VIRY.CZ

Dobry vecer , mam zpomaleny prohlizec a vyskakuji mi reklamy kam se jen podivam . tu prikladam Log

Logfile of random's system information tool 1.10 (written by random/random)
Run by michal at 2014-11-15 21:59:03
Microsoft Windows 8.1
System drive C: has 24 GB (24%) free of 100 GB
Total RAM: 8128 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:59:12, on 15. 11. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17037)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\SupTab\HpUI.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\SupTab\Loader32.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\notepad.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\81ed0e74a40ed4fe8a36a7b819c4279f.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
C:\Users\michal\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
C:\Program Files (x86)\Battle.net\Battle.net.5191\Battle.net.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\michal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... N85C9N85C9
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=16194
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... N85C9N85C9
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... N85C9N85C9
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: eee1ef70083a013208d37190b1a6e5ef0063429 - {11111111-1111-1111-1111-110611341129} - C:\Program Files (x86)\SavePass 1.1\SavePass 1.1-bho.dll
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - E:\ClassicExplorer32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - E:\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - E:\ClassicExplorer32.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4 - HKLM\..\Run: [Super Charger] C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\michal\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\michal\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [81ed0e74a40ed4fe8a36a7b819c4279f] "C:\Users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\81ed0e74a40ed4fe8a36a7b819c4279f.exe" ..
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Facebook Update] %APPDATA%\Microsoft\update.exe
O4 - Startup: 81ed0e74a40ed4fe8a36a7b819c4279f.exe
O4 - Startup: 81ed0e74a40ed4fe8a36a7b819c4279f.exe.tmp
O4 - Startup: Facebook.lnk = C:\Users\michal\AppData\Roaming\Microsoft\update.exe
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - E:\\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - E:\\ClassicIE_32.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Small Business Advantage (intelsba) - Intel Corporation - C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11349 bytes

======Listing Processes======





wininit.exe


winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\ProgramData\IePluginServices\PluginService.exe -service
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe"
"C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc

taskhostex.exe
taskeng.exe {8DFC5AB8-BB7A-48B2-B45F-9712A6F87EB8}
"C:\Program Files (x86)\SavePass 1.1\0093e960-5fc4-4c01-ab0a-a085713f6814-6.exe" /rawdata=Q20fmmI3kDZFQoc/jMngZkcy/1QSysGrVTtOdDwfNAoog4i/iJSVAAIMj6sZv71CpKo2SbaEf2LHbGFGnf6z1zQmjBE93avAObhvWFxWRmBQaeRHhjvyks43oQnfn6a8JjOtCg7YRrFoRAEUNMhOeOySug5TcjnUNLsNe8mlxwWcCLk/CMb+ybmvQ83xaQLdvZ5FXtig+vdXgOEgz119kUIu7qO7VjJETvEpzWTQBsXKlV2m2pc5WnA9FhMJriuj3lF5EE8eViGf2EefPmhZ4bqzotxEudNusZMWsUakAvGg5NmGCau7cKjG2mBfe16e1+7opBLwGIG7OEOFZEJg14gbRqy77Vy4LEtmvdc2ndANJ69PAbaHx4dzXct0UaflOc2ATKMbrsr8IjcJrs8z6A8c+lAp3PXGz46qk93fWOmMr/cxd9aKsgFoli9SwDfzwQAzC3lbz4rnZG1ln2lcMlpjTwE0AM6SLosNUjZYDHUK0rBwuz/GcrG/inLfyrtvue9XDaN2pushBnSD3ka7IYx8+F8/BO0Hq95DbHHINsQBBY/E1AD1wdv/NA3IWbWk4+3OhdDrzvSAjG0xXDSS3ni0FaiMzQ+ykTJaJLMio26HV9r52AAyoZe+82AwPFe+PAtheOEu3fn1R/SUHIW6oTdn7Ur2ZlrjqE6iVYg0H6Qg7g3Cp8D1T9tN/pxKtXY1uLYbT3fJmwsMemlRQRBfa1HBomBzp6fcdl4EogNhCZhaKNOYvFzKEC0GCdohZ8x4F1+htMlCJ/lyXPCU5F7wOWyKTjylVZSXF5zjQzptY3SxYm1IDMpqeAIqY7reNTo3fpf83vSZeA1ck537b3J9sRSAwDMql6QLbzYlDuOoUwjKY6Dl/N0cBXEuXGQXxG0tBTyu6fO2mIz/ncEUocyjqn+UmL+MQUyxx9s6EomKx62h8YehO461Ub+TxskBEV9LKHqc2Q/6Kn9UKI4mzl0j2jbtXJuhFk5M0P/ZlGzbuPgawFN91S2ErjEZOLzwJA5UH0FoHPF8ruMokT5I5sNkZMvX3pod11zOCkEyAI0bEmYLRIjG6kZHxom1cqg9Chzq1ety2CFixVg4sUFBrzrMF9+1FAKrmK1rixlNYdgGMlUAnCScuua4jBMuf3v4aqwU7mQGB8WOPlc7DuXeN5BG5MEbE9kD1lOfszGR/jcpp8YTnR9d/HB1mW6AvFMZ/Gh8XZmr/GWxMcZahHIKomhstaLJEZ+LAcfpbecZf4j3JvTv5ImTkfg5Is4oPTun2YstzR4xbwMySWrs5wnPJs+ivYpBietmx02Mbtle/ellrv1Zpij2lEYQTqrDXlG1H606WPSwqmm7aARcX1XdrQoqPgk5JsnzC+iOHswRcD7XzhBfE95Uqzs2ld8OWPD0Pd7oZv1c+0kM+s878fDC6DCPfc/eowd/890HBdULwT2mDEgidXyP7tankW+hU3S0XtcHaF+dYBzR9xaSDGKUrYy1NYwrBeIvAyW93hFf/tjsyOea2dalP9T9KOh4F+K9R7C5jRqDLV7Y7spslA4FPg+fiz+gdXV3kKSeVC80YCfcBOHT+wwpWdIgBDwJuszIijch4Dll76bnfANkrWywXkJWqnWc1ybaUKNUZiaaUACSwp/U7vq4ZB0tMfxB6RmJYVQOjDM+vhDSj3E+cy1eMn0kVmeHFcymfP/5XDvCWeVFuMoA8n3sflh6WL6p47XES5DTz2b1n3UIjE5sS4NlkwXojLeFFA0qFzlrHcCsA6a/EmmqLIj+m+edUxUSdJBSs57MFsKTTL+p3gzM750zuJuXGwvvwM1WG4gXk1S3kJFL2pXGBufux7cLS0Acf8Y7oROOT9Dlm+PBKq6c1s6S24fd+IGyn0mia7ZnIv21zpCV8Guvo1NTcu6pJl8Q22/yLQNBrO7MT3nHJL+FIciT+tfHjdLla0oybbnOj2YVHEvMJcbBMap3Ul7qz5DDwo/HLnSGBCCt2vlFWnXhrY4/NW/zVXQtj1rEpj3lIDPYNvdEDXWoz1TRyaXL48dcI3qmeaiSefHD1ye1GQ+W8Ned5Coy9S2+ZuavOr4CvWynQ4SSh1xZW2lSWzf6YyywCb/9r35ks8hly+fxo3SPjL5qzdYg7VJWQDnnzgijBS+7WbSerp0P/6A54PMGoZmqcX+iUA8PLcfGIGjEW1NFH4Z8aqyUeAJUhNl4QOVE0kT1vVblI8u6Tf8g5elW+Pq8HXIDL4kASlhdPZbEphEU/9j/xHIBQFlOKkje0CGxuX4IiwxrBaEBxAgywwpRslB0q5oKfB8M73jGN+L0dCYXb9AQLHESM6WgzZb5hZHjDbo1Vw1B85SPGihUyvN2Obe5Frc/luRha2v4sxX8nX+R3FfU/HQgQqf6+g/1SBk+/V7OaKR1191HB1EPQPmWbei+kd+k7s/WRlPg5RAWA41VxJBjxc0jOJ6tKgGVxQ1TpZhR0Um5DGalWXsEcl2H2NLVsaeM9fx2jj8uumfmW8F7M3sBwZZSxyyF38J+rp8fmjMPrbv4LZ5WeDHYcBuAaCxZyBKG5o5k
taskeng.exe {81CD3BD2-A6B9-4EB9-AF9D-843772C4C06A}
"C:\Program Files (x86)\SavePass 1.1\55165869-7942-492f-881b-9b10284bb925.exe" 001504 4F075D6BA3EF4D8D9A9A8D033828D828IE 63429 1416046361 93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 SavePass 1.1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss c5d3eb8c-d3f5-4e45-affa-f5792dc2e705 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe 0x4
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\SavePass 1.1\e18cad61-bcd4-4eda-b5fc-6395534ef9a6.exe" /agentregpath='SavePass 1.1' /appid=63429 /srcid='001504' /subid='0' /zdata='163149315' /bic=4F075D6BA3EF4D8D9A9A8D033828D828IE /verifier=cf17539d92ce64928e5aa901361c4a22 /installerversion=1_35_09_29 /installationtime=1416046361 /statsdomain=http://stats.newonlinedatastack.com /errorsdomain=http://errors.newonlinedatastack.com /extensionname='Information' /torpedoiesleeps=1000 /torpedoieplugins=93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 /monetizationdomain=http://logs.newonlinedatastack.com /runfrom='task' /externallog=''
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\SupTab\HpUI.exe" -run
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\SupTab\Loader64.exe"
"C:\Program Files (x86)\SupTab\Loader32.exe"
"C:\Windows\System32\cmd.exe" /k attrib "C:\Users\michal\AppData\Roaming\Microsoft\update.exe" +s +h
\??\C:\Windows\system32\conhost.exe 0x4
notepad
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {9BA05972-F6A8-11CF-A442-00A0C90A8F39} -Embedding
ClassicStartMenu.exe -startup
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\81ed0e74a40ed4fe8a36a7b819c4279f.exe"
"C:\Windows\System32\cmd.exe" /k attrib "C:\Users\michal\AppData\Roaming\Microsoft\update.exe" +s +h
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Windows\System32\cmd.exe" /k attrib "C:\Users\michal\AppData\Roaming\Microsoft\update.exe" +s +h
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe"
szndesktop.exe default start
"C:\Users\michal\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe 0x4

