions\openinchrome@griffeltavla.wordpress.com [2014-09-22]
FF Extension: Seznam lištička - C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-09-19]
FF Extension: DivX Web Player - C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\Extensions\DivXWebPlayer@divx.com.xpi [2011-10-19]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-03-20]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-05-20]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-09-13]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR Profile: C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-28]
CHR Extension: (Google Docs) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-28]
CHR Extension: (Google Drive) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-28]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-09-19]
CHR Extension: (YouTube) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-15]
CHR Extension: (Google Search) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-15]
CHR Extension: (Google Sheets) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-28]
CHR Extension: (avast! Online Security) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-27]
CHR Extension: (Google Wallet) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-09-13]
CHR Extension: (Gmail) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-27]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR StartMenuInternet: Google Chrome - C:\Users\ew\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-04] (AVAST Software)
R2 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [250368 2010-03-09] (NewTech Infosystems, Inc.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 WorkshopDBService; C:\Program Files\Vivid WorkshopData ATI\WorkshopDBServer.exe [114688 2011-10-09] (Acresso) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-27] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-27] ()
S3 awUSB; C:\Windows\System32\DRIVERS\USBDrv_AMD64.sys [17280 2013-01-26] (Scott)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-09-05] (DT Soft Ltd)
R1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] ()
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-06-18] (Synaptics Incorporated)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-02 16:11 - 2014-10-02 16:11 - 00016145 _____ () C:\Users\ew\Desktop\FRST.txt
2014-10-02 16:10 - 2014-09-28 11:30 - 00112640 _____ (forum.viry.cz) C:\Users\ew\Desktop\FRSTLauncher.exe
2014-10-02 09:00 - 2014-10-02 11:56 - 00011892 _____ () C:\Windows\WindowsUpdate.log
2014-10-02 08:55 - 2014-10-02 11:50 - 00000372 _____ () C:\Windows\error.log
2014-10-02 08:55 - 2014-10-02 11:49 - 00000168 _____ () C:\Windows\setupact.log
2014-10-02 08:55 - 2014-10-02 11:49 - 00000084 _____ () C:\Windows\errord.log
2014-10-02 08:55 - 2014-10-02 08:55 - 00000570 _____ () C:\Windows\PFRO.log
2014-10-02 08:55 - 2014-10-02 08:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-28 11:34 - 2014-10-02 16:11 - 00000000 ____D () C:\FRST
2014-09-28 11:32 - 2014-09-28 11:30 - 02108928 _____ (Farbar) C:\Users\ew\Desktop\FRST64.exe
2014-09-26 18:16 - 2014-09-26 18:16 - 00002766 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-09-26 18:16 - 2014-09-26 18:16 - 00000786 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-26 18:16 - 2014-09-26 18:16 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-26 13:08 - 2014-09-26 13:08 - 00000000 ____D () C:\Users\ew\Documents\ProcAlyzer Dumps
2014-09-26 08:37 - 2009-06-10 23:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.bak
2014-09-26 06:52 - 2014-09-26 06:52 - 00000000 ____D () C:\Program Files\NETGATE
2014-09-26 01:14 - 2014-09-26 02:34 - 00000000 ____D () C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2014-09-26 00:54 - 2014-09-26 00:54 - 00003378 _____ () C:\Windows\System32\Tasks\{AEF62372-3432-4B1D-B8E9-923CA66067A9}
2014-09-26 00:38 - 2014-09-26 01:15 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-09-25 22:50 - 2014-09-25 22:50 - 00000000 _____ () C:\autoexec.bat
2014-09-25 22:48 - 2014-09-26 00:36 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-25 17:48 - 2014-09-25 17:49 - 00006144 ___SH () C:\Users\ew\Documents\Thumbs.db
2014-09-25 17:44 - 2014-09-25 17:44 - 00000000 ____D () C:\Users\ew\AppData\Roaming\eSobi
2014-09-25 17:43 - 2014-09-25 17:43 - 00002749 _____ () C:\Users\Public\Desktop\eSobi v2.lnk
2014-09-25 08:36 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-25 08:36 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-19 08:21 - 2014-09-19 08:21 - 00000000 _____ () C:\asc_rdflag
2014-09-19 08:14 - 2014-09-19 08:14 - 00000000 __SHD () C:\Users\ew\AppData\Local\EmieUserList
2014-09-19 08:14 - 2014-09-19 08:14 - 00000000 __SHD () C:\Users\ew\AppData\Local\EmieSiteList
2014-09-19 07:12 - 2014-10-02 08:47 - 00000000 ____D () C:\Users\ew\AppData\Roaming\Seznam.cz
2014-09-16 19:29 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-15 20:25 - 2014-09-25 17:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-15 19:47 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-09-15 19:33 - 2014-09-15 19:33 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-15 19:33 - 2014-09-15 19:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-15 19:33 - 2014-09-15 19:33 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-15 19:33 - 2014-09-15 19:33 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-15 19:33 - 2014-09-15 19:33 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-09-15 19:33 - 2014-09-15 19:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-09-15 19:33 - 2014-09-15 19:33 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-09-15 19:33 - 2014-09-15 19:33 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-09-15 19:33 - 2014-09-15 19:33 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-09-15 19:33 - 2014-09-15 19:33 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-09-15 19:33 - 2014-09-15 19:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-15 18:17 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-15 18:17 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-15 18:05 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-09-15 18:05 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-09-15 18:05 