VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-11-2014 01
Ran by tibor_000 (administrator) on VAIO-VENDA on 08-11-2014 13:57:14
Running from C:\Users\tibor_000\Desktop
Loaded Profile: tibor_000 (Available profiles: Venda & tibor_000 & Guest)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(PandoraTV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\tibor_000\Desktop\FRSTLauncher (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-03] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-10-15] (Synaptics Incorporated)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-11-28] ( (Qualcomm®Atheros®))
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
BootExecute: autocheck autochk * sh4native Sh4Removal놱ʌ냴Qᴈ@
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - c:\program files (x86)\internet explorer\iexplore.exe
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2101} URL = http://dts.search-results.com/sr?src=ie ... earchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-results.com/sr?src=ie ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: CostmeiiN - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\T6W@6sFORJKK.com [2014-09-23]
FF HKLM-x32\...\Firefox\Extensions: [ffox@bandoo.com] - C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\k8fyd32e.default\extensions\ffox@bandoo.com
FF Extension: Bandoo for Firefox - C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\k8fyd32e.default\extensions\ffox@bandoo.com [2014-10-20]
FF HKLM-x32\...\Firefox\Extensions: [shortcutff@gmail.com] - C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\k8fyd32e.default\extensions\shortcutff@gmail.com
FF Extension: shortcut - C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\k8fyd32e.default\extensions\shortcutff@gmail.com [2014-07-30]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> https://www.google.com/search?q={search ... 8&oe=utf-8
CHR DefaultSuggestURL: Default -> https://www.google.com/complete/search?q={searchTerms}
CHR Profile: C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-07-06]
CHR Extension: (Disk Google) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-06]
CHR Extension: (Seznam Lištička - Email) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-07-06]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-08-31]
CHR Extension: (YouTube) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-06]
CHR Extension: (Vyhledávání Google) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-06]
CHR Extension: (Hodiny) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2014-07-06]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-07-06]
CHR Extension: (Battlestar Galactica Online) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihbmdfdhanakpfoiaomnelodiejioflb [2014-07-06]
CHR Extension: (Mapy Google) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-07-06]
CHR Extension: (Hodiny) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjocghlclkpgheifflemilcnblodjohg [2014-11-08]
CHR Extension: (Earthly Raindrop) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfafifkblojjoeogacijogdmkjhkgkh [2014-11-08]
CHR Extension: (Peněženka Google) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-06]
CHR Extension: (Prohlížeč dokumentů ve formátu PDF/PowerPoint (od společnosti Google)) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2014-07-06]
CHR Extension: (Gmail) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-06]
CHR HKLM-x32\...\Chrome\Extension: [ainbkicbloikcngphmjfpjdemblcojdd] - C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Extensions\slidebar.crx [2014-06-12]
CHR HKLM-x32\...\Chrome\Extension: [dloejdefkancmfajekobpfoacecnhpgp] - C:\Program Files (x86)\Bandoo\ChromePackage.crx [2013-02-22]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-26] (Advanced Micro Devices, Inc.) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2013-11-28] (Windows (R) Win 7 DDK provider)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S2 gupdate1cfebbdca89f68c; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912 2014-10-19] (Google Inc.)
S3 gupdatem1cfebbdcab01e69; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912 2014-10-19] (Google Inc.)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
S4 mfeicfcoreocp; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [5619000 2012-06-20] (McAfee, Inc.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1146304 2014-05-13] (Crawler.com)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-11-07] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-11-28] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21752 2012-12-19] (Advanced Micro Devices, Inc.)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-09-25] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-09-23] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-11-28] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [428488 2013-11-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2014-05-06] (Microsoft Corporation)
R3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2012-11-27] (DT Soft Ltd)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-08] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-10-01] (Malwarebytes Corporation)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [30448 2013-10-30] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-10-27] (Windows (R) Win 7 DDK provider)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(http://www.devguru.co.kr))
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 Baidu PC Faster FileShredder; \??\C:\Users\Venda\AppData\Local\Temp\_@52FA.tmp\FileKill_x64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 MpKsl16393cec; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0F21A90E-5B06-4373-870C-D596BF5B0E30}\MpKsl16393cec.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-08 13:57 - 2014-11-08 13:58 - 00019595 _____ () C:\Users\tibor_000\Desktop\FRST.txt
2014-11-08 13:56 - 2014-11-08 13:57 - 00000000 ____D () C:\FRST
2014-11-08 13:54 - 2014-11-08 13:54 - 00112640 _____ (forum.viry.cz) C:\Users\tibor_000\Desktop\FRSTLauncher (1).exe
2014-11-08 13:52 - 2014-11-08 13:52 - 00112640 _____ (forum.viry.cz) C:\Users\tibor_000\Downloads\Nepotvrzeno 499326.crdownload
2014-11-08 13:51 - 2014-11-08 13:52 - 02115584 _____ (Farbar) C:\Users\tibor_000\Desktop\FRST64.exe
2014-11-08 13:12 - 2014-11-08 13:12 - 00001033 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Twin.lnk
2014-11-08 13:12 - 2014-11-08 13:12 - 00001021 _____ () C:\Users\Public\Desktop\Anti-Twin.lnk
2014-11-08 13:12 - 2014-11-08 13:12 - 00000000 ____D () C:\Program Files (x86)\AntiTwin
2014-11-08 13:11 - 2014-11-08 13:12 - 00911295 _____ () C:\Users\tibor_000\Downloads\AntiTwin_Setup.exe
2014-11-07 21:16 - 2014-11-07 21:16 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-11-07 21:16 - 2014-11-07 21:16 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-11-07 21:12 - 2014-11-08 12:11 - 00001336 _____ () C:\WINDOWS\PFRO.log
2014-11-07 18:51 - 2014-11-07 18:51 - 00000000 ____D () C:\ProgramData\Atheros
2014-11-07 18:50 - 2014-11-07 18:50 - 00000000 ____D () C:\Users\tibor_000\AppData\Roaming\Atheros
2014-11-07 18:45 - 2014-11-07 18:45 - 00002174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Media Server Settings.lnk
2014-11-07 18:42 - 2014-11-07 18:42 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-11-07 18:37 - 2014-11-07 18:42 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-11-07 18:36 - 2014-11-07 18:36 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2014-11-07 18:35 - 2014-11-07 18:38 - 00000000 ____D () C:\Program Files\Common Files\QCA_Bluetooth
2014-11-07 18:35 - 2014-11-07 18:36 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite
2014-10-31 23:52 - 2014-10-31 23:59 - 774553600 _____ () C:\Users\Venda\Desktop\Samec 2009 CZ.avi
2014-10-31 14:47 - 2014-10-31 14:47 - 00000000 ____D () C:\Documentation
2014-10-27 12:53 - 2014-11-06 22:46 - 00007602 _____ () C:\Users\Venda\AppData\Local\resmon.resmoncfg
2014-10-27 12:03 - 2014-10-27 12:03 - 00000000 ____D () C:\Users\Venda\Downloads\Installer (Right Click and select extract)
2014-10-27 12:02 - 2014-02-17 14:23 - 00508928 _____ () C:\WINDOWS\SysWOW64\Amadeus Updater Setup.msi
2014-10-27 12:02 - 2014-02-17 14:23 - 00496128 _____ () C:\WINDOWS\SysWOW64\setup.exe
2014-10-27 11:39 - 2014-10-27 19:56 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-10-27 11:39 - 2014-10-27 11:40 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-10-27 11:39 - 2014-10-27 11:39 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\stflt.sys
2014-10-27 11:39 - 2014-10-27 11:39 - 00001050 _____ () C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2014-10-27 11:39 - 2014-10-27 11:39 - 00000000 ____D () C:\Users\Venda\AppData\Roaming\Spyware Terminator
2014-10-27 11:39 - 2014-10-27 11:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
2014-10-27 11:37 - 2014-10-27 11:37 - 01070648 _____ (Crawler, LLC ) C:\Users\Venda\Downloads\SpywareTerminatorSetup.exe
2014-10-27 11:31 - 2014-10-27 11:31 - 00003346 _____ () C:\WINDOWS\System32\Tasks\SpyHunter4Startup
2014-10-27 11:05 - 2014-10-27 11:05 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2014-10-27 11:04 - 2014-10-27 11:21 - 00000000 ____D () C:\WINDOWS\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2014-10-26 21:37 - 2014-11-08 13:10 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-26 21:36 - 2014-10-26 21:36 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-26 21:36 - 2014-10-26 21:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-26 21:36 - 2014-10-26 21:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-26 21:36 - 2014-10-26 21:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-26 21:36 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-10-26 21:36 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-10-26 21:36 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-10-26 21:32 - 2014-10-26 21:34 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Venda\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-26 20:29 - 2014-10-27 11:35 - 02250076 _____ () C:\spyhunter.fix
2014-10-26 20:29 - 2013-12-18 22:28 - 00014232 _____ () C:\WINDOWS\SysWOW64\sh4native.exe
2014-10-26 18:31 - 2014-10-26 18:31 - 00003404 _____ () C:\WINDOWS\System32\Tasks\LuckyTab
2014-10-26 18:31 - 2014-10-26 18:31 - 00000000 ____D () C:\Users\Venda\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab
2014-10-26 18:31 - 2014-10-26 18:31 - 00000000 ____D () C:\Program Files (x86)\LuckyTab
2014-10-26 18:20 - 2014-10-26 18:21 - 75916442 _____ () C:\Users\Venda\Downloads\Portable-SpyHunter-4.16.5.4290-Multilanguage.rar
2014-10-20 05:26 - 2014-09-29 23:45 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-10-20 05:26 - 2014-09-29 23:45 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-19 18:11 - 2014-10-19 18:11 - 00000000 _____ () C:\autoexec.bat
2014-10-19 18:10 - 2014-10-19 18:10 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-10-19 18:07 - 2014-10-26 18:33 - 00000000 ____D () C:\WINDOWS\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-10-19 18:05 - 2014-10-19 18:06 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Venda\Downloads\SpyHunter-installer.exe
2014-10-19 17:58 - 2014-10-19 17:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-19 17:56 - 2014-10-19 17:57 - 00000000 ____D () C:\Users\Venda\AppData\Local\Deployment
2014-10-19 17:56 - 2014-10-19 17:56 - 00000000 ____D () C:\Users\Venda\AppData\Local\Apps\2.0
2014-10-19 17:50 - 2014-10-19 18:06 - 00000000 ____D () C:\b61f5839d0dd73cf2265b62c448c2b
2014-10-19 17:38 - 2014-10-26 22:36 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-10-19 17:38 - 2014-10-19 17:38 - 00000000 ____D () C:\Users\Venda\AppData\Local\globalUpdate