"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup
"C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe" --locale=enUS --session=191446051153240364
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Battle.net\Battle.net.5191\Battle.net.exe"
"C:\Windows\System32\WWAHost.exe" -ServerName:Windows.Store
C:\Windows\System32\RuntimeBroker.exe -Embedding
taskhost.exe $(Arg0)
"C:\Program Files (x86)\World of Warcraft\Wow-64.exe" -launcherlogin -noautolaunch64bit -launch -uid wow_enus
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3632.0.1083886314\1297288839" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16,44 --gpu-vendor-id=0x10de --gpu-device-id=0x1187 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4465 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="3632.2.2053989393\1951889285" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3632.7.896367890\365417897" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="3632.18.2100845753\2119129738" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="3632.35.1929609395\1958897858" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="3632.36.1295616419\2116864834" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="3632.38.920568792\106303385" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="3632.39.1123796275\1580745033" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe30_ Global\UsGthrCtrlFltPipeMssGthrPipe30 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 584 588 596 65536 592
"C:\Users\michal\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\0093e960-5fc4-4c01-ab0a-a085713f6814-1.job - C:\Program Files (x86)\SavePass 1.1\SavePass 1.1-codedownloader.exe /rawdata=I6bTiVULAo/yZW/0tv6Yk8POypmPyMrSyOkVqClzvef7/CKxCER65vBFqu8Raf6xV14qIXPYOy4TWbyxnznw7ab+Qz3ASrWYiRnfnchNG+cZd/s8QsrCxcJT0o93Rz/mxlca/u3lItXtX+fCL7MjeQPRzs5U0ftY0ZNn+1YsdKx1MXPCkWfvWV6/C+wxDAvY5pO5aEibNb2Y7KZq5IUXtPlO48/8I/LqSlsRX2Cra/c+hyuC2ugEXJrC78UPlDTEEvL+Nu7RAgeWMLr/ikBCDrCUAt5dWMV3rw/6ARDQwcWUxax4B/sHzt4WE1PmKEnmN+tJTUqtaNiAwHQdazdM5nI5GWVlkMXf8WUNYLisa/a9FXE4az3vEtDXvTThwFwlE7XjCVfJ++sR8/SvBCcc7Qq6C3d7zLIcqt+f67TYZ9Hbox0+g5j2oDOSwjAPKfoWvMxQPdymjOM8gwWLV3dziPg8CDCfCwktdPAM+ySN/UmXpRMUVqdF44z2/fPN9lV9UWO6wxrkQ21ZX7Z7h/b5E+uBpJbAZ60qA4Qwwmj8lyDx8BQallMb46uF490HJjDIt/ePwils45GCKYhIP5SEcSAl4/KS7U5UqrEFEJcvnYxm7BhV2YGkZzhrVjjIN43FR4ZW83o2iYoiAenu0ODDrQHt1uZvUmCbtI9lEiz7tQs6uL85gR92ExKCmcWGgFUVM3fEFum0E7Opsl5Gr5D+zmwZ6+eFzEExS9P1hTNypGjpOzU7Xpdr6kVJcus4/rzJdtzRwl4X5RBSZxSArHA34QMldbZgburOuNkaZy2epsKVfG8NAHPTe+BMz5kOf/RIVjnIdReC8QDwflXpUEEiG2fZXE45Jbx0YPpk7aMp7bgQqF8ZYhon7U5V04FyFlmASZRnHUnqod9Nyu6dVQ7ZBY7qRUjHpKSIRtnTAXwpN6yDgo0CcjUSEGM301k9pIObyO/D2IErEftOOkZRjyBSH7y7Fzv+ZeJiBYVSDAKwbh+tHBVCPWk0jh0wSMQ0a357Px8/o4umTBp45zCGI3kzBFG27Hv2WE7vnW1m7orJaebX14rySEWp+0dlCBWLYR1mvNOM733CNSs7upt2xBMwpAlPIgbQmMpYUspQ/D5ihrQndTnn/GlqghXbAh9UAPyLzS1SaYmNvKq+C/uPU2sQGurIsl139pwucUXNquaWF4W2PGYz5GpNWHG+NzcwXRBF2+wv/cPQhCUNJU6LWYkvpwJEjm066dxzroA7Vc3dSwpj18aBiqQYTG3TClaV9NJzEX6KGteB6REFD6qYogwHbUPEP1fOWVV1VN5yr3/Df3mId8vAMlOT9cj1/fVhjPtAS4EaXjAjf2X7SzBtrOHPng==
C:\Windows\tasks\0093e960-5fc4-4c01-ab0a-a085713f6814-11.job - C:\Program Files (x86)\SavePass 1.1\0093e960-5fc4-4c01-ab0a-a085713f6814-11.exe /rawdata=NuCbnwJbQvbxgC2wzNpCE41UkhBbxR+FzvxgnQXCUL66cTveJHZ6RGaSkUDnAtusJTL7ak4EcThVl2u4Pa1RttJx4FpuCv3YCnnUNKb8Jf5ZXuF6pbkgRnt6u76kIxvAp5bMStgD8zF0dtnd2mPAKu8UISB7mRSiwjQP20pCLVBnjjliOX5z05a2K/OdST6gEe8KvYyVyzo6viRRrbtK1ypgOknUlos8RmNRLZ4LXZ8Ep9qQwvYES1dMyVejpi6e3f48N4SPpzmvqvYtUHk4H5mB9gwfuSA4uhpgcY6pBjXg+NnGwtEoBWSgD4UI6n4o33aBjdaGCOQP5/0AjsRgfEa4sTSh8zRaTEN39O7+aDXe1/LeliZQsSpz5z1MU04W3+8cXVufPmVCTXkihEv6eksfJ4BZj2xFRhMz1crXdQlj9j4NlfN8SWa7pGVl2Hve2zS8WP6dmoBm1B2IZPTxDATpR7kNU4pN/fRBjtGB8nXcviTHM/28+mtev6EJDaj5DY99Y2f4nJwo1NQjBiIxy9QYJmzddcyR+pD+VPZKPseF5IW+6ZYJjDYCGeIz3IebFrtD54+wbyJZmyLk6D8DZQ1J5hOZuGxBJZng+f5lkdjqV2Nk/Eq+UBBXlSmob44CUSOto3btuCJSVyqqx5TVvMBpi63yK/0PWfRE2tUrx6Cnn94Ufbz7qtHhwtB8Q8/erRnfDww5ct6g7Lr2K4aySK1esvo+Vz4CPQiukb8rKI9qcdicQUWMHdcqq9Avs8loOLfxFvOAX26Wwul+MLSZM75c0JXSjwByUMUdp7r9zpxj9hrHzJboKgYRLooXpqy8G/lzWco8nLMqgthRzNrIFgXzX6lGJQZ3yEZzcbwa9GKKDRUbO17ExfA0pxruoyn71ycSQc7zYB1daAyfq8+Wjn+oxcxxtB2cU9KtiG9DzSvF1xDWQ+DqfLn9/mmAvyZlmdiCWPtaFOlhlFNchvn+YCCDDliTDyPC1QyrlWBY2Tub9h8EbaayqiLtpHqx/tFBhE22ty08nLrRtEOMLXvK8E41f3N1awpKiGugj+Jq5k20rVr53V4K0WzHepMNGtOY0N7Kdvm9GW+0D5pkqg+hmo/kHU6517CEwV0tlBsyNLkoCuV03W59G1JwpqSsxW71VszuWn5C5x7fcrLzfnjvW+7oK3ujZAObBMEk/tpzlY+8ZDOBO4mjk4Cr9eO4SZg0rayjK+fVqWwGCkAvBLVEtA0kFEbYlYbue67rFmXxkSJoNG5vzH544iMp/AU7Gbh3IxRaFlH5JVnbHlnmTmRTr1DpIn46zF6M3QoFCqA8O9t4QnMa0sG29fIZaaWuuD2zymFkSnES9N3w7fWClNevE6xINfTYYipVU3TTXdJ7K4iQyY+555LCws1LDUZMFKyqBzHxPrmLivEx90MfDEPichs5edOFK7SpxPXtm2Yq4prHnxFxvsR9H52tu7rWIx8Cl/53Y8xpYs7ZqryLmK3LvWD21l1WcQplievgbASsng/Sty+whc7HPi1b96GzU95ARyv2oeUcWNTHxzc8q8bfSazTlwxxCEMwU96GfzrY5uR3g9GfjTwpav4gauxbwlNdMjnuJkw+ljRWJuT62VrXoewqp978eVk99a/SCJROLtodznxkL2EVF/t6JXshvcnZ4drFTjF6Vow6L0S+4tQDEJrsXag+oXcC9kspTL4Cgj9ZYh4U7LiWZSy4cwEKpDLpWPWszPHk2WfZA3Ww5DVz6OyNeSlg27AY+36j1GxG3pRPTOHdxrZKSz5Z9hirwgn4dcs+zwJgFtLxQXIcIZv3Wh523vH2DAc69jDoduwIQSwI5mX/hdvWDmweZV8n01JNcOQ59f4M8J/tu+oIEg04lMN8F6/JGVfVB0wq8BiBCxiuBgVO05IcfoEoJ7FlpMVe6Jz6QW4zcqvKeghAnJRr5GyBZ3IK9ExEfyih3Vh2biU7gzOF3oTPlYtwy0IbQizvBSTuE3sQd+LhLciNaoNabcMBs661EKa2CpN179MmAUG/u6Fv85Cjan3XQND44uhQOC10MW+/RRkOx+y1NdN40YPkmmCqHESO9US5iSQzpBfgbgOOq6beevAznRU4YMQGDTOwNPd95eHvoMaGvGeGuFvDvMDJAOzlXwH03kUt2PVno+P+iFewygM34k3rkJAisyA/Zb6G5mjj+gmVhfZigMn8sdhjb9DpzWyD7yb5U/M=
C:\Windows\tasks\0093e960-5fc4-4c01-ab0a-a085713f6814-2.job - C:\Program Files (x86)\SavePass 1.1\0093e960-5fc4-4c01-ab0a-a085713f6814-2.exe /rawdata=SPlSZB1WZz4yV0Z4QwW8ui2nnsXfUYrQfSRw7Foke32Ng6w5pHKzrcp0hyKvaBUr0yNM/lpsket0Ldyix+Q8+LXWqbm5DTO/z3hGj8uTn4rjOH52u3pbgBVhjsPYYD9HpQ3nhCjbmcrf7rq5qrR8DO49W8C7TAB3hJ1nRWf85iSV4TtGTUnO2GiGRYxkODhYWdLbj/l+gfp3pqgUN+cxz/qp8J3KqgtM/olMgixqbuQQp9vDHVbkRz4w4zLIj0PtgZVzcbQV0DwCA3TiOvSXh03VLJJ1vE5dM9BG+EmrF/u+Qjns25MyZFWl/sevK1ztLAa/uThabLx/ASbZCCeKiseMQ1BEY7hccJdPe4RiA2ounUAsVRPs0vXsZMRg2U0BGvJnTOIZx4Gfgd5jUAeAS9Weh1dSVYpxQRVQQxmBmvySv3cqD3rBJDC/psu0hgb5r9eVYddqM0ETVxfv4Yp4FDsxsvFjDFhhFzvCkla29kvBdY3JgvO7GrfHWkMpxqfWrT2hHt0mF5+JD8x1hLccE1M2a3BNqk1N9w0ypsINQQqGKa+bsXeweubLD4PtfFPp5EcUr2PNGNOvOdluVvTfejcTlsTrlobs+Jk8qhDDmMOr+6qAFS+N+WBPe+/87KOqCDuM5YLTpZ7YX1iOgBWMvowQzL9+e8VqU4yE2qKx03Ff+A2XyE6y6RJUAGXV4XLbxoj0AjzNFT1ZOk5f+pr7/ymYrOuGUkgVcuCMn9IvDZdqjhUcxic22MKT0q+GLECmYYSA2pl1+cMoHzclDbrVOxziNqGq6IjwkHtu4Frb/ImXFhNlKvxniYN8FMuUn6QN0JzFgJg742xtHzGwMN+O3Q==
C:\Windows\tasks\0093e960-5fc4-4c01-ab0a-a085713f6814-4.job - C:\Program Files (x86)\SavePass 1.1\0093e960-5fc4-4c01-ab0a-a085713f6814-4.exe /rawdata=OWBQfuwPXa4Qtpye7EX1/TkRJzLshW3XZ/vsFigFyNOc5Ukt23WIDNgR9ej9FA3HVJCHZ9/D7ZVqSj0BzdYMKPG4JpAWCIeupR6LlgZGzAjTpTCgGfYzJ5o75E8z1QF+99tlcq8XyPt5PASukrBscwGAwoTjZgxJrbxD2NyVNGgPnJlC6NJw27fFKiji5nVJZlC5wekxeSl5LCjPiqZdeb6cqMOiHbfnlqGSA/ZtSpE2ZvCGvl4ZleUJb1W1DYefGywpD8QGA6+VWT93eBT7rOwZstoQe8+o1dl98C+WpfMbv/hd2I2M6LMy07lLOwHRGM7PBJpaz5yRUgtKE598AXXWqX7Dh4+zjmbh7dwsNoq44Bt7/WqKGwCQEaC3LW6gwZuRAHlrBvFP/73bWP8EsmEjA/E5QjaDwIE8xqHr05750bh0HnYOkA9g/8WLDxToKRyjZJuNeZ8JzsoZ/k4XVx5lHyLhUuAGSVjutILLko4t8cR6WPmEQEobs44fElfcK+E1Os03Dy+wDg/VgfvcOIsEvBUc048v74d/jhOKyd43ip/2gGxV8X3s+yza3HpUKpuZdmvE2CnYz9BiqmztGLe93yA00+lZvAz1esvzp7YBCPAZucaqiihB/v26efMgOHGq6jGI/WksA6AInL37eFIlJld2pZYK0YI30RQrih8gxgVxV69SDX/7/ClNjH8StXzsJjpBR2kqGprgnJlSbivlrPUhQHa8cfX07PhC9kfBwH9twXRt9ZnRlhyy0kRPkUEJkyxt+wJBe7QNTPjq8+1x7Dz4XunsSNOfvbJ1c5/0ZIw9tv/MEV8ME7ijcuj57DbPZblCTXZBZHELKijuFiVh305UU85EHFDGEmhoU0y7hYNqR3EbJH+I06vMLucvqBy9L7jeJ3GeHHHvDDPehpqD2nLYypjr2fhZsCGxhS6gg+x8hH1lcr7scyVIRVFV2UUurE/ErJzwvMCqNiQLYFM4FGgVYkTrjbumon26iwoOH3Wy/VVVakY8LgbxaTKOnkPJZMQkbHOEGOubPN9B8m6TT/2TndK5RMWy7i8zuiNlpBrU81jxEkblNZDTHxo/S+4taNpTZqipKQd2G77ZhAPYPASZJHsiADtM7RXm/T7kb1rZo+BgbeTGxI0Ke6s04TZQkOB7rg3bCdjkcJHEHl4Ed0If0DMuE1oYvBY9esMTitZ1Tn2qTRQ/+LU49mIy2teOMbR7/dQ79iwa/4rNljrg5Dhp+tJVyhGbPUpBhEe08qonG9htVZkT68WJT90JvWtzITbBVehRCKi21i1U3GsAK8Kx1JOO4AymZoBAe29rRg0CvsZI1PIFH7vlTQ/hSdF+bKITQqAEJX+QtG9R87+g/zcs9HwfTMYHtdp5blHuQ5uTqCt4603HyIqO6Uvp7YowY3PS2c7GcYpSfTLCDkUtM4yJ+MXPnqPbx/dZ0jhspyMNFsMaBFpnOsXr+gyZ5LpR9yb+8ni1ZfQfqLWrYswAPeEPhITHfEdjadyg7gKYT+xuESIovp7dbxpqtgTRsy3vzxIM83Q7ijg9RGIwZq+u1/hMceLmnkWVNIGq8omWYV3ZqImGTrXpt6iwAmQtwvNPkz2mOsHXTFsHUxIfMK7DBoW1HVK60l4u/FsI1N4oH9+BYWUtEcjTsLAI5B8JCJFCNadVEDy6SJJYyVhRVJMVEXCPVdjxZxaB5pwfexqukoZk8UE1IbQuwE34AQDwN8jjqT1ricDCeZsMXGnkk9uGG/sUZqVMFB/A0alpW12Iqwbn3qz1Oi53AP/h/EOX+68miYCtG9OrrHH42wEk3yHWDF5Fo1BEfupKJ3nSaNiWrKprDBWl9jdVuj6xYv64I45ymgt6y4f026FkmYtthg==
C:\Windows\tasks\0093e960-5fc4-4c01-ab0a-a085713f6814-5.job - C:\Program Files (x86)\SavePass 1.1\0093e960-5fc4-4c01-ab0a-a085713f6814-5.exe /rawdata=NDVs7THmQWBCWsMazRexGKop0/KiNJ5ED+IPpOmHWWd29amPJtMe3KmJWX5weiMiB/qrJsFTAUjn1t5uqw+b0oZz0Uku9Cvr2WwH1NOMgm+GZCrAPYsddoUvHSPTyPnQ6StYGUFMjfMCBzI3WxznDKbyedN6TEfFig2YT3uxwheV1WiV+bDJdP1SoYt25b80Wvr+ir9qbMovJu+jauggc6SJF0iTCbPrkcAMMGm4S8U2xmMLGx/SfFcImsHDAhjOmfnH8pyV6RVIm+f0gd4EvGX3G01yzU4faHZ04waZfcCDEuwpliMPeSHDnRcG4IfvFVo7N270Rj/3bZvn/6ggknTOukt6W/O7zP8bB11O97923VxjnolA/d7orJDyPnu8dubwREScD4fZkH3zyNHkWzXGn3PE77rMuG1xSRab58EfimLJW2pFzRcs0k/SXJQk0mso7I3G2ZOUOKhGfIN/0Yb0bOLc0tR3bpFnj2sZM8LjOPiDjWBXhR868zHE772qu/DwamM8nliCORk/hVETAZ7aH8fQLlHqpBQKqv81tqivjMoLIIfNs+GVg2VnHwgFOFcDiRHqfJfCdjB5jW9TKzRq+oqWG7GcbEyqKi8I5oBDuyQSaLAicSDyEyabAncYIOAIOOb4cNzvaIdg2E8fB7aGsQxYcD4tg6QxT15P5+E+PhezTKFPnBF0TPpntFApnhWZBK51FJXujNNDOJo4XY7+vaPWcAlvo5ZrrXnRn/vESVvUwEKm95OiuT8clWoR/c4AgvKkCnOks5hEdum1E8q9ySXnt9e0W2+AzGjTm/BBFCfT+ZsVFaUxQr6w+DsbrZF5xGGQlYsqIDQ7lnBRcHum4g6xW63wTyOjM6X+w+RChMowvN+qKzrHOka2fpe8h5YfyNrHEFp26SxtKcSaCdm5hnop0XABGocIcN3oJ8IvJOb7c9Ef3XX3Zj1FXEfD0mnHoIEvL+DBj2AzDfhCZWBCi45Bd0tnT2zF9wBcnFHps7kjMj9X8WV876iihp3+
C:\Windows\tasks\0093e960-5fc4-4c01-ab0a-a085713f6814-5_user.job - C:\Program Files (x86)\SavePass 1.1\0093e960-5fc4-4c01-ab0a-a085713f6814-5.exe /rawdata=NDVs7THmQWBCWsMazRexGKop0/KiNJ5ED+IPpOmHWWd29amPJtMe3KmJWX5weiMiB/qrJsFTAUjn1t5uqw+b0oZz0Uku9Cvr2WwH1NOMgm+GZCrAPYsddoUvHSPTyPnQ6StYGUFMjfMCBzI3WxznDKbyedN6TEfFig2YT3uxwheV1WiV+bDJdP1SoYt25b80Wvr+ir9qbMovJu+jauggc6SJF0iTCbPrkcAMMGm4S8U2xmMLGx/SfFcImsHDAhjOmfnH8pyV6RVIm+f0gd4EvGX3G01yzU4faHZ04waZfcCDEuwpliMPeSHDnRcG4IfvFVo7N270Rj/3bZvn/6ggknTOukt6W/O7zP8bB11O97923VxjnolA/d7orJDyPnu8dubwREScD4fZkH3zyNHkWzXGn3PE77rMuG1xSRab58EfimLJW2pFzRcs0k/SXJQk0mso7I3G2ZOUOKhGfIN/0Yb0bOLc0tR3bpFnj2sZM8LjOPiDjWBXhR868zHE772qu/DwamM8nliCORk/hVETAZ7aH8fQLlHqpBQKqv81tqivjMoLIIfNs+GVg2VnHwgFOFcDiRHqfJfCdjB5jW9TKzRq+oqWG7GcbEyqKi8I5oBDuyQSaLAicSDyEyabAncYIOAIOOb4cNzvaIdg2E8fB7aGsQxYcD4tg6QxT15P5+E+PhezTKFPnBF0TPpntFApnhWZBK51FJXujNNDOJo4XY7+vaPWcAlvo5ZrrXnRn/vESVvUwEKm95OiuT8clWoR/c4AgvKkCnOks5hEdum1E8q9ySXnt9e0W2+AzGjTm/BBFCfT+ZsVFaUxQr6w+DsbrZF5xGGQlYsqIDQ7lnBRcDjEk9RVjTtlgVNch37n4Zj/YUUEV+JwHsBsRtt+0hyGV9i9LLMBNNuduW2xLUDpOdlhidlRk/ncFwiBZfV7MyanX4ad45nEkpGY8gHS2McZ2xZ8EUZDRqlwxO+bVp2ZLNNCkzqug1DMy967BpR3d/c144QLvVbbQ4hCvojE/0ZV
C:\Windows\tasks\0093e960-5fc4-4c01-ab0a-a085713f6814-6.job - C:\Program Files (x86)\SavePass 1.1\0093e960-5fc4-4c01-ab0a-a085713f6814-6.exe /rawdata=Q20fmmI3kDZFQoc/jMngZkcy/1QSysGrVTtOdDwfNAoog4i/iJSVAAIMj6sZv71CpKo2SbaEf2LHbGFGnf6z1zQmjBE93avAObhvWFxWRmBQaeRHhjvyks43oQnfn6a8JjOtCg7YRrFoRAEUNMhOeOySug5TcjnUNLsNe8mlxwWcCLk/CMb+ybmvQ83xaQLdvZ5FXtig+vdXgOEgz119kUIu7qO7VjJETvEpzWTQBsXKlV2m2pc5WnA9FhMJriuj3lF5EE8eViGf2EefPmhZ4bqzotxEudNusZMWsUakAvGg5NmGCau7cKjG2mBfe16e1+7opBLwGIG7OEOFZEJg14gbRqy77Vy4LEtmvdc2ndANJ69PAbaHx4dzXct0UaflOc2ATKMbrsr8IjcJrs8z6A8c+lAp3PXGz46qk93fWOmMr/cxd9aKsgFoli9SwDfzwQAzC3lbz4rnZG1ln2lcMlpjTwE0AM6SLosNUjZYDHUK0rBwuz/GcrG/inLfyrtvue9XDaN2pushBnSD3ka7IYx8+F8/BO0Hq95DbHHINsQBBY/E1AD1wdv/NA3IWbWk4+3OhdDrzvSAjG0xXDSS3ni0FaiMzQ+ykTJaJLMio26HV9r52AAyoZe+82AwPFe+PAtheOEu3fn1R/SUHIW6oTdn7Ur2ZlrjqE6iVYg0H6Qg7g3Cp8D1T9tN/pxKtXY1uLYbT3fJmwsMemlRQRBfa1HBomBzp6fcdl4EogNhCZhaKNOYvFzKEC0GCdohZ8x4F1+htMlCJ/lyXPCU5F7wOWyKTjylVZSXF5zjQzptY3SxYm1IDMpqeAIqY7reNTo3fpf83vSZeA1ck537b3J9sRSAwDMql6QLbzYlDuOoUwjKY6Dl/N0cBXEuXGQXxG0tBTyu6fO2mIz/ncEUocyjqn+UmL+MQUyxx9s6EomKx62h8YehO461Ub+TxskBEV9LKHqc2Q/6Kn9UKI4mzl0j2jbtXJuhFk5M0P/ZlGzbuPgawFN91S2ErjEZOLzwJA5UH0FoHPF8ruMokT5I5sNkZMvX3pod11zOCkEyAI0bEmYLRIjG6kZHxom1cqg9Chzq1ety2CFixVg4sUFBrzrMF9+1FAKrmK1rixlNYdgGMlUAnCScuua4jBMuf3v4aqwU7mQGB8WOPlc7DuXeN5BG5MEbE9kD1lOfszGR/jcpp8YTnR9d/HB1mW6AvFMZ/Gh8XZmr/GWxMcZahHIKomhstaLJEZ+LAcfpbecZf4j3JvTv5ImTkfg5Is4oPTun2YstzR4xbwMySWrs5wnPJs+ivYpBietmx02Mbtle/ellrv1Zpij2lEYQTqrDXlG1H606WPSwqmm7aARcX1XdrQoqPgk5JsnzC+iOHswRcD7XzhBfE95Uqzs2ld8OWPD0Pd7oZv1c+0kM+s878fDC6DCPfc/eowd/890HBdULwT2mDEgidXyP7tankW+hU3S0XtcHaF+dYBzR9xaSDGKUrYy1NYwrBeIvAyW93hFf/tjsyOea2dalP9T9KOh4F+K9R7C5jRqDLV7Y7spslA4FPg+fiz+gdXV3kKSeVC80YCfcBOHT+wwpWdIgBDwJuszIijch4Dll76bnfANkrWywXkJWqnWc1ybaUKNUZiaaUACSwp/U7vq4ZB0tMfxB6RmJYVQOjDM+vhDSj3E+cy1eMn0kVmeHFcymfP/5XDvCWeVFuMoA8n3sflh6WL6p47XES5DTz2b1n3UIjE5sS4NlkwXojLeFFA0qFzlrHcCsA6a/EmmqLIj+m+edUxUSdJBSs57MFsKTTL+p3gzM750zuJuXGwvvwM1WG4gXk1S3kJFL2pXGBufux7cLS0Acf8Y7oROOT9Dlm+PBKq6c1s6S24fd+IGyn0mia7ZnIv21zpCV8Guvo1NTcu6pJl8Q22/yLQNBrO7MT3nHJL+FIciT+tfHjdLla0oybbnOj2YVHEvMJcbBMap3Ul7qz5DDwo/HLnSGBCCt2vlFWnXhrY4/NW/zVXQtj1rEpj3lIDPYNvdEDXWoz1TRyaXL48dcI3qmeaiSefHD1ye1GQ+W8Ned5Coy9S2+ZuavOr4CvWynQ4SSh1xZW2lSWzf6YyywCb/9r35ks8hly+fxo3SPjL5qzdYg7VJWQDnnzgijBS+7WbSerp0P/6A54PMGoZmqcX+iUA8PLcfGIGjEW1NFH4Z8aqyUeAJUhNl4QOVE0kT1vVblI8u6Tf8g5elW+Pq8HXIDL4kASlhdPZbEphEU/9j/xHIBQFlOKkje0CGxuX4IiwxrBaEBxAgywwpRslB0q5oKfB8M73jGN+L0dCYXb9AQLHESM6WgzZb5hZHjDbo1Vw1B85SPGihUyvN2Obe5Frc/luRha2v4sxX8nX+R3FfU/HQgQqf6+g/1SBk+/V7OaKR1191HB1EPQPmWbei+kd+k7s/WRlPg5RAWA41VxJBjxc0jOJ6tKgGVxQ1TpZhR0Um5DGalWXsEcl2H2NLVsaeM9fx2jj8uumfmW8F7M3sBwZZSxyyF38J+rp8fmjMPrbv4LZ5WeDHYcBuAaCxZyBKG5o5k
C:\Windows\tasks\0093e960-5fc4-4c01-ab0a-a085713f6814-7.job - C:\Program Files (x86)\SavePass 1.1\0093e960-5fc4-4c01-ab0a-a085713f6814-7.exe /rawdata=OHfQi95WBDOE+TwZHPInURxTaMvKbCqBwi0yzxbFBchapAHsgnallnpOkSVHJe2NLSH1ZFKNrwe0kwXSHtbV6Q0rmZCds+2DJXwkzzQm2lw9Os1+VDojnaUiU5nML9l0/+jIPxnGrgp+5NOegkASh1MeXhsaw2qpElofvJfDtqV65QYrK9ssW+9HV6HFPN3Y9f4e7ogjNULSnzm3d2llZrkpreM1HmTmWb5qm477cR2TEtiwToTxOI+Ahqw2rIJRM7Uy8bhM+7GyQp0JGUJ0vsprCfepa0iz4iZljDhNtr/PcVIr1mFyZlm25PXfRDFxIZYi4l+U0leNUO6RqmiX44nG83ObtEKP4Gh2YxHwO5B0scv9FmlajdOMaH73dEutUE1LPlVZhNnQNC6cP18nv5bYZ/kCQR8DuQBPrEagQ+w1PYH49xTWLYfE1B7A/rWR3MwOcobjtg4jzJpR6gzMMsCEokanV0JWRLKtHTUoj7a7SYLoJMfJ/PAIEXRbSs+QEtLd5YCg+DmDnc1tRODWcj4XJPrx3bZGHy80fxx60zd4TPvy3S84F8p2ITLZkXrGS/1QMEj4aVwHDaXbloQtGv/wn8jT1TO7OgMiAoDs9Cx5NF0zwkpSLf804sC4N4MO5ohb8qUpouUdsbeBNUhrLidyFIXDkIpmnt2NiAWSugFCz0p99a9sbMpvzDisofEUYdyNkaiEm0NDEfXNQ4xAr6xaJlJzYOO6zxWxch+0sUUC2QnKJR24mZ9H82YaOmz0epGlVTh8tbSovNA1V0vac5sn3h/sB5uy0RmlweQ0XXWdkZz9sgXMPujC75HzcYUljx/f5EDR5OG6gDe31/9XJj1461OF+Y7w18NA7k0XRfUIdxpCqpCOMi0xMMFjsUcJPr5kVuW+3R6Z15UxDBlsvxZPB0qLnRfjlw5vNS1uJag+tTokMR8dwtl7lnDrKY8Z9sIEPrshOPFezXpPZ8CyTs4p63sq2HTv7KvK6edAPH4+GIievX/sPjN0v/fV9FZbPfFoj3M+CFQ34Ti84PlpjAsVkFvi0iAgpGiRz32wLrQhdlDs+KHRvfE8/zmLpJdgT2nXzJrblrCt7Bd6dkl22s5FuNtd+rAykMLvK+rOPiTcFo/dBMK4uvNgyjm6brsj00ttKeLVWATjnoYMapXo/BxEIVYqyXEwLcDDlmeOnOsV5qKQY2kBtwhang2vdGGL4S2vuJHrdLsIi9Bzx5ww7P7WQitPO9PT2zJAROZAopJPmwNRvq/Mx72uC+EaedNbnJvm14L7YIAU8BZY+0illlY/f12hWNE9Bvb8PIJwwBUnbBqtE/j8PR+g3Mo+/9Yoex7/f0yLuLXewB7EJGG51pLN+DrW4Q0jSChfc745THdhRRXL4l9F3Vx+PuuFfRaw9RQHx4P2qOsBEI3rqtzptKWO9I7B2SjHHwPOZqL5NLO4rYXnSuAbNhBZmUYDNphGXLAUfvO8j8ntslQZ8x3lxeHuPUaUeMwbn8BhFdOrK5thyfNllJyG7mhGt2thD89ToUA2YTkX4lI8tEaQ8z8gKZ1jPylLuK1i8AK2sJ2ykiazNuET+NU4dv8MhcOTIlaaO+yEHb3rqxW5GD60aKGs63p/i5VgPbUQfNO/2emceLFA0q1qqr3k04scSsDbc/+MMXtUxNTQmvFY7KwyLUnFv2z9mWE+kIOOVmTghLBE1UmJHOvnN1+9qHOgcrlY5yC+gATSuJxAz382kgrlHjdYctqWYMf6urFTUgZrXpHQ1BlMetFsJDC/GOHvjsbz4YUQklFdkWAmfqD3Lpj1Ms6ymVNUsMkoc8p5qPM9QUq+m3UKBQQhI+tlBeWR1F5oeX5hkP3VWfx3o3w4vl0Vtr8n+QN5zVnXrCJIMf4HdQQnLgeBJFZV52oR/MQ+xJe51lH08Kq0wh1LB5NYVgEvzmaDgJty/FjzpvppAPSMR+pkMli4hqvbmSOMzfrzus7ZcW2ackM65ScZ0t3W7zNPJJ35RND48Hdp5XNY5XMZaw0sXv6+pdWt/zCbk3v4ntoLWPAlm3j1zs6cc2hWSexri+doNqxlkBYlca4A7I8Xs7IR368fQwIZhg9/bquj91CXDhYuvJWlLz+PX7axTPXXQCa3Zb+gHXxZYD8p3lFr88/YUPt3UfHtFgIdf4d9lx+DCpstQM77fO1H6ti/CRA2ASgZ3BsgYWtxJXkAGeP1uW8aDgMhSQWhR7QGzYcIuHucnfWZvlSAdxs6BGj8LcH1VOSFg44U8Y0x/OcSm0bpD3FLSHdoRgm2X/E8a9B70tkefcCq9VlI+/AiB8Q7WGJ9pxbdjR7dC0aBogMQkzN02EHBxqy3OAaAg/K6lO+7HIo1kZE4aL1fXXkeCJOSbajUv2fjAg==
C:\Windows\tasks\55165869-7942-492f-881b-9b10284bb925.job - C:\Program Files (x86)\SavePass 1.1\55165869-7942-492f-881b-9b10284bb925.exe 001504 4F075D6BA3EF4D8D9A9A8D033828D828IE 63429 1416046361 93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 SavePass 1.1
C:\Windows\tasks\AmiUpdXp.job - C:\Users\michal\AppData\Local\19879\Updater.exe
C:\Windows\tasks\CGNNIFN.job - C:\Users\michal\AppData\Roaming\CGNNIFN.exe /infocmdline=IsI6TLvRWX5u58XQCWK8q6Me4zy9ovf/XWZo/k+OfK+ydczIitzvWGWYqzaWY6kCCoOHBQ6eRgIyduVFZfHtJ1XEuWUUqcrE6sOMD6NjnF5Yt5cmp3K9Fhd8u/CSxjRi4uZrQBAf6uoC7vPw9SHSIbj482NkEC9I9OD8MdMGKAc/TZ42ssKq4NvFpb64/hF1tbQPSoVkVDllH7G+n0TqmU7gW6dusUcGRNV3iTHtpOckGEGRBh5vatbopbKw3JElXMagnbzboow23MtoVaNA0ggMLQ1jjnWJ+nLVyLnM8g+gbK4/OFScQPMgK3iJQoOGqFGZ1uXaB132mmOZKdfxPztXJQewnGoakjgoELMyqzlcEj7rNpKKjfn4xLntobPZQITQiYgWvYdg4ZiDiMhEXQRjRZcLKo20qWwVX4USkEJtwiXybVNYrcdJw1HkZjGknvU1C5mdrMfxPMwvLRaMPukDdIsX7QMaewoJlkdWlzsO7LX9TrsFyaTFh540gpifqA5POcZgiGcz88A0D/owDv2EW28VYmjIYUpcNAfwwBd8A7nOqSIXtDw3Vqe0JeZHQr6Yp/Ves+OqMM8587Ryv2iCkwpevi6rrr9x9A4crcJfU6S+2xTNAyYBSdpWy9qW1vh9vSUNyhCrdLSjq0PfHww9PoW/hIZdMw4hjfXxM70=
C:\Windows\tasks\e18cad61-bcd4-4eda-b5fc-6395534ef9a6.job - C:\Program Files (x86)\SavePass 1.1\e18cad61-bcd4-4eda-b5fc-6395534ef9a6.exe /agentregpath='SavePass 1.1' /appid=63429 /srcid='001504' /subid='0' /zdata='163149315' /bic=4F075D6BA3EF4D8D9A9A8D033828D828IE /verifier=cf17539d92ce64928e5aa901361c4a22 /installerversion=1_35_09_29 /installationtime=1416046361 /statsdomain=http://stats.newonlinedatastack.com /errorsdomain=http://errors.newonlinedatastack.com /extensionname='Information' /torpedoiesleeps=1000 /torpedoieplugins=93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 /monetizationdomain=http://logs.newonlinedatastack.com /runfrom='task' /externallog=''
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\NF.job - C:\Users\michal\AppData\Roaming\NF.exe /infocmdline=d/kOUSfo/Towp+ySvrNF6+GX8OtQnhr4oTWkjcAUo+Iig15VxLloGCQGnz+UALFbkxk8B6morat84bldTyj6rLo0FLUTLPJ5VtL332nDc9hyH3pmqZqg+bLUcNmjSNzij0LQWoeaTclvTLrZk71VuFlmOLShY1dXzqNglDWlOI2S3bGOi5DKyyHwSXIKJa/aTkn2+SM8a0nx6jEXlLKS+a0KaWPaihPcgBnyBFQHzZNlCLZ45WPvDzhiO0S3IiocCaqx6NeFikAH+TzRkaflvQ436rzUDnwbvVAhDuW2OZag5IdpPEHLfDOgzX9JIww2HbLsNvJ9PI3tzQsRNLvBQhOypwBIKf8QRtjZAKuZIiUxk/UxysCRC4mt9V7QKJEoyMw5qWn25uBfo7SY9TiUVEjFGX06uJybJk9j8dbCdljGVA+83hoYErprdi5sZ4Pzc86GpzDVrCXqIr6PB20lXJhPqOXgqRgXsDVfvkHtRRfNHqW3pcnbD5nFx0ZL+s0X