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-09-15 18:05 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-09-15 18:05 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-09-15 18:05 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-09-15 18:04 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-09-15 18:04 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-14 13:48 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-14 13:48 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-14 13:48 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-09-14 13:48 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-09-14 13:48 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-09-14 13:47 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-14 13:47 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-14 13:47 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-09-14 13:47 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-09-14 13:42 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-14 13:42 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-14 13:42 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-09-14 13:42 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-09-14 13:42 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-09-14 13:42 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-09-14 13:42 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-09-14 13:42 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-09-14 13:42 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-09-14 13:42 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-09-14 13:41 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-14 13:41 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-14 13:41 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-09-14 13:41 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-09-14 13:41 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-09-14 13:41 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-14 13:41 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-09-14 13:41 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-14 13:41 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-09-14 13:41 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-09-14 13:41 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-09-14 13:41 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-09-14 13:41 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-09-14 13:41 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-09-14 13:41 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-09-14 13:41 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-09-14 13:41 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-09-14 13:41 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-09-14 13:41 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-09-14 13:41 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-09-14 13:41 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-09-14 13:41 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-09-14 13:41 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-09-14 13:41 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-09-14 13:41 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-09-14 13:41 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-09-14 13:41 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-09-14 13:39 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-14 13:39 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-14 13:39 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-14 13:39 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-14 13:39 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-14 13:39 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-14 13:39 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-09-14 13:38 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-14 13:38 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-14 13:38 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-09-14 13:38 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-09-14 13:38 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-09-14 13:38 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-09-14 13:38 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-09-14 13:38 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-09-14 13:38 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-09-14 13:38 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-09-14 13:38 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-09-14 13:38 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-09-14 13:38 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-09-14 13:38 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-09-14 13:38 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-09-14 13:38 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-09-14 13:38 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-09-14 13:38 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-09-14 13:37 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-14 13:37 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-14 13:36 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-14 13:36 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-14 13:36 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-14 13:36 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-14 13:36 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-14 13:36 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-09-14 13:36 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-09-14 13:36 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-09-14 13:36 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-09-14 13:36 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-09-14 13:36 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-09-14 13:36 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-09-14 13:36 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-09-14 13:36 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-09-14 13:36 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-09-14 13:36 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-09-14 13:36 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-14 13:35 