2014-10-15 17:34 - 2014-10-09 23:16 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-10-15 17:34 - 2014-10-08 23:09 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-10-15 17:34 - 2014-09-19 02:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-10-15 17:34 - 2014-09-13 07:02 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-15 17:34 - 2014-09-13 06:30 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-15 17:34 - 2014-09-04 01:10 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-15 17:34 - 2014-09-04 00:57 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-15 17:34 - 2014-09-04 00:49 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-15 13:40 - 2014-09-13 07:29 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-15 13:40 - 2014-09-13 06:49 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-15 13:40 - 2014-08-29 02:58 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-15 13:40 - 2014-08-29 00:56 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-15 13:40 - 2014-08-29 00:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-15 13:39 - 2014-09-27 23:25 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-15 13:38 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-15 13:38 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-15 13:38 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-15 13:38 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-15 13:38 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-15 13:37 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-15 13:37 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-15 13:37 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-15 13:37 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-15 13:37 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-15 13:37 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-15 13:37 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-15 13:37 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-15 13:37 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-15 13:37 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-15 13:37 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-15 13:37 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-15 13:37 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-15 13:37 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-15 13:37 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-15 13:37 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-15 13:37 - 2014-09-19 01:42 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-15 13:37 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-15 13:37 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-15 13:37 - 2014-09-19 01:20 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-15 13:37 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-15 13:37 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-15 13:37 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-15 13:37 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-15 13:37 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-15 13:36 - 2014-09-08 04:15 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-15 13:36 - 2014-09-08 02:46 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-15 13:36 - 2014-09-08 02:46 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-15 13:36 - 2014-09-08 01:08 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-15 13:36 - 2014-09-08 01:07 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-15 13:36 - 2014-09-08 01:05 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-15 13:36 - 2014-09-08 01:04 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-15 13:36 - 2014-09-08 01:04 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-15 13:36 - 2014-09-08 01:03 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-15 13:36 - 2014-09-08 01:03 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-15 13:36 - 2014-09-08 00:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-15 13:36 - 2014-09-08 00:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-15 13:36 - 2014-09-08 00:56 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-15 13:36 - 2014-09-08 00:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-15 13:36 - 2014-09-04 01:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-15 13:36 - 2014-09-04 01:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-15 13:34 - 2014-08-16 05:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-15 13:34 - 2014-08-16 05:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-15 13:34 - 2014-08-16 05:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-15 13:34 - 2014-08-16 04:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-15 13:34 - 2014-08-16 04:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-15 13:34 - 2014-08-16 04:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-15 13:34 - 2014-08-16 04:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-15 13:34 - 2014-08-16 04:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-10-15 13:34 - 2014-08-16 04:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-15 13:34 - 2014-08-16 02:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-15 13:34 - 2014-08-16 02:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-15 13:34 - 2014-08-16 01:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-15 13:34 - 2014-08-16 01:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-15 13:34 - 2014-08-16 01:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-15 13:34 - 2014-08-16 01:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-15 13:34 - 2014-08-16 01:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-15 13:34 - 2014-08-16 01:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-15 13:34 - 2014-08-16 01:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-15 13:34 - 2014-08-16 01:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-15 13:34 - 2014-08-16 01:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 13:34 - 2014-08-16 01:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-15 13:34 - 2014-08-16 01:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-15 13:34 - 2014-08-16 01:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-15 13:34 - 2014-08-16 01:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 13:34 - 2014-08-16 01:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-15 13:34 - 2014-08-16 01:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-15 13:34 - 2014-08-16 01:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-15 13:34 - 2014-08-16 01:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-15 13:34 - 2014-08-16 01:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-15 13:34 - 2014-08-16 01:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-15 13:34 - 2014-08-16 01:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-15 13:34 - 2014-08-16 01:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-15 13:34 - 2014-08-16 01:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-15 13:34 - 2014-08-16 01:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-15 13:34 - 2014-08-01 00:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-08 13:45 - 2013-02-02 18:50 - 00000984 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3964351572-208567497-3345830356-1002UA.job
2014-11-08 13:19 - 2012-12-05 17:36 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-11-08 13:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-08 13:02 - 2012-11-27 19:15 - 00000972 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-08 12:19 - 2014-07-06 12:09 - 00003994 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1C5EEA0A-2961-4E96-A9BA-F67A1BF0EC4D}
2014-11-08 12:18 - 2013-11-10 02:56 - 01352922 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-08 12:13 - 2014-07-06 11:53 - 00000000 ___DO () C:\Users\tibor_000\OneDrive
2014-11-08 12:13 - 2012-11-27 19:15 - 00000968 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-08 12:11 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-07 21:35 - 2013-08-22 14:25 - 01048576 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-07 21:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2014-11-07 21:10 - 2013-03-31 09:05 - 00000000 ____D () C:\Users\Venda\AppData\Local\CRE
2014-11-07 21:07 - 2014-07-06 11:58 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3964351572-208567497-3345830356-1007
2014-11-07 20:09 - 2012-11-27 21:16 - 00000000 ____D () C:\ProgramData\TEMP
2014-11-07 19:45 - 2013-02-02 18:50 - 00000932 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3964351572-208567497-3345830356-1002Core.job
2014-11-07 19:03 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-11-07 18:56 - 2014-07-06 12:12 - 00000000 ____D () C:\Users\tibor_000\AppData\Local\CrashDumps
2014-11-07 18:53 - 2012-12-05 17:52 - 00000000 ____D () C:\Update
2014-11-07 18:46 - 2012-09-25 16:33 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-11-07 18:45 - 2012-09-25 16:54 - 00000000 ____D () C:\Program Files\Common Files\Sony Shared
2014-11-07 18:42 - 2012-09-25 16:41 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-07 18:42 - 2012-09-25 16:41 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-11-07 18:41 - 2012-09-25 17:02 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-11-07 18:40 - 2013-11-10 02:43 - 01745984 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-07 18:40 - 2013-09-30 04:56 - 00739924 _____ () C:\WINDOWS\system32\perfh005.dat
2014-11-07 18:40 - 2013-09-30 04:56 - 00151610 _____ () C:\WINDOWS\system32\perfc005.dat
2014-11-06 22:45 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-06 22:25 - 2012-11-27 10:26 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3964351572-208567497-3345830356-1002
2014-11-06 22:20 - 2014-05-09 22:29 - 00000000 ____D () C:\Users\Venda\AppData\Roaming\iSafe
2014-11-06 21:38 - 2013-02-04 08:28 - 00000000 ____D () C:\Users\Venda\AppData\Roaming\Seznam.cz
2014-11-06 21:33 - 2014-02-12 16:16 - 00000000 __RDO () C:\Users\Venda\SkyDrive
2014-11-06 17:47 - 2013-11-10 15:01 - 00003978 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C7B60231-99CB-4628-A4C3-FDEEF9C7B331}
2014-10-30 12:25 - 2012-11-27 16:56 - 00275080 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-10-29 13:03 - 2013-07-31 19:32 - 00000000 ____D () C:\Users\Venda\AppData\Roaming\Media Player Classic
2014-10-29 13:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-10-27 19:47 - 2012-11-27 20:42 - 00000000 ____D () C:\Program Files (x86)\The KMPlayer
2014-10-27 13:09 - 2012-11-28 17:35 - 00000000 ____D () C:\Users\Venda\AppData\Local\CrashDumps
2014-10-26 22:45 - 2014-03-18 11:01 - 00000000 ____D () C:\ProgramData\WPM
2014-10-26 22:43 - 2013-02-22 23:05 - 00000000 ____D () C:\Program Files (x86)\Bandoo
2014-10-26 22:36 - 2014-03-18 10:58 - 00000000 ____D () C:\Users\Venda\AppData\Roaming\systweak
2014-10-26 22:36 - 2013-10-12 20:52 - 00000000 ____D () C:\Users\Venda\AppData\Roaming\BabSolution
2014-10-26 22:36 - 2013-10-12 20:52 - 00000000 ____D () C:\ProgramData\eSafe
2014-10-26 22:32 - 2014-09-23 13:52 - 00000000 ____D () C:\ProgramData\CostmeiiN
2014-10-26 22:32 - 2014-09-23 13:51 - 00000000 ____D () C:\Program Files (x86)\CostmeiiN
2014-10-26 22:32 - 2013-02-22 23:06 - 00000000 ____D () C:\ProgramData\Wincert
2014-10-26 21:20 - 2012-12-26 16:05 - 00000000 ____D () C:\Users\Venda\AppData\Roaming\vlc
2014-10-26 21:10 - 2013-03-31 09:07 - 00000000 ____D () C:\Program Files (x86)\express-files
2014-10-26 18:34 - 2014-01-30 21:29 - 00000000 ____D () C:\WINDOWS\Minidump
2014-10-26 17:47 - 2014-07-06 11:51 - 00000000 ____D () C:\Users\tibor_000\Documents\Bluetooth Folder
2014-10-26 16:34 - 2013-11-10 02:20 - 00000000 ____D () C:\Users\Venda
2014-10-22 12:10 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-20 05:24 - 2013-08-22 15:44 - 00506312 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-20 05:19 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-20 05:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-20 05:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-20 05:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-20 05:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-19 19:00 - 2013-08-19 15:27 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-19 18:58 - 2012-11-27 20:16 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-19 17:58 - 2012-11-27 19:15 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-19 17:57 - 2012-11-27 19:15 - 00003944 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-19 17:57 - 2012-11-27 19:15 - 00003708 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-19 17:50 - 2012-12-25 00:22 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-19 17:49 - 2014-07-13 20:34 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-10-11 19:54 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports