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611341129}]
SavePass 1.1 - C:\Program Files (x86)\SavePass 1.1\SavePass 1.1-bho64.dll [2014-11-15 764832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - E:\ClassicExplorer64.dll [2014-01-18 796352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - E:\ClassicIEDLL_64.dll [2014-01-18 483520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611341129}]
SavePass 1.1 - C:\Program Files (x86)\SavePass 1.1\SavePass 1.1-bho.dll [2014-11-15 567712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
IETabPage Class - C:\Program Files (x86)\SupTab\SupTab.dll [2014-11-15 514016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - E:\ClassicExplorer32.dll [2014-01-18 674496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - E:\ClassicIEDLL_32.dll [2014-01-18 437440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - E:\ClassicExplorer64.dll [2014-01-18 796352]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - E:\ClassicExplorer32.dll [2014-01-18 674496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-05-12 7575256]
"ISCT Tray"=C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [2014-04-24 5860656]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-11-06 2464072]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-11-06 2800296]
"Classic Start Menu"=E:\ClassicStartMenu.exe [2014-01-18 161984]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-11-06 30526056]
"cz.seznam.software.autoupdate"=C:\Users\michal\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\michal\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"81ed0e74a40ed4fe8a36a7b819c4279f"=C:\Users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\81ed0e74a40ed4fe8a36a7b819c4279f.exe [2014-11-15 61440]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]
"Facebook Update"=C:\Users\michal\AppData\Roaming\Microsoft\update.exe [2013-12-28 1554465]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2014-04-03 134616]
"Super Charger"=C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [2014-04-08 1047536]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