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-09-14 13:35 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-09-14 13:35 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-09-14 13:35 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-09-14 13:35 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-09-14 13:35 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-09-14 13:34 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-14 13:34 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-14 13:34 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-14 13:34 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-14 13:34 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-14 13:34 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-14 13:34 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-09-14 13:34 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-09-14 13:34 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-09-14 00:25 - 2014-09-14 00:35 - 539269186 _____ () C:\Users\ew\Downloads\MX Simulator - Copy.rar
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-02 11:59 - 2009-07-14 06:45 - 00025840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-02 11:59 - 2009-07-14 06:45 - 00025840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-02 11:51 - 2014-04-14 11:13 - 00000000 ___RD () C:\Users\ew\Dropbox
2014-10-02 11:51 - 2014-04-14 11:09 - 00000000 ____D () C:\Users\ew\AppData\Roaming\Dropbox
2014-10-02 11:50 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-02 11:47 - 2012-07-11 07:18 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-28 11:00 - 2011-05-03 00:15 - 00000000 ____D () C:\Users\ew
2014-09-26 21:03 - 2010-10-12 05:40 - 00000000 ____D () C:\ProgramData\Temp
2014-09-26 18:32 - 2013-01-16 21:54 - 00000000 ____D () C:\Users\ew\AppData\Roaming\TeamViewer
2014-09-26 18:32 - 2011-09-28 21:13 - 00000000 ____D () C:\Users\ew\AppData\Roaming\PhotoScape
2014-09-26 17:01 - 2010-10-12 06:21 - 00672424 _____ () C:\Windows\system32\perfh005.dat
2014-09-26 17:01 - 2010-10-12 06:21 - 00142988 _____ () C:\Windows\system32\perfc005.dat
2014-09-26 17:01 - 2009-07-14 07:13 - 01593310 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-26 16:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-26 09:25 - 2011-05-20 19:01 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-26 02:55 - 2011-05-03 15:21 - 00001397 _____ () C:\Users\ew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-26 01:44 - 2014-03-05 13:21 - 00002405 _____ () C:\Users\ew\Desktop\Google Chrome.lnk
2014-09-25 18:18 - 2011-06-28 16:27 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-25 17:58 - 2012-09-20 21:32 - 00000000 ____D () C:\Users\ew\Documents\Fotoknihalibor-soubory
2014-09-25 17:55 - 2011-05-29 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-25 17:55 - 2010-04-12 22:42 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-25 17:55 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media
2014-09-25 17:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-09-25 17:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-09-25 17:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-25 17:53 - 2014-07-28 08:51 - 00000000 ____D () C:\Users\ew\AppData\Roaming\ProductData
2014-09-25 17:53 - 2014-04-14 11:10 - 00000000 ____D () C:\Users\ew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-25 17:53 - 2013-03-13 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-25 17:53 - 2011-06-06 20:55 - 00000000 ____D () C:\Users\ew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-25 17:53 - 2011-05-29 21:37 - 00000000 ____D () C:\Users\ew\AppData\Roaming\vlc
2014-09-25 17:53 - 2011-05-23 21:07 - 00000000 ____D () C:\ProgramData\IObit
2014-09-25 17:53 - 2010-10-12 06:21 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-09-25 17:53 - 2010-04-12 22:06 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-25 17:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-09-25 17:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\MUI
2014-09-25 17:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\schemas
2014-09-25 17:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2014-09-25 17:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2014-09-25 17:52 - 2013-03-13 21:02 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-25 17:52 - 2011-06-01 08:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-09-25 17:52 - 2010-04-12 21:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-25 17:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-25 17:51 - 2013-03-25 20:43 - 00000000 ____D () C:\Users\ew\Documents\Moje naskenované obrázky
2014-09-25 17:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-09-25 17:44 - 2010-04-12 21:56 - 00000000 ____D () C:\ProgramData\eSobi
2014-09-25 17:43 - 2010-04-12 21:56 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSobi v2
2014-09-25 17:26 - 2011-06-28 16:27 - 00000000 ____D () C:\ProgramData\Skype
2014-09-19 08:31 - 2014-05-11 18:37 - 00002848 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (ew)
2014-09-19 08:29 - 2014-04-14 11:13 - 00001006 _____ () C:\Users\ew\Desktop\Dropbox.lnk
2014-09-19 08:21 - 2014-03-05 13:17 - 90193920 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-09-19 08:21 - 2014-03-05 13:17 - 00425984 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-09-19 08:21 - 2014-03-05 13:17 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-09-19 08:21 - 2014-03-05 13:17 - 00024576 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-09-19 07:38 - 2011-05-29 21:37 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-18 12:14 - 2009-07-27 22:41 - 00000000 ____D () C:\Windows\Panther
2014-09-16 19:18 - 2013-02-06 11:47 - 01568960 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-15 20:31 - 2009-07-14 06:45 - 00419712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-15 18:29 - 2013-10-02 08:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-15 09:06 - 2011-10-09 09:52 - 00278152 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-11 21:00 - 2012-07-08 11:40 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-11 21:00 - 2012-07-08 11:40 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-11 21:00 - 2011-05-20 19:07 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-09 22:19 - 2014-03-05 11:06 - 00000000 ____D () C:\Windows\pss