Some content of TEMP:
====================
C:\Users\Venda\AppData\Local\Temp\KMP_3.9.1.129.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3964351572-208567497-3345830356-1002Core.job => C:\Users\Venda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3964351572-208567497-3345830356-1002UA.job => C:\Users\Venda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\tibor_000\Desktop" je 2 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Zdravim

Odinstalujte Spyware Terminator a SpyHunter

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

díky moc za pomoc. ten spy-hunter jsem nenašel jinak vše dle pokynů a tady jsou soubory:




# AdwCleaner v4.100 - Report created 08/11/2014 at 20:12:32
# DB v2014-11-07.1
# Updated 08/11/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : tibor_000 - VAIO-VENDA
# Running from : C:\Users\tibor_000\Desktop\adwcleaner_4.100.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\SearchProtect
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Bandoo
Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\ProgramData\iMesh
Folder Deleted : C:\ProgramData\PriceMeterLiveUpdate
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\wincert
Folder Deleted : C:\ProgramData\WPM
Folder Deleted : C:\ProgramData\CostmeiiN
Folder Deleted : C:\ProgramData\d864bc15379c1dda
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandoo
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMesh
Folder Deleted : C:\Program Files (x86)\Babylon
Folder Deleted : C:\Program Files (x86)\Bandoo
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ExpressFiles
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\iMesh Applications
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\RegClean Pro
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\Program Files (x86)\sitefinder
Folder Deleted : C:\Program Files (x86)\PANDORA.TV
Folder Deleted : C:\Program Files (x86)\LuckyTab
Folder Deleted : C:\Program Files (x86)\CostmeiiN
Folder Deleted : C:\WINDOWS\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Folder Deleted : C:\WINDOWS\SysWOW64\ARFC
Folder Deleted : C:\WINDOWS\SysWOW64\SearchProtect
Folder Deleted : C:\WINDOWS\SysWOW64\WNLT
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest.VAIO-VENDA\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest.VAIO-VENDA\AppData\Local\torch
Folder Deleted : C:\Users\Guest.VAIO-VENDA\AppData\LocalLow\Bandoo
Folder Deleted : C:\Users\Guest.VAIO-VENDA\AppData\Roaming\iSafe
Folder Deleted : C:\Users\Public\Documents\baidu
Folder Deleted : C:\Users\tibor_000\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\tibor_000\AppData\Local\torch
Folder Deleted : C:\Users\tibor_000\AppData\LocalLow\Bandoo
Folder Deleted : C:\Users\tibor_000\AppData\Roaming\eCyber
Folder Deleted : C:\Users\tibor_000\AppData\Roaming\iSafe
Folder Deleted : C:\Users\Venda\AppData\Local\Babylon
Folder Deleted : C:\Users\Venda\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Venda\AppData\Local\Conduit
Folder Deleted : C:\Users\Venda\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Venda\AppData\Local\iMesh
Folder Deleted : C:\Users\Venda\AppData\Local\PackageAware
Folder Deleted : C:\Users\Venda\AppData\Local\PriceMeterLiveUpdate
Folder Deleted : C:\Users\Venda\AppData\Local\torch
Folder Deleted : C:\Users\Venda\AppData\LocalLow\Bandoo
Folder Deleted : C:\Users\Venda\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Venda\AppData\LocalLow\Softonic
Folder Deleted : C:\Users\Venda\AppData\Roaming\337Games
Folder Deleted : C:\Users\Venda\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\Venda\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Venda\AppData\Roaming\Bandoo
Folder Deleted : C:\Users\Venda\AppData\Roaming\eCyber
Folder Deleted : C:\Users\Venda\AppData\Roaming\ExpressFiles
Folder Deleted : C:\Users\Venda\AppData\Roaming\iSafe
Folder Deleted : C:\Users\Venda\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Venda\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab
Folder Deleted : C:\Users\Guest.VAIO-VENDA\AppData\Local\Google\Chrome\User Data\Default\Extensions\dloejdefkancmfajekobpfoacecnhpgp
Folder Deleted : C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Default\Extensions\dloejdefkancmfajekobpfoacecnhpgp
Folder Deleted : C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dloejdefkancmfajekobpfoacecnhpgp
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fccnijjolhecbphgoiofkhfemmopfbbh
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fccnijjolhecbphgoiofkhfemmopfbbh
Folder Deleted : C:\Users\Guest.VAIO-VENDA\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fccnijjolhecbphgoiofkhfemmopfbbh
Folder Deleted : C:\Users\tibor_000\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fccnijjolhecbphgoiofkhfemmopfbbh
Folder Deleted : C:\Users\Venda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fccnijjolhecbphgoiofkhfemmopfbbh
File Deleted : C:\END
File Deleted : C:\WINDOWS\System32\drivers\iSafeKrnlBoot.sys
File Deleted : C:\WINDOWS\System32\log\iSafeKrnlCall.log
File Deleted : C:\WINDOWS\System32\roboot64.exe
File Deleted : C:\Users\Venda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iMesh.lnk
File Deleted : C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx

***** [ Scheduled Tasks ] *****

Task Deleted : EPUpdater
Task Deleted : Express FilesUpdate
Task Deleted : SpyHunter4Startup

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ainbkicbloikcngphmjfpjdemblcojdd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dloejdefkancmfajekobpfoacecnhpgp
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\iMesh.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.AudioCD
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.Device
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.file
Key Deleted : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMPlayCDAudioOnArrival
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMRipCDAudioOnArrival
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowCDAudioOnArrival
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowVolumeOnArrival
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3176921
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4277F7CF-0000-46CF-BA49-D624465C4BAB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{88AF4F6A-C6B7-4229-9275-824E98BF97F9}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31D8407C-62E4-4125-A4A9-717EFB1A56AE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01222E21-6BD0-4EB3-94F1-967EB09CCED5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Key Deleted : HKLM\SOFTWARE\IePlugin
Key Deleted : HKLM\SOFTWARE\Imesh
Key Deleted : HKLM\SOFTWARE\iMeshSRTB
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\SearchquSRTB
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Imesh
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search-Gol Chrome Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\1A594BF8F3A4D1C4DB72F3A32B6E7636
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\1A594BF8F3A4D1C4DB72F3A32B6E7636
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1A594BF8F3A4D1C4DB72F3A32B6E7636
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Google Chrome v38.0.2125.111

[C:\Users\Guest.VAIO-VENDA\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : dloejdefkancmfajekobpfoacecnhpgp
[C:\Users\tbudi_000\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxps://isearch.avg.com/search?cid={C680C4EC-4C86-4C86-9D8D-80767B810CF7}&mid=c639169a1bae47d6b646d16d120708c2-717e988083dff3653a2c6673f36ff6c16efa5404&lang=cz&ds=AVG&pr=pa&d=2011-12-11 17:25:46&v=12.2.5.32&sap=dsp&q={searchTerms}
[C:\Users\tbudi_000\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://dts.search-results.com/sr?src=crb&gct=ds&appid=1157&systemid=1&apn_dtid=IME001&apn_ptnrs=AG1&o=APN10653&apn_uid=3408982403564030&q={searchTerms}
[C:\Users\tbudi_000\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.icq.com/search/results/?q={searchTerms}&ch_id=icq-fx-plug
[C:\Users\tbudi_000\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : dloejdefkancmfajekobpfoacecnhpgp
[C:\Users\tbudi_000\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : elchiiiejkobdbblfejjkbphbddgmljf
[C:\Users\tbudi_000\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : fmlgoencnlndpglbocajlimaikjohmab
[C:\Users\tbudi_000\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : kdidombaedgpfiiedeimiebkmbilgmlc
[C:\Users\tbudi_000\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : lifbcibllhkdhoafpjfnlhfpfgnpldfl
[C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&st=17&barid={10EA53BD-9616-4AF1-89AA-89CFE30961E3}
[C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=HitachiXHTS547550A9E384_J2160051FRAJ3CFRAJ3CX&ts=1381607515&type=default&q={searchTerms}
[C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.searchgol.com/?q={searchTerms}&babs ... 5&tsp=5033
[C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.sweet-page.com/web/?type=ds&ts=1398 ... earchTerms}
[C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1402572649&from=wpm0612&uid=HitachiXHTS547550A9E384_J2160051FRAJ3CFRAJ3CX&q={searchTerms}
[C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.sweetpacks-search.com/search.asp?q= ... sf=0&lcr=0
[C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.softonic.com/MOY00056/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=0a9b470f0000000000001a3e8ebe16e5
[C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://dts.search-results.com/sr?src=crb&gct=ds&appid=117&systemid=101&apn_dtid=BND101&apn_ptnrs=AG5&o=APN10644&apn_uid=3111524440654231&q={searchTerms}
[C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://dts.search-results.com/sr?src=crb&gct=ds&appid=78&systemid=1&apn_dtid=IME001&apn_ptnrs=AGE&o=APN10653&apn_uid=0025584595424467&q={searchTerms}
[C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&cui=UN35499090711997010&ctid=CT3176921&UM=2
[C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&cui=UN35499090711997010&ctid=CT3176921&UM=2

-\\ Comodo Dragon v

[C:\Users\tbudi_000\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxps://isearch.avg.com/search?cid={C680C4EC-4C86-4C86-9D8D-80767B810CF7}&mid=c639169a1bae47d6b646d16d120708c2-717e988083dff3653a2c6673f36ff6c16efa5404&lang=cz&ds=AVG&pr=pa&d=2011-12-11 17:25:46&v=12.2.5.32&sap=dsp&q={searchTerms}
[C:\Users\tbudi_000\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://dts.search-results.com/sr?src=crb&gct=ds&appid=1157&systemid=1&apn_dtid=IME001&apn_ptnrs=AG1&o=APN10653&apn_uid=3408982403564030&q={searchTerms}
[C:\Users\tbudi_000\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.icq.com/search/results/?q={searchTerms}&ch_id=icq-fx-plug
[C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&st=17&barid={10EA53BD-9616-4AF1-89AA-89CFE30961E3}
[C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=HitachiXHTS547550A9E384_J2160051FRAJ3CFRAJ3CX&ts=1381607515&type=default&q={searchTerms}
[C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.searchgol.com/?q={searchTerms}&babs ... 5&tsp=5033
[C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.sweet-page.com/web/?type=ds&ts=1398 ... earchTerms}
[C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1402572649&from=wpm0612&uid=HitachiXHTS547550A9E384_J2160051FRAJ3CFRAJ3CX&q={searchTerms}
[C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.sweetpacks-search.com/search.asp?q= ... sf=0&lcr=0
[C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.softonic.com/MOY00056/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=0a9b470f0000000000001a3e8ebe16e5
[C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://dts.search-results.com/sr?src=crb&gct=ds&appid=117&systemid=101&apn_dtid=BND101&apn_ptnrs=AG5&o=APN10644&apn_uid=3111524440654231&q={searchTerms}
[C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://dts.search-results.com/sr?src=crb&gct=ds&appid=78&systemid=1&apn_dtid=IME001&apn_ptnrs=AGE&o=APN10653&apn_uid=0025584595424467&q={searchTerms}
[C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&cui=UN35499090711997010&ctid=CT3176921&UM=2
[C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&cui=UN35499090711997010&ctid=CT3176921&UM=2

*************************

AdwCleaner[R0].txt - [26033 octets] - [08/11/2014 20:07:04]
AdwCleaner[S0].txt - [29377 octets] - [08/11/2014 20:12:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [29438 octets] ##########






Zoek.exe v5.0.0.0 Updated 06-November-2014
Tool run by tibor_000 on so 08. 11. 2014 at 20:21:09,32.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\tibor_000\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

8. 11. 2014 20:25:23 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\TBUDI_~1\AppData\Roaming\Mozilla\Firefox\Profiles\i3461cg0.default\prefs.js:

Added to C:\Users\TBUDI_~1\AppData\Roaming\Mozilla\Firefox\Profiles\i3461cg0.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\k8fyd32e.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.search.selectedEngine", "delta-homes");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\k8fyd32e.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\TBUDI_~1\AppData\Roaming\Mozilla\Firefox\Profiles\i3461cg0.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_201408.11._2052_.backup

ProfilePath: C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\k8fyd32e.default

user.js not found
---- Lines searchgol removed from prefs.js ----
user_pref("extensions.searchgol.admin", false);
user_pref("extensions.searchgol.aflt", "babsst");
user_pref("extensions.searchgol.appId", "{4277F7CF-0000-46CF-BA49-D624465C4BAB}");
user_pref("extensions.searchgol.autoRvrt", "false");
user_pref("extensions.searchgol.dfltLng", "cs");
user_pref("extensions.searchgol.excTlbr", false);
user_pref("extensions.searchgol.ffxUnstlRst", false);
user_pref("extensions.searchgol.id", "0a9b470f000000000000083e8ebe16e6");
user_pref("extensions.searchgol.instlDay", "15990");
user_pref("extensions.searchgol.instlRef", "sst");
user_pref("extensions.searchgol.newTab", false);
user_pref("extensions.searchgol.prdct", "searchgol");
user_pref("extensions.searchgol.prtnrId", "searchgol");
user_pref("extensions.searchgol.rvrt", "false");
user_pref("extensions.searchgol.smplGrp", "none");
user_pref("extensions.searchgol.tlbrId", "base");
user_pref("extensions.searchgol.tlbrSrchUrl", "");
user_pref("extensions.searchgol.vrsn", "1.8.16.19");
user_pref("extensions.searchgol.vrsni", "1.8.16.19");
user_pref("extensions.searchgol.vrsnTs", "1.8.16.1921:52:36");
---- Lines searchgol modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"quick_start@gmail.com\":{\"descriptor\":\"C:\\\\Users\\\\Venda\\\
---- Lines quick_start modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"quick_start@gmail.com\":{\"descriptor\":\"C:\\\\Users\\\\Venda\\\
---- Lines y2layers removed from prefs.js ----
user_pref("extentions.y2layers.defaultEnableAppsList", "bestvideodownloader,brain/default2,easyinline/dock,superfish,superfishgoogleeil,yontooinstalle
user_pref("extentions.y2layers.installId", "8be6739d-7458-4fcb-b6e9-9c653854ad13");
---- Lines defaulttab removed from prefs.js ----
user_pref("extensions.defaulttab.installdate", 1350077648);
user_pref("extensions.defaulttab.useNewTabWhiteList", false);
---- Lines defaulttab modified from prefs.js ----

user_pref("extensions.enabledAddons", "addon%40defaulttab.com:2.4,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0");
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"disabled@gmail.com\":{\"descriptor\":\"C:\\\\Users\\\\Venda\\\\Ap
---- FireFox user.js and prefs.js backups ----

prefs_201408.11._2052_.backup

==== Batch Command(s) Run By Tool======================

C:\WINDOWS\system32\appdata deleted

==== Deleting Files \ Folders ======================

C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\k8fyd32e.default\extensions\addon@defaulttab.com.xpi not found
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\autoconfig.js deleted
C:\PROGRA~2\express-files deleted
C:\PROGRA~2\SRToolbar deleted
C:\bnd4982.tmp.exe deleted
C:\bndA125.tmp.exe deleted
C:\bndD838.tmp.exe deleted
C:\bndDF69.tmp.exe deleted
C:\bndF993.tmp.exe deleted
C:\Users\Venda\AppData\Roaming\WB.CFG deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Venda\AppData\Local\CRE deleted
C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Extensions\slidebar.crx deleted
C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Venda\AppData\LocalLow\express-files deleted
C:\windows\SysNative\tasks\LuckyTab deleted
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\k8fyd32e.default\searchplugins\bingp.xml deleted
C:\Users\Public\Desktop\YouTube Song Downloader.lnk deleted
C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\k8fyd32e.default\extensions\ffox@bandoo.com deleted
"C:\Users\TBUDI_~1\AppData\Roaming\Mozilla\Firefox\Profiles\i3461cg0.default\searchplugins\MyStart.xml" deleted
"C:\Users\TBUDI_~1\AppData\Roaming\Mozilla\Firefox\Profiles\i3461cg0.default\searchplugins\MyStart.xml" deleted
"C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\k8fyd32e.default\searchplugins\MyStart.xml" deleted
"C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\k8fyd32e.default\searchplugins\MyStart.xml" deleted
"C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\k8fyd32e.default\defaulttab.config" deleted
"C:\PROGRA~3\boost_interprocess" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"shortcutff@gmail.com"="C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\k8fyd32e.default\extensions\shortcutff@gmail.com" [30. 07. 2014 11:29]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\k8fyd32e.default
- shortcut - %ProfilePath%\extensions\shortcutff@gmail.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- CostmeiiN - %AppDir%\browser\extensions\T6W@6sFORJKK.com
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================


==== Deleted Firefox Extensions ======================

C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\k8fyd32e.default\extensions\shortcutff@gmail.com deleted

==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Guest.VAIO-VENDA\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Guest.VAIO-VENDA\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\tbudi_000\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\tibor_000\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\tibor_000\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Venda\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Venda\AppData\Local\Comodo\Dragon deleted
Fake profile C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================

Angry Birds - tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj
Seznam Lištička - Email - tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam Lištička - Slovník - tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
LastPass - tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd
Earthly Raindrop - tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfafifkblojjoeogacijogdmkjhkgkh
Seznam Li\u0161ti\u010Dka - Slovn\u00EDk - Venda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
AdBlock - Venda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/?clid=13415"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/?clid=13415"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE11SR"

==== Reset Google Chrome ======================

C:\Users\Guest.VAIO-VENDA\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Guest.VAIO-VENDA\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Guest.VAIO-VENDA\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Ivana\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\tibor_000\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\tibor_000\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Users\Venda\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Venda\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Guest.VAIO-VENDA\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Ivana\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\tibor_000\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\tibor_000\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Users\Venda\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Venda\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Guest.VAIO-VENDA\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Venda\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=249 folders=87 110022419 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Guest.VAIO-VENDA\AppData\Local\Temp emptied successfully
C:\Users\Ivana\AppData\Local\Temp emptied successfully
C:\Users\tibor_000\AppData\Local\Temp will be emptied at reboot
C:\Users\Venda\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\TIBOR_~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on so 08. 11. 2014 at 21:05:27,83 ======================

Poprosim o novy log z FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-11-2014 01
Ran by tibor_000 (administrator) on VAIO-VENDA on 09-11-2014 10:46:33
Running from C:\Users\tibor_000\Desktop
Loaded Profile: tibor_000 (Available profiles: Venda & tibor_000 & Ivana & Guest)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-03] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-10-15] (Synaptics Incorporated)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-11-28] ( (Qualcomm®Atheros®))
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\O&O Defrag Tray.lnk
ShortcutTarget: O&O Defrag Tray.lnk -> C:\Windows\Installer\{50C961A1-889F-4A4E-9587-2772A45B6AAD}\app_icon.ico ()
BootExecute: autocheck autochk * sh4native Sh4Removal놱ʌ냴Qᴈ@OODBS

