VIRY.CZ

Ahoj

,

mohl bych poprosit o kontrolu z FRST, Avast hlásí jednou za určitý čas blokaci šroubového útoku, nejspíš se jedná o vir
Win64-Evo-gen.

Mohl bych poprosit táké o radu, jak odstranit ze svého PC program McAfee Security Scan Plus.

Díky moc za radu.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-11-2014
Ran by Kalča (administrator) on TOSHIBA on 22-11-2014 10:48:32
Running from C:\Users\Kalča\Desktop
Loaded Profiles: Kalča & Administrator (Available profiles: Kalča & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation.) C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
(Toshiba Europe GmbH) C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
() C:\Users\Kalča\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(PerformerSoft LLC) C:\Program Files (x86)\PC Performer\PCPerformer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA Corporation.) C:\Program Files\TOSHIBA\HDMICtrlMan\HCMSoundChanger.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngtool.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\RegSvr32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(Společnost TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosHdpProc.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2009-08-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [596328 2009-08-06] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35160 2009-08-06] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050000 2009-08-26] (Toshiba Europe GmbH)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [497504 2009-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [909624 2009-08-05] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7982112 2009-07-28] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [312832 2009-07-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [ThpSrv] => C:\Windows\system32\thpsrv /logon
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-07-29] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1481568 2009-09-03] (TOSHIBA Corporation)
HKLM\...\Run: [HDMICtrlMan] => C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [1032536 2009-08-03] (TOSHIBA Corporation.)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711000 2009-08-04] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [134032 2009-08-25] (Toshiba Europe GmbH)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [TUSBSleepChargeSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe [252288 2009-07-02] (TOSHIBA)
HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-21] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-08-17] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2446648 2009-08-11] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1718920 2013-02-02] (Ask)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-21] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [Infium] => "C:\Program Files (x86)\QIP 2010\qip.exe" /autorun
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [Facebook Update] => "C:\Users\Kal
a\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [AppsHat] => C:\Users\Kal
a\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [Zoner Photo Studio Service 16] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe [27648 2014-06-16] ()
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833024 2014-06-16] (ZONER software)
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [doskey] => "C:\Users\Kal
a\AppData\Roaming\Microsoft\Windows\IEUpdate\doskey.exe"
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [YkzPack] => regsvr32.exe C:\Users\Kal
a\AppData\Local\YkzPack\rasnetExt.dll <===== ATTENTION
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [Ollics] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Kal
a\AppData\Local\Iznvsoft\rasnetExt.dll
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [RMActivate_isv] => "C:\Users\Kal
a\AppData\Roaming\Microsoft\Windows\IEUpdate\RMActivate_isv.exe"
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\MountPoints2: {40b89521-bb5c-11df-aef7-f79d88422171} - H:\RunGame.exe
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Command Processor: "C:\Users\Kalča\AppData\Roaming\Microsoft\Windows\IEUpdate\RMActivate_isv.exe" <===== ATTENTION!
HKU\S-1-5-21-2958001259-3159344954-3972479531-500\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
HKU\S-1-5-18\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Kalča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\doskey.lnk
ShortcutTarget: doskey.lnk -> C:\Users\Kalča\AppData\Roaming\Microsoft\Windows\IEUpdate\doskey.exe (No File)
Startup: C:\Users\Kalča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RMActivate_isv.lnk
ShortcutTarget: RMActivate_isv.lnk -> C:\Users\Kalča\AppData\Roaming\Microsoft\Windows\IEUpdate\RMActivate_isv.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll ()
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-2958001259-3159344954-3972479531-1000] => proxy.vscht.cz:3128
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=14672
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=TSEH
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
HKU\S-1-5-21-2958001259-3159344954-3972479531-500\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=14672
URLSearchHook: HKU\S-1-5-21-2958001259-3159344954-3972479531-1000 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: HKU\S-1-5-21-2958001259-3159344954-3972479531-1000 - UsProvider Class - {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files (x86)\Minibar\Minibar.dll (KangoExtensions)
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = ${SEARCH_URL}{searchTerms}