C:\Users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
81ed0e74a40ed4fe8a36a7b819c4279f.exe
81ed0e74a40ed4fe8a36a7b819c4279f.exe.tmp
Facebook.lnk - C:\Users\michal\AppData\Roaming\Microsoft\update.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-15 21:59:03 ----D---- C:\rsit
2014-11-15 21:59:03 ----D---- C:\Program Files\trend micro
2014-11-15 12:27:03 ----D---- C:\Users\michal\AppData\Roaming\ClassicShell
2014-11-15 12:25:59 ----D---- C:\Program Files\KMSpico
2014-11-15 12:25:51 ----D---- C:\Users\michal\AppData\Roaming\dclogs
2014-11-15 12:25:45 ----D---- C:\Users\michal\AppData\Roaming\WinRAR
2014-11-15 12:18:17 ----D---- C:\Users\michal\AppData\Roaming\TS3Client
2014-11-15 12:00:59 ----A---- C:\autoexec.bat
2014-11-15 11:35:15 ----D---- C:\Program Files\CCleaner
2014-11-15 11:33:11 ----A---- C:\Windows\system32\drivers\{b8b15cc6-bff7-46f4-9881-2927784a8f05}Gw64.sys
2014-11-15 11:27:46 ----D---- C:\Program Files\WinRAR
2014-11-15 11:13:15 ----D---- C:\ProgramData\IePluginServices
2014-11-15 11:13:08 ----D---- C:\Program Files (x86)\SupTab
2014-11-15 11:13:03 ----D---- C:\ProgramData\WindowsMangerProtect
2014-11-15 11:12:48 ----D---- C:\Program Files (x86)\SavePass 1.1
2014-11-15 10:51:10 ----D---- C:\Program Files (x86)\Reference Assemblies
2014-11-15 10:51:10 ----D---- C:\Program Files (x86)\MSBuild
2014-11-15 10:51:05 ----D---- C:\Windows\SYSWOW64\XPSViewer
2014-11-15 10:51:05 ----D---- C:\Program Files\Reference Assemblies
2014-11-15 10:51:05 ----D---- C:\Program Files\MSBuild
2014-11-15 10:50:01 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-11-15 10:50:01 ----A---- C:\Windows\SYSWOW64\PresentationNative_v0300.dll
2014-11-15 10:50:01 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-11-15 10:50:01 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-11-15 10:50:01 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2014-11-15 10:50:01 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-11-15 10:49:57 ----A---- C:\Users\michal\AppData\Roaming\NF.exe
2014-11-15 10:49:24 ----A---- C:\Users\michal\AppData\Roaming\CGNNIFN.exe
2014-11-15 10:49:21 ----D---- C:\Program Files (x86)\globalUpdate
2014-11-15 10:48:34 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-11-15 10:48:22 ----D---- C:\Program Files (x86)\Seznam.cz
2014-11-15 10:48:08 ----D---- C:\Users\michal\AppData\Roaming\Seznam.cz
2014-11-15 02:40:35 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2014-11-15 02:40:35 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2014-11-15 02:40:35 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2014-11-15 02:40:35 ----A---- C:\Windows\system32\D3DX9_43.dll
2014-11-15 02:40:35 ----A---- C:\Windows\system32\d3dx11_43.dll
2014-11-15 02:40:35 ----A---- C:\Windows\system32\d3dx10_43.dll
2014-11-15 02:40:34 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2014-11-15 02:40:34 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2014-11-15 02:40:34 ----A---- C:\Windows\system32\nvspcap64.dll
2014-11-15 02:40:34 ----A---- C:\Windows\system32\nvspbridge64.dll
2014-11-15 02:40:31 ----D---- C:\ProgramData\NVIDIA Corporation
2014-11-15 02:40:30 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-11-15 02:40:29 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-11-15 02:40:29 ----A---- C:\Windows\system32\nvaudcap64v.dll
2014-11-15 02:40:29 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-11-15 02:40:24 ----D---- C:\Program Files\NVIDIA Corporation
2014-11-15 02:37:57 ----HD---- C:\SuperChargerProfile
2014-11-15 02:37:57 ----D---- C:\Program Files (x86)\MSI
2014-11-15 02:35:52 ----D---- C:\Intel
2014-11-15 02:35:22 ----D---- C:\ProgramData\Intel
2014-11-15 02:35:21 ----D---- C:\Program Files (x86)\Intel
2014-11-15 02:34:42 ----D---- C:\Windows\SYSWOW64\RTCOM
2014-11-15 02:34:42 ----D---- C:\Program Files\Realtek
2014-11-15 02:34:31 ----A---- C:\Windows\system32\drivers\MBfilt64.sys
2014-11-15 02:34:26 ----A---- C:\Windows\system32\WavesGUILib64.dll
2014-11-15 02:34:25 ----A---- C:\Windows\system32\SRSWOW64.dll
2014-11-15 02:34:25 ----A---- C:\Windows\system32\SRSTSX64.dll
2014-11-15 02:34:25 ----A---- C:\Windows\system32\SRSTSH64.dll
2014-11-15 02:34:25 ----A---- C:\Windows\system32\SRSHP64.dll
2014-11-15 02:34:24 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2014-11-15 02:34:23 ----A---- C:\Windows\system32\RtPgEx64.dll
2014-11-15 02:34:23 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2014-11-15 02:34:23 ----A---- C:\Windows\system32\RtkCfg64.dll
2014-11-15 02:34:23 ----A---- C:\Windows\system32\RtkApi64.dll
2014-11-15 02:34:22 ----A---- C:\Windows\system32\RtDataProc64.dll
2014-11-15 02:34:22 ----A---- C:\Windows\system32\RTCOM64.dll
2014-11-15 02:34:22 ----A---- C:\Windows\system32\RltkAPO64.dll
2014-11-15 02:34:21 ----A---- C:\Windows\system32\RTEEP64A.dll
2014-11-15 02:34:21 ----A---- C:\Windows\system32\RTEEL64A.dll
2014-11-15 02:34:21 ----A---- C:\Windows\system32\RTEEG64A.dll
2014-11-15 02:34:21 ----A---- C:\Windows\system32\RTEED64A.dll
2014-11-15 02:34:21 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2014-11-15 02:34:20 ----A---- C:\Windows\system32\RP3DHT64.dll
2014-11-15 02:34:20 ----A---- C:\Windows\system32\RP3DAA64.dll
2014-11-15 02:34:20 ----A---- C:\Windows\system32\RCoInstII64.dll
2014-11-15 02:34:20 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2014-11-15 02:34:03 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2014-11-15 02:34:03 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-11-15 02:34:02 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2014-11-15 02:34:01 ----A---- C:\Windows\SYSWOW64\MBAPO232.dll
2014-11-15 02:34:01 ----A---- C:\Windows\system32\MBWrp64.dll
2014-11-15 02:34:01 ----A---- C:\Windows\system32\MBAPO264.dll
2014-11-15 02:33:58 ----A---- C:\Windows\system32\FMAPO64.dll
2014-11-15 02:33:42 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-11-15 02:33:41 ----A---- C:\Windows\system32\AERTAR64.dll
2014-11-15 02:33:41 ----A---- C:\Windows\system32\AERTAC64.dll
2014-11-15 02:33:40 ----HD---- C:\Program Files (x86)\Temp
2014-11-15 02:33:38 ----R---- C:\Windows\RtlExUpd.dll
2014-11-15 02:32:50 ----A---- C:\Windows\system32\drivers\Rt630x64.sys
2014-11-15 02:32:49 ----A---- C:\Windows\system32\RtNicProp64.dll
2014-11-15 02:32:44 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-11-15 02:32:44 ----D---- C:\Program Files (x86)\Realtek
2014-11-15 02:32:27 ----D---- C:\Program Files\Intel
2014-11-15 02:32:12 ----D---- C:\ProgramData\Package Cache
2014-11-15 02:29:36 ----D---- C:\Users\michal\AppData\Roaming\Adobe
2014-11-15 02:29:28 ----SD---- C:\Users\michal\AppData\Roaming\Microsoft
2014-11-15 02:26:07 ----D---- C:\Windows\SoftwareDistribution
2014-11-15 02:25:39 ----SHD---- C:\ProgramData\Šablony
2014-11-15 02:25:39 ----SHD---- C:\ProgramData\Plocha
2014-11-15 02:25:39 ----SHD---- C:\ProgramData\Nabídka Start
2014-11-15 02:25:39 ----SHD---- C:\ProgramData\Dokumenty
2014-11-15 02:25:39 ----SHD---- C:\ProgramData\Data aplikací
2014-11-15 02:25:18 ----ASH---- C:\hiberfil.sys
2014-11-15 02:23:34 ----D---- C:\Windows\Prefetch
2014-11-15 02:23:11 ----ASH---- C:\swapfile.sys
2014-11-15 02:23:11 ----ASH---- C:\pagefile.sys
2014-11-15 02:23:10 ----SHD---- C:\System Volume Information
2014-11-15 02:22:39 ----D---- C:\Windows\Panther
2014-11-14 22:17:19 ----D---- C:\Program Files (x86)\Diablo III
2014-11-14 20:58:37 ----D---- C:\Program Files (x86)\World of Warcraft
2014-11-14 20:47:29 ----D---- C:\Users\michal\AppData\Roaming\Skype
2014-11-14 20:47:25 ----RD---- C:\Program Files (x86)\Skype
2014-11-14 20:47:24 ----D---- C:\ProgramData\Skype
2014-11-14 20:10:48 ----D---- C:\Program Files (x86)\StarCraft II
2014-11-14 20:03:58 ----D---- C:\Users\michal\AppData\Roaming\NVIDIA
2014-11-14 20:03:51 ----D---- C:\Users\michal\AppData\Roaming\Battle.net
2014-11-14 20:03:46 ----D---- C:\ProgramData\Blizzard Entertainment
2014-11-14 20:03:46 ----D---- C:\Program Files (x86)\Battle.net
2014-11-14 20:02:25 ----D---- C:\ProgramData\Battle.net
2014-11-14 19:53:26 ----D---- C:\Program Files (x86)\Google
2014-11-14 19:50:21 ----A---- C:\Windows\system32\drivers\INETMON.sys
2014-11-14 19:47:38 ----D---- C:\Program Files (x86)\AGEIA Technologies
2014-11-14 19:47:14 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-11-14 19:47:09 ----D---- C:\ProgramData\NVIDIA
2014-11-14 19:47:05 ----D---- C:\Users\michal\AppData\Roaming\Macromedia
2014-11-14 19:47:03 ----A---- C:\Windows\system32\nvvsvc.exe
2014-11-14 19:47:03 ----A---- C:\Windows\system32\nvsvcr.dll
2014-11-14 19:47:03 ----A---- C:\Windows\system32\nvsvc64.dll
2014-11-14 19:47:03 ----A---- C:\Windows\system32\nvshext.dll
2014-11-14 19:47:03 ----A---- C:\Windows\system32\nvmctray.dll
2014-11-14 19:47:03 ----A---- C:\Windows\system32\nvcpl.dll
2014-11-14 19:46:54 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2014-11-14 19:46:54 ----A---- C:\Windows\system32\OpenCL.dll
2014-11-14 19:46:21 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-11-14 19:46:21 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-11-14 19:46:21 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-11-14 19:46:21 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-11-14 19:46:21 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-11-14 19:46:21 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-11-14 19:46:21 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2014-11-14 19:46:21 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-11-14 19:46:21 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-11-14 19:46:21 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2014-11-14 19:46:21 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-11-14 19:46:21 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-11-14 19:46:21 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-11-14 19:46:21 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-11-14 19:46:21 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-11-14 19:46:21 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-11-14 19:46:21 ----A---- C:\Windows\system32\nvumdshimx.dll
2014-11-14 19:46:21 ----A---- C:\Windows\system32\nvopencl.dll
2014-11-14 19:46:21 ----A---- C:\Windows\system32\nvoglv64.dll
2014-11-14 19:46:21 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-11-14 19:46:21 ----A---- C:\Windows\system32\nvmcumd.dll
2014-11-14 19:46:21 ----A---- C:\Windows\system32\nvinitx.dll
2014-11-14 19:46:21 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2014-11-14 19:46:21 ----A---- C:\Windows\system32\NvIFR64.dll
2014-11-14 19:46:21 ----A---- C:\Windows\system32\nvhdap64.dll
2014-11-14 19:46:21 ----A---- C:\Windows\system32\nvhdagenco6420103.dll
2014-11-14 19:46:21 ----A---- C:\Windows\system32\NvFBC64.dll
2014-11-14 19:46:21 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2014-11-14 19:46:21 ----A---- C:\Windows\system32\nvdispgenco6434465.dll
2014-11-14 19:46:21 ----A---- C:\Windows\system32\nvdispco6434465.dll
2014-11-14 19:46:21 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-11-14 19:46:21 ----A---- C:\Windows\system32\nvcuvid.dll
2014-11-14 19:46:21 ----A---- C:\Windows\system32\nvcuda.dll
2014-11-14 19:46:21 ----A---- C:\Windows\system32\nvcompiler.dll
2014-11-14 19:46:21 ----A---- C:\Windows\system32\nvapi64.dll
2014-11-14 19:46:21 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-11-14 19:46:21 ----A---- C:\Windows\system32\drivers\nvhda64v.sys