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - c:\program files (x86)\internet explorer\iexplore.exe
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: CostmeiiN - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\T6W@6sFORJKK.com [2014-09-23]
FF HKLM-x32\...\Firefox\Extensions: [ffox@bandoo.com] - C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\k8fyd32e.default\extensions\ffox@bandoo.com
FF HKLM-x32\...\Firefox\Extensions: [shortcutff@gmail.com] - C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\k8fyd32e.default\extensions\shortcutff@gmail.com
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> https://www.google.com/search?q={search ... 8&oe=utf-8
CHR DefaultSuggestURL: Default -> https://www.google.com/complete/search?q={searchTerms}
CHR Profile: C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-08]
CHR Extension: (Angry Birds) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-07-06]
CHR Extension: (Disk Google) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-06]
CHR Extension: (Seznam Lištička - Email) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-07-06]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-08-31]
CHR Extension: (YouTube) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-06]
CHR Extension: (Vyhledávání Google) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-06]
CHR Extension: (Tabulky Google) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-08]
CHR Extension: (Hodiny) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2014-07-06]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-07-06]
CHR Extension: (Battlestar Galactica Online) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihbmdfdhanakpfoiaomnelodiejioflb [2014-07-06]
CHR Extension: (Mapy Google) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-07-06]
CHR Extension: (Hodiny) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjocghlclkpgheifflemilcnblodjohg [2014-11-08]
CHR Extension: (Earthly Raindrop) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfafifkblojjoeogacijogdmkjhkgkh [2014-11-08]
CHR Extension: (Peněženka Google) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-06]
CHR Extension: (Prohlížeč dokumentů ve formátu PDF/PowerPoint (od společnosti Google)) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2014-07-06]
CHR Extension: (Gmail) - C:\Users\tibor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-06]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-26] (Advanced Micro Devices, Inc.) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2013-11-28] (Windows (R) Win 7 DDK provider)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S2 gupdate1cfebbdca89f68c; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912 2014-10-19] (Google Inc.)
S3 gupdatem1cfebbdcab01e69; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912 2014-10-19] (Google Inc.)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
S4 mfeicfcoreocp; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [5619000 2012-06-20] (McAfee, Inc.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1660200 2014-08-29] (O&O Software GmbH)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-11-07] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-11-28] (Atheros) [File not signed]
S2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21752 2012-12-19] (Advanced Micro Devices, Inc.)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-09-25] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-09-23] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-11-28] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [428488 2013-11-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2014-05-06] (Microsoft Corporation)
R3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2012-11-27] (DT Soft Ltd)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-08] (Malwarebytes Corporation)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [30448 2013-10-30] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 Baidu PC Faster FileShredder; \??\C:\Users\Venda\AppData\Local\Temp\_@52FA.tmp\FileKill_x64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 MpKsl16393cec; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0F21A90E-5B06-4373-870C-D596BF5B0E30}\MpKsl16393cec.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-09 10:45 - 2014-11-09 10:46 - 00017351 _____ () C:\Users\tibor_000\Desktop\FRST.txt
2014-11-09 08:26 - 2014-11-09 09:57 - 00000000 ____D () C:\WINDOWS\system32\oodag
2014-11-09 08:26 - 2014-11-09 08:26 - 00002513 _____ () C:\Users\Public\Desktop\O&O Defrag.lnk
2014-11-09 08:26 - 2014-11-09 08:26 - 00000000 ____D () C:\Users\tibor_000\AppData\Local\O&O
2014-11-09 08:26 - 2014-11-09 08:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
2014-11-09 08:26 - 2014-11-09 08:26 - 00000000 ____D () C:\Program Files\OO Software
2014-11-09 08:25 - 2014-11-09 08:25 - 00000000 ____D () C:\ProgramData\OO Software
2014-11-09 08:22 - 2014-11-09 08:22 - 00000000 ____D () C:\Users\tibor_000\Desktop\O&O Defrag Professional 18.0.39 (x32x64)
2014-11-09 08:20 - 2014-11-09 08:21 - 51431410 _____ () C:\Users\tibor_000\Downloads\O&O Defrag Professional 18.0.39 (x32x64).rar
2014-11-08 21:07 - 2014-11-08 21:07 - 00016115 _____ () C:\Users\tibor_000\Desktop\zoek-results.txt
2014-11-08 21:03 - 2014-11-08 20:21 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2014-11-08 20:24 - 2014-11-08 21:05 - 00016112 _____ () C:\zoek-results.log
2014-11-08 20:24 - 2014-11-08 20:24 - 00029831 _____ () C:\Users\tibor_000\Desktop\AdwCleaner[S0].txt
2014-11-08 20:21 - 2014-11-08 20:58 - 00000000 ____D () C:\zoek_backup
2014-11-08 20:20 - 2014-11-08 20:20 - 01294848 _____ () C:\Users\tibor_000\Desktop\zoek.exe
2014-11-08 20:06 - 2014-11-08 20:13 - 00000000 ____D () C:\AdwCleaner
2014-11-08 20:05 - 2014-11-08 20:05 - 02145792 _____ () C:\Users\tibor_000\Desktop\adwcleaner_4.100.exe
2014-11-08 15:02 - 2014-11-08 15:02 - 00000000 ____D () C:\Users\Venda\AppData\Roaming\Atheros
2014-11-08 14:55 - 2014-11-08 14:55 - 00000000 ____D () C:\Users\Guest.VAIO-VENDA\AppData\Roaming\Atheros
2014-11-08 14:37 - 2014-11-08 14:37 - 00002275 _____ () C:\Users\Ivana\Desktop\Google Chrome.lnk
2014-11-08 14:36 - 2014-11-08 14:42 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3964351572-208567497-3345830356-1008
2014-11-08 14:35 - 2014-11-08 14:35 - 00000000 ____D () C:\Users\Ivana\AppData\Local\Sony Corporation
2014-11-08 14:34 - 2014-11-08 14:34 - 00000000 ____D () C:\Users\Ivana\AppData\Roaming\WinRAR
2014-11-08 14:33 - 2014-11-08 14:48 - 00000000 ____D () C:\Users\Ivana\OneDrive
2014-11-08 14:32 - 2014-11-08 14:32 - 00000000 ____D () C:\Users\Ivana\Documents\Bluetooth Folder
2014-11-08 14:32 - 2014-11-08 14:32 - 00000000 ____D () C:\Users\Ivana\AppData\Roaming\Atheros
2014-11-08 14:32 - 2014-11-08 14:32 - 00000000 ____D () C:\Users\Ivana\AppData\Local\BMExplorer
2014-11-08 14:31 - 2014-11-08 14:31 - 00000000 ____D () C:\Users\Ivana\AppData\Roaming\Sony Corporation
2014-11-08 14:30 - 2014-11-08 14:36 - 00000000 ____D () C:\Users\Ivana\AppData\Local\Packages
2014-11-08 14:30 - 2014-11-08 14:30 - 00001422 _____ () C:\Users\Ivana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-08 14:30 - 2014-11-08 14:30 - 00000270 __RSH () C:\Users\Ivana\ntuser.pol
2014-11-08 14:30 - 2014-11-08 14:30 - 00000000 ____D () C:\Users\Ivana\AppData\Roaming\Adobe
2014-11-08 14:30 - 2014-11-08 14:30 - 00000000 ____D () C:\Users\Ivana\AppData\Local\VirtualStore
2014-11-08 14:30 - 2014-11-08 14:30 - 00000000 ____D () C:\Users\Ivana\AppData\Local\Google
2014-11-08 14:25 - 2014-11-08 14:33 - 00000000 ____D () C:\Users\Ivana
2014-11-08 14:25 - 2014-11-08 14:25 - 00000020 ___SH () C:\Users\Ivana\ntuser.ini
2014-11-08 14:25 - 2014-11-08 14:25 - 00000000 _SHDL () C:\Users\Ivana\Šablony
2014-11-08 14:25 - 2014-11-08 14:25 - 00000000 _SHDL () C:\Users\Ivana\Soubory cookie
2014-11-08 14:25 - 2014-11-08 14:25 - 00000000 _SHDL () C:\Users\Ivana\Poslední
2014-11-08 14:25 - 2014-11-08 14:25 - 00000000 _SHDL () C:\Users\Ivana\Okolní tiskárny
2014-11-08 14:25 - 2014-11-08 14:25 - 00000000 _SHDL () C:\Users\Ivana\Okolní síť
2014-11-08 14:25 - 2014-11-08 14:25 - 00000000 _SHDL () C:\Users\Ivana\Nabídka Start
2014-11-08 14:25 - 2014-11-08 14:25 - 00000000 _SHDL () C:\Users\Ivana\Dokumenty
2014-11-08 14:25 - 2014-11-08 14:25 - 00000000 _SHDL () C:\Users\Ivana\Documents\Obrázky
2014-11-08 14:25 - 2014-11-08 14:25 - 00000000 _SHDL () C:\Users\Ivana\Documents\Hudba
2014-11-08 14:25 - 2014-11-08 14:25 - 00000000 _SHDL () C:\Users\Ivana\Documents\Filmy
2014-11-08 14:25 - 2014-11-08 14:25 - 00000000 _SHDL () C:\Users\Ivana\Data aplikací
2014-11-08 14:25 - 2014-11-08 14:25 - 00000000 _SHDL () C:\Users\Ivana\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-11-08 14:25 - 2014-11-08 14:25 - 00000000 _SHDL () C:\Users\Ivana\AppData\Local\Data aplikací
2014-11-08 14:25 - 2014-09-16 21:38 - 00000000 ___RD () C:\Users\Ivana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-11-08 14:25 - 2014-05-18 20:36 - 00000000 ___RD () C:\Users\Ivana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-08 14:25 - 2014-02-22 05:37 - 00000369 _____ () C:\Users\Ivana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-11-08 14:25 - 2014-02-22 05:37 - 00000369 _____ () C:\Users\Ivana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-11-08 14:25 - 2013-11-10 02:30 - 00000000 ____D () C:\Users\Ivana\AppData\Local\Microsoft Help
2014-11-08 14:25 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Ivana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-08 14:25 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Ivana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-08 14:06 - 2014-11-08 14:06 - 00008463 _____ () C:\Users\tibor_000\Desktop\Addition.7z
2014-11-08 13:56 - 2014-11-09 10:46 - 00000000 ____D () C:\FRST
2014-11-08 13:54 - 2014-11-08 13:54 - 00112640 _____ (forum.viry.cz) C:\Users\tibor_000\Desktop\FRSTLauncher (1).exe
2014-11-08 13:52 - 2014-11-08 13:52 - 00112640 _____ (forum.viry.cz) C:\Users\tibor_000\Downloads\Nepotvrzeno 499326.crdownload
2014-11-08 13:51 - 2014-11-08 13:52 - 02115584 _____ (Farbar) C:\Users\tibor_000\Desktop\FRST64.exe
2014-11-08 13:12 - 2014-11-08 13:12 - 00001033 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Twin.lnk
2014-11-08 13:12 - 2014-11-08 13:12 - 00001021 _____ () C:\Users\Public\Desktop\Anti-Twin.lnk
2014-11-08 13:12 - 2014-11-08 13:12 - 00000000 ____D () C:\Program Files (x86)\AntiTwin
2014-11-08 13:11 - 2014-11-08 13:12 - 00911295 _____ () C:\Users\tibor_000\Downloads\AntiTwin_Setup.exe
2014-11-07 21:16 - 2014-11-07 21:16 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-11-07 21:16 - 2014-11-07 21:16 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-11-07 21:12 - 2014-11-08 21:04 - 00001980 _____ () C:\WINDOWS\PFRO.log
2014-11-07 18:51 - 2014-11-08 15:02 - 00000000 ____D () C:\ProgramData\Atheros
2014-11-07 18:50 - 2014-11-07 18:50 - 00000000 ____D () C:\Users\tibor_000\AppData\Roaming\Atheros
2014-11-07 18:45 - 2014-11-07 18:45 - 00002174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Media Server Settings.lnk
2014-11-07 18:42 - 2014-11-07 18:42 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-11-07 18:37 - 2014-11-07 18:42 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-11-07 18:36 - 2014-11-07 18:36 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2014-11-07 18:35 - 2014-11-07 18:38 - 00000000 ____D () C:\Program Files\Common Files\QCA_Bluetooth
2014-11-07 18:35 - 2014-11-07 18:36 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite
2014-10-31 23:52 - 2014-10-31 23:59 - 774553600 _____ () C:\Users\Venda\Desktop\Samec 2009 CZ.avi
2014-10-31 14:47 - 2014-10-31 14:47 - 00000000 ____D () C:\Documentation
2014-10-27 12:53 - 2014-11-06 22:46 - 00007602 _____ () C:\Users\Venda\AppData\Local\resmon.resmoncfg
2014-10-27 12:03 - 2014-10-27 12:03 - 00000000 ____D () C:\Users\Venda\Downloads\Installer (Right Click and select extract)
2014-10-27 12:02 - 2014-02-17 14:23 - 00508928 _____ () C:\WINDOWS\SysWOW64\Amadeus Updater Setup.msi
2014-10-27 12:02 - 2014-02-17 14:23 - 00496128 _____ () C:\WINDOWS\SysWOW64\setup.exe
2014-10-27 11:39 - 2014-10-27 11:39 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\stflt.sys
2014-10-27 11:39 - 2014-10-27 11:39 - 00000000 ____D () C:\Users\Venda\AppData\Roaming\Spyware Terminator
2014-10-27 11:37 - 2014-10-27 11:37 - 01070648 _____ (Crawler, LLC ) C:\Users\Venda\Downloads\SpywareTerminatorSetup.exe
2014-10-27 11:05 - 2014-10-27 11:05 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2014-10-27 11:04 - 2014-10-27 11:21 - 00000000 ____D () C:\WINDOWS\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2014-10-26 21:37 - 2014-11-08 20:10 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-26 21:36 - 2014-10-26 21:36 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-26 21:36 - 2014-10-26 21:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-26 21:36 - 2014-10-26 21:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-26 21:36 - 2014-10-26 21:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-26 21:36 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-10-26 21:36 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-10-26 21:36 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-10-26 21:32 - 2014-10-26 21:34 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Venda\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-26 20:29 - 2014-10-27 11:35 - 02250076 _____ () C:\spyhunter.fix
2014-10-26 20:29 - 2013-12-18 22:28 - 00014232 _____ () C:\WINDOWS\SysWOW64\sh4native.exe
2014-10-26 18:20 - 2014-10-26 18:21 - 75916442 _____ () C:\Users\Venda\Downloads\Portable-SpyHunter-4.16.5.4290-Multilanguage.rar
2014-10-20 05:26 - 2014-09-29 23:45 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-10-20 05:26 - 2014-09-29 23:45 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-19 18:11 - 2014-10-19 18:11 - 00000000 _____ () C:\autoexec.bat