Some content of TEMP:
====================
C:\Users\ew\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_pi__z.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-26 13:37
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (ACER) (Fixed) (Total:285.3 GB) (Free:19.4 GB) NTFS
Drive f: (ZBYNA_16 GB) (Removable) (Total:15.23 GB) (Free:15.12 GB) NTFS
Available physical RAM: 1632.55 MB
Total physical RAM: 3066.93 MB
Percentage of memory in use: 46%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 0A720A71)
Partition 1: (Not Active) - (Size=12.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285.3 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows XP) (Size: 15.2 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=15.2 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\ew\Desktop" je 78 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePower Management
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint
C:\Program Files\Apoint2K\Apoint.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeDeluxeAgent
"C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager
C:\Program Files (x86)\Launch Manager\LManager.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OOTag
c:\program files (x86)\acer\oobeoffer\ootag.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI
C:\Windows\PLFSetI.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk
C:\PROGRA~2\HP\DIGITA~1\bin\hpqtra08.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^ew^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk
C:\Users\ew\AppData\Roaming\Dropbox\bin\Dropbox.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DefaultOutboundAction REG_DWORD 0x0
DefaultInboundAction REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2014
Ran by ew (administrator) on LK on 02-10-2014 16:11:08
Running from C:\Users\ew\Desktop
Loaded Profile: ew (Available profiles: ew)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Google Inc.) C:\Users\ew\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ew\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ew\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ew\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\ew\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-06-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-07-04] (AVAST Software)
Startup: C:\Users\ew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\ew\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: localhost:8080
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ACAW
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {4AC98FB2-0C0A-4EF8-8FEB-9C37519515F7} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKCU - {592E58CA-8AE8-413F-A8EE-C421C84557D9} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKCU - {63DBCAD0-36D5-44B0-82FC-AA670FD6966E} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... AW_csCZ432
SearchScopes: HKCU - {6B35B02A-93C4-461A-A75A-E7A89F4FE5C9} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKCU - {6FEF1849-67B1-4E8C-8EA4-4075783429C7} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKCU - {73E25F69-E9AC-408B-A398-EAE695F770EC} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKCU - {94AA0F61-B421-414F-95E0-F586FF9086F6} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {9F48360E-1BBF-4C38-9EE0-88340A998BBE} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{695C5697-620E-4D6E-974D-717D9DBDF831}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FireFox:
========
FF ProfilePath: C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\ew\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\ew\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\searchplugins\seznam-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Centrum doménový pomocník - C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\Extensions\centrumpomocnik@centrum.cz [2011-11-26]
FF Extension: {{EXT_NAME}} - C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\Extensions\openinchrome@griffeltavla.wordpress.com [2014-09-22]
FF Extension: Seznam lištička - C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-09-19]
FF Extension: DivX Web Player - C:\Users\ew\AppData\Roaming\Mozilla\Firefox\Profiles\r6rcc3y8.default\Extensions\DivXWebPlayer@divx.com.xpi [2011-10-19]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-03-20]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-05-20]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-09-13]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR Profile: C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-28]
CHR Extension: (Google Docs) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-28]
CHR Extension: (Google Drive) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-28]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-09-19]
CHR Extension: (YouTube) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-15]
CHR Extension: (Google Search) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-15]
CHR Extension: (Google Sheets) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-28]
CHR Extension: (avast! Online Security) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-27]
CHR Extension: (Google Wallet) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-09-13]
CHR Extension: (Gmail) - C:\Users\ew\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-27]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR StartMenuInternet: Google Chrome - C:\Users\ew\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-04] (AVAST Software)
R2 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [250368 2010-03-09] (NewTech Infosystems, Inc.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 WorkshopDBService; C:\Program Files\Vivid WorkshopData ATI\WorkshopDBServer.exe [114688 2011-10-09] (Acresso) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-27] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-27] ()
S3 awUSB; C:\Windows\System32\DRIVERS\USBDrv_AMD64.sys [17280 2013-01-26] (Scott)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-09-05] (DT Soft Ltd)
R1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] ()
