Prosím o kontrolu logu

[ACS]

Zdravím,

potřeboval bych zkontrolovat ntbk kamarádky. Při otevření jakékoliv stránky jí v prohlížeči vyskáče X reklam -> určitě zavirovaný ntbk. Nepoužívala žádný antivir, tak jsem prozatím nainstaloval alespoň eset a ten už našel pár infiltrací, ale reklamy vyskakují pořád. Zde je log z RSIT. Předem děkuji


Logfile of random's system information tool 1.10 (written by random/random)
Run by martina at 2014-11-08 07:46:12
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 582 GB (81%) free of 715 GB
Total RAM: 6092 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:46:27, on 8.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Users\martina\AppData\Local\Pokki\Engine\pokki.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Users\martina\AppData\Local\Pokki\Engine\pokki.exe
C:\Program Files\trend micro\martina.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.safefinder.com/?p=mKO_AwFzX ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.safefinder.com/?p=mKO_AwFzX ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE11ENUS/WOL_WCP
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: 166090e0f32601317e4e5118752c52d60061752 - {11111111-1111-1111-1111-110611171152} - C:\Program Files (x86)\Internet Speed Checker\Internet Speed Checker-bho.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: PrinceCoupon - {9dc2d36a-42c1-443e-b30c-b6629c397f7f} - C:\ProgramData\PrinceCoupon\SSGXBCZj6MRisX.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: PriceDownloader - {e68da64a-356a-478b-8755-7a8f11ecf647} - C:\ProgramData\PriceDownloader\6grZbhSlxHS00X.dll
O2 - BHO: Seznam.cz - {EA837F48-5AD1-443e-AE34-FFE03CBF3099} - (no file)
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [LiveSupport] "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Users\martina\AppData\Roaming\Seznam.cz\bin\listicka.dll (HKCU)
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Users\martina\AppData\Roaming\Seznam.cz\bin\listicka.dll (HKCU)
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Users\martina\AppData\Roaming\Seznam.cz\bin\listicka.dll (HKCU)
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Users\martina\AppData\Roaming\Seznam.cz\bin\listicka.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11306 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"