2014-10-19 18:10 - 2014-10-19 18:10 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-10-19 18:07 - 2014-10-26 18:33 - 00000000 ____D () C:\WINDOWS\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-10-19 18:05 - 2014-10-19 18:06 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Venda\Downloads\SpyHunter-installer.exe
2014-10-19 17:58 - 2014-10-19 17:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-19 17:56 - 2014-10-19 17:57 - 00000000 ____D () C:\Users\Venda\AppData\Local\Deployment
2014-10-19 17:56 - 2014-10-19 17:56 - 00000000 ____D () C:\Users\Venda\AppData\Local\Apps\2.0
2014-10-19 17:50 - 2014-10-19 18:06 - 00000000 ____D () C:\b61f5839d0dd73cf2265b62c448c2b
2014-10-15 17:34 - 2014-10-09 23:16 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-10-15 17:34 - 2014-10-08 23:09 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-10-15 17:34 - 2014-09-19 02:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-10-15 17:34 - 2014-09-13 07:02 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-15 17:34 - 2014-09-13 06:30 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-15 17:34 - 2014-09-04 01:10 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-15 17:34 - 2014-09-04 00:57 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-15 17:34 - 2014-09-04 00:49 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-15 13:40 - 2014-09-13 07:29 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-15 13:40 - 2014-09-13 06:49 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-15 13:40 - 2014-08-29 02:58 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-15 13:40 - 2014-08-29 00:56 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-15 13:40 - 2014-08-29 00:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-15 13:39 - 2014-09-27 23:25 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-15 13:38 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-15 13:38 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-15 13:38 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-15 13:38 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-15 13:38 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-15 13:37 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-15 13:37 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-15 13:37 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-15 13:37 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-15 13:37 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-15 13:37 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-15 13:37 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-15 13:37 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-15 13:37 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-15 13:37 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-15 13:37 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-15 13:37 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-15 13:37 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-15 13:37 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-15 13:37 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-15 13:37 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-15 13:37 - 2014-09-19 01:42 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-15 13:37 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-15 13:37 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-15 13:37 - 2014-09-19 01:20 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-15 13:37 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-15 13:37 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-15 13:37 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-15 13:37 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-15 13:37 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-15 13:36 - 2014-09-08 04:15 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-15 13:36 - 2014-09-08 02:46 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-15 13:36 - 2014-09-08 02:46 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-15 13:36 - 2014-09-08 01:08 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-15 13:36 - 2014-09-08 01:07 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-15 13:36 - 2014-09-08 01:05 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-15 13:36 - 2014-09-08 01:04 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-15 13:36 - 2014-09-08 01:04 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-15 13:36 - 2014-09-08 01:03 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-15 13:36 - 2014-09-08 01:03 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-15 13:36 - 2014-09-08 00:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-15 13:36 - 2014-09-08 00:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-15 13:36 - 2014-09-08 00:56 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-15 13:36 - 2014-09-08 00:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-15 13:36 - 2014-09-04 01:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-15 13:36 - 2014-09-04 01:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-15 13:34 - 2014-08-16 05:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-15 13:34 - 2014-08-16 05:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-15 13:34 - 2014-08-16 05:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-15 13:34 - 2014-08-16 04:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-15 13:34 - 2014-08-16 04:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-15 13:34 - 2014-08-16 04:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-15 13:34 - 2014-08-16 04:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-15 13:34 - 2014-08-16 04:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-10-15 13:34 - 2014-08-16 04:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-15 13:34 - 2014-08-16 02:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-15 13:34 - 2014-08-16 02:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-15 13:34 - 2014-08-16 01:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-15 13:34 - 2014-08-16 01:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-15 13:34 - 2014-08-16 01:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-15 13:34 - 2014-08-16 01:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-15 13:34 - 2014-08-16 01:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-15 13:34 - 2014-08-16 01:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-15 13:34 - 2014-08-16 01:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-15 13:34 - 2014-08-16 01:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-15 13:34 - 2014-08-16 01:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 13:34 - 2014-08-16 01:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-15 13:34 - 2014-08-16 01:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-15 13:34 - 2014-08-16 01:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-15 13:34 - 2014-08-16 01:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 13:34 - 2014-08-16 01:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-15 13:34 - 2014-08-16 01:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-15 13:34 - 2014-08-16 01:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-15 13:34 - 2014-08-16 01:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-15 13:34 - 2014-08-16 01:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-15 13:34 - 2014-08-16 01:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-15 13:34 - 2014-08-16 01:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-15 13:34 - 2014-08-16 01:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-15 13:34 - 2014-08-16 01:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-15 13:34 - 2014-08-16 01:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-15 13:34 - 2014-08-01 00:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-09 10:44 - 2013-02-02 18:50 - 00000984 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3964351572-208567497-3345830356-1002UA.job
2014-11-09 10:19 - 2012-12-05 17:36 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-11-09 10:02 - 2012-11-27 19:15 - 00000972 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-09 10:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-09 08:31 - 2014-07-06 11:58 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3964351572-208567497-3345830356-1007
2014-11-09 08:15 - 2014-07-06 12:09 - 00003994 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1C5EEA0A-2961-4E96-A9BA-F67A1BF0EC4D}
2014-11-09 08:15 - 2013-11-10 02:56 - 01509123 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-09 08:08 - 2014-07-06 11:53 - 00000000 __RDO () C:\Users\tibor_000\OneDrive
2014-11-09 08:08 - 2012-11-27 19:15 - 00000968 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-09 08:07 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-08 21:05 - 2014-09-23 13:52 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-11-08 21:05 - 2014-07-06 11:37 - 00000008 __RSH () C:\Users\tibor_000\ntuser.pol
2014-11-08 21:05 - 2014-07-06 11:37 - 00000000 ____D () C:\Users\tibor_000
2014-11-08 20:58 - 2014-09-23 13:51 - 00000000 ____D () C:\Users\Venda\AppData\Local\Comodo
2014-11-08 20:58 - 2014-09-23 13:51 - 00000000 ____D () C:\Users\tibor_000\AppData\Local\Comodo
2014-11-08 20:58 - 2014-09-23 13:51 - 00000000 ____D () C:\Users\Guest.VAIO-VENDA\AppData\Local\Comodo
2014-11-08 20:58 - 2014-09-23 13:51 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-11-08 20:58 - 2014-09-23 13:49 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-11-08 20:58 - 2014-07-15 10:57 - 00000000 ____D () C:\Users\Guest.VAIO-VENDA\AppData\Local\Google
2014-11-08 20:58 - 2014-07-06 11:38 - 00000000 ____D () C:\Users\tibor_000\AppData\Local\Google
2014-11-08 20:58 - 2013-01-05 13:20 - 00000000 ____D () C:\Users\tbudi_000\AppData\Local\Google
2014-11-08 20:58 - 2012-11-27 19:14 - 00000000 ____D () C:\Users\Venda\AppData\Local\Google
2014-11-08 20:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-11-08 20:56 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-11-08 20:12 - 2014-05-09 22:30 - 00000000 ____D () C:\WINDOWS\system32\log
2014-11-08 20:12 - 2013-06-02 20:38 - 00001073 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-08 19:50 - 2014-07-06 11:51 - 00000000 ____D () C:\Users\tibor_000\Documents\Bluetooth Folder
2014-11-08 15:35 - 2013-08-22 14:25 - 01048576 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-08 15:28 - 2012-11-27 10:26 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3964351572-208567497-3345830356-1002
2014-11-08 15:02 - 2014-02-12 16:16 - 00000000 __RDO () C:\Users\Venda\SkyDrive
2014-11-08 14:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-11-08 14:54 - 2014-07-15 10:57 - 00002275 _____ () C:\Users\Guest.VAIO-VENDA\Desktop\Google Chrome.lnk
2014-11-08 14:31 - 2012-11-27 09:53 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-11-08 12:18 - 2014-07-06 11:42 - 00000000 ____D () C:\Users\tibor_000\AppData\Local\Sony Corporation
2014-11-07 21:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2014-11-07 20:09 - 2012-11-27 21:16 - 00000000 ____D () C:\ProgramData\TEMP
2014-11-07 19:45 - 2013-02-02 18:50 - 00000932 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3964351572-208567497-3345830356-1002Core.job
2014-11-07 18:56 - 2014-07-06 12:12 - 00000000 ____D () C:\Users\tibor_000\AppData\Local\CrashDumps
2014-11-07 18:53 - 2012-12-05 17:52 - 00000000 ____D () C:\Update
2014-11-07 18:46 - 2012-09-25 16:33 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-11-07 18:45 - 2012-09-25 16:54 - 00000000 ____D () C:\Program Files\Common Files\Sony Shared
2014-11-07 18:42 - 2012-09-25 16:41 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-07 18:42 - 2012-09-25 16:41 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-11-07 18:41 - 2012-09-25 17:02 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-11-07 18:40 - 2013-11-10 02:43 - 01745984 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-07 18:40 - 2013-09-30 04:56 - 00739924 _____ () C:\WINDOWS\system32\perfh005.dat
2014-11-07 18:40 - 2013-09-30 04:56 - 00151610 _____ () C:\WINDOWS\system32\perfc005.dat
2014-11-06 22:45 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-06 21:38 - 2013-02-04 08:28 - 00000000 ____D () C:\Users\Venda\AppData\Roaming\Seznam.cz
2014-11-06 17:47 - 2013-11-10 15:01 - 00003978 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C7B60231-99CB-4628-A4C3-FDEEF9C7B331}
2014-10-30 12:25 - 2012-11-27 16:56 - 00275080 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-10-29 13:03 - 2013-07-31 19:32 - 00000000 ____D () C:\Users\Venda\AppData\Roaming\Media Player Classic
2014-10-29 13:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-10-27 19:47 - 2012-11-27 20:42 - 00000000 ____D () C:\Program Files (x86)\The KMPlayer
2014-10-27 13:09 - 2012-11-28 17:35 - 00000000 ____D () C:\Users\Venda\AppData\Local\CrashDumps
2014-10-26 21:20 - 2012-12-26 16:05 - 00000000 ____D () C:\Users\Venda\AppData\Roaming\vlc
2014-10-26 18:34 - 2014-01-30 21:29 - 00000000 ____D () C:\WINDOWS\Minidump
2014-10-26 16:34 - 2013-11-10 02:20 - 00000000 ____D () C:\Users\Venda
2014-10-22 12:10 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-20 05:24 - 2013-08-22 15:44 - 00506312 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-20 05:19 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-20 05:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-20 05:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-20 05:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-20 05:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-19 19:00 - 2013-08-19 15:27 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-19 18:58 - 2012-11-27 20:16 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-19 17:58 - 2012-11-27 19:15 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-19 17:57 - 2012-11-27 19:15 - 00003944 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-19 17:57 - 2012-11-27 19:15 - 00003708 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-19 17:50 - 2012-12-25 00:22 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-19 17:49 - 2014-07-13 20:34 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-10-11 19:54 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-08 21:25