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-06-18] (Synaptics Incorporated)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-02 16:11 - 2014-10-02 16:11 - 00016145 _____ () C:\Users\ew\Desktop\FRST.txt
2014-10-02 16:10 - 2014-09-28 11:30 - 00112640 _____ (forum.viry.cz) C:\Users\ew\Desktop\FRSTLauncher.exe
2014-10-02 09:00 - 2014-10-02 11:56 - 00011892 _____ () C:\Windows\WindowsUpdate.log
2014-10-02 08:55 - 2014-10-02 11:50 - 00000372 _____ () C:\Windows\error.log
2014-10-02 08:55 - 2014-10-02 11:49 - 00000168 _____ () C:\Windows\setupact.log
2014-10-02 08:55 - 2014-10-02 11:49 - 00000084 _____ () C:\Windows\errord.log
2014-10-02 08:55 - 2014-10-02 08:55 - 00000570 _____ () C:\Windows\PFRO.log
2014-10-02 08:55 - 2014-10-02 08:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-28 11:34 - 2014-10-02 16:11 - 00000000 ____D () C:\FRST
2014-09-28 11:32 - 2014-09-28 11:30 - 02108928 _____ (Farbar) C:\Users\ew\Desktop\FRST64.exe
2014-09-26 18:16 - 2014-09-26 18:16 - 00002766 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-09-26 18:16 - 2014-09-26 18:16 - 00000786 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-26 18:16 - 2014-09-26 18:16 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-26 13:08 - 2014-09-26 13:08 - 00000000 ____D () C:\Users\ew\Documents\ProcAlyzer Dumps
2014-09-26 08:37 - 2009-06-10 23:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.bak
2014-09-26 06:52 - 2014-09-26 06:52 - 00000000 ____D () C:\Program Files\NETGATE
2014-09-26 01:14 - 2014-09-26 02:34 - 00000000 ____D () C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2014-09-26 00:54 - 2014-09-26 00:54 - 00003378 _____ () C:\Windows\System32\Tasks\{AEF62372-3432-4B1D-B8E9-923CA66067A9}
2014-09-26 00:38 - 2014-09-26 01:15 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-09-25 22:50 - 2014-09-25 22:50 - 00000000 _____ () C:\autoexec.bat
2014-09-25 22:48 - 2014-09-26 00:36 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-25 17:48 - 2014-09-25 17:49 - 00006144 ___SH () C:\Users\ew\Documents\Thumbs.db
2014-09-25 17:44 - 2014-09-25 17:44 - 00000000 ____D () C:\Users\ew\AppData\Roaming\eSobi
2014-09-25 17:43 - 2014-09-25 17:43 - 00002749 _____ () C:\Users\Public\Desktop\eSobi v2.lnk
2014-09-25 08:36 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-25 08:36 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-19 08:21 - 2014-09-19 08:21 - 00000000 _____ () C:\asc_rdflag
2014-09-19 08:14 - 2014-09-19 08:14 - 00000000 __SHD () C:\Users\ew\AppData\Local\EmieUserList
2014-09-19 08:14 - 2014-09-19 08:14 - 00000000 __SHD () C:\Users\ew\AppData\Local\EmieSiteList
2014-09-19 07:12 - 2014-10-02 08:47 - 00000000 ____D () C:\Users\ew\AppData\Roaming\Seznam.cz
2014-09-16 19:29 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-15 20:25 - 2014-09-25 17:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-15 19:47 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-09-15 19:33 - 2014-09-15 19:33 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-15 19:33 - 2014-09-15 19:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-15 19:33 - 2014-09-15 19:33 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-15 19:33 - 2014-09-15 19:33 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-15 19:33 - 2014-09-15 19:33 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-09-15 19:33 - 2014-09-15 19:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-09-15 19:33 - 2014-09-15 19:33 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-09-15 19:33 - 2014-09-15 19:33 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-09-15 19:33 - 2014-09-15 19:33 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-09-15 19:33 - 2014-09-15 19:33 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-09-15 19:33 - 2014-09-15 19:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-09-15 19:33 - 2014-09-15 19:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-09-15 19:33 - 2014-09-15 19:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-15 18:17 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-15 18:17 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-15 18:05 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-09-15 18:05 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-09-15 18:05 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-09-15 18:05 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-09-15 18:05 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-09-15 18:05 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-09-15 18:04 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-09-15 18:04 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-14 13:48 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-14 13:48 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-14 13:48 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-09-14 13:48 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-09-14 13:48 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-09-14 13:47 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-14 13:47 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-14 13:47 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-09-14 13:47 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-09-14 13:42 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-14 13:42 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-14 13:42 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-09-14 13:42 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-09-14 13:42 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-09-14 13:42 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-09-14 13:42 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-09-14 13:42 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-09-14 13:42 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-09-14 13:42 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-09-14 13:41 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-14 13:41 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-14 13:41 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-09-14 13:41 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-09-14 13:41 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-09-14 13:41 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-14 13:41 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-09-14 