C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
taskeng.exe {1929F5EA-26AA-4F53-8EC5-F43641A63DC4}
taskeng.exe {5894A38F-6837-430D-A108-90D18462D6BB}
"C:\Program Files (x86)\Internet Speed Checker\f8d87a0f-dddf-4ec4-8c1c-49ae6a920115-6.exe" /rawdata=uBByJRRAgNtrCIWhHLiRKeGxUtKTuwsOkQSSxbnkGpuW2GZjlXZW3Tw7gOjkdiTLvyumeAKjVyecoS1A1rkCwabTHgOLNmIUEFHsfkIse9fesgRxcQ6RJSjdaV/Bpoo36Nq400CnnPyUff6hllOERJS5sW+WCY50vUSnrxswO/CJ9xe9bAsU4UfZ8ivkZD4vgFKLqKrz1So7tWInY81MH8qyO6cmhZhF3Brc1id4s6YxZkLgOXSCKD8cXfTDwQjRRq5ZNgNjmtCsxMWW11FqeEv5jKPlThuZqpBPH4I3zLKFhFBmU/+249xlze5QYQP0F2iZBHPwy4V2tKc74IWDMpv4XqznBf+NDcK5s/0+aGAoEyUF+AkPeIUtS+XME+ZaKe/ZMRQuRBQV6M7F1ue6ar9lam94BhlyUWnoon2dRISYbJIA5+7CKt7HDPiYZOHrNamuLZbzHFTdJejbB8KibBmgsftDp6Xj4d9zFffwHj7mI4WZiaNN2DJnbtZpKsRXwW1/JLIY+eAvDjSJ3m/T70EcBmhk4XvVWrP7yI8RceuaKNB5rndkH4LM8Yx7hpDZYSU4pxsjvkGonRzxznuX0per5SComhYhwaBdBHA/eCg8VACGpG/xQEItIffZlu3eDkzMnKQghLa8JDwFiN8rTUZJg4Os0MktCSUr26DXrkuphIv9fIBTS7Yp6MNYJ3K47E9aYZjfIYdws3gfe0DxlTCslWxRIa2MTbnAWRPYg1J4jgsoT/mfH2/ZvPuTTEB9ELomY6R7GkZTcIayGdYKMlhsTvxc4utwhR9t6r5otYmrHq2UvWDxY/jryAxwcZEBwwinRhJ70HsnUfpIjTwSHHH+VN7KOw3e3SMA1AdQN2IJImvnbpCsCn/+UcH5TdvEp7wQC7R/jnqEXRI+WFivsCWBh068cZkcRT+4mqlzUYVGbkZwMbAbOZitxVU+dhLXRDZUVgGHRbJCTdJG0atb0M7EiYEUeNMEPjt81uGGEk44g0mH2qYi71ujvsgJNptammcaa9MmrdZiuxDd6cENtFGRAXUWLU5DXBq+HO4ib2wAmEUACi8c9+dzvt+zdgFN6SyYjzkbq+v/9CbSkmedNlTRTsaKLLY7EgccmI0pfTBIQI3h44rMqiBevKkyGLjyVx4kEpg1bT47cfTlahhhs83uNb4yPt9NRs1YoIfFHyB7Ju5olcjOF0td6jz+fjRB8xmrtiy/ARp9J4y8m1fWlyL11HEo0pOlM+FdZiDiTnH+KvB2GFYbucMb+SDI4HtGxpB/XekGV9YLDGeXpt85ZVrJpqz5MzjBtQxEyBHjfJ60D9xp830wgvrcYGLTcugEipzmCCinytMz1tV73C/Wpw0RSdSTbJ19GGeplXhSnVv5IIvF9uh1+av1WqJkxz57tUiOy8v97bkv2GXjtVTkutAUktdTLryechEOY0zW/OR89UC3VDpsy/TbRxr4WNIi6AmV4mxlgex2OIhH8NSK5k/+d+qVFhHM3nVHhuJ8k9YJUbz35u5z9WGhH3Oz2U5eGrw/1gMu4QorjRWk4tAaUdREdanTo0l2iJ2K6WcjU94eJT65xY8fW9epFInZUm0elqPvp3yd7nJFffIYKwZyeH6g6qoP6idEh0iXhDy64s+hSo8hoPKuOIr0j46l4EQONrLow0JXqhSqNBSO8RDm87IBiEDfGn4vqHMr1FeF6bLDL+ZX17PICWyIYY7IzRzpRkLmg0vrQFRpYv6HiDf41JQRrTcq5gSV3ucoCjxfy568D2qprr8zUk5Aattc3TsMh2Mce4Y2N160pI4FC8UP0C721I7CjrQwjnYBp3Bp05ZWy5P2uRv2Bzrm8yD9mu3Bp+DkhLQRe/QVWQBtAg6SIA==
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2780
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Users\martina\AppData\Local\Pokki\Engine\pokki.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
taskeng.exe {C43A6B3B-D80C-4092-8940-67C2BF02D4DA}
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Users\martina\AppData\Local\Pokki\Engine\pokki.exe" --type=renderer --disable-breakpad --disable-desktop-notifications --disable-logging --disable-speech-input --lang=en-US --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/14/OneClickSignIn/Standard/Prefetch/ContentPrefetchPrefetchOn/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpeculativePrefetchingLearning/SpeculativePrefetchingLearningEnabled/Test0PercentDefault/group_01/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_42/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --noerrdialogs --disable-client-side-phishing-detection --disable-bundled-ppapi-flash --channel="3052.2.1698115771\811842682" /prefetch:3
"C:\Users\martina\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\f8d87a0f-dddf-4ec4-8c1c-49ae6a920115-1.job - C:\Program Files (x86)\Internet Speed Checker\Internet Speed Checker-codedownloader.exe /rawdata=ZUItHPgJG4+ITSffUvbg67rrztIlFqpkb9OCXauBouUxlFywlTmmwPv4qmQ+AV2oGwl34yZVIkTYgOW95U3NpPegFKvxe8bUqcuzH7B+7MdFe7dDlmpsDluXT1xhvh53pPaojtGC41XpMNCBuRD6XHhLYfLm/NET4OI3+zR/lQ8fN0Kz+ZDaMKch9eGIbL6yqe3A4LRqwYYOIV4Q3+KHvxFQZxs4JSIi4tWsWOHKtG0fAFqKRCws3TJydw2AMjX09qQGHV8O2NG6BkPHdccUTCrKzZPeww6kmaG1+zOprsp63EN/G0VQlevgef4YdU5UOQKSV2giiK19420g6XScJ0hsLqgzNsVaDn6UiJEIzh0ZlOz1qJd05jHu2pX41BbVx5hD01j6YB3o6kSGK52Czolw2MV7HQM+qIt5eKKJFgRPRIItorJC+RiS4zJfQnjKes7PbfgiDNKk1LkNPQ+PIx2lRfR3EvHzVCmSBtLi23J/zlrDoM0tmAK30anyWmHIRp9YeckemNu+UpPeeuGEuPE+nXJL2qK9WsPJkYOtvWE3GYS56WTLBsGtRk2zjDLUGxNrxaCzU4QcSZoN/mxJ4/CI388YlInLWuFg/hTYvTv/bpikiukBINW16d2JP6d7S7wEnejjyUMOotxOKanlNaYO7ACTHY8cpbkbP7oS/hdDEtImCchlrQLJeKov6j5ahvYeboElDTC2sEK5VBnRbpOaMGjXnGxKOX3lsO/tSb+hFmYbIsGb08WJCkp1OQHmBz/9uRA6RkXQG8ZHSHKZeWast9kZjGztIM+eT/n1Yfrhzw2/WSY2/UjokEIqgWoZ2ddGXBW0lldxc0o5jyQ4XWl2BDlzxhiO5N0vS57WRiccE+KOx8lRGOPVHHdLtxSi3W985NuU4B7Rd/Ua0k1wYAkviTj3wCtcmDXZNP7HkZs0xnIw0Dm0/JYiQ8yEVh4Nnun+Rrw/OSJq4M/ucOVpjzHcTlisZP4LygKwYDX1fKHfBdyFzvDRmpB2yTQ54jBhxKdaUSEFMY0ljrjbtnZtiT1PGD0Wt+X4ZmPaHGsONemI8KXsUSvvVUf4K7ZbMIJJo9nkFEt7uuKiz+bz1gNnXWdhtlxUJZGxQWNDzc2LuOdyFUBz1ErBwpzP/G0xnClK/fBMvQwgz/p5V/1Nc9VKVZZ5wDUjur9cbjfCvqDb4Z6CVdCBciHOjpjtUGsgMugqwtTC6FwCZgjImk7/GnFDi89cClnKzatRh+Wo8Usv9ZLErNZeKZ0jCB2gQ0pdIVMKFhubcOCnpWYwR+gVdCL4hEH2aLktXkqG09FkkDuRrm5m9qdkzjO0NrtYxBvQhZcyKVSup+7OuXgO5UlM2S1hEbeQBH2P7QuvEDG0KTQkfbwoxdoKMXSyBrV2tZCJUhM9YrCKynSi2CdoeB3N7d/Zm73iQhSwczLxNayUu443OIWXbHfb3F4sDs1FS+XQNOeOOVFrQkuwz1WKDotjeaDzpU4/hKs32tsSZtPp4znDp03FF07VxN5Vu5L6HJHwZO8T
C:\Windows\tasks\f8d87a0f-dddf-4ec4-8c1c-49ae6a920115-11.job - C:\Program Files (x86)\Internet Speed Checker\f8d87a0f-dddf-4ec4-8c1c-49ae6a920115-11.exe /rawdata=ont1yOYfonaJRj5RfBZxfd71Rq6RrGsDtHV4pZjQOAV3vzf/K7/Ct8NJyNuZD7ANP0slRv4N1XkEfm3dM3zL/wg5JWYxr8N5BVGfVQC0cr/i9AOwhSAucUqjVYYRmtNJR+CPmXcoSQjrlGQAEeT3vgLsnKEBDL5WlSzH4s2COtxm7QyUsMyTiGY3Bz4Y4rhzBGfGLvmjDDkzQjhB5WdIOOrGXf19jPkneo73C4TS77it6VYx7jkI5dzEBkVlTqjg8x/fNzRAErRokFjvoR8zXaGZUnPBMyNmPSfRebqbcjkXVHaPps4nYpqer3UWOvPA4NhQg7bT4QpFhTQeVBF7aUmFRQlkr8/BGWNcCCWvER8viyC/uhXaq1knj9MI2f+0PkaCCaQXlUrixDB158u3RBtcY/BpFoulo1f29aQEhxeRcyI0DnibNlzFimMel5W6KvR3oA/V36D3r+CXd8kzHOLmeUrHGwuETL1FKnhH294HQgOx4dsXhs9z7vTHNdykBJpRH8H1hVHhfQV4LDz4xDuOFEY70qvp9vHmlaEK+nZUXVAnE0R7U+ZHqTCPozyz7r112qBzuSOdDQ0w82GrKGYhN+cpErMRPRqwl8VXCn1tu8YPxTMzWn1MDJfXrvTT+WV9/7SAweIRQNJR/TrKQ4dxBzE65yIXn6YmmkKBSCJLylA0ZeCYEqN2Uq1YF2Rkf0i7HBwrt1bcZ2GY0AODdCb22g76MqFS1QTBTBzM/aJgOSJEt2bFE6HfrPiWy+QDm6cGMPfuFS6Q3NTb1FZUmOsulc5+FsiVFCKrjvYbD3hTuYqo/ZiX/9m+vbzIJVHfvG8keBjxPBV0AwzS8zrxPCXfc89g2B7mO77PP4StLCb2utXPCb7w6o3VdyBdSAkAdfck+Zdvj7juKoIYiAN1gsKMMDVhKFvcCClTmFnS2MiSw0zM6DkiwzSupvj+zmAlx+U6EhVvJ8GYnD13t30iPiBNBGAQt7jaXEuJm9o/ESJxv2/KOyHl0xgKomd9OICYD/p9MJGYtOc/ZVc5bsyqj06wS3iIot3tTnczZQiyrToWxTxj73p2Mto2gwOvzjqYvhma4JrGhDabKLAHcTDZmXRiw8aEH1qNgZ5wsS9FAbzjnc3zRg89kLGIldy/rZrGhALewvaXOZmRx5qNy5DpsMkkbW5gdc51JkmvaWB3BSpk8+XI4fcNbeHi3lBVodkiUysGByU0HejRa2wIgbA0DaOKsVwcLUAMIi+5K3cgp9uv/RRMbEjl+xu5lftzbp/YSCH8vt63xfEVW5uyeavajM7ZiM9zUjEWGc1usLFNLdir454HFQU3TCv+lk922PLny1Ffl2kythrPqVrEjqoBQbdfKThPi9fjHq8w3pSqo587ngpz5aK/onbJIvK9fU+SEqw40dK2EA8Y5E9Ss2gOUrKfPQ9jhRkoVwC1oEo9Fww/UU9JhNX2KDa4uEgzZe7eZ7yQ97Lg6AfhOJ/47bIAawxLT3toZ0snmtD6gfoIiIQEogizKgIU/cJYOGZTISWTGOUAlWD8Op4h55AtgWzaFak6E2sYoKvC+1N+L61MYSmO77dyu3hn4OM9no5Ispnb5U05APzTAQooR5FINxGwHY5HoB+MLyKA3hwz6lQFasKKVhO68O1lncefV7uHVnkG+52UZVeJftCjkx/zfVW1BBJR5AR4DmPVZlICtaFyDtRhcxuiqopAJMDbSe2nZ5y/xfgKS16YQZK1Bl09dT7R3b7Zl8L8JPOONIR6lnugZnHte0lq6LqJ/li1tHzBbAbZphO3BtGpuVpHghxFnTaI55wEyXTANC6SoXj9wzulwbMP9kLWVU18965Ys7HcLzp878gp6iJMR70Qs18f/P93YVzSpNWvNcZmAEqr2+rRB9zssmf6uihFRXi2nn/HL4rxZqGJI+uVV62MOYM99bt5r+/56wB5i0yaRp8dz2Unr0Cb6KK2S0rcBD5BfU4FBNIeWnMEcVaJzRFpLFdRwLQNDW06EO+1yqonI+UvpbZDAIX4VJHSqSDZnzPH9iiDFIUOINpt2c5Yx+fpIoBVGIfOHDMGuhQYLq1LVqMnJJL26EEOjJUekwe54VLBMzTZhi+gKqtlhCICidy6VGQ8ARcgi0L7NonrSr7++ZkdHK/GaK/EnLUBBA0lieRcAPQjFBvRghEzc1H4eIAMUGCBDJ6sGKagbBNJ0qvfGGJiLE1cOywS5hPZuSShd3oaBJ3TZdJasLcmnj+iAOdQxELTox2FcZg6CvCbDv8ynihSUWs5YleiTVm+QfgH2TIILR6ltEDKdnJPCSpWpOOHkRzckKhgvvNRL9/EcEHENZqXJUxPjyObkFmt5IdSP0IORyhGS98NZHc0jhKGGmCLL0uxXfQXpw==
C:\Windows\tasks\f8d87a0f-dddf-4ec4-8c1c-49ae6a920115-2.job - C:\Program Files (x86)\Internet Speed Checker\f8d87a0f-dddf-4ec4-8c1c-49ae6a920115-2.exe /rawdata=CnJUftqJJAamJ0UZTDHYgzbkmKUzIMnf96CLJ5irPthFLIzPW+2WPjTU+bHtP73wM9l2vP88PW4Y8CPKENhBGJrbecV4aWsHd9etlPCvKH/ctHRgjNfZTSA3HmsZsM+5K1+Cn1P/45F19w08XW04v9N8xbhBkCPhDY99orlrf99bVqJk59cP0+rqveCjEI8ZeW93LU+lhQzrNiGEmpdPfTWy1PhcPdNhS19ePlWiYmuGq5S/J0Py1zuC7wh2iQxauXvijnwTcGe2H8Z/+umd5dTayTc5Yu+XcEv60i+isTpBCQo8pZEj2rEOQ78k+44JUUqRabHyMx7EkPWg4ggj9nD0kYeP22KTRDt+Z5YFrDZMLko28uCVxGyL2qlUmC81PG5Pf4dHDbrObc0J7A2rZeZPtwc1uKqp7pf0TF9cM24K8yyy5KNebu2phY6ZP4xfv5tdOgfDwcKwCnGfTKNwmpNfZHQ9xti4wj9+mNhcIGeuRCr4fVZnm3hgge7qqLmoQjwM3AZqEOwg9wr1/zKSJ7fd2fYrdgH/fKBMaokmRI740FFfbolKaYsbvIjHRpxHIJNbb3oOCkwW518q3LtE+junUma8fCrP7ry6YOUJ2e1QGS60n3gkDgDj712yXypv0KBEyDpI6zQ3LqKxYnRw6SiBs0eithKNhPHzaWJ/7rpEFTl7PFdWQi64ZzoeQJW0hVF8axFvcnrI0jBSN85g/VtzGqWiqmtyXgL6iS/I0zk1XBSd+dvFyRy5oqYCMvv7gCuCjKQrMpHkEkM/XUB8eZJWK8L0Ev/MB/ZBJzSAEMXC7OJilNLgB2vMREl2nOIlxKG+yEBxZweXW+mtwTn3yQ==
C:\Windows\tasks\f8d87a0f-dddf-4ec4-8c1c-49ae6a920115-4.job - C:\Program Files (x86)\Internet Speed Checker\f8d87a0f-dddf-4ec4-8c1c-49ae6a920115-4.exe /rawdata=v2Bt7cZMpdDABLLWCXC9u859J3krO7Jxq2usYTmhwob8kydjDlG5bwe/Frsmx7fQ/TGtncOkf5o5aWfCqdj4Nl/fTxnh3xRMFOcPwAvbwEi+tj5H9JeK0gpjA1FUAiFbUtTD9YeaQeTTT4IJrCZIT4jSMjoqg7tEgp54mq+ViE1K5d1kqqrSpRMEBGuHkpj7XITSf+BoZloZLCxYGSjvQ4RmlzmIjSVqXc19a2gMD/Cjas3xm+i/4H4ZiLfaA7nRANePPDiI5n7b/DNV8YkVDZa7s98HlO1m8HgNyuxZwPP4fq09SYRqdb91TfqT7JsQBsOdN9/QaVBJdQAbbhrB3Yn3F71sCxThR9nyK+RkPi+AUouoqvPVKju1YidjzUwfyrI7pyaFmEXcGtzWJ3izpjFmQuA5dIIoPxxd9MPBCNFGrlk2A2Oa0KzExZbXUWp4S/mMo+VOG5mqkE8fgjfMsoWEUGZT/7bj3GXN7lBhA/QXaJkEc/DLhXa0pzvghYMym/herOcF/40Nwrmz/T5oYCgTJQX4CQ94hS1L5cwT5lop79kxFC5EFBXozsXW57pqv2Vqb3gGGXJRaeiifZ1EhJhskgDn7sIq3scM+Jhk4es1qa4tlvMcVN0l6NsHwqJsGaCx+0OnpePh33MV9/AePuYjhZmJo03YMmdu1mkqxFe9ngWcGqAJGGRfpiNFCb3f5+U6JiNwL5fjrSaPwr5/KAtPVkE0RxPFMTh+rGX+DIYDDYRKKSRQcIGswAA8FU1GUZ5v2HG8OKAsUtrlEYTHj7JMk5xLhJ/J/OPRAsEm5KJrefPz4nt4of8e7xXwP9/eyIjaAD5yoXN9kCPUA6XSvUimFfVWd+NZJO38EI+/r4G1JC+/GyJ68nMuIWOkWb3/UrqdMpR7iw53a5DCqKYnRDZRmtblNRk9n8Rth/VUGaqzdWNTRUJNi8CvdRFZo8T3IbttoG8p5FcBFzXQbROEyCPwUCnqN7Hvi3f8KV5Cn4OFETc6xM8VyD4wrcgfGrjdlIoZ+Tbj68PTOvxhqsgwn6Ofl59M/iLaY3bS/tedxFu5+eUYcHjfE7IDvkN9IR+JDlcr4nx2xXORkW6QJeX3w6+ahFPHB8cWrm0Nbe0lIaZAuf4M8bTy4uWN3cbSTSlfNZvoOe2zYHzwl4Z4hVqYJ/0nRlse5R6IzRmA0U/o0vsFfM+TxbEKyZTwWTTEsHKBNC91pM1CCL6PcGhV9CgPkiip2J4YTvRejFOqe1a7S/p0clBOh+ZuTS30KsDYT+lO5rhf8YZ1S6SvWJ36XB4Y7ymj8a9hiMqJ6L/WMM9oHRMXE22SyqkUTrumk/hiaP8+Ov+stjToSB3UoHDEuO+1OxFv6kc4Ke+d4x1GFxqwefXe7t1phPWjh0BDDEwa+dsWu9fmOkW3J5AkPRMppaAa5OFRUrjkMVxoJxYkO8vORJcZUkmusNUsx9JmPTOhu+KhhgRjD6wsBejV8hOBwgmrAPu2zyAcZxKyAOjEIFJ2Wu8p5YraSwViTEt9xfFa2p+EsF3DqXj250HiESlo4trQQVTyHc4+BsO72HNOijnnobYGuNhj9PCqF4/O9AuMIrskrtsuLIi7/EsxCdR+4r6AGKSA2oLTA3Vte0Xf24NhThVei/uofHV6Wo2SfQ+PGO59AM/C5DugwsopJ+1pqOGPI5Be80azC321+ckOKMZbkuUCgOktbvNKa0ZyvCkDGk6LABHEjKNE6LVg8qI+SEiTfe/YHUbzB8Fm7gq3BMJcmItq1O8irHM2FlAj2a+QY4qwlFVQ08UHkwA5tJ14kw9ht4FqDG5RBYXN7+TlXjzAqFb66UQUlc6yK+dPgQHBZsS3xmYIJ1CyTCBNLr8/mpxhlx5o/LkWxkGrqiOU/W10KtQleu43KHXJ7h6+vE1D4xNBIYKwDPiu6PEC9MiiisJdaWhgVTAwkaF9FiD4+5fa6Rg9AekdPXSU7VFsMNRVvhY/Fndd/b2pgBpWGSHk4CTNG+Vr47dv4xa2crQc0mHJsQ3TOT4LxeRbkRxv+Yl1qLxZ
C:\Windows\tasks\f8d87a0f-dddf-4ec4-8c1c-49ae6a920115-5.job - C:\Program Files (x86)\Internet Speed Checker\f8d87a0f-dddf-4ec4-8c1c-49ae6a920115-5.exe /rawdata=Br6+h0oSCFN+36STIeykmjiYMy++VY7TB03bDoXquuozCp6aJ5Yqe8shZzib3GVtlfjJ7mkRLp4hUJuhgVWnPBT3yRXJSoF1PeflVO4GwF+BMPCHylkVVyquACEy2xWBD5aw0npD5JXDfWBulVE+Tpsuvsv5X1Gqk6ISk3D8nRCAudnejSAhJi2daSeznec9hSRyfFZrcQS463Vrhcub3GkcbgY/9qzBOIvRGuE685gSyPfhJZWUdqc1Zxy/tl2mlLJSrUb6Cdg5YF9ocdZLl4G7s9WTjVPGUepw8sxhYQd21ida6Rhfv6A1VMhPcBQ50L8ABmQrNxVNFuxhjM7uxUJ4LuI4tZ4Ic58HKGOn5s91UEeXJ2oYBlop0UBylgghDT8mY5nNWIWO+XHCoUaMw9T8nCHqcCc0qJbQd5AFutXLZzEw8dFNFCSNP1PgLX8noodb9EHCd3nlumLpWISak78W4eMNkhDMoiVm+mGYBTVVxx8zPlnXR+IJ8T3qSy8tdQbLVgSGkvCuPLSwKnm6tqX6JMps5VT0RZ4pvypcxEKLxWDN5W668GS6O9CZLp67reXdVmls9ccLb1LfV2er8ZwE6GMd++kU4ed+Goipbgi3X5AIRst8FfotgyteDcq2Yz/CGTj9VZPP+dR0l9LFueqMLvqPuq8G2xj5PXvCh4GzpaPPxKLmlJu3jtBXdVS6neDFh42gGa6Curyp9qcezcnHKivAbfGhzpnCUCw3tQ0DU/5JZDOzt8Lp8JzPRDUwde/j5vV0sSPRiwYmEm0JZ0C99d9C2VvRuVTWcpzMvY3dG0lLzI7jYJl8lsCRYP3Kve/+VqhfcEr7zngzYngKTVx2wfmj85ctgTsR44mdciML09xRxZrWEStP00Mt213SxcTfsH6+f1Ftt12MWzqFWLOGo25JKNgD4oPCuHkE2YF3n+9DaWcsmtsD3V2/PkFLFjYZcv92+KyfEOWEkx8WpeSgScqmpq3thI13o4Mlyfj1JDEtg52r4dpHwXiVqLYi
C:\Windows\tasks\f8d87a0f-dddf-4ec4-8c1c-49ae6a920115-5_user.job - C:\Program Files (x86)\Internet Speed Checker\f8d87a0f-dddf-4ec4-8c1c-49ae6a920115-5.exe /rawdata=Br6+h0oSCFN+36STIeykmjiYMy++VY7TB03bDoXquuozCp6aJ5Yqe8shZzib3GVtlfjJ7mkRLp4hUJuhgVWnPBT3yRXJSoF1PeflVO4GwF+BMPCHylkVVyquACEy2xWBD5aw0npD5JXDfWBulVE+Tpsuvsv5X1Gqk6ISk3D8nRCAudnejSAhJi2daSeznec9hSRyfFZrcQS463Vrhcub3GkcbgY/9qzBOIvRGuE685gSyPfhJZWUdqc1Zxy/tl2mlLJSrUb6Cdg5YF9ocdZLl4G7s9WTjVPGUepw8sxhYQd21ida6Rhfv6A1VMhPcBQ50L8ABmQrNxVNFuxhjM7uxUJ4LuI4tZ4Ic58HKGOn5s91UEeXJ2oYBlop0UBylgghDT8mY5nNWIWO+XHCoUaMw9T8nCHqcCc0qJbQd5AFutXLZzEw8dFNFCSNP1PgLX8noodb9EHCd3nlumLpWISak78W4eMNkhDMoiVm+mGYBTVVxx8zPlnXR+IJ8T3qSy8tdQbLVgSGkvCuPLSwKnm6tqX6JMps5VT0RZ4pvypcxEKLxWDN5W668GS6O9CZLp67reXdVmls9ccLb1LfV2er8ZwE6GMd++kU4ed+Goipbgi3X5AIRst8FfotgyteDcq2Yz/CGTj9VZPP+dR0l9LFueqMLvqPuq8G2xj5PXvCh4GzpaPPxKLmlJu3jtBXdVS6neDFh42gGa6Curyp9qcezcnHKivAbfGhzpnCUCw3tQ0DU/5JZDOzt8Lp8JzPRDUwde/j5vV0sSPRiwYmEm0JZ0C99d9C2VvRuVTWcpzMvY3dG0lLzI7jYJl8lsCRYP3Kve/+VqhfcEr7zngzYngKTSLtJaHCUbyCALolIm088Jr/2RbTQMR8OFYdJgIKsFE+1K2/KyRJCdcfQ9miHnUaEhJWnCMC3Q6TmMH8ne+2jzTpggBaXogzl+/hGM5YmjPfk7UELgBo3BMDlpTY2DJAajEropR3mdZkSsQzjjju91She+QOaIPKvQUJPVRuk4Ui
C:\Windows\tasks\f8d87a0f-dddf-4ec4-8c1c-49ae6a920115-6.job - C:\Program Files (x86)\Internet Speed Checker\f8d87a0f-dddf-4ec4-8c1c-49ae6a920115-6.exe /rawdata=uBByJRRAgNtrCIWhHLiRKeGxUtKTuwsOkQSSxbnkGpuW2GZjlXZW3Tw7gOjkdiTLvyumeAKjVyecoS1A1rkCwabTHgOLNmIUEFHsfkIse9fesgRxcQ6RJSjdaV/Bpoo36Nq400CnnPyUff6hllOERJS5sW+WCY50vUSnrxswO/CJ9xe9bAsU4UfZ8ivkZD4vgFKLqKrz1So7tWInY81MH8qyO6cmhZhF3Brc1id4s6YxZkLgOXSCKD8cXfTDwQjRRq5ZNgNjmtCsxMWW11FqeEv5jKPlThuZqpBPH4I3zLKFhFBmU/+249xlze5QYQP0F2iZBHPwy4V2tKc74IWDMpv4XqznBf+NDcK5s/0+aGAoEyUF+AkPeIUtS+XME+ZaKe/ZMRQuRBQV6M7F1ue6ar9lam94BhlyUWnoon2dRISYbJIA5+7CKt7HDPiYZOHrNamuLZbzHFTdJejbB8KibBmgsftDp6Xj4d9zFffwHj7mI4WZiaNN2DJnbtZpKsRXwW1/JLIY+eAvDjSJ3m/T70EcBmhk4XvVWrP7yI8RceuaKNB5rndkH4LM8Yx7hpDZYSU4pxsjvkGonRzxznuX0per5SComhYhwaBdBHA/eCg8VACGpG/xQEItIffZlu3eDkzMnKQghLa8JDwFiN8rTUZJg4Os0MktCSUr26DXrkuphIv9fIBTS7Yp6MNYJ3K47E9aYZjfIYdws3gfe0DxlTCslWxRIa2MTbnAWRPYg1J4jgsoT/mfH2/ZvPuTTEB9ELomY6R7GkZTcIayGdYKMlhsTvxc4utwhR9t6r5otYmrHq2UvWDxY/jryAxwcZEBwwinRhJ70HsnUfpIjTwSHHH+VN7KOw3e3SMA1AdQN2IJImvnbpCsCn/+UcH5TdvEp7wQC7R/jnqEXRI+WFivsCWBh068cZkcRT+4mqlzUYVGbkZwMbAbOZitxVU+dhLXRDZUVgGHRbJCTdJG0atb0M7EiYEUeNMEPjt81uGGEk44g0mH2qYi71ujvsgJNptammcaa9MmrdZiuxDd6cENtFGRAXUWLU5DXBq+HO4ib2wAmEUACi8c9+dzvt+zdgFN6SyYjzkbq+v/9CbSkmedNlTRTsaKLLY7EgccmI0pfTBIQI3h44rMqiBevKkyGLjyVx4kEpg1bT47cfTlahhhs83uNb4yPt9NRs1YoIfFHyB7Ju5olcjOF0td6jz+fjRB8xmrtiy/ARp9J4y8m1fWlyL11HEo0pOlM+FdZiDiTnH+KvB2GFYbucMb+SDI4HtGxpB/XekGV9YLDGeXpt85ZVrJpqz5MzjBtQxEyBHjfJ60D9xp830wgvrcYGLTcugEipzmCCinytMz1tV73C/Wpw0RSdSTbJ19GGeplXhSnVv5IIvF9uh1+av1WqJkxz57tUiOy8v97bkv2GXjtVTkutAUktdTLryechEOY0zW/OR89UC3VDpsy/TbRxr4WNIi6AmV4mxlgex2OIhH8NSK5k/+d+qVFhHM3nVHhuJ8k9YJUbz35u5z9WGhH3Oz2U5eGrw/1gMu4QorjRWk4tAaUdREdanTo0l2iJ2K6WcjU94eJT65xY8fW9epFInZUm0elqPvp3yd7nJFffIYKwZyeH6g6qoP6idEh0iXhDy64s+hSo8hoPKuOIr0j46l4EQONrLow0JXqhSqNBSO8RDm87IBiEDfGn4vqHMr1FeF6bLDL+ZX17PICWyIYY7IzRzpRkLmg0vrQFRpYv6HiDf41JQRrTcq5gSV3ucoCjxfy568D2qprr8zUk5Aattc3TsMh2Mce4Y2N160pI4FC8UP0C721I7CjrQwjnYBp3Bp05ZWy5P2uRv2Bzrm8yD9mu3Bp+DkhLQRe/QVWQBtAg6SIA==
C:\Windows\tasks\f8d87a0f-dddf-4ec4-8c1c-49ae6a920115-7.job - C:\Program Files (x86)\Internet Speed Checker\f8d87a0f-dddf-4ec4-8c1c-49ae6a920115-7.exe /rawdata=UFGstd+nHiULaPXPoqk8xkuFxjXcPpkf0uivq3Ls87rdzxZGWBffgDPin3Ed7QjuYrxEiqjIyf2CoElE3KGcB9K3wu/hkg4iwO36o+bjoDxx0XHos9RucEtSk6xJKmgQaeJOIGtpd4P+FZB79XSItPkWvPQH7jytbPpK/vcjRqOoM5qb4+v3xrmFZYrwGYUvWZgTcynEZ8MGzog97RtVJHtQdMeW0lqLjgtAQL/17t4R8Xu80kzskILbEw1EnW24L4HklvdXwLwwM7OlynnI1Z0rtmIkI+9FZEKwYU88qPNw/CDAsOdt5veq+DVdkxXQK39X39vQSRSGmKro4BRqlDTSkkY2pAjLY5R99H4X6VbsB4j/A39H6dU4SAC1Vq7Vp294SCcKJmm3HykDq4AD4o/7RR2j9MXYIDkQS/nj0uxLH//h98ue2ubntX7XPGMMQIG+oWbyPcTv5F+yn9Xs5TqOuD5bhkS8rv56VWZcabucLfnICdkoVfYYOqhSSF0uIEiBOc0BM/x5LmSl6P5OWzcgxW0A6AhdoHlCCVIml2aHbLrXEjI6IoXRm04uvh5uNT4EaW7bKRIQNDmpFovd6MUGNGlO1CcBq7L/LmcflE36Gp/dB9tDdt7n77gdov5ToPx7eztH91x/bdVZ7ERQbURmY+EVx6RHoJ8uFF14yXNbv4h+d6kpOxxqlJhaf61uwLDhDbriXsUCbN6/JgOXgQ2seSYBdxWTcBd5qgXCzxF5x4IEuVsGCQjqLklpnC7OIF/rUthdxREkj2q94m6qKU89mM+GJscbgNsWvWZFISvaV3qxqiXnqX4qCXytlHkQbbaf1crFvLMPUs352V3d2kvitmmk2ibn2nkG9I+XmGiCGHf6vaZIHVfnZ7FbZBm4CWYZFx0+f1mW1X58URxXv1XXXWH5n4DOUF4qwIIcHlHHK96MpH7LqEl812n/X6ckzYqaTu1ieWoScHAFO6pBkIZrZ6AUqZqvflX0FHZPnfBlpa98iwBNC4l74EMNKYZebaCKogPAciGlSCKTKxTWRn214MnNxNfDO62neNkFpkafVl62ZzMW6oGaSnseCkf9LV7jcapLGYDlN9zvzwiRKFDfTnaRzfYZGcd4ASColAIfoo+hEC1g1k0xhcC70mWtNy/GEF8iSdicTohAUBatGUSJ7Rv933O2La+0bqa+43WXIDjo5Y/vqYi4om4ltXSJkqVkVeVRhGpUrgFI6GyvcJx3wHZ35rJ6YLCuZ9eboR8wuFsK3EqwYuB920utgXbpqunH2xKrF7VDyiyN3bc3yZLpYlBr3pkutyT3LT01UPq7u+NdinRJtxb6KpsuUmkHBfmhEsMCY4htRerXH2fTlkUDs2jJ7AQU7w8CZLBlGyBmzbKRg96Z6vzfuW0nYnHXQchjAhlBGghz5fT7/x55IuiAa+nLU7DswB4iy4uxajFD8BmwVkG6vDkkJvPzD265wBoSk+z1M9OrlDfAGPak8hxE5rC6c4IGeRC8lRYL0sYY+vNfz5FuaDfYrWTyUAw7lYvBZsTH9kcVFDfdAHP0dKMUA79AylXcvYeutRtuZdwkqvfXNnTWygy8LbEPngnFzd1qc67UxTbSarprzlSLT5FVkb29+uzce7J/H14xpS7dfUWDAXlSvuR483F4uZkk+8uL/lfwg3rNkca2vCcYE81x/C/ov2xfxMfBarPfdwQ=
C:\Windows\tasks\FileCure Default.job - C:\Program Files (x86)\ParetoLogic\FileCure\FileCure.exe -scan
C:\Windows\tasks\FreeFileViewerUpdateChecker.job - C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\ParetoLogic Registration3.job - C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job - C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe -StartupTask