==================== End Of Log ============================




Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-11-2014 01
Ran by tibor_000 at 2014-11-09 10:47:48
Running from C:\Users\tibor_000\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{73EE41CE-B76A-CA0E-2359-D86FE8C82957}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.4.2 - AppEx Networks)
Anti-Twin (Installation 8. 11. 2014) (HKLM-x32\...\Anti-Twin 2014-11-08 13.12.41) (Version: - Joerg Rosenthal, Germany)
Anydata_ADU890-WH (HKLM-x32\...\Anydata_ADU890-WH) (Version: 0.01.31.09 - AnyDATA.NET, Inc)
Balíček ovladače systému Windows - Anydata (adusbnet) Net (11/30/2010 1.0.5.5) (HKLM\...\2D70ABD4660B7026CB5C4AE8D41B9BEF8067814F) (Version: 11/30/2010 1.0.5.5 - Anydata)
Balíček ovladače systému Windows - Anydata corporation (adusbser) Modem (12/03/2010 2.0.8.0) (HKLM\...\FBEF5F3C531F332C65A223F5D1A7C3A1A0111746) (Version: 12/03/2010 2.0.8.0 - Anydata corporation)
Balíček ovladače systému Windows - Anydata corporation (adusbser) Ports (12/03/2010 2.0.8.0) (HKLM\...\ADD65101CC3F2D125B65CD5B8A03323B853686E3) (Version: 12/03/2010 2.0.8.0 - Anydata corporation)
Balíček ovladače systému Windows - Qualcomm Atheros Communications Inc. (athr) Net (07/15/2013 10.0.0.260) (HKLM\...\FF9ECD00DD25FDB7D3208607214790302878ACBE) (Version: 07/15/2013 10.0.0.260 - Qualcomm Atheros Communications Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Build-a-lot: On Vacation (x32 Version: 2.2.0.110 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
ClocX (1.6.0) (HKLM-x32\...\ClocX) (Version: - )
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd)
EPSON XP-205 207 Series Printer Uninstall (HKLM\...\EPSON XP-205 207 Series) (Version: - SEIKO EPSON Corporation)
express-files Toolbar (HKLM-x32\...\express-files Toolbar) (Version: 6.11.2.6 - express-files) <==== ATTENTION
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
GotCLIP Downloader (HKLM-x32\...\GotCLIP Downloader) (Version: - )
Heroes of Hellas 3: Athens (x32 Version: 2.2.0.110 - WildTangent) Hidden
HF Designer 4.4 (HKLM-x32\...\HappyFoto-Designer_is1) (Version: - )
Chronicles of Albian (x32 Version: 2.2.0.110 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Java(TM) 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
Java(TM) 7 Update 5 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217005FF}) (Version: 7.0.50 - Oracle)
Klavaro-1.9.0 (HKLM-x32\...\Klavaro_is1) (Version: - )
K-Lite Codec Pack 6.0.4 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.0.4 - )
KMP Service (HKLM-x32\...\4F6D5E84-5826-4394-9F40-3A9A19165651_is1) (Version: - KMP) <==== ATTENTION
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.129 - PandoraTV)
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Luxor HD (x32 Version: 2.2.0.110 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes Anti-Malware verze 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft_VC100_CRT_x86 (HKLM-x32\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft)
Mozilla Firefox 21.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 21.0 (x86 cs)) (Version: 21.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 21.0 - Mozilla)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
O&O Defrag Professional (HKLM\...\{50C961A1-889F-4A4E-9587-2772A45B6AAD}) (Version: 18.0.39 - O&O Software GmbH)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayMemories Home (HKLM-x32\...\{10DD6128-A810-4A90-9523-475D573FBB37}) (Version: 6.3.02.07270 - Sony Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PowerArchiver 2010 Czech (HKLM-x32\...\{7EBE7312-888F-4CFB-BD60-894D8B8B2520}) (Version: 11.50.66 - ConeXware, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.312 - Qualcomm Atheros Communications)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.28145 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6685 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.16.2 - Synaptics Incorporated)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Ultra Defragmenter (HKLM-x32\...\UltraDefrag) (Version: 6.0.2 - UltraDefrag Development Team)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO - Remote Keyboard with PlayStation®3 (HKLM-x32\...\{E682702C-609C-4017-99E7-3129C163955F}) (Version: 1.2.0.09210 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.3.2.07020 - Sony Corporation)
VAIO Care (HKLM\...\{92907606-B2FC-4193-B0CE-A21159DA3ABB}) (Version: 8.4.0.14286 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.0.0.08200 - Sony Corporation)
VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.1.02270 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.0.0.08060 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.0.0.08240 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.0.0.08240 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.0.0.08090 - Sony Corporation)
VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.2.11060 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.01.11140 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.0.00.10170 - Sony Corporation) Hidden
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.8.0.08212 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WildTangent Games (HKLM-x32\...\WildTangent sony Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.8.7 - WildTangent) Hidden
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
YouTube Song Downloader (HKLM-x32\...\{4281435C-AD1D-4C8A-B9C0-3961C11EF142}_is1) (Version: 10.1 - Abelssoft)
Zásuvný modul Diagnostika hardwaru počítače pro aplikaci VAIO Care (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.11.1.11220 - Sony Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2014-11-08 20:25 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {05B8B2B8-179D-4C7A-8366-C94A43215078} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => %ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe
Task: {1016CD27-924B-43ED-9782-921D64FD9A5D} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {13714F26-06CC-45BE-BF5B-D49F6D9D8F14} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {21C74142-922D-41BF-8004-12A293E71652} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {2BD129BD-F9E7-4E46-950C-E302144B9C65} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {4387D0D2-BEC9-4EEB-81F2-56118F8A5DF1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {462A4087-CF46-4E12-BDCC-68091C924504} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {495BE073-B0A2-4F0F-A024-F57D703015BB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {602272AC-DC4A-402B-99B7-9E1A2B6C5E0A} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2014-07-03] (Sony Corporation)
Task: {64872999-D15F-4F2D-8777-F94F70B1A3CB} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {64A107A2-745C-4586-B141-7FBD6134203A} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {67D20EE9-49AE-4A84-B93C-A9F4486FE788} - \LuckyTab No Task File <==== ATTENTION
Task: {6C43D964-8A14-4623-B8D2-DEFC306FA3E6} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2013-02-21] (Sony Corporation)
Task: {6DF4BD83-FD0A-4C0A-A145-7F60792B87AD} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation)
Task: {71F6A275-9EA2-4494-8054-55042C332346} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\SYSTEM32\MRT.EXE [2014-10-19] (Microsoft Corporation)
Task: {84DC07FE-94EC-47EF-BC96-1E70BFED7986} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-09] (Sony Corporation)
Task: {892029C6-F449-4393-B8F8-7057A9BB6D9D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {8C92BAAD-9D4C-4D68-BDF4-6E326F52A221} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {9215AE76-C280-45F3-8828-57C44CF23837} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3964351572-208567497-3345830356-1002Core => C:\Users\Venda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {94EFF13D-53BA-445E-917C-1F68C8677487} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {9936F1C5-0EB6-49A8-A2FE-D29B249AD233} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {9BA2E46A-8C2D-4762-AB1E-3CA4C2DD0D40} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3964351572-208567497-3345830356-1002UA => C:\Users\Venda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {B01A53A6-845A-4E0A-AD6C-259408541D0C} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {B7CD0D21-46D2-444C-93BD-9B64707294F8} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {BA990777-F8DB-4A45-9830-21B44E593939} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation)
Task: {C0B8DAA0-3D5E-4594-A71E-F677D9D5E181} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {C2F5E7DA-703B-4443-9E27-30AB3E58D50A} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-10-15] (Synaptics Incorporated)
Task: {CB1C77A9-A737-432C-98F1-AF31E4D8AD9E} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {CFF8C252-DF93-4428-9E90-77AF1E55A8D9} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {D5F1FE0D-2EF1-4047-B71C-2DE56BD762E2} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {D70E3048-D9FC-43E3-8B09-2CB3EB62A2CA} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {D99DF0E1-3EEB-4EAC-A273-1987705391A6} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {DE283EB1-9C08-438C-8DA3-BDCC14C76268} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3964351572-208567497-3345830356-1002Core.job => C:\Users\Venda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3964351572-208567497-3345830356-1002UA.job => C:\Users\Venda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2013-08-26 01:28 - 2013-08-26 01:28 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-11-28 22:35 - 2013-11-28 22:35 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-11-28 22:32 - 2013-11-28 22:32 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-11-28 22:38 - 2013-11-28 22:38 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2013-11-28 22:38 - 2013-11-28 22:38 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2013-11-28 22:28 - 2013-11-28 22:28 - 00021504 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\cs-CZ\BtTray.cs-CZ.dll
2013-11-19 09:21 - 2013-11-19 09:21 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\Drivers\wxojzlcr.sys:changelist
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51
AlternateDataStreams: C:\Users\Ivana\OneDrive:ms-properties
AlternateDataStreams: C:\Users\tibor_000\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Venda\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "BtPreLoad"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "StartCCC"

========================= Accounts: ==========================

Administrator (S-1-5-21-3964351572-208567497-3345830356-500 - Administrator - Disabled)
Guest (S-1-5-21-3964351572-208567497-3345830356-501 - Limited - Enabled) => C:\Users\Guest.VAIO-VENDA
Ivana (S-1-5-21-3964351572-208567497-3345830356-1008 - Limited - Enabled) => C:\Users\Ivana
tibor_000 (S-1-5-21-3964351572-208567497-3345830356-1007 - Administrator - Enabled) => C:\Users\tibor_000
Venda (S-1-5-21-3964351572-208567497-3345830356-1002 - Administrator - Enabled) => C:\Users\Venda

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/09/2014 08:26:23 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance(CLSID_VSSCoordinator) došlo k neočekávané chybě. hr= 0x800401f0, Nebyla volána procedura CoInitialize.
.