======List of files/folders modified in the last 1 month======

2014-11-15 21:59:03 ----RD---- C:\Program Files
2014-11-15 21:09:05 ----D---- C:\Windows
2014-11-15 21:00:00 ----D---- C:\Windows\system32\sru
2014-11-15 17:29:01 ----D---- C:\Windows\Temp
2014-11-15 15:54:12 ----D---- C:\Windows\Microsoft.NET
2014-11-15 15:54:11 ----RD---- C:\Windows\assembly
2014-11-15 15:44:43 ----RD---- C:\Windows\System32
2014-11-15 15:44:43 ----D---- C:\Windows\Inf
2014-11-15 15:44:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-15 12:26:02 ----D---- C:\Windows\system32\Tasks
2014-11-15 12:25:37 ----HD---- C:\ProgramData
2014-11-15 12:25:33 ----SHD---- C:\Windows\Installer
2014-11-15 12:25:31 ----D---- C:\Windows\SysWOW64
2014-11-15 12:18:00 ----D---- C:\Windows\WinSxS
2014-11-15 11:59:48 ----D---- C:\Windows\system32\drivers
2014-11-15 11:57:47 ----RD---- C:\Program Files (x86)
2014-11-15 11:57:09 ----D---- C:\Windows\Tasks
2014-11-15 11:37:26 ----D---- C:\Windows\Logs
2014-11-15 11:37:26 ----D---- C:\Windows\debug
2014-11-15 11:33:11 ----A---- C:\Windows\win.ini
2014-11-15 11:32:43 ----HD---- C:\Windows\system32\GroupPolicy
2014-11-15 11:32:43 ----D---- C:\Windows\SYSWOW64\GroupPolicy
2014-11-15 11:26:55 ----D---- C:\Windows\system32\NDF
2014-11-15 11:15:52 ----D---- C:\Program Files\Common Files\System
2014-11-15 10:51:36 ----D---- C:\Windows\CbsTemp
2014-11-15 10:51:05 ----RSD---- C:\Windows\Fonts
2014-11-15 10:51:05 ----D---- C:\Windows\SYSWOW64\MUI
2014-11-15 10:51:05 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-15 10:51:05 ----D---- C:\Windows\system32\MUI
2014-11-15 10:51:05 ----D---- C:\Windows\system32\cs-CZ
2014-11-15 10:48:45 ----SD---- C:\ProgramData\Microsoft
2014-11-15 10:47:47 ----D---- C:\Windows\system32\config
2014-11-15 10:24:21 ----D---- C:\Windows\system32\drivers\UMDF
2014-11-15 02:37:38 ----D---- C:\Windows\system32\catroot
2014-11-15 02:36:17 ----D---- C:\Windows\system32\wbem
2014-11-15 02:35:22 ----D---- C:\Windows\AppReadiness
2014-11-15 02:35:21 ----D---- C:\Windows\SYSWOW64\drivers
2014-11-15 02:32:38 ----D---- C:\Windows\system32\restore
2014-11-15 02:30:04 ----HD---- C:\Program Files\WindowsApps
2014-11-15 02:29:49 ----SHD---- C:\$Recycle.Bin
2014-11-15 02:29:28 ----RD---- C:\Users
2014-11-15 02:26:34 ----D---- C:\Windows\rescache
2014-11-15 02:25:39 ----D---- C:\Program Files\Windows NT
2014-11-15 02:24:42 ----D---- C:\Windows\system32\Recovery
2014-11-14 20:47:27 ----D---- C:\Program Files (x86)\Common Files
2014-11-14 19:47:12 ----D---- C:\Windows\system32\DriverStore
2014-11-14 19:47:03 ----D---- C:\Windows\Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Wof;Windows Overlay File System Filter Driver; C:\Windows\system32\drivers\Wof.sys [2014-03-18 157528]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\Windows\system32\DRIVERS\ikbevent.sys [2014-02-03 22216]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\Windows\system32\DRIVERS\imsevent.sys [2014-02-03 22728]
R3 INETMON;INETMON; \??\C:\Windows\System32\Drivers\INETMON.sys [2014-04-03 25800]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-05-13 3962840]
R3 ISCT;@oem6.inf,%ISCT.DeviceDesc%;Intel(R) Smart Connect Technology Device Driver; C:\Windows\System32\drivers\ISCTD.sys [2014-02-03 44744]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;@oem4.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-04-03 118272]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [2012-10-25 13368]
R3 NVHDA;@oem12.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-11-06 197408]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-11-04 13207184]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-11-06 19784]
R3 nvvad_WaveExtensible;@oem8.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-10-03 38216]
R3 RTL8168;@oem2.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-11-26 838872]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2014-03-18 121088]
S3 MSICDSetup;MSICDSetup; \??\D:\CDriver64.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys []
S3 WINUSB;@winusb.inf,%WINUSB_SvcDesc%;WinUsb Driver; C:\Windows\System32\drivers\WinUSB.SYS [2013-08-22 78848]
S3 WUDFSensorLP;@locationprovider.inf,%WudfLocationProviderDisplayName%;Služba Reflektor UMDF pro zprostředkovatele umístění (LocationProvider); C:\Windows\system32\DRIVERS\WUDFRd.sys [2013-08-22 230912]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-11-06 1148744]
R2 IePluginServices;IePlugin Services; C:\ProgramData\IePluginServices\PluginService.exe [2014-11-15 714208]
R2 ISCTAgent;Intel(R) Smart Connect Technology Agent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2014-04-24 209712]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-04-03 154584]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-04-03 398296]
R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [2014-03-17 162800]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-11-06 1795912]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-11-06 19819848]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-11-03 935232]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-11-03 410952]
R2 WindowsMangerProtect;WindowsMangerProtect Service; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [2014-11-15 490640]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-15 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-15 107912]
S2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2013-12-11 1050904]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-15 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-15 107912]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-01-31 887232]
S3 intelsba;Intel(R) Small Business Advantage; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [2014-03-27 54976]

-----------------EOF-----------------

Dobry vecer Vam preju

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan, pote na Clean
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

Ulozte na plochu zoek.exe http://hijackthis.nl/smeenk/zoek.htm

• spustte jako spravce
• do velkeho okna zkopirujte script uvedeny nize
• kliknete na Run script
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\zoek-results.log) - vlozte mi jej do pristi odpovedi

  Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;

# AdwCleaner v4.101 - Report created 15/11/2014 at 22:08:07
# Updated 09/11/2014 by Xplode
# Database : 2014-11-13.1 [Live]
# Operating System : Windows 8.1 (64 bits)
# Username : michal - GINT
# Running from : C:\Users\michal\Downloads\adwcleaner_4.101.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : IePluginServices
Service Deleted : WindowsMangerProtect
Service Deleted : {b8b15cc6-bff7-46f4-9881-2927784a8f05}Gw64

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\Program Files (x86)\globalUpdate
[!] Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Program Files (x86)\SavePass 1.1
Folder Deleted : C:\Users\michal\AppData\Local\globalUpdate
Folder Deleted : C:\Users\michal\AppData\Local\CrashRpt
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
File Deleted : C:\Windows\System32\\drivers\{b8b15cc6-bff7-46f4-9881-2927784a8f05}Gw64.sys
File Deleted : C:\Users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook.lnk
File Deleted : C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

Task Deleted : AmiUpdXp
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : SMupdate1
Task Deleted : YTDownloader
Task Deleted : 0093e960-5fc4-4c01-ab0a-a085713f6814-1
Task Deleted : 0093e960-5fc4-4c01-ab0a-a085713f6814-11
Task Deleted : 0093e960-5fc4-4c01-ab0a-a085713f6814-2
Task Deleted : 0093e960-5fc4-4c01-ab0a-a085713f6814-4
Task Deleted : 0093e960-5fc4-4c01-ab0a-a085713f6814-5
Task Deleted : 0093e960-5fc4-4c01-ab0a-a085713f6814-5_user
Task Deleted : 0093e960-5fc4-4c01-ab0a-a085713f6814-6
Task Deleted : 0093e960-5fc4-4c01-ab0a-a085713f6814-7
Task Deleted : 55165869-7942-492f-881b-9b10284bb925
Task Deleted : e18cad61-bcd4-4eda-b5fc-6395534ef9a6

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKCU\Software\81ed0e74a40ed4fe8a36a7b819c4279f
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D4506CE-F855-4657-AA38-DB6B1F733982}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611341129}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622342229}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655345529}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666346629}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644344429}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611341129}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611341129}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611341129}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622342229}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655345529}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666346629}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611341129}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\SavePass 1.1
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\SavePass 1.1
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SavePass 1.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17037

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v38.0.2125.122


*************************

AdwCleaner[R0].txt - [15295 octets] - [15/11/2014 22:07:18]
AdwCleaner[S0].txt - [12602 octets] - [15/11/2014 22:08:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12663 octets] ##########

Pokracujte zoekem

Zoek.exe v5.0.0.0 Updated 15-November-2014
Tool run by michal on so 15. 11. 2014 at 22:12:30,86.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\michal\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

15. 11. 2014 22:13:03 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12F3E5ED-73C-4FE2-ACD-325B37DA929} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14828BE-4FCC-42F3-8DE3-ED3D43D700} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17B28994-A641-4BA0-806F-FE3C4891FC4} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F924E4F-8067-4BDF-AA49-7BAE1C0D99} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E0C7F69-7E30-4B35-8D69-FF342290F77E} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31fe8b53-fc63-443e-8484-7c73d519f0ac} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{34207E74-3D5A-44B8-BAF4-3B38984BFEB3} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{364A1B43-A5B0-4BF6-A935-92D12ABA614B} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37524C65-480E-4A7F-94DF-1F6F4BDB5F7A} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3CB3FF9A-93B4-4230-BC48-621FD49775B} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D4AE327-9F02-4FD9-BB40-7B393C1E147B} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{48C07DFD-2261-4D1C-A6BB-F3D42CE2C58} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{48F2AC94-6595-44FD-931E-6183BBC03DDA} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E3D9E1-CF4A-4BD3-B2D9-C24EAD4379E5} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4F091E96-1062-431A-8A2B-45D5B1DDEBEC} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52554f28-1339-43e6-bd18-bff4f13d5352} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5323FABE-D6A5-45ED-9EA6-D6D9EFD6BAE} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5803E237-7B89-41DF-8044-B769CD4DEEA} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B3660D3-DC15-4474-AF9F-D7BC9189876} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61144615-5759-4D55-8F3C-411FF228292C} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62A133FB-5CD1-49B2-80C4-B9AE2951A7AD} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7BF1F9D9-336A-485E-ADB7-EE521AEB547} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7CBA25DD-7D78-4DAA-832-30A0A608139} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F7AFEEE-425A-455E-A6FE-6FBF769FD7A9} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{808E70F0-9D0A-464D-916A-5C486BAF} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8161A6FA-63C1-41D3-AC60-DACE6A50170} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8AEF9EEC-7763-4940-BB0-64E0EEAE5095} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8EDFADDE-C5BE-4BD4-B54C-AAF16F713DB} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{92DD3880-F81E-401A-8916-2C76316ECA88} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9410FC93-D-4A85-94C-D30F1B5338F} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96966F21-67FC-4002-A4AA-AD94F02197C1} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9F1DA91C-8263-4A85-97AB-F09832741575} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A01841EE-4338-43C1-9AB7-6120EED3F13} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1299117-E1B-4838-8495-39194F2E50B2} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7800048-9C88-450A-AEC3-86327B7B3E3} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A9B4B595-D8A0-4E30-B436-D08C4FFAC6E} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A9BC057B-5F86-415A-A38B-2A5CFBFEE26} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC996FA6-F08F-42D7-818C-DC8B296587F8} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ACFFDABA-F0BB-4004-913B-6B571C88E24} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE3D4B37-B378-4F1F-A665-45EFFDFB1F} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE542FF7-456A-4B74-BF10-7BD0E825C9FB} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B341246C-94E5-4D6F-A416-8FDA7D2467F0} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B34D91B7-AE16-4093-878-80CB5F5C16} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B3A536A4-87A5-408C-925C-10A72152E70} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B74EA4AD-BD6D-4368-BF2D-E2F9A39A6A7} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BA588B3D-268B-4971-B14-DF763FB66866} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C027D2F-BBB0-41D1-B21D-6ADD7E1AA3EC} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2F71A6C-7D84-4931-9925-D3BBEE5BB57A} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C9284EC6-5AE0-40EA-BDF0-FE90462445E1} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CDF63C76-477A-4496-AEE9-5AEBDE2ECA81} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CEB2BA11-1E37-40B5-9955-3658C990AD94} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF8BE759-1416-4F24-8DF1-BEA3364EC3DA} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1741EB6-F78D-4654-866D-362AF55992FF} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DAF24B60-1ECC-4AC9-9C8B-3F73FF4BECD0} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DAF2DA8-6C92-4617-9CEF-37C04B16208E} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E02264D5-3166-4710-A9A6-C9E97E7C1767} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB5F2939-21B2-4ECF-95B6-A691449B44E} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF9D1AFD-A7E6-4591-A7FB-83E7D49EFD55} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F23E4FB9-1903-4631-89B6-F9BC4732BC} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F2AA927-1CCA-4433-BB50-B21EF333ED5E} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F803C7AA-E116-4B6C-83F2-A985BC1EFB23} deleted successfully
HKEY_USERS\S-1-5-21-144057640-3153285968-835844921-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC6F317E-28F4-4778-8933-92A6D4E3F4E6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31fe8b53-fc63-443e-8484-7c73d519f0ac} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52554f28-1339-43e6-bd18-bff4f13d5352} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"="explorer.exe"