=========Mozilla firefox=========

ProfilePath - C:\Users\martina\AppData\Roaming\Mozilla\Firefox\Profiles\zv22v8kc.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/?clid=22668"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@photodex.com/PhotodexPresenter]
"Description"=Photodex Presenter Plugin
"Path"=C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


C:\Users\martina\AppData\Roaming\Mozilla\Firefox\Profiles\zv22v8kc.default\extensions\
faststartff@gmail.com
ONDJGG03s@Y.com
sepherdwilbur@aol.com
staged

C:\Users\martina\AppData\Roaming\Mozilla\Firefox\Profiles\zv22v8kc.default\searchplugins\
SafeFinder Search.xml
seznam-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171152}]
Internet Speed Checker - C:\Program Files (x86)\Internet Speed Checker\Internet Speed Checker-bho64.dll [2014-11-05 897440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9dc2d36a-42c1-443e-b30c-b6629c397f7f}]
PrinceCoupon - C:\ProgramData\PrinceCoupon\SSGXBCZj6MRisX.x64.dll [2014-11-05 721920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e68da64a-356a-478b-8755-7a8f11ecf647}]
PriceDownloader - C:\ProgramData\PriceDownloader\6grZbhSlxHS00X.x64.dll [2014-11-05 721920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171152}]
Internet Speed Checker - C:\Program Files (x86)\Internet Speed Checker\Internet Speed Checker-bho.dll [2014-11-05 661920]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9dc2d36a-42c1-443e-b30c-b6629c397f7f}]
PrinceCoupon - C:\ProgramData\PrinceCoupon\SSGXBCZj6MRisX.dll [2014-11-05 637440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e68da64a-356a-478b-8755-7a8f11ecf647}]
PriceDownloader - C:\ProgramData\PriceDownloader\6grZbhSlxHS00X.dll [2014-11-05 637440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443e-AE34-FFE03CBF3099}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{ae07101b-46d4-4a98-af68-0333ea26e113}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{ae07101b-46d4-4a98-af68-0333ea26e113}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-09-08 1424896]
"CnxtCoInstallerDefer"=C:\Program Files\CONEXANT\PREINSTALL\SETUP533AFC581\KESLYN.EXE [2010-12-15 1574528]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-12-21 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-12-21 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-12-21 416024]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-10-01 5595336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LiveSupport"=C:\Program Files (x86)\LiveSupport\LiveSupport.exe /noshow /log []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_UI]
C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-04-29 284440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Download Assistant]
C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Optimizer Pro]
C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pokki]
C:\Users\martina\AppData\Local\Pokki\Engine\Launcher.dll [2013-12-05 1271064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\martina\AppData\Roaming\uTorrent\uTorrent.exe [2014-09-30 3054592]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-12-21 390144]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"VIDC.FPS1"=frapsv64.dll
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2014-11-08 07:46:13 ----D---- C:\Program Files\trend micro
2014-11-08 07:46:12 ----D---- C:\rsit
2014-11-08 07:38:49 ----D---- C:\ProgramData\ESET
2014-11-08 07:38:49 ----D---- C:\Program Files\ESET
2014-11-08 07:31:16 ----D---- C:\ProgramData\374311380
2014-11-05 08:01:23 ----D---- C:\ProgramData\CheapCoupon
2014-11-05 07:56:02 ----D---- C:\Program Files (x86)\globalUpdate
2014-11-05 07:56:00 ----D---- C:\Program Files (x86)\Internet Speed Checker
2014-11-05 07:26:32 ----D---- C:\ProgramData\PriceDownloader
2014-11-05 07:20:00 ----D---- C:\Program Files (x86)\MyPC Backup
2014-11-05 07:19:48 ----D---- C:\ProgramData\IePluginServices
2014-11-05 07:19:43 ----D---- C:\Program Files (x86)\SupTab
2014-11-05 07:19:38 ----D---- C:\ProgramData\WindowsMangerProtect
2014-11-05 07:19:25 ----D---- C:\Users\martina\AppData\Roaming\sweet-page
2014-11-05 07:18:54 ----D---- C:\Program Files (x86)\Klip Pal
2014-11-04 15:11:39 ----D---- C:\ProgramData\PrinceCoupon
2014-11-03 20:11:43 ----D---- C:\Program Files (x86)\Opera
2014-11-03 20:09:30 ----D---- C:\Users\martina\AppData\Roaming\DAEMON Tools Lite
2014-11-03 20:09:23 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2014-11-01 07:30:10 ----D---- C:\Users\martina\AppData\Roaming\QuickScan
2014-10-28 10:16:37 ----D---- C:\SteamLibrary
2014-10-28 10:15:22 ----SHD---- C:\Windows\System Volume Information
2014-10-26 08:58:21 ----A---- C:\Windows\avastSS.scr
2014-10-26 08:57:07 ----D---- C:\Program Files\AVAST Software
2014-10-20 17:58:33 ----D---- C:\Rust 1.7.1
2014-10-19 21:40:47 ----D---- C:\Program Files\Microsoft Silverlight
2014-10-19 21:40:47 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-10-18 20:41:15 ----D---- C:\ProgramData\DAEMON Tools Lite
2014-10-18 10:43:30 ----D---- C:\Users\martina\AppData\Roaming\Systweak
2014-10-18 10:43:08 ----D---- C:\Program Files (x86)\Zrychleni Pocitace
2014-10-18 10:41:30 ----D---- C:\Program Files\Microsoft Synchronization Services
2014-10-18 10:41:30 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2014-10-18 10:41:16 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2014-10-18 10:38:20 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 10.0
2014-10-18 10:37:14 ----D---- C:\Windows\symbols
2014-10-18 10:37:13 ----D---- C:\Program Files\Microsoft Visual Studio 10.0
2014-10-18 10:37:12 ----D---- C:\Program Files\Microsoft Help Viewer
2014-10-18 10:37:12 ----D---- C:\Program Files (x86)\Microsoft SDKs
2014-10-15 20:40:48 ----A---- C:\Windows\system32\win32k.sys
2014-10-15 20:40:43 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-15 20:40:43 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-15 20:40:43 ----A---- C:\Windows\system32\mscorier.dll
2014-10-15 20:40:42 ----A---- C:\Windows\system32\dfshim.dll
2014-10-15 20:40:40 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-15 20:40:40 ----A---- C:\Windows\system32\mscories.dll
2014-10-15 20:40:07 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2014-10-15 20:40:07 ----A---- C:\Windows\system32\drmv2clt.dll
2014-10-15 20:40:07 ----A---- C:\Windows\system32\blackbox.dll
2014-10-15 20:40:05 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2014-10-15 20:40:04 ----A---- C:\Windows\system32\wmp.dll
2014-10-15 20:40:01 ----A---- C:\Windows\system32\mf.dll
2014-10-15 20:40:00 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-10-15 20:39:59 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2014-10-15 20:39:59 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-10-15 20:39:58 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-10-15 20:39:55 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-10-15 20:39:54 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-10-15 20:39:53 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2014-10-15 20:39:53 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-10-15 20:39:53 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2014-10-15 20:39:53 ----A---- C:\Windows\system32\ci.dll
2014-10-15 20:39:51 ----A---- C:\Windows\system32\quartz.dll
2014-10-15 20:39:51 ----A---- C:\Windows\system32\AudioEng.dll
2014-10-15 20:39:50 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-10-15 20:39:50 ----A---- C:\Windows\system32\wintrust.dll
2014-10-15 20:39:50 ----A---- C:\Windows\system32\winresume.exe
2014-10-15 20:39:50 ----A---- C:\Windows\system32\winload.exe
2014-10-15 20:39:50 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-10-15 20:39:50 ----A---- C:\Windows\system32\cryptsvc.dll
2014-10-15 20:39:48 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-10-15 20:39:48 ----A---- C:\Windows\system32\evr.dll
2014-10-15 20:39:47 ----A---- C:\Windows\system32\EncDump.dll
2014-10-15 20:39:47 ----A---- C:\Windows\system32\crypt32.dll
2014-10-15 20:39:46 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-10-15 20:39:46 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-10-15 20:39:46 ----A---- C:\Windows\system32\AudioSes.dll
2014-10-15 20:39:45 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-10-15 20:39:45 ----A---- C:\Windows\system32\cryptui.dll
2014-10-15 20:39:45 ----A---- C:\Windows\system32\audiosrv.dll
2014-10-15 20:39:44 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-10-15 20:39:44 ----A---- C:\Windows\SYSWOW64\evr.dll
2014-10-15 20:39:44 ----A---- C:\Windows\system32\mfplat.dll
2014-10-15 20:39:42 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2014-10-15 20:39:42 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-10-15 20:39:41 ----A---- C:\Windows\system32\pcasvc.dll
2014-10-15 20:39:40 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2014-10-15 20:39:40 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2014-10-15 20:39:40 ----A---- C:\Windows\system32\srcore.dll
2014-10-15 20:39:39 ----A---- C:\Windows\system32\cryptsp.dll
2014-10-15 20:39:38 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-10-15 20:39:38 ----A---- C:\Windows\system32\qdvd.dll
2014-10-15 20:39:37 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2014-10-15 20:39:37 ----A---- C:\Windows\system32\msscp.dll
2014-10-15 20:39:35 ----A---- C:\Windows\system32\rstrui.exe
2014-10-15 20:39:35 ----A---- C:\Windows\system32\msnetobj.dll
2014-10-15 20:39:35 ----A---- C:\Windows\system32\appidsvc.dll
2014-10-15 20:39:35 ----A---- C:\Windows\system32\appidapi.dll
2014-10-15 20:39:34 ----A---- C:\Windows\SYSWOW64\msscp.dll
2014-10-15 20:39:34 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2014-10-15 20:39:34 ----A---- C:\Windows\system32\rrinstaller.exe
2014-10-15 20:39:34 ----A---- C:\Windows\system32\drivers\appid.sys
2014-10-15 20:39:34 ----A---- C:\Windows\system32\audiodg.exe
2014-10-15 20:39:33 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-10-15 20:39:33 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-10-15 20:39:33 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2014-10-15 20:39:33 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-10-15 20:39:33 ----A---- C:\Windows\system32\mfps.dll
2014-10-15 20:39:33 ----A---- C:\Windows\system32\mfpmp.exe
2014-10-15 20:39:33 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 20:39:32 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-10-15 20:39:32 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-10-15 20:39:32 ----A---- C:\Windows\system32\srclient.dll
2014-10-15 20:39:31 ----A---- C:\Windows\system32\spwmp.dll
2014-10-15 20:39:31 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 20:39:29 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2014-10-15 20:39:28 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2014-10-15 20:39:28 ----A---- C:\Windows\system32\dxmasf.dll
2014-10-15 20:39:27 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-10-15 20:39:27 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-10-15 20:39:27 ----A---- C:\Windows\system32\wmploc.DLL
2014-10-15 20:39:27 ----A---- C:\Windows\system32\mferror.dll
2014-10-15 20:38:55 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-15 20:38:55 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-10-15 20:38:55 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-10-15 20:38:54 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-10-15 20:38:53 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-15 20:38:53 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-15 20:38:53 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-15 20:38:53 ----A---- C:\Windows\system32\iernonce.dll
2014-10-15 20:38:53 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-15 20:38:53 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-15 20:38:52 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 20:38:51 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-15 20:38:51 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-10-15 20:38:50 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-15 20:38:49 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-10-15 20:38:49 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-15 20:38:48 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-15 20:38:48 ----A---- C:\Windows\system32\urlmon.dll
2014-10-15 20:38:47 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-10-15 20:38:47 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 20:38:47 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-15 20:38:46 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-10-15 20:38:46 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-15 20:38:46 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-15 20:38:46 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-15 20:38:46 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-15 20:38:44 ----A---- C:\Windows\system32\iesetup.dll
2014-10-15 20:38:43 ----A---- C:\Windows\system32\iertutil.dll
2014-10-15 20:38:42 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-10-15 20:38:41 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-15 20:38:41 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-15 20:38:41 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-10-15 20:38:40 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-15 20:38:40 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-15 20:38:39 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-10-15 20:38:39 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-15 20:38:39 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-15 20:38:36 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-15 20:38:35 ----A---- C:\Windows\system32\ieui.dll
2014-10-15 20:38:35 ----A---- C:\Windows\system32\ieframe.dll
2014-10-15 20:38:34 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-15 20:38:34 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-15 20:38:33 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-15 20:38:33 ----A---- C:\Windows\system32\jscript9.dll
2014-10-15 20:38:33 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-15 20:38:32 ----A---- C:\Windows\system32\wininet.dll
2014-10-15 20:38:32 ----A---- C:\Windows\system32\vbscript.dll
2014-10-15 20:38:32 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-15 20:38:31 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-15 20:38:30 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 20:38:30 ----A---- C:\Windows\system32\msrating.dll
2014-10-15 20:38:29 ----A---- C:\Windows\system32\mshtml.dll
2014-10-15 20:38:12 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-15 20:38:12 ----A---- C:\Windows\system32\rastls.dll
2014-10-15 20:37:52 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-15 20:37:51 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-15 20:37:51 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-10-15 20:37:51 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-10-15 20:37:51 ----A---- C:\Windows\system32\winsta.dll
2014-10-15 20:37:51 ----A---- C:\Windows\system32\winlogon.exe
2014-10-15 20:37:51 ----A---- C:\Windows\system32\termsrv.dll
2014-10-15 20:37:51 ----A---- C:\Windows\system32\schannel.dll
2014-10-15 20:37:51 ----A---- C:\Windows\system32\rdpcorets.dll
2014-10-15 20:37:51 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-15 20:37:51 ----A---- C:\Windows\system32\mstscax.dll
2014-10-15 20:37:51 ----A---- C:\Windows\system32\mstsc.exe
2014-10-15 20:37:51 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-15 20:37:50 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-10-15 20:37:50 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-15 20:37:50 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-10-15 20:37:50 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-10-15 20:37:50 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-15 20:37:50 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-10-15 20:37:50 ----A---- C:\Windows\system32\wdigest.dll
2014-10-15 20:37:50 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-15 20:37:50 ----A---- C:\Windows\system32\ncrypt.dll
2014-10-15 20:37:50 ----A---- C:\Windows\system32\msv1_0.dll
2014-10-15 20:37:50 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-15 20:37:50 ----A---- C:\Windows\system32\credssp.dll
2014-10-15 20:37:28 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-15 20:37:28 ----A---- C:\Windows\system32\packager.dll
2014-10-11 13:20:44 ----AS---- C:\Windows\SYSWOW64\lcpmncfiovb.exe
2014-10-11 13:20:44 ----AS---- C:\Windows\SYSWOW64\dcgmncfiovb.exe
2014-10-11 13:20:43 ----D---- C:\Windows\SYSWOW64\bitstreams
2014-10-11 13:20:43 ----AS---- C:\Windows\SYSWOW64\zlib1.dll
2014-10-11 13:20:43 ----AS---- C:\Windows\SYSWOW64\ssleay32.dll
2014-10-11 13:20:43 ----AS---- C:\Windows\SYSWOW64\pthreadVC2.dll
2014-10-11 13:20:43 ----AS---- C:\Windows\SYSWOW64\acumncfiovb.exe
2014-10-11 13:20:42 ----AS---- C:\Windows\SYSWOW64\pthreadGC2.dll
2014-10-11 13:20:42 ----AS---- C:\Windows\SYSWOW64\libssh2.dll
2014-10-11 13:20:42 ----AS---- C:\Windows\SYSWOW64\librtmp.dll
2014-10-11 13:20:42 ----AS---- C:\Windows\SYSWOW64\libidn-11.dll
2014-10-11 13:20:42 ----AS---- C:\Windows\SYSWOW64\libeay32.dll
2014-10-11 13:20:42 ----AS---- C:\Windows\SYSWOW64\libcurl-4.dll
2014-10-11 13:20:42 ----AS---- C:\Windows\SYSWOW64\cudart32_50_35.dll
2014-10-11 13:20:33 ----D---- C:\Program Files (x86)\StarCraft 2 Heart Of The Swarm cz
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\epfwwfpr.sys
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\ehdrv.sys
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\edevmon.sys
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\eamonm.sys
2014-10-09 14:54:55 ----D---- C:\ProgramData\topdeAll
2014-10-09 14:33:46 ----D---- C:\ProgramData\DealsFactor
2014-10-09 14:28:41 ----D---- C:\Users\martina\AppData\Roaming\.mctitandinocraft
2014-10-09 10:39:14 ----D---- C:\ProgramData\6e7fb44a37e680c7
2014-10-08 15:21:03 ----D---- C:\ProgramData\Package Cache
2014-10-06 19:25:29 ----D---- C:\Program Files (x86)\Gazillion Entertainment
2014-10-06 13:28:24 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-10-06 13:28:24 ----D---- C:\Program Files (x86)\AGEIA Technologies
2014-09-30 17:51:27 ----D---- C:\Temp
2014-09-30 16:25:32 ----D---- C:\Program Files (x86)\Bandicut
2014-09-28 12:22:27 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-09-26 12:48:55 ----D---- C:\Users\martina\AppData\Roaming\ftblauncher
2014-09-22 12:46:06 ----D---- C:\ProgramData\Avg_Update_0914avt
2014-09-19 21:42:03 ----A---- C:\Users\martina\AppData\Roaming\chrome.exe
2014-09-19 21:42:03 ----A---- C:\Users\martina\AppData\Roaming\facebook.exe
2014-09-19 20:17:09 ----A---- C:\Users\martina\AppData\Roaming\chrome.exe.tmp
2014-09-19 19:34:38 ----D---- C:\Program Files (x86)\Maxiget
2014-09-19 19:30:41 ----D---- C:\Users\martina\AppData\Roaming\Seznam.cz
2014-09-19 19:29:56 ----A---- C:\Users\martina\AppData\Roaming\LiveSupport.exe_log.txt
2014-09-19 19:29:55 ----A---- C:\Users\martina\AppData\Roaming\regsvr32.exe_log.txt
2014-09-19 19:29:13 ----A---- C:\Windows\unins000.exe
2014-09-19 19:29:13 ----A---- C:\Windows\unins000.dat
2014-09-19 17:41:22 ----D---- C:\Users\martina\AppData\Roaming\OpenCandy
2014-09-19 17:41:01 ----D---- C:\Users\martina\AppData\Roaming\uTorrent
2014-09-19 17:13:42 ----A---- C:\Users\martina\AppData\Roaming\facebook.exe.tmp
2014-09-19 16:48:18 ----D---- C:\Users\martina\AppData\Roaming\BANDISOFT
2014-09-19 16:47:23 ----D---- C:\Program Files (x86)\Bandicam
2014-09-19 16:47:20 ----D---- C:\Program Files (x86)\BandiMPEG1
2014-09-11 08:51:32 ----D---- C:\Minecraft_Backup
2014-09-11 08:37:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-09-11 08:37:34 ----A---- C:\Windows\system32\lsasrv.dll
2014-09-11 08:37:34 ----A---- C:\Windows\system32\kerberos.dll
2014-09-11 08:37:33 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-09-11 08:37:33 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-09-10 11:30:01 ----D---- C:\Users\martina\AppData\Roaming\Windows Live Writer
2014-09-08 18:14:01 ----D---- C:\Users\martina\AppData\Roaming\skyz
2014-09-07 11:00:00 ----D---- C:\Users\martina\AppData\Roaming\McTitan Aglaria
2014-09-07 10:58:36 ----D---- C:\Users\martina\AppData\Roaming\MC Titan Technic v2
2014-09-07 10:57:35 ----D---- C:\Users\martina\AppData\Roaming\MC Titan FTB
2014-09-03 17:58:12 ----D---- C:\Users\martina\AppData\Roaming\.mctitanpokemine
2014-09-03 17:49:32 ----D---- C:\Users\martina\AppData\Roaming\McTitan Dinocraft
2014-08-31 10:10:35 ----A---- C:\Windows\system32\drivers\fssfltr.sys
2014-08-31 10:10:25 ----D---- C:\Program Files\Windows Live
2014-08-31 10:06:24 ----D---- C:\Program Files (x86)\Microsoft OneDrive
2014-08-31 10:06:05 ----D---- C:\ProgramData\Microsoft OneDrive
2014-08-30 23:49:18 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-30 23:49:18 ----A---- C:\Windows\system32\gdi32.dll
2014-08-30 08:18:21 ----AS---- C:\Windows\SYSWOW64\nircmdc.exe
2014-08-29 11:26:02 ----D---- C:\Users\martina\AppData\Roaming\.technic
2014-08-29 11:19:06 ----D---- C:\Users\martina\AppData\Roaming\OBS
2014-08-29 11:18:51 ----D---- C:\Program Files\OBS
2014-08-29 11:18:49 ----D---- C:\Program Files (x86)\OBS
2014-08-28 12:04:49 ----D---- C:\Program Files (x86)\Rettungswagen Simulator 2014 Demo
2014-08-25 16:17:11 ----D---- C:\Program Files (x86)\LPT
2014-08-25 16:15:26 ----D---- C:\ProgramData\BoostSoftware
2014-08-25 15:58:26 ----D---- C:\Program Files (x86)\MHD Simulator 2009
2014-08-25 15:09:27 ----D---- C:\Program Files (x86)\WinRAR
2014-08-24 15:01:52 ----D---- C:\Users\martina\AppData\Roaming\Unleashed Games
2014-08-21 12:17:41 ----A---- C:\Windows\system32\wups2.dll
2014-08-21 12:17:41 ----A---- C:\Windows\system32\wucltux.dll
2014-08-21 12:17:41 ----A---- C:\Windows\system32\wuauclt.exe
2014-08-21 12:17:40 ----A---- C:\Windows\system32\wuaueng.dll
2014-08-21 12:17:25 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-08-21 12:17:25 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-08-21 12:17:25 ----A---- C:\Windows\system32\wups.dll
2014-08-21 12:17:25 ----A---- C:\Windows\system32\wudriver.dll
2014-08-21 12:17:25 ----A---- C:\Windows\system32\wuapi.dll
2014-08-21 12:17:24 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-08-21 12:16:59 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-08-21 12:16:59 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-08-21 12:16:59 ----A---- C:\Windows\system32\wuwebv.dll
2014-08-21 12:16:59 ----A---- C:\Windows\system32\wuapp.exe
2014-08-17 09:38:29 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-17 09:38:29 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-17 09:38:28 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-08-17 09:38:28 ----A---- C:\Windows\system32\icardagt.exe
2014-08-17 09:38:26 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-08-17 09:38:26 ----A---- C:\Windows\system32\icardres.dll
2014-08-17 09:25:54 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-17 09:25:54 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-16 15:22:44 ----D---- C:\Fraps
2014-08-15 18:35:35 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2014-08-15 18:35:35 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2014-08-15 18:35:35 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2014-08-15 18:35:31 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2014-08-15 18:35:31 ----A---- C:\Windows\system32\D3DX9_40.dll
2014-08-15 16:25:50 ----A---- C:\Windows\SYSWOW64\npdeployJava1.dll
2014-08-15 16:25:50 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2014-08-15 16:25:39 ----D---- C:\Users\martina\AppData\Roaming\Oracle
2014-08-15 16:25:01 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-08-15 16:24:56 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-08-15 16:24:56 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-08-15 16:24:56 ----A---- C:\Windows\SYSWOW64\java.exe
2014-08-15 14:50:31 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-08-15 14:50:31 ----A---- C:\Windows\system32\tzres.dll
2014-08-15 14:50:27 ----A---- C:\Windows\system32\msi.dll
2014-08-15 14:50:26 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-15 14:50:26 ----A---- C:\Windows\system32\authui.dll
2014-08-15 14:50:25 ----A---- C:\Windows\S