Error: (11/09/2014 08:26:23 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} a názvem Coordinator nelze spustit. [0x800401f0, Nebyla volána procedura CoInitialize.
]

Error: (11/09/2014 08:26:23 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance(CLSID_VSSCoordinator) došlo k neočekávané chybě. hr= 0x800401f0, Nebyla volána procedura CoInitialize.
.

Error: (11/09/2014 08:26:23 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} a názvem Coordinator nelze spustit. [0x800401f0, Nebyla volána procedura CoInitialize.
]

Error: (11/08/2014 02:38:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.20605 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 16b8

Čas spuštění: 01cffb588fa44fa9

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe

ID hlášení: 835c0736-674c-11e4-bfb1-083e8ebe16e6

Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1

Error: (11/08/2014 01:18:52 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (11/08/2014 01:10:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program mbam.exe verze 1.0.1.711 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 240

Čas spuštění: 01cffb4ce8787a56

Čas ukončení: 22

Cesta k aplikaci: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

ID hlášení: 3f8c1bcc-6740-11e4-bfb1-083e8ebe16e6

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (11/06/2014 10:34:57 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (11/06/2014 05:54:06 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (11/06/2014 05:41:26 PM) (Source: KMPService.exe) (EventID: 0) (User: )
Description: Socket Error # 11001
Host not found.


System errors:
=============
Error: (11/09/2014 09:47:15 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (11/09/2014 08:07:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba PandoraService neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (11/08/2014 10:11:49 PM) (Source: DCOM) (EventID: 10010) (User: VAIO-VENDA)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (11/08/2014 10:11:49 PM) (Source: DCOM) (EventID: 10010) (User: VAIO-VENDA)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (11/08/2014 09:04:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba PandoraService neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (11/08/2014 08:52:43 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/08/2014 08:52:42 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/08/2014 08:52:42 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/08/2014 08:52:41 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/08/2014 08:52:41 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


Microsoft Office Sessions:
=========================
Error: (10/09/2013 06:57:49 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5001, Microsoft Office Version: 12.0.6612.1000. This session lasted 31 seconds with 0 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2014-11-08 21:27:22.072
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-08 15:30:41.247
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-08 12:33:52.740
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-07 19:33:11.801
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-05 13:27:27.609
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-05 01:09:04.479
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-04 13:12:03.837
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-03 18:00:35.547
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-03 18:00:35.071
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-03 18:00:34.476
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: AMD E2-1800 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 34%
Total physical RAM: 3655.76 MB
Available physical RAM: 2409.65 MB
Total Pagefile: 7367.76 MB
Available Pagefile: 6027.27 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:221.11 GB) (Free:145.52 GB) NTFS
Drive d: (DATA) (Fixed) (Total:214.84 GB) (Free:23.59 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 48EBAA57)

Partition: GPT Partition Type.

==================== End Of Log ============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  
  HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
  HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
  HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
  Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\O&O Defrag Tray.lnk
  BootExecute: autocheck autochk * sh4native Sh4Removal놱ʌ냴Qᴈ@OODBS
  
  URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
  HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  
  FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
  
  S2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [X]
  
  C:\Program Files (x86)\PANDORA.TV
  2014-11-09 10:45 - 2014-11-09 10:46 - 00017351 _____ () C:\Users\tibor_000\Desktop\FRST.txt
  2014-11-08 21:07 - 2014-11-08 21:07 - 00016115 _____ () C:\Users\tibor_000\Desktop\zoek-results.txt
  2014-11-08 21:03 - 2014-11-08 20:21 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
  2014-11-08 20:24 - 2014-11-08 21:05 - 00016112 _____ () C:\zoek-results.log
  2014-11-08 20:24 - 2014-11-08 20:24 - 00029831 _____ () C:\Users\tibor_000\Desktop\AdwCleaner[S0].txt
  2014-11-08 20:21 - 2014-11-08 20:58 - 00000000 ____D () C:\zoek_backup
  2014-11-08 20:20 - 2014-11-08 20:20 - 01294848 _____ () C:\Users\tibor_000\Desktop\zoek.exe
  2014-11-08 20:06 - 2014-11-08 20:13 - 00000000 ____D () C:\AdwCleaner
  2014-11-08 20:05 - 2014-11-08 20:05 - 02145792 _____ () C:\Users\tibor_000\Desktop\adwcleaner_4.100.exe
  2014-11-08 13:54 - 2014-11-08 13:54 - 00112640 _____ (forum.viry.cz) C:\Users\tibor_000\Desktop\FRSTLauncher (1).exe
  2014-11-08 13:52 - 2014-11-08 13:52 - 00112640 _____ (forum.viry.cz) C:\Users\tibor_000\Downloads\Nepotvrzeno 499326.crdownload
  2014-10-27 11:05 - 2014-10-27 11:05 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
  2014-10-26 20:29 - 2014-10-27 11:35 - 02250076 _____ () C:\spyhunter.fix
  2014-10-26 20:29 - 2013-12-18 22:28 - 00014232 _____ () C:\WINDOWS\SysWOW64\sh4native.exe
  2014-10-26 18:20 - 2014-10-26 18:21 - 75916442 _____ () C:\Users\Venda\Downloads\Portable-SpyHunter-4.16.5.4290-Multilanguage.rar
  2014-10-19 18:10 - 2014-10-19 18:10 - 00000000 ____D () C:\Program Files\Enigma Software Group
  2014-10-19 18:07 - 2014-10-26 18:33 - 00000000 ____D () C:\WINDOWS\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
  2014-10-19 18:05 - 2014-10-19 18:06 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Venda\Downloads\SpyHunter-installer.exe
  
  Task: {67D20EE9-49AE-4A84-B93C-A9F4486FE788} - \LuckyTab No Task File <==== ATTENTION
  Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3964351572-208567497-3345830356-1002Core.job => C:\Users\Venda\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3964351572-208567497-3345830356-1002UA.job => C:\Users\Venda\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-11-2014 01
Ran by tibor_000 at 2014-11-09 17:31:54 Run:1
Running from C:\Users\tibor_000\Desktop
Loaded Profile: tibor_000 (Available profiles: Venda & tibor_000 & Ivana & Guest)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:

HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\O&O Defrag Tray.lnk
BootExecute: autocheck autochk * sh4native Sh4Removal???Q?@OODBS

URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

S2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [X]

C:\Program Files (x86)\PANDORA.TV
2014-11-09 10:45 - 2014-11-09 10:46 - 00017351 _____ () C:\Users\tibor_000\Desktop\FRST.txt
2014-11-08 21:07 - 2014-11-08 21:07 - 00016115 _____ () C:\Users\tibor_000\Desktop\zoek-results.txt
2014-11-08 21:03 - 2014-11-08 20:21 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2014-11-08 20:24 - 2014-11-08 21:05 - 00016112 _____ () C:\zoek-results.log
2014-11-08 20:24 - 2014-11-08 20:24 - 00029831 _____ () C:\Users\tibor_000\Desktop\AdwCleaner[S0].txt
2014-11-08 20:21 - 2014-11-08 20:58 - 00000000 ____D () C:\zoek_backup
2014-11-08 20:20 - 2014-11-08 20:20 - 01294848 _____ () C:\Users\tibor_000\Desktop\zoek.exe
2014-11-08 20:06 - 2014-11-08 20:13 - 00000000 ____D () C:\AdwCleaner
2014-11-08 20:05 - 2014-11-08 20:05 - 02145792 _____ () C:\Users\tibor_000\Desktop\adwcleaner_4.100.exe
2014-11-08 13:54 - 2014-11-08 13:54 - 00112640 _____ (forum.viry.cz) C:\Users\tibor_000\Desktop\FRSTLauncher (1).exe
2014-11-08 13:52 - 2014-11-08 13:52 - 00112640 _____ (forum.viry.cz) C:\Users\tibor_000\Downloads\Nepotvrzeno 499326.crdownload
2014-10-27 11:05 - 2014-10-27 11:05 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2014-10-26 20:29 - 2014-10-27 11:35 - 02250076 _____ () C:\spyhunter.fix
2014-10-26 20:29 - 2013-12-18 22:28 - 00014232 _____ () C:\WINDOWS\SysWOW64\sh4native.exe
2014-10-26 18:20 - 2014-10-26 18:21 - 75916442 _____ () C:\Users\Venda\Downloads\Portable-SpyHunter-4.16.5.4290-Multilanguage.rar
2014-10-19 18:10 - 2014-10-19 18:10 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-10-19 18:07 - 2014-10-26 18:33 - 00000000 ____D () C:\WINDOWS\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-10-19 18:05 - 2014-10-19 18:06 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Venda\Downloads\SpyHunter-installer.exe

Task: {67D20EE9-49AE-4A84-B93C-A9F4486FE788} - \LuckyTab No Task File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3964351572-208567497-3345830356-1002Core.job => C:\Users\Venda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3964351572-208567497-3345830356-1002UA.job => C:\Users\Venda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir => value deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\O&O Defrag Tray.lnk => Moved successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
Default URLSearchHook was restored successfully .
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => value deleted successfully.
PanService => Service deleted successfully.
"C:\Program Files (x86)\PANDORA.TV" => File/Directory not found.
"C:\Users\tibor_000\Desktop\FRST.txt" => File/Directory not found.
C:\Users\tibor_000\Desktop\zoek-results.txt => Moved successfully.
C:\WINDOWS\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\Users\tibor_000\Desktop\AdwCleaner[S0].txt => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\tibor_000\Desktop\zoek.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\tibor_000\Desktop\adwcleaner_4.100.exe => Moved successfully.
C:\Users\tibor_000\Desktop\FRSTLauncher (1).exe => Moved successfully.
C:\Users\tibor_000\Downloads\Nepotvrzeno 499326.crdownload => Moved successfully.
C:\Program Files (x86)\Enigma Software Group => Moved successfully.
C:\spyhunter.fix => Moved successfully.
C:\WINDOWS\SysWOW64\sh4native.exe => Moved successfully.
C:\Users\Venda\Downloads\Portable-SpyHunter-4.16.5.4290-Multilanguage.rar => Moved successfully.
C:\Program Files\Enigma Software Group => Moved successfully.
C:\WINDOWS\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP => Moved successfully.
C:\Users\Venda\Downloads\SpyHunter-installer.exe => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{67D20EE9-49AE-4A84-B93C-A9F4486FE788}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67D20EE9-49AE-4A84-B93C-A9F4486FE788}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LuckyTab" => Key deleted successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3964351572-208567497-3345830356-1002Core.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3964351572-208567497-3345830356-1002UA.job => Moved successfully.
C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 81.7 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====

Tak jeste uklidime

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remote disinfection tools
• Kliknete na Run

Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

děkuji moc za pomoc.

Nemate zac, rad jsem pomohl Zase nekdy

A na zaklade Pravidla o zamykani temat