==== Deleting Files \ Folders ======================

C:\Users\michal\AppData\Local\19879 deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\michal\AppData\Local\TempServer.exe.tmp deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Windows\tasks\CGNNIFN.job deleted
C:\windows\SysNative\tasks\CGNNIFN deleted
C:\Windows\tasks\NF.job deleted
C:\windows\SysNative\tasks\NF deleted
C:\windows\SysNative\tasks\Microsoft\Windows\Maintenance\SMupdate2 deleted
C:\windows\SysNative\tasks\Microsoft\Windows\Multimedia\SMupdate3 deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\michal\AppData\Roaming\CGNNIFN.exe deleted
C:\Users\michal\AppData\Roaming\NF.exe deleted
C:\Users\michal\AppData\Local\TempServer.exe deleted
"C:\Users\michal\AppData\Roaming\CGNNIFN" deleted
"C:\Users\michal\AppData\Roaming\NF" deleted

==== Chromium Look ======================

AdBlock - michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

==== Chromium Fix ======================

C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/?clid=16194"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.seznam.cz/?clid=16194"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"
{0CA6A5FE-6EB7-4083-825D-C41CCE87D1C1} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_16194"
{2E4EF79B-FB4D-4E07-B6E9-59FA0B330E8C} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_16194"
{53D53661-FAF5-4C46-B50F-EF01C6481DE2} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_16194"
{6114148E-2F3B-40B6-8132-4848E42068BA} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_16194"
{69858470-6685-403E-975B-29712317135E} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194"
{C2B6EA61-6250-49E1-B0A4-F230BA3B0665} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_16194"
{CDCA5BE0-B7D4-4928-8E11-9244BB7D861D} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_16194"
{DFF8D53A-E24C-4B3B-991A-17D073E84876} Seznam Url="http://search.seznam.cz/?q={searchTerms ... arch_16194"
{F7A0EA81-3B7E-4EC8-8C08-AC74EFC1D638} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_16194"

==== Reset Google Chrome ======================

C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\michal\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\michal\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\michal\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\michal\AppData\Local\Microsoft\Windows\INetCache\IE\D2SRJAKV will be deleted at reboot
C:\Users\michal\AppData\Local\Microsoft\Windows\INetCache\IE\VNC8H5VJ will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=23 folders=6 7100429 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\michal\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\michal\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found
"C:\Users\michal\AppData\Local\Microsoft\Windows\INetCache\IE\D2SRJAKV" not found
"C:\Users\michal\AppData\Local\Microsoft\Windows\INetCache\IE\VNC8H5VJ" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on so 15. 11. 2014 at 22:19:16,15 ======================

Dejte novy log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

.

pri stazeni frst launcheru mam problem chrome me to blokuje ze je soubor skodlivy.. co stim?

Stahnete tedy jen FRST64.exe... prilozte oba logy (frst.txt i Addition.txt)

problemy sem vyresil stahly uz ho mam ale jakmile ho chci hodit na plochu taak mi to napise pokazde ze prestal pracovat a nejdes spustit

Pouzijte jen FRST64.exe (bez Launcheru)

na tom odkazu coo jste mi poslal je ke stahnuti jen s launcherem

ne tak se omlouvam uz jsem to nasel

Prikladam oba logy.



Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2014
Ran by michal (administrator) on GINT on 15-11-2014 22:39:24
Running from C:\Users\michal\Desktop
Loaded Profile: michal (Available profiles: michal)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(IvoSoft) E:\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\michal\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\michal\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
() C:\Users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\81ed0e74a40ed4fe8a36a7b819c4279f.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575256 2014-05-12] (Realtek Semiconductor)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-04-24] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => E:\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1087960 2014-04-03] (Intel Corporation)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1047536 2014-04-08] (MSI)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-144057640-3153285968-835844921-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30526056 2014-11-06] (Skype Technologies S.A.)
HKU\S-1-5-21-144057640-3153285968-835844921-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\michal\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-144057640-3153285968-835844921-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\michal\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-144057640-3153285968-835844921-1001\...\Run: [81ed0e74a40ed4fe8a36a7b819c4279f] => C:\Users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\81ed0e74a40ed4fe8a36a7b819c4279f.exe [61440 2014-11-15] ()
HKU\S-1-5-21-144057640-3153285968-835844921-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-144057640-3153285968-835844921-1001\...\Run: [Facebook Update] => %APPDATA%\Microsoft\update.exe
HKU\S-1-5-21-144057640-3153285968-835844921-1001\...\Winlogon: [Shell] %APPDATA%\Microsoft\update.exe,explorer.exe <==== ATTENTION
Startup: C:\Users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\81ed0e74a40ed4fe8a36a7b819c4279f.exe ()
Startup: C:\Users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\81ed0e74a40ed4fe8a36a7b819c4279f.exe.tmp ()
Startup: C:\Users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook.lnk
ShortcutTarget: Facebook.lnk -> C:\Users\michal\AppData\Roaming\Microsoft\update.exe ()
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => E:\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => E:\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=16194
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0CA6A5FE-6EB7-4083-825D-C41CCE87D1C1} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKCU - {2E4EF79B-FB4D-4E07-B6E9-59FA0B330E8C} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
SearchScopes: HKCU - {53D53661-FAF5-4C46-B50F-EF01C6481DE2} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKCU - {6114148E-2F3B-40B6-8132-4848E42068BA} URL = http://www.mapy.cz/?query={searchTerms} ... arch_16194
SearchScopes: HKCU - {69858470-6685-403E-975B-29712317135E} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKCU - {C2B6EA61-6250-49E1-B0A4-F230BA3B0665} URL = http://encyklopedie.seznam.cz/search?q= ... arch_16194
SearchScopes: HKCU - {CDCA5BE0-B7D4-4928-8E11-9244BB7D861D} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
SearchScopes: HKCU - {DFF8D53A-E24C-4B3B-991A-17D073E84876} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKCU - {F7A0EA81-3B7E-4EC8-8C08-AC74EFC1D638} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> E:\ClassicExplorer64.dll (IvoSoft)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> E:\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> E:\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> E:\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - E:\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - E:\ClassicExplorer32.dll (IvoSoft)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-14]
CHR Extension: (Dokumenty Google) - C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-14]
CHR Extension: (Disk Google) - C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-14]
CHR Extension: (YouTube) - C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-14]
CHR Extension: (Vyhledávání Google) - C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-14]
CHR Extension: (Tabulky Google) - C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-14]
CHR Extension: (AdBlock) - C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-15]
CHR Extension: (Peněženka Google) - C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-14]
CHR Extension: (Gmail) - C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [54976 2014-03-27] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-04-24] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-18] (Microsoft Corporation)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2013-08-22] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () [File not signed]
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [22216 2014-02-03] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [22728 2014-02-03] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-04-03] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-02-03] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-15 22:39 - 2014-11-15 22:39 - 00017010 _____ () C:\Users\michal\Desktop\FRST.txt
2014-11-15 22:39 - 2014-11-15 22:39 - 00000000 ____D () C:\FRST
2014-11-15 22:38 - 2014-11-15 22:38 - 02116608 _____ (Farbar) C:\Users\michal\Desktop\FRST64.exe
2014-11-15 22:33 - 2014-11-15 22:33 - 00112640 _____ (forum.viry.cz) C:\Users\michal\Desktop\FRSTLauncher (4).exe
2014-11-15 22:32 - 2014-11-15 22:37 - 00015327 _____ () C:\Users\michal\AppData\Local\LM.bat
2014-11-15 22:32 - 2014-11-15 22:32 - 00029696 _____ () C:\Users\michal\AppData\Local\MSGBOX.EXE
2014-11-15 22:31 - 2014-11-15 22:31 - 00112640 _____ (forum.viry.cz) C:\Users\michal\Downloads\Nepotvrzeno 379665.crdownload
2014-11-15 22:27 - 2014-11-15 22:27 - 00112640 _____ (forum.viry.cz) C:\Users\michal\Downloads\Nepotvrzeno 924650.crdownload
2014-11-15 22:26 - 2014-11-15 22:26 - 00112640 _____ (forum.viry.cz) C:\Users\michal\Downloads\Nepotvrzeno 880836.crdownload
2014-11-15 22:26 - 2014-11-15 22:26 - 00112640 _____ (forum.viry.cz) C:\Users\michal\Downloads\Nepotvrzeno 25796.crdownload
2014-11-15 22:18 - 2014-11-15 22:12 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-11-15 22:13 - 2014-11-15 22:19 - 00020761 _____ () C:\zoek-results.log
2014-11-15 22:12 - 2014-11-15 22:18 - 00000000 ____D () C:\zoek_backup
2014-11-15 22:12 - 2014-11-15 22:12 - 01294848 _____ () C:\Users\michal\Downloads\zoek.exe
2014-11-15 22:09 - 2014-11-15 22:19 - 00000282 _____ () C:\Windows\setupact.log
2014-11-15 22:09 - 2014-11-15 22:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-15 22:08 - 2014-11-15 22:18 - 00000654 _____ () C:\Windows\PFRO.log
2014-11-15 22:07 - 2014-11-15 22:08 - 00000000 ____D () C:\AdwCleaner
2014-11-15 22:06 - 2014-11-15 22:06 - 02140160 _____ () C:\Users\michal\Downloads\adwcleaner_4.101.exe
2014-11-15 21:59 - 2014-11-15 21:59 - 00000000 ____D () C:\rsit
2014-11-15 21:59 - 2014-11-15 21:59 - 00000000 ____D () C:\Program Files\trend micro
2014-11-15 21:58 - 2014-11-15 21:58 - 01222144 _____ () C:\Users\michal\Downloads\RSITx64.exe
2014-11-15 21:33 - 2014-11-15 21:51 - 844996608 _____ () C:\Users\michal\Downloads\MLČENÍ JEHŇÁTEK 1991 CZ dabing.avi
2014-11-15 12:35 - 2014-11-15 21:14 - 00020913 _____ () C:\Windows\WindowsUpdate.log
2014-11-15 12:27 - 2014-11-15 22:04 - 00000000 ____D () C:\Users\michal\AppData\Roaming\ClassicShell
2014-11-15 12:26 - 2014-11-15 12:26 - 00003706 _____ () C:\Windows\System32\Tasks\AutoPico Daily Restart
2014-11-15 12:26 - 2014-11-15 12:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2014-11-15 12:25 - 2014-11-15 12:26 - 00000000 ____D () C:\Program Files\KMSpico
2014-11-15 12:25 - 2014-11-15 12:25 - 00000000 ____D () C:\Users\michal\AppData\Roaming\WinRAR
2014-11-15 12:25 - 2014-11-15 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2014-11-15 12:25 - 2013-12-28 14:28 - 00000000 ____D () C:\Users\michal\Downloads\KMSpico 9.1.3
2014-11-15 12:18 - 2014-11-15 19:31 - 00000000 ____D () C:\Users\michal\AppData\Roaming\TS3Client
2014-11-15 12:17 - 2014-11-15 12:17 - 00000724 _____ () C:\Users\michal\Desktop\TeamSpeak 3 Client.lnk
2014-11-15 12:17 - 2014-11-15 12:17 - 00000000 ____D () C:\Users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-11-15 12:16 - 2014-11-15 12:16 - 30095736 _____ (TeamSpeak Systems GmbH) C:\Users\michal\Downloads\TeamSpeak3-Client-win32-3.0.13.1.exe
2014-11-15 12:11 - 2014-11-15 12:11 - 05631168 _____ (IvoSoft) C:\Users\michal\Downloads\ClassicShellSetup_4_0_4.exe
2014-11-15 12:11 - 2014-11-15 12:11 - 03963267 _____ () C:\Users\michal\Downloads\KMSpico 9.1.3.rar
2014-11-15 12:00 - 2014-11-15 12:00 - 00000000 _____ () C:\autoexec.bat
2014-11-15 11:59 - 2014-11-15 11:59 - 02998656 _____ (Enigma Software Group USA, LLC.) C:\Users\michal\Downloads\SpyHunter-Installer.exe
2014-11-15 11:57 - 2014-11-15 22:19 - 00000958 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-15 11:57 - 2014-11-15 22:02 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-15 11:57 - 2014-11-15 12:24 - 00002333 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-15 11:57 - 2014-11-15 11:57 - 00003934 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-15 11:57 - 2014-11-15 11:57 - 00003698 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-15 11:57 - 2014-11-15 11:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-15 11:56 - 2014-11-15 11:57 - 00000000 ____D () C:\Users\michal\AppData\Local\Deployment
2014-11-15 11:56 - 2014-11-15 11:56 - 00000000 ____D () C:\Users\michal\AppData\Local\Apps\2.0
2014-11-15 11:35 - 2014-11-15 11:35 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-11-15 11:35 - 2014-11-15 11:35 - 00000834 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-11-15 11:35 - 2014-11-15 11:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-11-15 11:35 - 2014-11-15 11:35 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-15 11:27 - 2014-11-15 11:27 - 00000000 ____D () C:\Users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-15 11:27 - 2014-11-15 11:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-15 11:27 - 2014-11-15 11:27 - 00000000 ____D () C:\Program Files\WinRAR
2014-11-15 10:51 - 2014-11-15 10:51 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-11-15 10:51 - 2014-11-15 10:51 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-11-15 10:51 - 2014-11-15 10:51 - 00000000 ____D () C:\Program Files\MSBuild
2014-11-15 10:51 - 2014-11-15 10:51 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-11-15 10:51 - 2014-11-15 10:51 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-11-15 10:50 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2014-11-15 10:50 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-11-15 10:50 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-11-15 10:50 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2014-11-15 10:50 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-11-15 10:50 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-11-15 10:48 - 2014-11-15 22:24 - 00000000 ____D () C:\Users\michal\AppData\Roaming\Seznam.cz
2014-11-15 10:48 - 2014-11-15 10:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-11-15 10:48 - 2014-11-15 10:48 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-11-15 10:48 - 2014-11-15 10:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-11-15 10:24 - 2014-11-15 10:24 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-11-15 09:39 - 2014-11-15 09:39 - 00000000 ____D () C:\Users\michal\Documents\Diablo III
2014-11-15 02:40 - 2014-11-15 02:40 - 00001363 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-11-15 02:40 - 2014-11-15 02:40 - 00000000 ____D () C:\Users\michal\AppData\Local\NVIDIA
2014-11-15 02:40 - 2014-11-14 19:50 - 00000000 ____D () C:\Users\michal\AppData\Local\NVIDIA Corporation
2014-11-15 02:40 - 2014-11-14 19:47 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-11-15 02:40 - 2014-11-14 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-11-15 02:40 - 2014-11-14 19:47 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-11-15 02:40 - 2014-11-14 19:47 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-11-15 02:40 - 2014-11-06 18:13 - 02197680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-11-15 02:40 - 2014-11-06 18:13 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-11-15 02:40 - 2014-11-06 18:11 - 02800296 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-11-15 02:40 - 2014-11-06 18:11 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-11-15 02:40 - 2014-10-03 20:23 - 00038216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-11-15 02:40 - 2014-10-03 20:23 - 00035144 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-11-15 02:40 - 2014-10-03 20:23 - 00032584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-11-15 02:40 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-11-15 02:40 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-11-15 02:40 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-11-15 02:40 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-11-15 02:40 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-11-15 02:40 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-11-15 02:37 - 2014-11-15 21:16 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{4A957018-6C95-4602-A1A6-6C3F6F009877}
2014-11-15 02:37 - 2014-11-15 02:37 - 00000000 __SHD () C:\Users\michal\AppData\Local\EmieUserList
2014-11-15 02:37 - 2014-11-15 02:37 - 00000000 __SHD () C:\Users\michal\AppData\Local\EmieSiteList
2014-11-15 02:37 - 2014-11-15 02:37 - 00000000 ___HD () C:\SuperChargerProfile
2014-11-15 02:37 - 2014-11-15 02:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2014-11-15 02:37 - 2014-11-15 02:37 - 00000000 ____D () C:\Program Files (x86)\MSI
2014-11-15 02:36 - 2014-11-15 02:36 - 00000000 ____D () C:\Windows\System32\Tasks\Intel(R) Small Business Advantage
2014-11-15 02:35 - 2014-11-15 22:21 - 00074899 _____ () C:\Windows\SysWOW64\Gms.log
2014-11-15 02:35 - 2014-11-15 02:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-11-15 02:35 - 2014-11-15 02:36 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-11-15 02:35 - 2014-11-15 02:35 - 00000000 ___RD () C:\Users\michal\Documents\Notes
2014-11-15 02:35 - 2014-11-15 02:35 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-11-15 02:35 - 2014-11-15 02:35 - 00000000 ____D () C:\Intel
2014-11-15 02:35 - 2014-11-14 19:50 - 00000000 ____D () C:\ProgramData\Intel
2014-11-15 02:34 - 2014-11-15 15:53 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-144057640-3153285968-835844921-1001
2014-11-15 02:34 - 2014-11-15 02:34 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-11-15 02:34 - 2014-11-15 02:34 - 00000000 ____D () C:\Users\michal\Intel
2014-11-15 02:34 - 2014-11-15 02:34 - 00000000 ____D () C:\Program Files\Realtek
2014-11-15 02:34 - 2014-05-13 12:09 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-11-15 02:34 - 2014-05-13 09:56 - 01065618 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-11-15 02:34 - 2014-05-09 04:17 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-11-15 02:34 - 2014-05-08 09:29 - 02000152 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO264.dll
2014-11-15 02:34 - 2014-05-08 09:29 - 01728280 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2014-11-15 02:34 - 2014-04-30 04:34 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-11-15 02:34 - 2014-04-28 08:48 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2014-11-15 02:34 - 2014-04-25 06:51 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-11-15 02:34 - 2014-04-25 06:23 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-11-15 02:34 - 2014-04-10 05:19 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-11-15 02:34 - 2014-04-10 05:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-11-15 02:34 - 2014-04-10 05:19 - 01063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-11-15 02:34 - 2014-03-06 09:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-11-15 02:34 - 2014-01-28 04:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-11-15 02:34 - 2014-01-08 08:25 - 00397592 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2014-11-15 02:34 - 2011-12-20 08:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-11-15 02:34 - 2011-11-22 09:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-11-15 02:34 - 2010-11-08 00:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-11-15 02:34 - 2010-11-08 00:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-11-15 02:34 - 2010-11-08 00:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-11-15 02:34 - 2010-11-08 00:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-11-15 02:34 - 2010-11-08 00:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-11-15 02:34 - 2010-11-08 00:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-11-15 02:34 - 2010-11-03 11:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-11-15 02:34 - 2010-09-27 02:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-11-15 02:34 - 2009-11-24 02:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-11-15 02:34 - 2009-11-24 02:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-11-15 02:34 - 2009-11-24 02:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-11-15 02:34 - 2009-11-24 02:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-11-15 02:34 - 2009-11-18 00:12 - 00032344 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys
2014-11-15 02:33 - 2014-11-15 02:34 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-11-15 02:33 - 2014-02-26 08:16 - 02080472 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2014-11-15 02:33 - 2014-02-18 10:04 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-11-15 02:33 - 2013-10-15 20:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-11-15 02:33 - 2013-10-11 05:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-11-15 02:33 - 2012-03-08 04:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-11-15 02:32 - 2014-11-15 02:37 - 00000000 ____D () C:\Program Files\Intel
2014-11-15 02:32 - 2014-11-15 02:33 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-15 02:32 - 2014-11-15 02:33 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-11-15 02:32 - 2013-11-26 08:34 - 00838872 _____ (Realtek ) C:\Windows\system32\Drivers\Rt630x64.sys
2014-11-15 02:32 - 2013-11-26 08:34 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-11-15 02:29 - 2014-11-15 15:38 - 00000000 ____D () C:\Users\michal
2014-11-15 02:29 - 2014-11-15 11:43 - 00001422 _____ () C:\Users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-15 02:29 - 2014-11-15 02:30 - 00000000 ____D () C:\Users\michal\AppData\Local\Packages
2014-11-15 02:29 - 2014-11-15 02:29 - 00000020 ___SH () C:\Users\michal\ntuser.ini
2014-11-15 02:29 - 2014-11-15 02:29 - 00000000 _SHDL () C:\Users\michal\Šablony
2014-11-15 02:29 - 2014-11-15 02:29 - 00000000 _SHDL () C:\Users\michal\Soubory cookie
2014-11-15 02:29 - 2014-11-15 02:29 - 00000000 _SHDL () C:\Users\michal\Poslední
2014-11-15 02:29 - 2014-11-15 02:29 - 00000000 _SHDL () C:\Users\michal\Okolní tiskárny
2014-11-15 02:29 - 2014-11-15 02:29 - 00000000 _SHDL () C:\Users\michal\Okolní síť
2014-11-15 02:29 - 2014-11-15 02:29 - 00000000 _SHDL () C:\Users\michal\Nabídka Start
2014-11-15 02:29 - 2014-11-15 02:29 - 00000000 _SHDL () C:\Users\michal\Dokumenty
2014-11-15 02:29 - 2014-11-15 02:29 - 00000000 _SHDL () C:\Users\michal\Documents\Obrázky
2014-11-15 02:29 - 2014-11-15 02:29 - 00000000 _SHDL () C:\Users\michal\Documents\Hudba
2014-11-15 02:29 - 2014-11-15 02:29 - 00000000 _SHDL () C:\Users\michal\Documents\Filmy
2014-11-15 02:29 - 2014-11-15 02:29 - 00000000 _SHDL () C:\Users\michal\Data aplikací
2014-11-15 02:29 - 2014-11-15 02:29 - 00000000 _SHDL () C:\Users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-11-15 02:29 - 2014-11-15 02:29 - 00000000 _SHDL () C:\Users\michal\AppData\Local\Data aplikací
2014-11-15 02:29 - 2014-11-15 02:29 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-11-15 02:29 - 2014-11-15 02:29 - 00000000 ____D () C:\Users\michal\AppData\Roaming\Adobe
2014-11-15 02:29 - 2014-11-14 21:54 - 00000000 ____D () C:\Users\michal\AppData\Local\VirtualStore
2014-11-15 02:29 - 2014-03-18 17:02 - 00000000 ___RD () C:\Users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-15 02:29 - 2014-03-18 17:02 - 00000000 ___RD () C:\Users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-11-15 02:29 - 2014-03-18 16:42 - 00000369 _____ () C:\Users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-11-15 02:29 - 2014-03-18 16:42 - 00000369 _____ () C:\Users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-11-15 02:29 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-15 02:29 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\Users\Public\Documents\Obrázky
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\Users\Public\Documents\Hudba
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\Users\Public\Documents\Filmy
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\Users\Default\Šablony
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\Users\Default\Soubory cookie
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\Users\Default\Poslední
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\Users\Default\Okolní tiskárny
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\Users\Default\Okolní síť
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\Users\Default\Nabídka Start
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\Users\Default\Dokumenty
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\Users\Default\Documents\Obrázky
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\Users\Default\Documents\Hudba
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\Users\Default\Documents\Filmy
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\Users\Default\Data aplikací
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Data aplikací
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\Users\Default User\Documents\Obrázky
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\Users\Default User\Documents\Hudba
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\Users\Default User\Documents\Filmy
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Data aplikací
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\ProgramData\Šablony
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\ProgramData\Plocha
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\ProgramData\Nabídka Start
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\ProgramData\Dokumenty
2014-11-15 02:25 - 2014-11-15 02:25 - 00000000 _SHDL () C:\ProgramData\Data aplikací
2014-11-15 02:22 - 2014-11-15 11:37 - 00000000 ____D () C:\Windows\Panther
2014-11-14 22:22 - 2014-11-14 22:52 - 535601671 _____ () C:\Users\michal\Downloads\Naughty-America---Madelyn-Marie.wmv
2014-11-14 22:19 - 2014-11-14 22:19 - 00001150 _____ () C:\Users\Public\Desktop\Diablo III.lnk
2014-11-14 22:19 - 2014-11-14 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-11-14 22:17 - 2014-11-15 09:39 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-11-14 21:58 - 2014-11-14 21:58 - 00001248 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk
2014-11-14 21:58 - 2014-11-14 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2014-11-14 20:58 - 2014-11-14 22:11 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-11-14 20:47 - 2014-11-15 22:20 - 00000000 ____D () C:\Users\michal\AppData\Roaming\Skype
2014-11-14 20:47 - 2014-11-14 20:47 - 00002549 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-11-14 20:47 - 2014-11-14 20:47 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-14 20:47 - 2014-11-14 20:47 - 00000000 ____D () C:\Users\michal\AppData\Local\Skype
2014-11-14 20:47 - 2014-11-14 20:47 - 00000000 ____D () C:\ProgramData\Skype
2014-11-14 20:47 - 2014-11-14 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-11-14 20:45 - 2014-11-14 20:45 - 01546856 _____ (Skype Technologies S.A.) C:\Users\michal\Downloads\SkypeSetup.exe
2014-11-14 20:11 - 2014-11-14 21:25 - 00000000 ____D () C:\Users\michal\Documents\StarCraft II
2014-11-14 20:11 - 2014-11-14 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2014-11-14 20:10 - 2014-11-14 20:25 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-11-14 20:06 - 2014-11-14 20:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-11-14 20:03 - 2014-11-15 22:07 - 00000000 ____D () C:\Users\michal\AppData\Local\Battle.net
2014-11-14 20:03 - 2014-11-15 11:44 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-11-14 20:03 - 2014-11-14 20:12 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-11-14 20:03 - 2014-11-14 20:06 - 00000000 ____D () C:\Users\michal\AppData\Roaming\Battle.net
2014-11-14 20:03 - 2014-11-14 20:03 - 00001156 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-11-14 20:03 - 2014-11-14 20:03 - 00000000 ____D () C:\Users\michal\AppData\Roaming\NVIDIA
2014-11-14 20:03 - 2014-11-14 20:03 - 00000000 ____D () C:\Users\michal\AppData\Local\Blizzard Entertainment
2014-11-14 20:03 - 2014-11-14 20:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-11-14 20:02 - 2014-11-14 20:02 - 02868792 _____ (Blizzard Entertainment) C:\Users\michal\Downloads\Battle.net-Setup-enUS.exe
2014-11-14 20:02 - 2014-11-14 20:02 - 00000000 ____D () C:\ProgramData\Battle.net
2014-11-14 19:53 - 2014-11-15 11:57 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-14 19:53 - 2014-11-14 19:54 - 00000000 ____D () C:\Users\michal\AppData\Local\Google
2014-11-14 19:50 - 2014-11-14 19:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_INETMON_01011.Wdf
2014-11-14 19:50 - 2014-04-03 09:53 - 00025800 _____ () C:\Windows\system32\Drivers\INETMON.sys
2014-11-14 19:47 - 2014-11-15 22:19 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-14 19:47 - 2014-11-14 19:47 - 00000000 ____D () C:\Users\michal\AppData\Roaming\Macromedia
2014-11-14 19:47 - 2014-11-14 19:47 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-11-14 19:47 - 2014-11-03 23:02 - 06882448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-11-14 19:47 - 2014-11-03 23:02 - 03531464 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-11-14 19:47 - 2014-11-03 23:02 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-11-14 19:47 - 2014-11-03 23:02 - 00935232 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-11-14 19:47 - 2014-11-03 23:02 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-11-14 19:47 - 2014-11-03 23:02 - 00061640 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-11-14 19:47 - 2014-11-03 21:25 - 00615568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-11-14 19:47 - 2014-11-03 12:58 - 04099264 _____ () C:\Windows\system32\nvcoproc.bin
2014-11-14 19:46 - 2014-11-06 22:02 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-11-14 19:46 - 2014-11-06 22:02 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-11-14 19:46 - 2014-11-06 22:02 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 31891784 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 24555208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 20985544 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 20923712 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 19966344 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 18514080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 17259848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 16884632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 14031448 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 13943904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 13207184 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-11-14 19:46 - 2014-11-04 01:04 - 11397208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 11335408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 04289168 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 04009672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 03238040 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 02849736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434465.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434465.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 00987520 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 00962704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 00934216 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 00922256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 00898192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 00870624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 00833864 _____ () C:\Windows\system32\nvmcumd.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 00501064 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 00417096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 00391824 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 00349504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 00073872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 00059592 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-11-14 19:46 - 2014-11-04 01:04 - 00027094 _____ () C:\Windows\system32\nvinfo.pb