//EDIT: Ještě jsem zapomněl dodat, že při otevření jakékoliv stránky se kromě vyskakujících reklam také objevuje hláška, že je java zastaralá (screen 1) a po kliknutí na OK následuje ihned přesměrování na stránku, kde bych měl javu stáhnout (screen 2, samozřejmě jsem nic nestahoval).

[vyosek]

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[ACS]

Děkuji za rychlou reakci

Log z AdwCleaneru

# AdwCleaner v4.100 - Report created 08/11/2014 at 10:26:19
# DB v2014-11-07.1
# Updated 08/11/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : martina - MARTINA-PC
# Running from : C:\Users\martina\Desktop\adwcleaner_4.100.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\374311380
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\FileCure
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\ProgramData\CheapCoupon
Folder Deleted : C:\ProgramData\PriceDownloader
Folder Deleted : C:\ProgramData\PrinceCoupon
Folder Deleted : C:\ProgramData\topdeAll
Folder Deleted : C:\ProgramData\6e7fb44a37e680c7
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ParetoLogic
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\LPT
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\ParetoLogic
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Program Files (x86)\Internet Speed Checker
Folder Deleted : C:\Program Files (x86)\Common Files\ParetoLogic
Folder Deleted : C:\Users\martina\AppData\Local\globalUpdate
[!] Folder Deleted : C:\Users\martina\AppData\Local\Pokki
Folder Deleted : C:\Users\martina\AppData\Local\CrashRpt
Folder Deleted : C:\Users\martina\AppData\Local\Temp\apn
Folder Deleted : C:\Users\martina\AppData\Local\Temp\PodoWeb
Folder Deleted : C:\Users\martina\AppData\Local\Temp\SmarterPower
Folder Deleted : C:\Users\martina\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\martina\AppData\Roaming\Solvusoft
Folder Deleted : C:\Users\martina\AppData\Roaming\sweet-page
Folder Deleted : C:\Users\martina\AppData\Roaming\Systweak
Folder Deleted : C:\Users\martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki
Folder Deleted : C:\Users\martina\Documents\Optimizer Pro
Folder Deleted : C:\Users\Public\Documents\Goobzo
Folder Deleted : C:\Users\Public\Documents\YTAHelper
Folder Deleted : C:\Users\martina\AppData\Roaming\Mozilla\Firefox\Profiles\zv22v8kc.default\Extensions\faststartff@gmail.com
Folder Deleted : C:\Users\martina\AppData\Roaming\Mozilla\Firefox\Profiles\zv22v8kc.default\Extensions\ONDJGG03s@Y.com
Folder Deleted : C:\Users\martina\AppData\Roaming\Mozilla\Firefox\Profiles\zv22v8kc.default\Extensions\sepherdwilbur@aol.com
Folder Deleted : C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgdpkpcjonajajpdkoachcdbkilbajjg
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\martina\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\martina\AppData\Roaming\LiveSupport.exe_log.txt
File Deleted : C:\Users\martina\AppData\Roaming\regsvr32.exe_log.txt
File Deleted : C:\Users\martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Goodgame Empire.lnk
File Deleted : C:\Users\martina\AppData\Roaming\Mozilla\Firefox\Profiles\zv22v8kc.default\searchplugins\SafeFinder Search.xml
File Deleted : C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Deleted : C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Deleted : C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.speedanalysis.com_0.localstorage
File Deleted : C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.speedanalysis.com_0.localstorage-journal
File Deleted : C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : paretologic registration3
Task Deleted : f8d87a0f-dddf-4ec4-8c1c-49ae6a920115-1
Task Deleted : f8d87a0f-dddf-4ec4-8c1c-49ae6a920115-11
Task Deleted : f8d87a0f-dddf-4ec4-8c1c-49ae6a920115-2
Task Deleted : f8d87a0f-dddf-4ec4-8c1c-49ae6a920115-4
Task Deleted : f8d87a0f-dddf-4ec4-8c1c-49ae6a920115-5
Task Deleted : f8d87a0f-dddf-4ec4-8c1c-49ae6a920115-5_user
Task Deleted : f8d87a0f-dddf-4ec4-8c1c-49ae6a920115-6
Task Deleted : f8d87a0f-dddf-4ec4-8c1c-49ae6a920115-7

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Classes\pokki
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [livesupport]
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKCU\Software\e6ac658a4db0755c35ba4d4efb20c76d
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171152}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172252}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175552}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176652}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644174452}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171152}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172252}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175552}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176652}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171152}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Key Deleted : HKCU\Software\Bitberry Software
Key Deleted : HKCU\Software\Bitberry
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Goobzo
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Internet Speed Checker
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\Goobzo
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\ParetoLogic
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Internet Speed Checker
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2D471A31-4FA7-95BA-1880-D441113ED736}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9B149088-3FB6-875E-C1A4-A25A6E9D278D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D86C82B0-1F02-816A-5F3D-6466F6A67566}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Speed Checker
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]

-\\ Mozilla Firefox v32.0.3 (x86 cs)

[zv22v8kc.default\prefs.js] - Line Deleted : user_pref("extensions.Q5nNoIs5k5pXwhX0.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\[...]
[zv22v8kc.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);
[zv22v8kc.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);
[zv22v8kc.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
[zv22v8kc.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.Visibility", false);
[zv22v8kc.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.backPageCapacity", 3);
[zv22v8kc.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.backPageCounter", 0);
[zv22v8kc.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.backPageDay", 25);
[zv22v8kc.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.backPageLastEvent", "1408817449243");
[zv22v8kc.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.backPageMinInterval", 15);
[zv22v8kc.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.barcodeid", "144150");
[zv22v8kc.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.countryiso", "gb");
[zv22v8kc.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.downloadprovider", "irssf");
[zv22v8kc.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.fromautoupdate", "false");
[zv22v8kc.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.installationid", "a8bf2a39-325c-ac91-b4a5-e42c9e6085b2");
[zv22v8kc.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.installdate", "25/08/2014");
[zv22v8kc.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.iswinxp", "false");
[zv22v8kc.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.keepAliveLastevent", "1408979817");
[zv22v8kc.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.lastExternalJsUpdate", "1409037021100");
[zv22v8kc.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.publisher", "irssf");