13:41 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-14 13:41 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-09-14 13:41 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-09-14 13:41 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-09-14 13:41 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-09-14 13:41 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-09-14 13:41 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-09-14 13:41 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-09-14 13:41 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-09-14 13:41 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-09-14 13:41 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-09-14 13:41 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-09-14 13:41 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-09-14 13:41 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-09-14 13:41 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-09-14 13:41 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-09-14 13:41 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-09-14 13:41 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-09-14 13:41 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-09-14 13:41 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-09-14 13:39 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-14 13:39 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-14 13:39 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-14 13:39 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-14 13:39 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-14 13:39 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-14 13:39 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-09-14 13:38 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-14 13:38 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-14 13:38 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-09-14 13:38 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-09-14 13:38 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-09-14 13:38 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-09-14 13:38 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-09-14 13:38 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-09-14 13:38 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-09-14 13:38 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-09-14 13:38 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-09-14 13:38 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-09-14 13:38 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-09-14 13:38 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-09-14 13:38 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-09-14 13:38 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-09-14 13:38 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-09-14 13:38 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-09-14 13:37 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-14 13:37 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-14 13:36 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-14 13:36 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-14 13:36 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-14 13:36 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-14 13:36 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-14 13:36 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-09-14 13:36 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-09-14 13:36 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-09-14 13:36 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-09-14 13:36 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-09-14 13:36 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-09-14 13:36 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-09-14 13:36 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-09-14 13:36 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-09-14 13:36 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-09-14 13:36 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-09-14 13:36 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-14 13:35 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-09-14 13:35 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-09-14 13:35 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-09-14 13:35 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-09-14 13:35 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-09-14 13:35 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-09-14 13:34 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-14 13:34 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-14 13:34 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-14 13:34 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-14 13:34 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-14 13:34 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-14 13:34 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-09-14 13:34 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-09-14 13:34 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-09-14 00:25 - 2014-09-14 00:35 - 539269186 _____ () C:\Users\ew\Downloads\MX Simulator - Copy.rar
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-02 11:59 - 2009-07-14 06:45 - 00025840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-02 11:59 - 2009-07-14 06:45 - 00025840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-02 11:51 - 2014-04-14 11:13 - 00000000 ___RD () C:\Users\ew\Dropbox
2014-10-02 11:51 - 2014-04-14 11:09 - 00000000 ____D () C:\Users\ew\AppData\Roaming\Dropbox
2014-10-02 11:50 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-02 11:47 - 2012-07-11 07:18 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-28 11:00 - 2011-05-03 00:15 - 00000000 ____D () C:\Users\ew
2014-09-26 21:03 - 2010-10-12 05:40 - 00000000 ____D () C:\ProgramData\Temp
2014-09-26 18:32 - 2013-01-16 21:54 - 00000000 ____D () C:\Users\ew\AppData\Roaming\TeamViewer
2014-09-26 18:32 - 2011-09-28 21:13 - 00000000 ____D () C:\Users\ew\AppData\Roaming\PhotoScape
2014-09-26 17:01 - 2010-10-12 06:21 - 00672424 _____ () C:\Windows\system32\perfh005.dat