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-15 22:25 - 2014-03-18 16:33 - 01745984 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-15 22:25 - 2014-03-18 15:54 - 00738682 _____ () C:\Windows\system32\perfh005.dat
2014-11-15 22:25 - 2014-03-18 15:54 - 00151404 _____ () C:\Windows\system32\perfc005.dat
2014-11-15 22:19 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-15 22:17 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-11-15 22:17 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-11-15 22:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2014-11-15 11:33 - 2013-08-22 14:25 - 00000194 _____ () C:\Windows\win.ini
2014-11-15 11:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-15 11:15 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-11-15 10:55 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-11-15 10:51 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-11-15 10:51 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\MUI
2014-11-15 10:51 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-11-15 02:35 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-11-15 02:32 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\restore
2014-11-15 02:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2014-11-15 02:25 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-11-15 02:25 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2014-11-15 02:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Recovery
2014-11-15 02:22 - 2013-08-22 16:36 - 00262144 _____ () C:\Windows\system32\config\BCD-Template
2014-11-14 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Help

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-15 02:23

==================== End Of Log ============================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2014
Ran by michal at 2014-11-15 22:40:01
Running from C:\Users\michal\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aktualizace NVIDIA 16.13.65 (Version: 16.13.65 - NVIDIA Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.122 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.1.1000 - Intel Corporation)
Intel(R) Small Business Advantage (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 2.2.51.8439 - Intel(R) Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{C763E38D-6102-4581-807B-46E42A749212}) (Version: 5.0.10.2832 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.0.0.36888 - Intel Corporation) Hidden
Intel® Chipset Device Software (x32 Version: 10.0.17 - Intel(R) Corporation) Hidden
KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - )
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.025 - MSI)
NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 344.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.65 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 344.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.65 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 344.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.65 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Virtuální audio Miracast 344.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 344.65 - NVIDIA Corporation)
Ovládací panel NVIDIA 344.65 (Version: 344.65 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.23.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7245 - Realtek Semiconductor Corp.)
Seznam Software (HKU\S-1-5-21-144057640-3153285968-835844921-1001\...\SeznamInstall) (Version: - Seznam.cz)
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.65 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.105 - Skype Technologies S.A.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
TeamSpeak 3 Client (HKU\S-1-5-21-144057640-3153285968-835844921-1001\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

15-11-2014 01:32:38 Instalováno Realtek Ethernet Controller Driver

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2014-11-15 22:13 - 00000753 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {5F87735D-02D3-4031-B77D-3F9C3CD19926} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-15] (Google Inc.)
Task: {70274B14-6D37-4D64-B058-0A091CF4E127} - System32\Tasks\Intel(R) Small Business Advantage\Notifier => C:\Program Files\Intel\Intel(R) Small Business Advantage\UI\SBA_Notifier.exe [2014-03-27] (Intel Corporation)
Task: {80637E49-762C-441C-94CB-2901B04E0E33} - \Microsoft\Windows\Multimedia\SMupdate3 No Task File <==== ATTENTION
Task: {BE075D82-AD2D-4F3F-9113-450BF4F1443D} - \Microsoft\Windows\Maintenance\SMupdate2 No Task File <==== ATTENTION
Task: {C03AC8E5-2889-41F6-B401-83368DB7508A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {F95955F9-6DBD-41ED-A2A2-E4DE8EC90200} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2013-12-11] ()
Task: {F97BE919-3923-4DEC-A14A-EA096497C9B4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-15] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-11-14 19:47 - 2014-11-03 23:02 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-24 12:24 - 2014-04-24 12:24 - 00209712 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2014-04-24 12:24 - 2014-04-24 12:24 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-04-24 12:24 - 2014-04-24 12:24 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTEncryptionCheck.dll
2014-04-24 12:24 - 2014-04-24 12:24 - 00037168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2014-11-15 10:48 - 2013-04-15 12:32 - 00060416 _____ () C:\Users\michal\AppData\Roaming\Seznam.cz\bin\19455libfoxloader-x64.dll
2014-11-15 10:48 - 2013-04-12 09:13 - 00457208 _____ () C:\Users\michal\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2014-11-15 10:48 - 2013-04-29 11:53 - 00045560 _____ () C:\Users\michal\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2014-11-15 10:55 - 2014-11-15 10:54 - 00061440 _____ () C:\Users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\81ed0e74a40ed4fe8a36a7b819c4279f.exe
2014-10-23 20:19 - 2014-10-23 20:19 - 00043520 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2013-08-22 08:19 - 2013-08-22 07:54 - 00174592 _____ () C:\Windows\system32\WinMetadata\Windows.UI.winmd
2014-11-15 10:48 - 2013-03-29 12:37 - 00059384 _____ () C:\Users\michal\AppData\Roaming\Seznam.cz\bin\19455libfoxloader.dll
2014-11-15 10:48 - 2013-03-25 15:39 - 00894968 _____ () C:\Users\michal\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2014-11-15 10:48 - 2013-04-29 10:54 - 01663000 _____ () C:\Users\michal\AppData\Roaming\Seznam.cz\bin\libfoxcub.dll
2014-11-15 11:57 - 2014-11-06 00:56 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.122\libglesv2.dll
2014-11-15 11:57 - 2014-11-06 00:56 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.122\libegl.dll
2014-11-15 11:57 - 2014-11-06 00:57 - 08911176 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.122\pdf.dll
2014-11-15 11:57 - 2014-11-06 00:56 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.122\ffmpegsumo.dll
2014-04-03 16:48 - 2014-04-03 16:48 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-11-15 11:57 - 2014-11-06 00:57 - 14910280 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.122\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-144057640-3153285968-835844921-500 - Administrator - Disabled)
Guest (S-1-5-21-144057640-3153285968-835844921-501 - Limited - Disabled)
michal (S-1-5-21-144057640-3153285968-835844921-1001 - Administrator - Enabled) => C:\Users\michal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/15/2014 10:37:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FRSTLauncher (4).exe, verze: 30.9.13.1, časové razítko: 0x2a425e19
Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.17031, časové razítko: 0x53088860
Kód výjimky: 0x0eedfade
Posun chyby: 0x00014dbd
ID chybujícího procesu: 0x2e4
Čas spuštění chybující aplikace: 0xFRSTLauncher (4).exe0
Cesta k chybující aplikaci: FRSTLauncher (4).exe1
Cesta k chybujícímu modulu: FRSTLauncher (4).exe2
ID zprávy: FRSTLauncher (4).exe3
Úplný název chybujícího balíčku: FRSTLauncher (4).exe4
ID aplikace související s chybujícím balíčkem: FRSTLauncher (4).exe5

Error: (11/15/2014 10:35:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FRSTLauncher (4).exe, verze: 30.9.13.1, časové razítko: 0x2a425e19
Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.17031, časové razítko: 0x53088860
Kód výjimky: 0x0eedfade
Posun chyby: 0x00014dbd
ID chybujícího procesu: 0xae4
Čas spuštění chybující aplikace: 0xFRSTLauncher (4).exe0
Cesta k chybující aplikaci: FRSTLauncher (4).exe1
Cesta k chybujícímu modulu: FRSTLauncher (4).exe2
ID zprávy: FRSTLauncher (4).exe3
Úplný název chybujícího balíčku: FRSTLauncher (4).exe4
ID aplikace související s chybujícím balíčkem: FRSTLauncher (4).exe5

Error: (11/15/2014 10:34:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FRSTLauncher (4).exe, verze: 30.9.13.1, časové razítko: 0x2a425e19
Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.17031, časové razítko: 0x53088860
Kód výjimky: 0x0eedfade
Posun chyby: 0x00014dbd
ID chybujícího procesu: 0x404
Čas spuštění chybující aplikace: 0xFRSTLauncher (4).exe0
Cesta k chybující aplikaci: FRSTLauncher (4).exe1
Cesta k chybujícímu modulu: FRSTLauncher (4).exe2
ID zprávy: FRSTLauncher (4).exe3
Úplný název chybujícího balíčku: FRSTLauncher (4).exe4
ID aplikace související s chybujícím balíčkem: FRSTLauncher (4).exe5

Error: (11/15/2014 10:33:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FRSTLauncher (4).exe, verze: 30.9.13.1, časové razítko: 0x2a425e19
Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.17031, časové razítko: 0x53088860
Kód výjimky: 0x0eedfade
Posun chyby: 0x00014dbd
ID chybujícího procesu: 0xa18
Čas spuštění chybující aplikace: 0xFRSTLauncher (4).exe0
Cesta k chybující aplikaci: FRSTLauncher (4).exe1
Cesta k chybujícímu modulu: FRSTLauncher (4).exe2
ID zprávy: FRSTLauncher (4).exe3
Úplný název chybujícího balíčku: FRSTLauncher (4).exe4
ID aplikace související s chybujícím balíčkem: FRSTLauncher (4).exe5

Error: (11/15/2014 10:32:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FRSTLauncher (4).exe, verze: 30.9.13.1, časové razítko: 0x2a425e19
Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.17031, časové razítko: 0x53088860
Kód výjimky: 0x0eedfade
Posun chyby: 0x00014dbd
ID chybujícího procesu: 0x98c
Čas spuštění chybující aplikace: 0xFRSTLauncher (4).exe0
Cesta k chybující aplikaci: FRSTLauncher (4).exe1
Cesta k chybujícímu modulu: FRSTLauncher (4).exe2
ID zprávy: FRSTLauncher (4).exe3
Úplný název chybujícího balíčku: FRSTLauncher (4).exe4
ID aplikace související s chybujícím balíčkem: FRSTLauncher (4).exe5

Error: (11/15/2014 10:32:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FRSTLauncher (4).exe, verze: 30.9.13.1, časové razítko: 0x2a425e19
Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.17031, časové razítko: 0x53088860
Kód výjimky: 0x0eedfade
Posun chyby: 0x00014dbd
ID chybujícího procesu: 0xaec
Čas spuštění chybující aplikace: 0xFRSTLauncher (4).exe0
Cesta k chybující aplikaci: FRSTLauncher (4).exe1
Cesta k chybujícímu modulu: FRSTLauncher (4).exe2
ID zprávy: FRSTLauncher (4).exe3
Úplný název chybujícího balíčku: FRSTLauncher (4).exe4
ID aplikace související s chybujícím balíčkem: FRSTLauncher (4).exe5

Error: (11/15/2014 10:09:29 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (11/15/2014 10:09:29 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (11/15/2014 10:09:29 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexovacího modulu nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (11/15/2014 10:09:29 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)


System errors:
=============
Error: (11/15/2014 10:19:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Service KMSELDI byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/15/2014 10:18:28 PM) (Source: DCOM) (EventID: 10010) (User: gint)
Description: {03E64E17-B220-4052-9B9B-155F9CB8E016}

Error: (11/15/2014 10:18:27 PM) (Source: DCOM) (EventID: 10010) (User: gint)
Description: {03E64E17-B220-4052-9B9B-155F9CB8E016}

Error: (11/15/2014 10:17:43 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/15/2014 10:17:43 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/15/2014 10:17:43 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/15/2014 10:17:43 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/15/2014 10:17:42 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/15/2014 10:09:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Service KMSELDI byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/15/2014 10:09:30 PM) (Source: DCOM) (EventID: 10005) (User: gint)
Description: 1053WSearchNení k dispozici{9E175B68-F52A-11D8-B9A5-505054503030}


Microsoft Office Sessions:
=========================
Error: (11/15/2014 10:37:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FRSTLauncher (4).exe30.9.13.12a425e19KERNELBASE.dll6.3.9600.17031530888600eedfade00014dbd2e401d0011c532087eaC:\Users\michal\Desktop\FRSTLauncher (4).exeC:\Windows\SYSTEM32\KERNELBASE.dll90d1d765-6d0f-11e4-8259-448a5bd57f80

Error: (11/15/2014 10:35:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FRSTLauncher (4).exe30.9.13.12a425e19KERNELBASE.dll6.3.9600.17031530888600eedfade00014dbdae401d0011c12d45185C:\Users\michal\Desktop\FRSTLauncher (4).exeC:\Windows\SYSTEM32\KERNELBASE.dll508a674c-6d0f-11e4-8259-448a5bd57f80

Error: (11/15/2014 10:34:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FRSTLauncher (4).exe30.9.13.12a425e19KERNELBASE.dll6.3.9600.17031530888600eedfade00014dbd40401d0011bfc7c6985C:\Users\michal\Desktop\FRSTLauncher (4).exeC:\Windows\SYSTEM32\KERNELBASE.dll3a327e92-6d0f-11e4-8259-448a5bd57f80

Error: (11/15/2014 10:33:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FRSTLauncher (4).exe30.9.13.12a425e19KERNELBASE.dll6.3.9600.17031530888600eedfade00014dbda1801d0011bc8f11bf3C:\Users\michal\Desktop\FRSTLauncher (4).exeC:\Windows\SYSTEM32\KERNELBASE.dll06a009f8-6d0f-11e4-8259-448a5bd57f80

Error: (11/15/2014 10:32:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FRSTLauncher (4).exe30.9.13.12a425e19KERNELBASE.dll6.3.9600.17031530888600eedfade00014dbd98c01d0011bb2423940C:\Users\michal\Desktop\FRSTLauncher (4).exeC:\Windows\SYSTEM32\KERNELBASE.dlleff5ec00-6d0e-11e4-8259-448a5bd57f80

Error: (11/15/2014 10:32:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FRSTLauncher (4).exe30.9.13.12a425e19KERNELBASE.dll6.3.9600.17031530888600eedfade00014dbdaec01d0011bae6bf1f4C:\Users\michal\Desktop\FRSTLauncher (4).exeC:\Windows\SYSTEM32\KERNELBASE.dllec51b625-6d0e-11e4-8259-448a5bd57f80

Error: (11/15/2014 10:09:29 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (11/15/2014 10:09:29 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: aplikace Windows

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (11/15/2014 10:09:29 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (11/15/2014 10:09:29 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)
Search.TripoliIndexer


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
Percentage of memory in use: 20%
Total physical RAM: 8127.9 MB
Available physical RAM: 6460.53 MB
Total Pagefile: 10047.9 MB
Available Pagefile: 8064.06 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.31 GB) (Free:22.5 GB) NTFS
Drive e: (Nový svazek) (Fixed) (Total:833.85 GB) (Free:833.65 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: FEDB3F03)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=833.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Jak jsme na tom s legalitou OS?