-\\ Google Chrome v37.0.2062.124

[C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.search.ask.com/web?tpid=ORJ-V7C&o=A ... earchTerms}
[C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.sweet-page.com/web/?type=ds&ts=1415 ... earchTerms}
[C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : aaaaahaeginbdcckocjkhbciadcafnep
[C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : pljcgbedjplidkdjahbaalanadmjfgop
[C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : jgdpkpcjonajajpdkoachcdbkilbajjg
[C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Homepage] : hxxp://www.search.ask.com/?gct=hp

*************************

AdwCleaner[R0].txt - [20124 octets] - [08/11/2014 10:23:23]
AdwCleaner[S0].txt - [18656 octets] - [08/11/2014 10:26:19]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [18717 octets] ##########


Zoek log


Zoek.exe v5.0.0.0 Updated 06-November-2014
Tool run by martina on so 08.11.2014 at 10:33:41,73.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\martina\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

8.11.2014 10:37:45 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443e-AE34-FFE03CBF3099} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\martina\AppData\Roaming\Mozilla\Firefox\Profiles\zv22v8kc.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/?clid=22668");
user_pref("browser.search.defaulturl", "http://search.seznam.cz/?sourceid=quick ... earchTerms}&");
user_pref("browser.search.defaultengine", "Seznam");
user_pref("browser.search.order.1", "Seznam");
user_pref("keyword.URL", "http://search.seznam.cz/?sourceid=quick ... earchTerms}&");

Added to C:\Users\martina\AppData\Roaming\Mozilla\Firefox\Profiles\zv22v8kc.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\martina\AppData\Roaming\Mozilla\Firefox\Profiles\zv22v8kc.default

user.js not found
---- Lines extensions.Q5nNoIs5k5pXwhX0 removed from prefs.js ----
user_pref("extensions.Q5nNoIs5k5pXwhX0.epoch", "1414146776");
user_pref("extensions.Q5nNoIs5k5pXwhX0.url", "http://storageinstallbardirectory.in/sy ... rjr8rTs6tM
---- FireFox user.js and prefs.js backups ----

prefs_08.11.2014_1054_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\FreeFileViewer deleted
C:\PROGRA~2\Flughafen-Feuerwehr-Simulator 2013 Demoversion deleted
C:\PROGRA~2\Maxiget deleted
C:\install.exe deleted
C:\Users\martina\AppData\Roaming\chrome.exe.tmp deleted
C:\Users\martina\AppData\Roaming\facebook.exe.tmp deleted
C:\Users\martina\AppData\Roaming\MC Titan FTB deleted
C:\PROGRA~3\Avg_Update_0914avt deleted
C:\PROGRA~3\DealsFactor deleted
C:\PROGRA~3\DriverGenius deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\martina\AppData\Local\Maxiget deleted
C:\Users\martina\AppData\Local\Pokki deleted
C:\Users\martina\AppData\Local\Installer deleted
C:\Users\martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk deleted
C:\Users\martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job deleted
C:\Windows\tasks\FileCure Default.job deleted
C:\windows\SysNative\tasks\FileCure Default deleted
C:\Windows\tasks\FreeFileViewerUpdateChecker.job deleted
C:\windows\SysNative\tasks\FreeFileViewerUpdateChecker deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\martina\AppData\Roaming\Mozilla\Firefox\Profiles\zv22v8kc.default\extensions\staged deleted
"C:\Users\martina\AppData\Local\LumaEmu" deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\martina\AppData\Roaming\Mozilla\Firefox\Profiles\zv22v8kc.default
- Klip Pal - %ProfilePath%\extensions\{3ea27cd7-108c-45ee-8411-93eb09c031bd}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\martina\AppData\Roaming\Mozilla\Firefox\Profiles\zv22v8kc.default
DFC9460CC37E5C414DC4680B10C19E7A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash
1919A4E982A86647F79ADD23B9AC3E11 - C:\Users\martina\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
689ED99161AAD9499922EE737303B3D6 - C:\Users\martina\AppData\Local\Roblox\Versions\version-ec7c35918e67427c\NPRobloxProxy.dll - Roblox Launcher Plugin


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aaaaahlfahldnilidgnlikdckbfehhca - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
eibfgbclmgnmffinenpipoibfdoblond - C:\Users\martina\AppData\Roaming\Seznam.cz\bin\listicka-chrome-rv-1.4.2.crx[10.07.2012 09:31]
fkfpcckoflkdgjdobdkpclgngaahgbpi - C:\Users\martina\AppData\Roaming\Seznam.cz\bin\listicka-chrome-email-1.1.2.crx[17.07.2012 14:44]
ghoooididkjbjjldgojdgceoinbhbjmh - C:\Users\martina\AppData\Roaming\Seznam.cz\bin\listicka-chrome-slovnik-1.1.1.crx[11.06.2012 15:59]
lelcohngbjgpiibagnfmncojacafbbpg - C:\Users\martina\AppData\Roaming\Seznam.cz\bin\Partner-1.0.3.crx[19.09.2014 19:31]

WeatherBlink - martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnnbbkbanapmgmdkbkmoejhgmjomgfgd
Seznam Lištička - Rychlá volba - martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\eibfgbclmgnmffinenpipoibfdoblond
Seznam Lištička - Email - martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkfpcckoflkdgjdobdkpclgngaahgbpi
Seznam Lištička - martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\lelcohngbjgpiibagnfmncojacafbbpg
Missing Plug in Fix - martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\plkplgmhfkkhokgkdkblfcnfeccpippe

==== Chromium Startpages ======================

C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "https://www.seznam.cz/?clid=22668",
"startup_urls": [ "https://www.seznam.cz/?clid=22668" ],


==== Chromium Fix ======================

C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.tb.ask.com_0.localstorage deleted successfully
C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.tb.ask.com_0.localstorage-journal deleted successfully
C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_weatherblink.dl.tb.ask.com_0.localstorage deleted successfully
C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_weatherblink.dl.tb.ask.com_0.localstorage-journal deleted successfully
C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_globaldeals.ebay.com_0.localstorage deleted successfully
C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_globaldeals.ebay.com_0.localstorage-journal deleted successfully
C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_visual_c_express.en.softonic.com_0.localstorage deleted successfully
C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_visual_c_express.en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnnbbkbanapmgmdkbkmoejhgmjomgfgd deleted successfully
C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bnnbbkbanapmgmdkbkmoejhgmjomgfgd_0.localstorage deleted successfully
C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bnnbbkbanapmgmdkbkmoejhgmjomgfgd_0.localstorage-journal deleted successfully
C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\plkplgmhfkkhokgkdkblfcnfeccpippe deleted successfully
C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_plkplgmhfkkhokgkdkblfcnfeccpippe_0.localstorage deleted successfully
C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_plkplgmhfkkhokgkdkblfcnfeccpippe_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?ocid=U218DHP&pc=U218"
"Search Page"="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
"Start Page"="https://www.seznam.cz/?clid=22668"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
"Start Page"="https://www.seznam.cz/?clid=22668"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com"
"SearchAssistant"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.msn.com/?ocid=U218DHP&pc=U218"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} Bing Url="http://www.bing.com/search?FORM=U218DF& ... -SearchBox"
{5C384BA2-B6AE-422E-8270-A6F492E25988} Google Url="http://www.google.com/search?q={searchT ... utEncoding?}"

==== Reset Google Chrome ======================

C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_CURRENT_USER\Software\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaaahlfahldnilidgnlikdckbfehhca deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aaaaahlfahldnilidgnlikdckbfehhca deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_UI deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Optimizer Pro deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\martina\AppData\Local\Mozilla\Firefox\Profiles\zv22v8kc.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=520 folders=182 1071961162 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\martina\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\martina\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on so 08.11.2014 at 12:04:05,32 ======================



PC už nabíhá lépe, než dříve, a svižněji reaguje na běžné příkazy, ale reklamy při prohlížení webu pořád vyskakují. Přikládám nový log z RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by martina at 2014-11-08 12:17:49
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 593 GB (83%) free of 715 GB
Total RAM: 6092 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:17:53, on 8.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files\trend micro\martina.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE11ENUS/WOL_WCP
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MIF5BA~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Users\martina\AppData\Roaming\Seznam.cz\bin\listicka.dll (HKCU)
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Users\martina\AppData\Roaming\Seznam.cz\bin\listicka.dll (HKCU)
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Users\martina\AppData\Roaming\Seznam.cz\bin\listicka.dll (HKCU)
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Users\martina\AppData\Roaming\Seznam.cz\bin\listicka.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11427 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1840
taskeng.exe {95D294BB-65BD-4C2F-8321-EDD16FDFC7CD}
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\wuauclt.exe"
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k imgsvc

"C:\Users\martina\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\martina\AppData\Roaming\Mozilla\Firefox\Profiles\zv22v8kc.default

prefs.js - "browser.search.suggest.enabled" - true
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.com"
prefs.js - "keyword.URL" - "http://www.google.com/search?btnG=Google+Search&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@photodex.com/PhotodexPresenter]
"Description"=Photodex Presenter Plugin
"Path"=C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll

C:\Users\martina\AppData\Roaming\Mozilla\Firefox\Profiles\zv22v8kc.default\searchplugins\
seznam-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MIF5BA~1\Office15\URLREDIR.DLL [2012-10-01 877720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MIF5BA~1\Office15\GROOVEEX.DLL [2012-10-01 2322576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MIF5BA~1\Office15\URLREDIR.DLL [2012-10-01 704664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MIF5BA~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-09-08 1424896]
"CnxtCoInstallerDefer"=C:\Program Files\CONEXANT\PREINSTALL\SETUP533AFC581\KESLYN.EXE [2010-12-15 1574528]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-12-21 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-12-21 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-12-21 416024]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-10-01 5595336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-04-29 284440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Download Assistant]
C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pokki]
C:\Users\martina\AppData\Local\Pokki\Engine\Launcher.dll,RunLaunchPlatform []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\martina\AppData\Roaming\uTorrent\uTorrent.exe [2014-09-30 3054592]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-12-21 390144]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"VIDC.FPS1"=frapsv64.dll
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2014-11-08 12:04:24 ----SHD---- C:\$RECYCLE.BIN
2014-11-08 11:02:31 ----A---- C:\Windows\zoek-delete.exe
2014-11-08 11:02:30 ----D---- C:\Windows\Temp
2014-11-08 10:31:54 ----D---- C:\zoek_backup
2014-11-08 10:23:13 ----D---- C:\AdwCleaner
2014-11-08 09:58:07 ----D---- C:\Program Files\Common Files\DESIGNER
2014-11-08 09:57:03 ----D---- C:\Program Files\Microsoft.NET
2014-11-08 09:57:03 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2014-11-08 09:54:19 ----D---- C:\Program Files\Microsoft SQL Server
2014-11-08 09:47:56 ----D---- C:\Program Files (x86)\Microsoft Office
2014-11-08 09:47:41 ----D---- C:\Program Files\Microsoft Office
2014-11-08 09:45:11 ----RHD---- C:\MSOCache
2014-11-08 08:46:13 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2014-11-08 08:46:13 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-11-08 07:57:54 ----A---- C:\Windows\system32\generaltel.dll
2014-11-08 07:57:54 ----A---- C:\Windows\system32\aepdu.dll
2014-11-08 07:57:53 ----A---- C:\Windows\system32\aeinv.dll
2014-11-08 07:57:44 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2014-11-08 07:57:44 ----A---- C:\Windows\system32\qdvd.dll
2014-11-08 07:57:26 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-08 07:57:26 ----A---- C:\Windows\system32\msi.dll
2014-11-08 07:56:55 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-11-08 07:56:55 ----A---- C:\Windows\system32\tzres.dll
2014-11-08 07:56:27 ----A---- C:\Windows\system32\shell32.dll
2014-11-08 07:56:26 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-11-08 07:46:13 ----D---- C:\Program Files\trend micro
2014-11-08 07:46:12 ----D---- C:\rsit
2014-11-08 07:38:49 ----D---- C:\ProgramData\ESET
2014-11-08 07:38:49 ----D---- C:\Program Files\ESET
2014-11-05 07:18:54 ----D---- C:\Program Files (x86)\Klip Pal
2014-11-03 20:11:43 ----D---- C:\Program Files (x86)\Opera
2014-11-03 20:09:30 ----D---- C:\Users\martina\AppData\Roaming\DAEMON Tools Lite
2014-11-03 20:09:23 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2014-11-01 07:30:10 ----D---- C:\Users\martina\AppData\Roaming\QuickScan
2014-10-28 10:16:37 ----D---- C:\SteamLibrary
2014-10-28 10:15:22 ----SHD---- C:\Windows\System Volume Information
2014-10-26 08:58:21 ----A---- C:\Windows\avastSS.scr
2014-10-26 08:57:07 ----D---- C:\Program Files\AVAST Software
2014-10-20 17:58:33 ----D---- C:\Rust 1.7.1
2014-10-19 21:40:47 ----D---- C:\Program Files\Microsoft Silverlight
2014-10-19 21:40:47 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-10-18 20:41:15 ----D---- C:\ProgramData\DAEMON Tools Lite
2014-10-18 10:43:08 ----D---- C:\Program Files (x86)\Zrychleni Pocitace
2014-10-18 10:41:30 ----D---- C:\Program Files\Microsoft Synchronization Services
2014-10-18 10:41:30 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2014-10-18 10:41:16 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2014-10-18 10:38:20 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 10.0
2014-10-18 10:37:14 ----D---- C:\Windows\symbols
2014-10-18 10:37:13 ----D---- C:\Program Files\Microsoft Visual Studio 10.0
2014-10-18 10:37:12 ----D---- C:\Program Files\Microsoft Help Viewer
2014-10-18 10:37:12 ----D---- C:\Program Files (x86)\Microsoft SDKs
2014-10-15 20:40:48 ----A---- C:\Windows\system32\win32k.sys
2014-10-15 20:40:43 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-15 20:40:43 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-15 20:40:43 ----A---- C:\Windows\system32\mscorier.dll
2014-10-15 20:40:42 ----A---- C:\Windows\system32\dfshim.dll
2014-10-15 20:40:40 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-15 20:40:40 ----A---- C:\Windows\system32\mscories.dll
2014-10-15 20:40:07 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2014-10-15 20:40:07 ----A---- C:\Windows\system32\drmv2clt.dll
2014-10-15 20:40:07 ----A---- C:\Windows\system32\blackbox.dll
2014-10-15 20:40:05 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2014-10-15 20:40:04 ----A---- C:\Windows\system32\wmp.dll
2014-10-15 20:40:01 ----A---- C:\Windows\system32\mf.dll
2014-10-15 20:40:00 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-10-15 20:39:59 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2014-10-15 20:39:59 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-10-15 20:39:58 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-10-15 20:39:55 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-10-15 20:39:54 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-10-15 20:39:53 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2014-10-15 20:39:53 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-10-15 20:39:53 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2014-10-15 20:39:53 ----A---- C:\Windows\system32\ci.dll
2014-10-15 20:39:51 ----A---- C:\Windows\system32\quartz.dll
2014-10-15 20:39:51 ----A---- C:\Windows\system32\AudioEng.dll
2014-10-15 20:39:50 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-10-15 20:39:50 ----A---- C:\Windows\system32\wintrust.dll
2014-10-15 20:39:50 ----A---- C:\Windows\system32\winresume.exe
2014-10-15 20:39:50 ----A---- C:\Windows\system32\winload.exe
2014-10-15 20:39:50 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-10-15 20:39:50 ----A---- C:\Windows\system32\cryptsvc.dll
2014-10-15 20:39:48 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-10-15 20:39:48 ----A---- C:\Windows\system32\evr.dll
2014-10-15 20:39:47 ----A---- C:\Windows\system32\EncDump.dll
2014-10-15 20:39:47 ----A---- C:\Windows\system32\crypt32.dll
2014-10-15 20:39:46 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-10-15 20:39:46 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-10-15 20:39:46 ----A---- C:\Windows\system32\AudioSes.dll
2014-10-15 20:39:45 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-10-15 20:39:45 ----A---- C:\Windows\system32\cryptui.dll
2014-10-15 20:39:45 ----A---- C:\Windows\system32\audiosrv.dll
2014-10-15 20:39:44 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-10-15 20:39:44 ----A---- C:\Windows\SYSWOW64\evr.dll
2014-10-15 20:39:44 ----A---- C:\Windows\system32\mfplat.dll
2014-10-15 20:39:42 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2014-10-15 20:39:42 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-10-15 20:39:41 ----A---- C:\Windows\system32\pcasvc.dll
2014-10-15 20:39:40 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2014-10-15 20:39:40 ----A---- C:\Windows\system32\srcore.dll
2014-10-15 20:39:39 ----A---- C:\Windows\system32\cryptsp.dll
2014-10-15 20:39:38 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-10-15 20:39:37 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2014-10-15 20:39:37 ----A---- C:\Windows\system32\msscp.dll
2014-10-15 20:39:35 ----A---- C:\Windows\system32\rstrui.exe
2014-10-15 20:39:35 ----A---- C:\Windows\system32\msnetobj.dll
2014-10-15 20:39:35 ----A---- C:\Windows\system32\appidsvc.dll
2014-10-15 20:39:35 ----A---- C:\Windows\system32\appidapi.dll
2014-10-15 20:39:34 ----A---- C:\Windows\SYSWOW64\msscp.dll
2014-10-15 20:39:34 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2014-10-15 20:39:34 ----A---- C:\Windows\system32\rrinstaller.exe
2014-10-15 20:39:34 ----A---- C:\Windows\system32\drivers\appid.sys
2014-10-15 20:39:34 ----A---- C:\Windows\system32\audiodg.exe
2014-10-15 20:39:33 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-10-15 20:39:33 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-10-15 20:39:33 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2014-10-15 20:39:33 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-10-15 20:39:33 ----A---- C:\Windows\system32\mfps.dll
2014-10-15 20:39:33 ----A---- C:\Windows\system32\mfpmp.exe
2014-10-15 20:39:33 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 20:39:32 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-10-15 20:39:32 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-10-15 20:39:32 ----A---- C:\Windows\system32\srclient.dll
2014-10-15 20:39:31 ----A---- C:\Windows\system32\spwmp.dll
2014-10-15 20:39:31 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 20:39:29 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2014-10-15 20:39:28 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2014-10-15 20:39:28 ----A---- C:\Windows\system32\dxmasf.dll
2014-10-15 20:39:27 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-10-15 20:39:27 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-10-15 20:39:27 ----A---- C:\Windows\system32\wmploc.DLL
2014-10-15 20:39:27 ----A---- C:\Windows\system32\mferror.dll
2014-10-15 20:38:55 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-15 20:38:55 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-10-15 20:38:55 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-10-15 20:38:54 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-10-15 20:38:53 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-15 20:38:53 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-15 20:38:53 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-15 20:38:53 ----A---- C:\Windows\system32\iernonce.dll
2014-10-15 20:38:53 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-15 20:38:53 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-15 20:38:52 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 20:38:51 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-15 20:38:51 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-10-15 20:38:50 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-15 20:38:49 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-10-15 20:38:49 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-15 20:38:48 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-15 20:38:48 ----A---- C:\Windows\system32\urlmon.dll
2014-10-15 20:38:47 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-10-15 20:38:47 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 20:38:47 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-15 20:38:46 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-10-15 20:38:46 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-15 20:38:46 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-15 20:38:46 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-15 20:38:46 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-15 20:38:44 ----A---- C:\Windows\system32\iesetup.dll
2014-10-15 20:38:43 ----A---- C:\Windows\system32\iertutil.dll
2014-10-15 20:38:42 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-10-15 20:38:41 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-15 20:38:41 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-15 20:38:41 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-10-15 20:38:40 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-15 20:38:40 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-15 20:38:39 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-10-15 20:38:39 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-15 20:38:39 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-15 20:38:36 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-15 20:38:35 ----A---- C:\Windows\system32\ieui.dll
2014-10-15 20:38:35 ----A---- C:\Windows\system32\ieframe.dll
2014-10-15 20:38:34 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-15 20:38:34 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-15 20:38:33 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-15 20:38:33 ----A---- C:\Windows\system32\jscript9.dll
2014-10-15 20:38:33 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-15 20:38:32 ----A---- C:\Windows\system32\wininet.dll
2014-10-15 20:38:32 ----A---- C:\Windows\system32\vbscript.dll
2014-10-15 20:38:32 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-15 20:38:31 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-15 20:38:30 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 20:38:30 ----A---- C:\Windows\system32\msrating.dll
2014-10-15 20:38:29 ----A---- C:\Windows\system32\mshtml.dll
2014-10-15 20:38:12 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-15 20:38:12 ----A---- C:\Windows\system32\rastls.dll
2014-10-15 20:37:52 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-15 20:37:51 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-15 20:37:51 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-10-15 20:37:51 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-10-15 20:37:51 ----A---- C:\Windows\system32\winsta.dll
2014-10-15 20:37:51 ----A---- C:\Windows\system32\winlogon.exe
2014-10-15 20:37:51 ----A---- C:\Windows\system32\termsrv.dll
2014-10-15 20:37:51 ----A---- C:\Windows\system32\schannel.dll
2014-10-15 20:37:51 ----A---- C:\Windows\system32\rdpcorets.dll
2014-10-15 20:37:51 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-15 20:37:51 ----A---- C:\Windows\system32\mstscax.dll
2014-10-15 20:37:51 ----A---- C:\Windows\system32\mstsc.exe
2014-10-15 20:37:51 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-15 20:37:50 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-10-15 20:37:50 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-15 20:37:50 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-10-15 20:37:50 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-10-15 20:37:50 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-15 20:37:50 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-10-15 20:37:50 ----A---- C:\Windows\system32\wdigest.dll
2014-10-15 20:37:50 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-15 20:37:50 ----A---- C:\Windows\system32\ncrypt.dll
2014-10-15 20:37:50 ----A---- C:\Windows\system32\msv1_0.dll
2014-10-15 20:37:50 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-15 20:37:50 ----A---- C:\Windows\system32\credssp.dll
2014-10-15 20:37:28 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-15 20:37:28 ----A---- C:\Windows\system32\packager.dll
2014-10-11 13:20:44 ----AS---- C:\Windows\SYSWOW64\lcpmncfiovb.exe
2014-10-11 13:20:44 ----AS---- C:\Windows\SYSWOW64\dcgmncfiovb.exe
2014-10-11 13:20:43 ----D---- C:\Windows\SYSWOW64\bitstreams
2014-10-11 13:20:43 ----AS---- C:\Windows\SYSWOW64\zlib1.dll
2014-10-11 13:20:43 ----AS---- C:\Windows\SYSWOW64\ssleay32.dll
2014-10-11 13:20:43 ----AS---- C:\Windows\SYSWOW64\pthreadVC2.dll
2014-10-11 13:20:43 ----AS---- C:\Windows\SYSWOW64\acumncfiovb.exe
2014-10-11 13:20:42 ----AS---- C:\Windows\SYSWOW64\pthreadGC2.dll
2014-10-11 13:20:42 ----AS---- C:\Windows\SYSWOW64\libssh2.dll
2014-10-11 13:20:42 ----AS---- C:\Windows\SYSWOW64\librtmp.dll
2014-10-11 13:20:42 ----AS---- C:\Windows\SYSWOW64\libidn-11.dll
2014-10-11 13:20:42 ----AS---- C:\Windows\SYSWOW64\libeay32.dll
2014-10-11 13:20:42 ----AS---- C:\Windows\SYSWOW64\libcurl-4.dll
2014-10-11 13:20:42 ----AS---- C:\Windows\SYSWOW64\cudart32_50_35.dll
2014-10-11 13:20:33 ----D---- C:\Program Files (x86)\StarCraft 2 Heart Of The Swarm cz
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\epfwwfpr.sys
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\ehdrv.sys
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\edevmon.sys
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\eamonm.sys
2014-10-09 14:28:41 ----D---- C:\Users\martina\AppData\Roaming\.mctitandinocraft
2014-10-06 19:25:29 ----D---- C:\Program Files (x86)\Gazillion Entertainment
2014-10-06 13:28:24 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-10-06 13:28:24 ----D---- C:\Program Files (x86)\AGEIA Technologies
2014-09-30 17:51:27 ----D---- C:\Temp
2014-09-30 16:25:32 ----D---- C:\Program Files (x86)\Bandicut
2014-09-28 12:22:27 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-09-26 12:48:55 ----D---- C:\Users\martina\AppData\Roaming\ftblauncher
2014-09-19 19:30:41 ----D---- C:\Users\martina\AppData\Roaming\Seznam.cz
2014-09-19 19:29:13 ----A---- C:\Windows\unins000.exe
2014-09-19 19:29:13 ----A---- C:\Windows\unins000.dat
2014-09-19 17:41:01 ----D---- C:\Users\martina\AppData\Roaming\uTorrent
2014-09-19 16:48:18 ----D---- C:\Users\martina\AppData\Roaming\BANDISOFT
2014-09-19 16:47:23 ----D---- C:\Program Files (x86)\Bandicam
2014-09-19 16:47:20 ----D---- C:\Program Files (x86)\BandiMPEG1
2014-09-11 08:51:32 ----D---- C:\Minecraft_Backup
2014-09-11 08:37:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-09-11 08:37:34 ----A---- C:\Windows\system32\lsasrv.dll
2014-09-11 08:37:34 ----A---- C:\Windows\system32\kerberos.dll
2014-09-11 08:37:33 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-09-11 08:37:33 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-09-10 11:30:01 ----D---- C:\Users\martina\AppData\Roaming\Windows Live Writer
2014-09-08 18:14:01 ----D---- C:\Users\martina\AppData\Roaming\skyz
2014-09-07 11:00:00 ----D---- C:\Users\martina\AppData\Roaming\McTitan Aglaria
2014-09-07 10:58:36 ----D---- C:\Users\martina\AppData\Roaming\MC Titan Technic v2
2014-09-03 17:58:12 ----D---- C:\Users\martina\AppData\Roaming\.mctitanpokemine
2014-09-03 17:49:32 ----D---- C:\Users\martina\AppData\Roaming\McTitan Dinocraft
2014-08-31 10:10:35 ----A---- C:\Windows\system32\drivers\fssfltr.sys
2014-08-31 10:10:25 ----D---- C:\Program Files\Windows Live
2014-08-31 10:06:24 ----D---- C:\Program Files (x86)\Microsoft OneDrive
2014-08-31 10:06:05 ----D---- C:\ProgramData\Microsoft OneDrive
2014-08-30 23:49:18 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-30 23:49:18 ----A---- C:\Windows\system32\gdi32.dll
2014-08-30 08:18:21 ----AS---- C:\Windows\SYSWOW64\nircmdc.exe
2014-08-29 11:26:02 ----D---- C:\Users\martina\AppData\Roaming\.technic
2014-08-29 11:19:06 ----D---- C:\Users\martina\AppData\Roaming\OBS
2014-08-29 11:18:51 ----D---- C:\Program Files\OBS
2014-08-29 11:18:49 ----D---- C:\Program Files (x86)\OBS
2014-08-28 12:04:49 ----D---- C:\Program Files (x86)\Rettungswagen Simulator 2014 Demo
2014-08-25 16:15:26 ----D---- C:\ProgramData\BoostSoftware
2014-08-25 15:58:26 ----D---- C:\Program Files (x86)\MHD Simulator 2009
2014-08-25 15:09:27 ----D---- C:\Program Files (x86)\WinRAR
2014-08-24 15:01:52 ----D---- C:\Users\martina\AppData\Roaming\Unleashed Games
2014-08-21 12:17:41 ----A---- C:\Windows\system32\wups2.dll
2014-08-21 12:17:41 ----A---- C:\Windows\system32\wucltux.dll
2014-08-21 12:17:41 ----A---- C:\Windows\system32\wuauclt.exe
2014-08-21 12:17:40 ----A---- C:\Windows\system32\wuaueng.dll
2014-08-21 12:17:25 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-08-21 12:17:25 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-08-21 12:17:25 ----A---- C:\Windows\system32\wups.dll
2014-08-21 12:17:25 ----A---- C:\Windows\system32\wudriver.dll
2014-08-21 12:17:25 ----A---- C:\Windows\system32\wuapi.dll
2014-08-21 12:17:24 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-08-21 12:16:59 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-08-21 12:16:59 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-08-21 12:16:59 ----A---- C:\Windows\system32\wuwebv.dll
2014-08-21 12:16:59 ----A---- C:\Windows\system32\wuapp.exe
2014-08-17 09:38:29 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-17 09:38:29 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-17 09:38:28 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-08-17 09:38:28 ----A---- C:\Windows\system32\icardagt.exe
2014-08-17 09:38:26 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-08-17 09:38:26 ----A---- C:\Windows\system32\icardres.dll
2014-08-17 09:25:54 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-17 09:25:54 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-16 15:22:44 ----D---- C:\Fraps
2014-08-15 18:35:35 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2014-08-15 18:35:35 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2014-08-15 18:35:35 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2014-08-15 18:35:31 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2014-08-15 18:35:31 ----A---- C:\Windows\system32\D3DX9_40.dll
2014-08-15 16:25:50 ----A---- C:\Windows\SYSWOW64\npdeployJava1.dll
2014-08-15 16:25:50 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2014-08-15 16:25:39 ----D---- C:\Users\martina\AppData\Roaming\Oracle
2014-08-15 16:25:01 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-08-15 16:24:56 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-08-15 16:24:56 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-08-15 16:24:56 ----A---- C:\Windows\SYSWOW64\java.exe
2014-08-15 14:50:26 ----A---- C:\Windows\system32\authui.dll
2014-08-15 14:50:25 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-08-15 14:50:25 ----A---- C:\Windows\system32\consent.exe
2014-08-15 14:50:24 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-15 14:50:24 ----A---- C:\Windows\system32\msihnd.dll
2014-08-15 14:48:19 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-15 14:47:30 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-15 14:47:30 ----A---- C:\Windows\system32\rpcrt4.dll
2014-08-10 06:40:36 ----D---- C:\Program Files (x86)\Contendo Games
2014-08-09 20:31:07 ----D---- C:\Program Files (x86)\Rockstar Games

======List of files/folders modified in the last 3 months======

2014-11-08 12:05:56 ----D---- C:\Windows\system32\config
2014-11-08 12:03:23 ----A---- C:\Windows\SYSWOW64\log.txt
2014-11-08 11:59:52 ----D---- C:\Windows
2014-11-08 11:41:29 ----D---- C:\Windows\rescache
2014-11-08 11:38:01 ----SHD---- C:\Windows\Installer
2014-11-08 11:33:08 ----RD---- C:\Program Files (x86)
2014-11-08 11:33:01 ----D---- C:\Windows\Tasks
2014-11-08 11:18:19 ----D---- C:\Windows\Microsoft.NET
2014-11-08 11:18:17 ----RSD---- C:\Windows\assembly
2014-11-08 10:56:27 ----D---- C:\Windows\system32\Tasks
2014-11-08 10:56:25 ----HD---- C:\ProgramData
2014-11-08 10:38:00 ----D---- C:\Windows\system32\drivers\etc
2014-11-08 10:37:40 ----SHD---- C:\System Volume Information
2014-11-08 10:31:56 ----D---- C:\Windows\SysWOW64
2014-11-08 10:27:18 ----D---- C:\Windows\System32
2014-11-08 10:15:21 ----D---- C:\Windows\system32\catroot2
2014-11-08 10:13:39 ----SD---- C:\Users\martina\AppData\Roaming\Microsoft
2014-11-08 10:11:03 ----D---- C:\Program Files\KMSpico
2014-11-08 10:01:44 ----D---- C:\ProgramData\Microsoft Help
2014-11-08 09:58:49 ----RSD---- C:\Windows\Fonts
2014-11-08 09:58:25 ----D---- C:\Windows\ShellNew
2014-11-08 09:58:19 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-11-08 09:58:07 ----D---- C:\Program Files\Common Files
2014-11-08 09:57:03 ----RD---- C:\Program Files
2014-11-08 09:57:03 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-11-08 09:56:15 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-11-08 09:50:54 ----A---- C:\Windows\win.ini
2014-11-08 09:50:52 ----D---- C:\Program Files\Common Files\System
2014-11-08 09:41:54 ----D---- C:\Windows\inf
2014-11-08 09:41:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-08 09:14:53 ----D---- C:\Windows\winsxs
2014-11-08 08:59:59 ----D---- C:\Windows\SYSWOW64\Dism
2014-11-08 08:59:54 ----D---- C:\Windows\system32\Dism
2014-11-08 08:59:51 ----SD---- C:\Windows\system32\CompatTel
2014-11-08 08:59:40 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-08 08:59:40 ----D---- C:\Windows\system32\cs-CZ
2014-11-08 08:59:31 ----D---- C:\Windows\system32\DriverStore
2014-11-08 07:39:55 ----D---- C:\Windows\system32\drivers
2014-11-08 07:27:18 ----D---- C:\Windows\Prefetch
2014-11-06 19:19:30 ----D---- C:\Users\martina\AppData\Roaming\Skype
2014-11-05 07:59:10 ----AD---- C:\ProgramData\Temp
2014-11-05 07:40:04 ----D---- C:\Windows\system32\wfp
2014-11-05 07:39:59 ----D---- C:\Windows\system32\wbem
2014-11-05 07:38:51 ----D---- C:\Windows\system32\drivers\UMDF
2014-11-05 07:38:38 ----D---- C:\ProgramData\AVAST Software
2014-11-05 07:37:53 ----D---- C:\Windows\registration
2014-11-05 07:36:12 ----D---- C:\Program Files (x86)\Java
2014-11-05 07:36:09 ----D---- C:\Program Files (x86)\Common Files
2014-11-04 14:49:16 ----D---- C:\ProgramData\Oracle
2014-11-04 14:30:58 ----N---- C:\Windows\system32\MpSigStub.exe
2014-11-04 13:44:06 ----D---- C:\Windows\Logs
2014-11-04 12:14:50 ----D---- C:\Users\martina\AppData\Roaming\FreeFileViewer
2014-11-04 12:12:57 ----D---- C:\Program Files (x86)\Steam
2014-10-28 09:21:27 ----D---- C:\Users\martina\AppData\Roaming\.minecraft
2014-10-25 16:51:55 ----D---- C:\ProgramData\MFAData
2014-10-18 10:43:03 ----SD---- C:\ProgramData\Microsoft
2014-10-18 10:41:13 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-10-18 10:38:21 ----D---- C:\Program Files (x86)\MSBuild
2014-10-16 07:08:15 ----D---- C:\Program Files\Windows Media Player
2014-10-16 07:08:15 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-16 07:08:09 ----D---- C:\Windows\system32\en-US
2014-10-16 07:08:02 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-16 07:08:02 ----D---- C:\Windows\system32\Boot
2014-10-16 07:08:02 ----D---- C:\Program Files\Internet Explorer
2014-10-16 07:07:59 ----D---- C:\Windows\SYSWOW64\en-US
2014-10-16 07:07:52 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-15 22:07:03 ----D---- C:\Windows\system32\MRT
2014-10-15 21:58:40 ----A---- C:\Windows\system32\MRT.exe
2014-10-15 20:37:18 ----D---- C:\Windows\system32\catroot
2014-10-01 07:18:57 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-30 17:08:08 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-09-24 13:04:38 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-09-16 12:12:10 ----D---- C:\ProgramData\Skype
2014-09-16 12:12:07 ----RD---- C:\Program Files (x86)\Skype
2014-09-15 12:31:19 ----HD---- C:\Windows\msdownld.tmp
2014-09-12 07:24:37 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-08-31 10:11:13 ----D---- C:\Program Files (x86)\Windows Live
2014-08-31 10:10:35 ----DC---- C:\Windows\system32\DRVSTORE
2014-08-26 15:46:15 ----D---- C:\Program Files (x86)\minecraft mody letadla auta tanky a pistole 1.5.2
2014-08-19 08:22:54 ----D---- C:\Games
2014-08-17 18:25:58 ----D---- C:\Windows\system32\NDF
2014-08-17 10:41:39 ----D---- C:\Windows\ehome
2014-08-17 10:40:44 ----D---- C:\Windows\PolicyDefinitions