2014-09-26 17:01 - 2010-10-12 06:21 - 00142988 _____ () C:\Windows\system32\perfc005.dat
2014-09-26 17:01 - 2009-07-14 07:13 - 01593310 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-26 16:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-26 09:25 - 2011-05-20 19:01 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-26 02:55 - 2011-05-03 15:21 - 00001397 _____ () C:\Users\ew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-26 01:44 - 2014-03-05 13:21 - 00002405 _____ () C:\Users\ew\Desktop\Google Chrome.lnk
2014-09-25 18:18 - 2011-06-28 16:27 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-25 17:58 - 2012-09-20 21:32 - 00000000 ____D () C:\Users\ew\Documents\Fotoknihalibor-soubory
2014-09-25 17:55 - 2011-05-29 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-25 17:55 - 2010-04-12 22:42 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-25 17:55 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media
2014-09-25 17:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-09-25 17:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-09-25 17:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-25 17:53 - 2014-07-28 08:51 - 00000000 ____D () C:\Users\ew\AppData\Roaming\ProductData
2014-09-25 17:53 - 2014-04-14 11:10 - 00000000 ____D () C:\Users\ew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-25 17:53 - 2013-03-13 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-25 17:53 - 2011-06-06 20:55 - 00000000 ____D () C:\Users\ew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-25 17:53 - 2011-05-29 21:37 - 00000000 ____D () C:\Users\ew\AppData\Roaming\vlc
2014-09-25 17:53 - 2011-05-23 21:07 - 00000000 ____D () C:\ProgramData\IObit
2014-09-25 17:53 - 2010-10-12 06:21 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-09-25 17:53 - 2010-04-12 22:06 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-25 17:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-09-25 17:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\MUI
2014-09-25 17:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\schemas
2014-09-25 17:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2014-09-25 17:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2014-09-25 17:52 - 2013-03-13 21:02 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-25 17:52 - 2011-06-01 08:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-09-25 17:52 - 2010-04-12 21:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-25 17:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-25 17:51 - 2013-03-25 20:43 - 00000000 ____D () C:\Users\ew\Documents\Moje naskenované obrázky
2014-09-25 17:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-09-25 17:44 - 2010-04-12 21:56 - 00000000 ____D () C:\ProgramData\eSobi
2014-09-25 17:43 - 2010-04-12 21:56 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSobi v2
2014-09-25 17:26 - 2011-06-28 16:27 - 00000000 ____D () C:\ProgramData\Skype
2014-09-19 08:31 - 2014-05-11 18:37 - 00002848 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (ew)
2014-09-19 08:29 - 2014-04-14 11:13 - 00001006 _____ () C:\Users\ew\Desktop\Dropbox.lnk
2014-09-19 08:21 - 2014-03-05 13:17 - 90193920 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-09-19 08:21 - 2014-03-05 13:17 - 00425984 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-09-19 08:21 - 2014-03-05 13:17 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-09-19 08:21 - 2014-03-05 13:17 - 00024576 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-09-19 07:38 - 2011-05-29 21:37 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-18 12:14 - 2009-07-27 22:41 - 00000000 ____D () C:\Windows\Panther
2014-09-16 19:18 - 2013-02-06 11:47 - 01568960 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-15 20:31 - 2009-07-14 06:45 - 00419712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-15 18:29 - 2013-10-02 08:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-15 09:06 - 2011-10-09 09:52 - 00278152 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-11 21:00 - 2012-07-08 11:40 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-11 21:00 - 2012-07-08 11:40 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-11 21:00 - 2011-05-20 19:07 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-09 22:19 - 2014-03-05 11:06 - 00000000 ____D () C:\Windows\pss
Some content of TEMP:
====================
C:\Users\ew\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_pi__z.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-26 13:37
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (ACER) (Fixed) (Total:285.3 GB) (Free:19.4 GB) NTFS
Drive f: (ZBYNA_16 GB) (Removable) (Total:15.23 GB) (Free:15.12 GB) NTFS
Available physical RAM: 1632.55 MB
Total physical RAM: 3066.93 MB
Percentage of memory in use: 46%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 0A720A71)
Partition 1: (Not Active) - (Size=12.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285.3 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows XP) (Size: 15.2 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=15.2 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\ew\Desktop" je 78 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePower Management
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint
C:\Program Files\Apoint2K\Apoint.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeDeluxeAgent
"C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager
C:\Program Files (x86)\Launch Manager\LManager.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OOTag
c:\program files (x86)\acer\oobeoffer\ootag.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI
C:\Windows\PLFSetI.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk
C:\PROGRA~2\HP\DIGITA~1\bin\hpqtra08.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^ew^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk
C:\Users\ew\AppData\Roaming\Dropbox\bin\Dropbox.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DefaultOutboundAction REG_DWORD 0x0
DefaultInboundAction REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Re: pomalý notebook
zdravím, je tedy nějaká pomoc ?
Re: pomalý notebook
Tady nejak chybku nevidim, zkuste odinstalovat Chrome, smazat jeho profilu slozku a znovu nainstalovat
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?