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 557848]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2014-10-10 158968]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-12-21 12310112]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-21 317440]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2012-04-12 1860672]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-09-08 535040]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 58056]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2013-08-06 23040]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-09-02 339048]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2013-03-18 54784]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-10-01 1349576]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-29 13592]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-08-31 2425960]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2011-09-08 305152]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-02 4972864]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-04 116648]
S2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2013-12-11 1050904]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-04 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-05-26 641352]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-28 114288]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-10-21 833728]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-04-02 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[vyosek]

Ja poprosim o log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

[ACS]

Zde je log z FRST.txt


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-11-2014 01
Ran by martina (administrator) on MARTINA-PC on 08-11-2014 18:42:43
Running from C:\Users\martina\Desktop
Loaded Profile: martina (Available profiles: martina)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(forum.viry.cz) C:\Users\martina\Desktop\FRSTLauncher (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-09-08] (IDT, Inc.)
HKLM\...\Run: [CnxtCoInstallerDefer] => C:\Program Files\CONEXANT\PREINSTALL\SETUP533AFC581\KESLYN.EXE [1574528 2010-12-15] (Conexant Systems, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-45138341-2002717243-2880125143-1000\...\MountPoints2: {148c1541-29d9-11e4-975e-ec9a744911a1} - E:\Startme.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-04-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=U218DHP&pc=U218
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE11ENUS/WOL_WCP
HKU\S-1-5-21-45138341-2002717243-2880125143-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM-x32 - DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL =
SearchScopes: HKCU - 6636B2E708A8480782316C06381BACCA URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\martina\AppData\Roaming\Mozilla\Firefox\Profiles\zv22v8kc.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @nsroblox.roblox.com/launcher -> C:\Users\martina\AppData\Local\Roblox\Versions\version-ec7c35918e67427c\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\martina\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\martina\AppData\Roaming\Mozilla\Firefox\Profiles\zv22v8kc.default\searchplugins\seznam-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml
FF Extension: Klip Pal - C:\Users\martina\AppData\Roaming\Mozilla\Firefox\Profiles\zv22v8kc.default\Extensions\{3ea27cd7-108c-45ee-8411-93eb09c031bd}.xpi [2014-11-05]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-08]
CHR Extension: (Disk Google) - C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-04]
CHR Extension: (YouTube) - C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-04]
CHR Extension: (Vyhledávání Google) - C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-04]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\eibfgbclmgnmffinenpipoibfdoblond [2014-09-19]
CHR Extension: (Tabulky Google) - C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-08]
CHR Extension: (Seznam Lištička - Email) - C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkfpcckoflkdgjdobdkpclgngaahgbpi [2014-09-19]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghoooididkjbjjldgojdgceoinbhbjmh [2014-11-08]
CHR Extension: (Seznam Lištička) - C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\lelcohngbjgpiibagnfmncojacafbbpg [2014-09-19]
CHR Extension: (Peněženka Google) - C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-08]
CHR Extension: (Gmail) - C:\Users\martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-04]
CHR HKCU\...\Chrome\Extension: [eibfgbclmgnmffinenpipoibfdoblond] - C:\Users\martina\AppData\Roaming\Seznam.cz\bin\listicka-chrome-rv-1.4.2.crx [2014-09-19]
CHR HKCU\...\Chrome\Extension: [fkfpcckoflkdgjdobdkpclgngaahgbpi] - C:\Users\martina\AppData\Roaming\Seznam.cz\bin\listicka-chrome-email-1.1.2.crx [2014-09-19]
CHR HKCU\...\Chrome\Extension: [ghoooididkjbjjldgojdgceoinbhbjmh] - C:\Users\martina\AppData\Roaming\Seznam.cz\bin\listicka-chrome-slovnik-1.1.1.crx [2014-09-19]
CHR HKCU\...\Chrome\Extension: [lelcohngbjgpiibagnfmncojacafbbpg] - C:\Users\martina\AppData\Roaming\Seznam.cz\bin\Partner-1.0.3.crx [2014-09-19]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-10-10] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241368 2014-10-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-10-10] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [158968 2014-10-10] (ESET)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-08 18:42 - 2014-11-08 18:43 - 00014072 _____ () C:\Users\martina\Desktop\FRST.txt
2014-11-08 18:41 - 2014-11-08 18:42 - 00000000 ____D () C:\FRST
2014-11-08 18:39 - 2014-11-08 18:40 - 00112640 _____ (forum.viry.cz) C:\Users\martina\Desktop\FRSTLauncher (1).exe
2014-11-08 18:38 - 2014-11-08 18:39 - 02115584 _____ (Farbar) C:\Users\martina\Desktop\FRST64.exe
2014-11-08 15:25 - 2014-11-08 15:25 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-11-08 15:25 - 2014-11-08 15:25 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-11-08 14:28 - 2014-11-08 14:28 - 00001045 _____ () C:\Users\martina\Desktop\JRT.txt
2014-11-08 14:23 - 2014-11-08 14:23 - 00000000 ____D () C:\Windows\ERUNT
2014-11-08 14:22 - 2014-11-08 14:21 - 01706808 ____N (Thisisu) C:\Users\martina\Desktop\JRT.exe
2014-11-08 12:19 - 2014-11-08 12:19 - 00058434 _____ () C:\Users\martina\Desktop\rsit.txt
2014-11-08 12:09 - 2014-11-08 12:09 - 00015905 _____ () C:\Users\martina\Desktop\zoek.txt
2014-11-08 11:59 - 2014-11-08 11:59 - 00000000 ____D () C:\Users\martina\AppData\Local\ESET
2014-11-08 11:02 - 2014-11-08 10:31 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-11-08 10:37 - 2014-11-08 12:04 - 00015912 _____ () C:\zoek-results.log
2014-11-08 10:31 - 2014-11-08 10:58 - 00000000 ____D () C:\zoek_backup
2014-11-08 10:23 - 2014-11-08 14:31 - 00000000 ____D () C:\AdwCleaner
2014-11-08 10:21 - 2014-11-08 10:19 - 00000091 _____ () C:\Users\martina\Desktop\Nový textový dokument.txt
2014-11-08 10:21 - 2014-11-08 10:18 - 02145792 _____ () C:\Users\martina\Desktop\adwcleaner_4.100.exe
2014-11-08 10:21 - 2014-11-08 10:18 - 01294848 _____ () C:\Users\martina\Desktop\zoek.exe
2014-11-08 10:11 - 2014-11-08 10:11 - 00003708 _____ () C:\Windows\System32\Tasks\AutoPico Daily Restart
2014-11-08 10:09 - 2013-12-20 12:42 - 02935928 _____ ( ) C:\Users\martina\Desktop\KMSpico_setup.exe
2014-11-08 09:59 - 2014-11-08 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-11-08 09:58 - 2014-11-08 09:58 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-11-08 09:57 - 2014-11-08 09:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-11-08 09:54 - 2014-11-08 09:57 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-11-08 09:47 - 2014-11-08 09:54 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-11-08 09:47 - 2014-11-08 09:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-11-08 09:45 - 2014-11-08 09:45 - 00000000 __RHD () C:\MSOCache
2014-11-08 08:46 - 2014-06-27 03:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-11-08 08:46 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-11-08 07:59 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-11-08 07:59 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-11-08 07:59 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-11-08 07:59 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-11-08 07:59 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-11-08 07:59 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-11-08 07:59 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-11-08 07:59 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-11-08 07:59 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-11-08 07:59 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-11-08 07:59 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-11-08 07:59 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-11-08 07:58 - 2014-08-01 12:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-11-08 07:58 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-11-08 07:58 - 2014-06-24 04:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-11-08 07:58 - 2014-06-24 03:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-11-08 07:57 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-08 07:57 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-08 07:57 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-08 07:57 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-11-08 07:57 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-11-08 07:57 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-08 07:57 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-08 07:56 - 2014-09-09 23:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-11-08 07:56 - 2014-09-09 22:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-11-08 07:56 - 2014-06-25 03:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-11-08 07:56 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-11-08 07:46 - 2014-11-08 12:17 - 00000000 ____D () C:\Program Files\trend micro
2014-11-08 07:46 - 2014-11-08 07:46 - 00000000 ____D () C:\rsit
2014-11-08 07:38 - 2014-11-08 07:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-11-08 07:38 - 2014-11-08 07:38 - 00000000 ____D () C:\ProgramData\ESET
2014-11-08 07:38 - 2014-11-08 07:38 - 00000000 ____D () C:\Program Files\ESET
2014-11-08 07:35 - 2014-11-08 07:35 - 73400320 _____ () C:\Users\martina\Desktop\eav_nt64_csy.msi
2014-11-08 07:35 - 2014-11-08 07:34 - 01222144 _____ () C:\Users\martina\Desktop\RSITx64.exe
2014-11-05 07:18 - 2014-11-05 07:40 - 00000000 ____D () C:\Program Files (x86)\Klip Pal
2014-11-05 06:11 - 2014-11-05 06:11 - 00374161 _____ () C:\Users\martina\Downloads\Křesťanství (1).pptx
2014-11-05 06:11 - 2014-11-05 06:11 - 00234627 _____ () C:\Users\martina\Downloads\BUDDHISMUS.pptx
2014-11-05 06:06 - 2013-02-22 13:48 - 67195967 _____ () C:\Users\martina\Desktop\FITHALL.cz - Zhubněte do plavek se Sandrou - 2.díl (1).flv
2014-11-03 20:11 - 2014-11-04 12:14 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-11-03 20:09 - 2014-11-04 12:14 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-11-03 20:09 - 2014-11-03 20:09 - 00000000 ____D () C:\Users\martina\AppData\Roaming\DAEMON Tools Lite
2014-11-01 13:32 - 2014-11-04 12:14 - 00000000 ____D () C:\Users\martina\Downloads\Farming.Simulator.15-CODEX
2014-11-01 07:30 - 2014-11-01 07:30 - 00000000 ____D () C:\Users\martina\AppData\Roaming\QuickScan
2014-10-31 20:58 - 2014-10-31 21:01 - 554991616 _____ () C:\Users\martina\Downloads\Police Force CZ.iso
2014-10-28 10:16 - 2014-10-28 10:16 - 00000000 ____D () C:\SteamLibrary
2014-10-28 10:00 - 2014-10-28 10:00 - 00001694 _____ () C:\Users\martina\AppData\Roaming\Microsoft\Windows\Start Menu\Rusted 1.7.2 odinstalace.lnk
2014-10-28 10:00 - 2014-10-28 10:00 - 00001665 _____ () C:\Users\martina\AppData\Roaming\Microsoft\Windows\Start Menu\Rusted klient 1.7.2.lnk
2014-10-26 08:58 - 2014-10-26 08:58 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-10-26 08:57 - 2014-11-05 07:38 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-21 20:37 - 2014-10-21 20:37 - 04927128 _____ () C:\Users\martina\Downloads\Prezentace 1 (1).pptx
2014-10-21 20:36 - 2014-10-21 20:36 - 04927128 _____ () C:\Users\martina\Downloads\Prezentace 1.pptx
2014-10-21 20:25 - 2014-10-21 20:25 - 04951840 _____ () C:\Users\martina\Downloads\Prezentace+1.pptx
2014-10-20 17:59 - 2014-10-21 15:26 - 00001487 _____ () C:\Users\martina\AppData\Roaming\Microsoft\Windows\Start Menu\Rusted 1.7.1 odinstalace.lnk
2014-10-20 17:59 - 2014-10-21 15:26 - 00001458 _____ () C:\Users\martina\AppData\Roaming\Microsoft\Windows\Start Menu\Rusted klient 1.7.1.lnk
2014-10-20 17:58 - 2014-10-21 15:26 - 00000000 ____D () C:\Rust 1.7.1
2014-10-20 14:19 - 2014-10-20 14:19 - 03818992 _____ () C:\Users\martina\Downloads\Přehrada.rar
2014-10-19 21:44 - 2014-10-19 21:44 - 00109504 _____ () C:\Users\Default\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-19 21:44 - 2014-10-19 21:44 - 00109504 _____ () C:\Users\Default User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-19 21:44 - 2014-10-19 21:44 - 00000000 ____D () C:\Users\Default\Documents\Visual Studio 2010
2014-10-19 21:44 - 2014-10-19 21:44 - 00000000 ____D () C:\Users\Default User\Documents\Visual Studio 2010
2014-10-19 21:42 - 2014-10-19 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-10-19 21:40 - 2014-10-19 21:40 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-10-19 21:40 - 2014-10-19 21:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-10-18 20:41 - 2014-11-03 20:09 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-10-18 17:42 - 2014-10-18 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-10-18 16:51 - 2014-10-19 01:45 - 00002550 _____ () C:\Users\martina\AppData\Local\MRDownloader.err
2014-10-18 16:49 - 2014-11-01 10:14 - 00001096 _____ () C:\Users\martina\AppData\Local\MRDownloader.nast
2014-10-18 16:03 - 2014-10-18 16:03 - 00000000 ____D () C:\Users\martina\Downloads\VoxelBronyPack
2014-10-18 16:02 - 2014-10-18 16:02 - 00000000 ____D () C:\Users\martina\Downloads\Monster
2014-10-18 12:44 - 2014-10-18 12:44 - 00003186 _____ () C:\Windows\System32\Tasks\{1EAF77EE-7A59-44AE-A840-FEEA6A9BF704}
2014-10-18 10:43 - 2014-11-05 07:57 - 00000000 ____D () C:\Program Files (x86)\Zrychleni Pocitace
2014-10-18 10:41 - 2014-10-18 10:41 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2014-10-18 10:41 - 2014-10-18 10:41 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-10-18 10:41 - 2014-10-18 10:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2014-10-18 10:40 - 2014-10-19 21:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express
2014-10-18 10:40 - 2014-10-18 10:40 - 00000000 ____D () C:\Users\martina\Documents\Visual Studio 2010
2014-10-18 10:38 - 2014-10-18 10:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 10.0
2014-10-18 10:37 - 2014-10-18 10:37 - 00000000 ____D () C:\Windows\symbols
2014-10-18 10:37 - 2014-10-18 10:37 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 10.0
2014-10-18 10:37 - 2014-10-18 10:37 - 00000000 ____D () C:\Program Files\Microsoft Help Viewer
2014-10-18 10:37 - 2014-10-18 10:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-10-18 10:34 - 2014-10-18 11:27 - 433783215 _____ () C:\Users\martina\Downloads\GTA-San-Andreas.iso
2014-10-15 20:40 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 20:40 - 2014-07-07 03:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 20:40 - 2014-07-07 03:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 20:40 - 2014-07-07 03:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 20:40 - 2014-07-07 03:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 20:40 - 2014-07-07 03:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 20:40 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 20:40 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 20:40 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 20:40 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 20:40 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 20:40 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 20:40 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 20:40 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 20:39 - 2014-08-19 04:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 20:39 - 2014-08-19 04:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 20:39 - 2014-08-19 04:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 20:39 - 2014-08-19 04:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 20:39 - 2014-08-19 04:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 20:39 - 2014-08-19 04:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 20:39 - 2014-08-19 04:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 20:39 - 2014-08-19 04:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 20:39 - 2014-08-19 04:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 20:39 - 2014-08-19 04:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 20:39 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 20:39 - 2014-08-19 03:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 20:39 - 2014-08-19 03:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 20:39 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 20:39 - 2014-07-07 03:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 20:39 - 2014-07-07 03:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 20:39 - 2014-07-07 03:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 20:39 - 2014-07-07 03:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 20:39 - 2014-07-07 03:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 20:39 - 2014-07-07 03:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 20:39 - 2014-07-07 03:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 20:39 - 2014-07-07 03:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 20:39 - 2014-07-07 03:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 20:39 - 2014-07-07 03:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 20:39 - 2014-07-07 03:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 20:39 - 2014-07-07 03:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 20:39 - 2014-07-07 03:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 20:39 - 2014-07-07 03:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 20:39 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 20:39 - 2014-07-07 03:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 20:39 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 20:39 - 2014-07-07 03:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 20:39 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 20:39 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 20:39 - 2014-07-07 03:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 20:39 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 20:39 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 20:39 - 2014-07-07 03:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 20:39 - 2014-07-07 03:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 20:39 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 20:39 - 2014-07-07 02:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 20:39 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 20:39 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 20:39 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 20:39 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 20:39 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 20:39 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 20:39 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 20:39 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 20:39 - 2014-07-07 02:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 20:39 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 20:39 - 2014-07-07 02:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 20:39 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 20:39 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 20:39 - 2014-07-07 02:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 20:39 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 20:39 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 20:39 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 20:39 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 20:39 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 20:39 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 20:39 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 20:39 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 20:39 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 20:39 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 20:39 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 20:39 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 20:39 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 20:39 - 2014-06-28 01:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 20:39 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 20:39 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 20:38 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 20:38 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 20:38 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 20:38 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 20:38 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 20:38 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 20:38 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 20:38 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 20:38 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 20:38 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 20:38 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 20:38 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 20:38 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 20:38 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 20:38 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 20:38 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 20:38 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 20:38 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 20:38 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 20:38 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 20:38 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 20:38 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 20:38 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 20:38 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 20:38 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 20:38 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 20:38 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 20:38 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 20:38 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 20:38 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 20:38 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 20:38 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 20:38 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 20:38 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 20:38 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 20:38 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 20:38 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 20:38 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 20:38 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 20:38 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 20:38 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 20:38 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 20:38 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 20:38 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 20:38 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 20:38 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 20:38 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 20:38 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 20:38 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 20:38 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 20:38 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 20:38 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 20:38 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 20:38 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 20:38 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 20:38 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 20:38 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 20:38 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 20:37 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 20:37 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 20:37 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 20:37 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 20:37 - 2014-07-17 03:07 - 01113088 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 20:37 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 20:37 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 20:37 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 20:37 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 20:37 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 20:37 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 20:37 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 20:37 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 20:37 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-15 20:37 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-15 20:37 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 20:37 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 20:37 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 20:37 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 20:37 - 2014-05-30 09:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-10-15 20:37 - 2014-05-30 09:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-10-15 20:37 - 2014-05-30 09:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-10-15 20:37 - 2014-05-30 09:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-10-15 20:37 - 2014-05-30 08:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-10-15 20:37 - 2014-05-30 08:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-10-15 20:37 - 2014-05-30 08:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-10-15 20:37 - 2014-05-30 08:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-10-11 13:20 - 2014-11-08 08:20 - 00000000 ____D () C:\Program Files (x86)\StarCraft 2 Heart Of The Swarm cz
2014-10-11 13:20 - 2014-10-11 13:20 - 00000000 ____D () C:\Windows\SysWOW64\bitstreams
2014-10-11 13:20 - 2014-10-11 13:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft 2 Heart Of The Swarm cz
2014-10-11 13:20 - 2013-12-09 23:30 - 10236928 ____S () C:\Windows\SysWOW64\acumncfiovb.exe
2014-10-11 13:20 - 2013-10-26 19:30 - 01704448 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2014-10-11 13:20 - 2013-10-26 19:30 - 00972814 ____S () C:\Windows\SysWOW64\dcgmncfiovb.exe
2014-10-11 13:20 - 2013-10-26 19:30 - 00538126 ____S () C:\Windows\SysWOW64\libcurl-4.dll
2014-10-11 13:20 - 2013-10-26 19:30 - 00364544 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2014-10-11 13:20 - 2013-10-26 19:30 - 00192512 ____S () C:\Windows\SysWOW64\libidn-11.dll
2014-10-11 13:20 - 2013-10-26 19:30 - 00171008 ____S (The libssh2 library, http://www.libssh2.org/) C:\Windows\SysWOW64\libssh2.dll
2014-10-11 13:20 - 2013-10-26 19:30 - 00133632 ____S () C:\Windows\SysWOW64\librtmp.dll
2014-10-11 13:20 - 2013-10-26 19:30 - 00044727 ____S () C:\Windows\SysWOW64\diablo130302.cl
2014-10-11 13:20 - 2013-10-26 19:30 - 00043810 ____S () C:\Windows\SysWOW64\poclbm130302.cl
2014-10-11 13:20 - 2013-10-26 19:30 - 00030802 ____S () C:\Windows\SysWOW64\diakgcn121016.cl
2014-10-11 13:20 - 2013-10-26 19:30 - 00023825 ____S () C:\Windows\SysWOW64\scrypt130511.cl
2014-10-11 13:20 - 2013-10-26 19:30 - 00013062 ____S () C:\Windows\SysWOW64\phatk121016.cl
2014-10-11 13:20 - 2013-07-18 15:06 - 00187904 ____S () C:\Windows\SysWOW64\lcpmncfiovb.exe
2014-10-11 13:20 - 2013-06-12 14:15 - 00119888 ____S (Open Source Software community LGPL) C:\Windows\SysWOW64\pthreadGC2.dll
2014-10-11 13:20 - 2013-06-12 14:15 - 00100864 ____S () C:\Windows\SysWOW64\zlib1.dll
2014-10-11 13:20 - 2012-09-25 22:46 - 00472424 ____S (NVIDIA Corporation) C:\Windows\SysWOW64\cudart32_50_35.dll
2014-10-11 13:20 - 2012-05-27 00:36 - 00055808 ____S (Open Source Software community LGPL) C:\Windows\SysWOW64\pthreadVC2.dll
2014-10-11 12:28 - 2014-10-11 12:28 - 00003162 _____ () C:\Windows\System32\Tasks\{B17EC1CB-6BA7-4CE9-A2E1-3181F2B8D99A}
2014-10-10 08:59 - 2014-10-10 08:59 - 00243440 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2014-10-10 08:59 - 2014-10-10 08:59 - 00241368 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2014-10-10 08:59 - 2014-10-10 08:59 - 00169280 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2014-10-10 08:59 - 2014-10-10 08:59 - 00158968 _____ (ESET) C:\Windows\system32\Drivers\epfwwfpr.sys
2014-10-09 14:28 - 2014-11-04 12:14 - 00000000 ____D () C:\Users\martina\AppData\Roaming\.mctitandinocraft

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-08 18:41 - 2009-07-14 05:45 - 00024592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-08 18:41 - 2009-07-14 05:45 - 00024592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-08 18:39 - 2014-04-01 15:21 - 01717706 _____ () C:\Windows\WindowsUpdate.log
2014-11-08 18:38 - 2014-04-04 19:12 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-08 18:34 - 2014-04-17 13:54 - 00035635 _____ () C:\Windows\setupact.log
2014-11-08 18:34 - 2014-04-04 19:12 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-08 18:34 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-08 16:52 - 2014-04-03 16:58 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-08 16:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-08 16:40 - 2014-04-04 19:12 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-08 15:58 - 2009-07-14 05:45 - 00434136 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-08 15:57 - 2014-04-17 13:54 - 01438018 _____ () C:\Windows\PFRO.log
2014-11-08 15:54 - 2014-04-02 10:51 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-08 15:53 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-11-08 15:48 - 2009-07-14 16:18 - 00668792 _____ () C:\Windows\system32\perfh005.dat
2014-11-08 15:48 - 2009-07-14 16:18 - 00141420 _____ () C:\Windows\system32\perfc005.dat
2014-11-08 15:48 - 2009-07-14 06:13 - 01583226 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-08 15:47 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-11-08 15:18 - 2014-09-28 12:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-08 11:38 - 2014-04-01 15:56 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-11-08 11:33 - 2014-04-04 19:12 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-08 11:33 - 2014-04-04 19:12 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-08 10:11 - 2014-06-29 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2014-11-08 10:11 - 2014-06-29 20:41 - 00000000 ____D () C:\Program Files\KMSpico
2014-11-08 10:11 - 2014-04-01 15:52 - 00111520 _____ () C:\Users\martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-08 09:58 - 2009-07-14 16:37 - 00000000 ____D () C:\Windows\ShellNew
2014-11-08 09:50 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-11-08 08:59 - 2014-05-01 14:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-08 08:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-11-08 08:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-11-08 07:23 - 2014-09-19 17:41 - 00000000 ____D () C:\Users\martina\AppData\Roaming\uTorrent
2014-11-06 19:19 - 2014-04-01 20:06 - 00000000 ____D () C:\Users\martina\AppData\Roaming\Skype
2014-11-05 08:01 - 2014-09-03 17:49 - 00000000 ____D () C:\Users\martina\AppData\Roaming\McTitan Dinocraft
2014-11-05 07:59 - 2014-04-01 18:56 - 00000000 ____D () C:\ProgramData\Temp
2014-11-05 07:40 - 2014-04-01 15:36 - 00000000 ____D () C:\Users\martina
2014-11-05 07:38 - 2014-07-16 22:05 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-05 07:38 - 2014-07-14 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-05 07:38 - 2014-04-04 19:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-05 07:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-05 07:36 - 2014-07-14 12:38 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-04 14:49 - 2014-07-14 12:39 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-04 14:30 - 2014-04-01 19:20 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-04 12:14 - 2014-04-14 20:31 - 00000000 ____D () C:\Users\martina\AppData\Roaming\FreeFileViewer
2014-11-04 12:12 - 2014-04-02 14:16 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-31 08:56 - 2014-06-28 23:25 - 00000048 _____ () C:\RB.rdat
2014-10-31 08:56 - 2014-06-28 23:25 - 00000048 _____ () C:\License_Time.rdat
2014-10-28 09:21 - 2014-07-14 12:39 - 00000000 ____D () C:\Users\martina\AppData\Roaming\.minecraft
2014-10-27 09:30 - 2014-09-30 17:51 - 00000000 ____D () C:\Temp
2014-10-25 16:51 - 2014-04-01 19:58 - 00000000 ____D () C:\ProgramData\MFAData
2014-10-20 18:10 - 2014-04-01 15:37 - 00000000 ____D () C:\Users\martina\AppData\Local\VirtualStore
2014-10-20 14:19 - 2014-06-12 18:59 - 00000000 ____D () C:\Users\martina\Desktop\PDFrizatorSetup
2014-10-19 06:10 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-18 17:42 - 2014-04-18 22:52 - 00000000 ___RD () C:\Users\martina\Desktop\programy
2014-10-18 16:04 - 2014-09-26 12:48 - 00000000 ____D () C:\Users\martina\AppData\Local\ftblauncher
2014-10-18 12:58 - 2014-09-19 18:30 - 00000000 ____D () C:\Users\martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-10-18 12:57 - 2014-09-19 16:48 - 00000000 ____D () C:\Users\martina\Documents\Bandicam
2014-10-18 11:28 - 2014-09-03 17:58 - 00000000 ____D () C:\Users\martina\AppData\Roaming\.mctitanpokemine
2014-10-18 10:41 - 2014-04-29 16:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-10-18 10:38 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-10-15 22:07 - 2014-04-01 20:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 21:58 - 2014-04-01 20:04 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-11 14:52 - 2014-04-12 16:49 - 00000000 ____D () C:\Users\martina\Documents\Youcam
2014-10-09 15:12 - 2014-07-24 08:19 - 00000000 ____D () C:\Users\martina\Documents\My Games
2014-10-09 14:31 - 2014-09-07 11:00 - 00000000 ____D () C:\Users\martina\AppData\Roaming\McTitan Aglaria

Some content of TEMP:
====================
C:\Users\martina\AppData\Local\Temp\Quarantine.exe
C:\Users\martina\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\Temp:56E2E879

==================== Security Center ==================

AV: ESET NOD32 Antivirus 8.0 (Disabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Disabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\martina\Desktop" je 173 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Download Assistant
C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pokki
C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent
"C:\Users\martina\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[vyosek]

Doporucte kamardce, at si zakoupi jak windows, tak office. U nas bude priste pomoc s temito nelegalnimi windows odmitnuta.

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  
  HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
  HKU\S-1-5-21-45138341-2002717243-2880125143-1000\...\MountPoints2: {148c1541-29d9-11e4-975e-ec9a744911a1} - E:\Startme.exe
  HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-04-04] (Microsoft Corporation)
  ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
  
  HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=U218DHP&pc=U218
  HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE11ENUS/WOL_WCP
  HKU\S-1-5-21-45138341-2002717243-2880125143-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  SearchScopes: HKLM-x32 - DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = 
  
  S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () [File not signed]
  
  C:\Program Files\KMSpico
  2014-11-08 18:42 - 2014-11-08 18:43 - 00014072 _____ () C:\Users\martina\Desktop\FRST.txt
  2014-11-08 18:39 - 2014-11-08 18:40 - 00112640 _____ (forum.viry.cz) C:\Users\martina\Desktop\FRSTLauncher (1).exe
  2014-11-08 14:28 - 2014-11-08 14:28 - 00001045 _____ () C:\Users\martina\Desktop\JRT.txt
  2014-11-08 14:23 - 2014-11-08 14:23 - 00000000 ____D () C:\Windows\ERUNT
  2014-11-08 14:22 - 2014-11-08 14:21 - 01706808 ____N (Thisisu) C:\Users\martina\Desktop\JRT.exe
  2014-11-08 12:19 - 2014-11-08 12:19 - 00058434 _____ () C:\Users\martina\Desktop\rsit.txt
  2014-11-08 12:09 - 2014-11-08 12:09 - 00015905 _____ () C:\Users\martina\Desktop\zoek.txt
  2014-11-08 11:02 - 2014-11-08 10:31 - 00024064 _____ () C:\Windows\zoek-delete.exe
  2014-11-08 10:37 - 2014-11-08 12:04 - 00015912 _____ () C:\zoek-results.log
  2014-11-08 10:31 - 2014-11-08 10:58 - 00000000 ____D () C:\zoek_backup
  2014-11-08 10:23 - 2014-11-08 14:31 - 00000000 ____D () C:\AdwCleaner
  2014-11-08 10:21 - 2014-11-08 10:19 - 00000091 _____ () C:\Users\martina\Desktop\Nový textový dokument.txt
  2014-11-08 10:21 - 2014-11-08 10:18 - 02145792 _____ () C:\Users\martina\Desktop\adwcleaner_4.100.exe
  2014-11-08 10:21 - 2014-11-08 10:18 - 01294848 _____ () C:\Users\martina\Desktop\zoek.exe
  2014-11-08 10:11 - 2014-11-08 10:11 - 00003708 _____ () C:\Windows\System32\Tasks\AutoPico Daily Restart
  2014-11-08 10:09 - 2013-12-20 12:42 - 02935928 _____ ( ) C:\Users\martina\Desktop\KMSpico_setup.exe
  2014-11-08 07:35 - 2014-11-08 07:34 - 01222144 _____ () C:\Users\martina\Desktop\RSITx64.exe
  2014-10-18 10:43 - 2014-11-05 07:57 - 00000000 ____D () C:\Program Files (x86)\Zrychleni Pocitace
  2014-10-11 13:20 - 2013-07-18 15:06 - 00187904 ____S () C:\Windows\SysWOW64\lcpmncfiovb.exe
  
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  
  AlternateDataStreams: C:\ProgramData\Temp:56E2E879
  
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Download Assistant" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pokki" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent" /f
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[ACS]

Hezke dopoledne, kamaradka na to celkem spechala, protoze vcera odletala zpet do Anglie, kde ntbk potrebuje k praci, tak jsem ji preinstaloval cely OS. Predchozi system ji instaloval nejaky "expert" z anglie a i kdyz ma ze spodu ntbku na stitku OEM licenci k Win 7 Home Premium, tak ji nainstaloval ultimate...

Omlouvam se za Vas straveny cas, kdyby na to tolik nespechala, tak by jsme to uz dotahli, ale takhle mi nic jineho nezbyvalo. Muzete lock

[vyosek]

OK, neni tedy zac