SearchScopes: HKU\S-1-5-21-2958001259-3159344954-3972479531-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={search ... 4&tsp=4986
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
BHO-x32: No Name -> {18DBB6CE-3148-4FEC-B481-103CB3290427} -> No File
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: No Name -> {AA74D58F-ACD0-450D-A85E-6C04B171C044} -> No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: No Name -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-2958001259-3159344954-3972479531-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-2958001259-3159344954-3972479531-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Kalča\AppData\Roaming\Mozilla\Firefox\Profiles\s21srihv.default
FF DefaultSearchEngine: Ask.com
FF DefaultSearchUrl: https://www.google.com/search
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Ask.com
FF Homepage: about:home
FF NetworkProxy: "http", "proxy.vscht.cz"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2958001259-3159344954-3972479531-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kalča\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npffvsharetvplg.dll (vShare.tv)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Kalča\AppData\Roaming\Mozilla\Firefox\Profiles\s21srihv.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Kalča\AppData\Roaming\Mozilla\Firefox\Profiles\s21srihv.default\searchplugins\daemon-search.xml
FF SearchPlugin: C:\Users\Kalča\AppData\Roaming\Mozilla\Firefox\Profiles\s21srihv.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\Kalča\AppData\Roaming\Mozilla\Firefox\Profiles\s21srihv.default\searchplugins\seznam-avast.xml
FF SearchPlugin: C:\Users\Kalča\AppData\Roaming\Mozilla\Firefox\Profiles\s21srihv.default\searchplugins\Startsear.xml
FF Extension: QuestDns - C:\Program Files (x86)\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97} [2010-07-24]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-12]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-14]
FF HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com", "https://www.seznam.cz/?clid=22668"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Kalča\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\Kalča\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-14]
CHR Extension: (vShare.tv plugin) - C:\Users\Kalča\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj [2013-01-03]
CHR Extension: (Peněženka Google) - C:\Users\Kalča\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
CHR HKLM\...\Chrome\Extension: [aaaajabnoiehionljhjpclogplgillib] - C:\ProgramData\AskPartnerNetwork\Toolbar\CME-V7\CRX\ToolbarCR.crx [2014-09-10]
CHR HKLM-x32\...\Chrome\Extension: [aaaajabnoiehionljhjpclogplgillib] - C:\ProgramData\AskPartnerNetwork\Toolbar\CME-V7\CRX\ToolbarCR.crx [2014-09-10]
CHR HKLM-x32\...\Chrome\Extension: [dgjkhjdcljddbedokogakmmdjgnbeanf] - C:\Users\Kalča\AppData\Roaming\SpeedAnalysis2\SpeedAnalysis.crx [2013-06-11]
CHR HKLM-x32\...\Chrome\Extension: [gjajpkikblccgefaibcafkfbanllpefi] - C:\Users\Kalča\AppData\Roaming\7go\7go.crx [2013-07-30]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-21]
CHR HKLM-x32\...\Chrome\Extension: [kpionmjnkbpcdpcflammlgllecmejgjj] - C:\Program Files (x86)\vSharetv plugin\vshareplg.crx [2012-10-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-21] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-11-21] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2139328 2014-05-27] (Comodo Security Solutions, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116104 2009-08-26] (Toshiba Europe GmbH)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-21] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-11-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-21] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2014-11-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-21] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R1 PMCF; C:\Windows\system32\drivers\PMCF.sys [16392 2009-03-20] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-09-08] () [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-21] (Avast Software)
U3 ae52cige; C:\Windows\System32\Drivers\ae52cige.sys [0 ] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-22 10:48 - 2014-11-22 10:49 - 00030463 _____ () C:\Users\Kalča\Desktop\FRST.txt
2014-11-22 10:48 - 2014-11-22 10:48 - 00000000 ____D () C:\FRST
2014-11-21 17:16 - 2014-11-21 17:16 - 02117632 _____ (Farbar) C:\Users\Kalča\Desktop\FRST64.exe
2014-11-21 16:28 - 2014-11-21 16:28 - 00002037 _____ () C:\Users\Public\Desktop\Avast SafeZone.lnk
2014-11-21 16:28 - 2014-11-21 16:28 - 00001977 _____ () C:\Users\Public\Desktop\Avast Internet Security.lnk
2014-11-21 16:28 - 2014-11-21 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-21 16:26 - 2014-11-21 16:24 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-11-21 16:25 - 2014-11-21 16:25 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-21 16:25 - 2014-11-21 16:25 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-21 16:23 - 2014-11-21 16:23 - 00449936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-11-18 20:55 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-18 20:55 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-18 20:55 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-18 20:55 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-18 20:24 - 2014-11-22 10:44 - 00000000 ____D () C:\Users\Kalča\AppData\Local\Iznvsoft
2014-11-18 20:24 - 2014-11-18 20:24 - 00000000 ____D () C:\Users\Kalča\AppData\Local\YkzPack
2014-11-16 12:46 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-16 12:46 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-16 12:46 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-16 12:46 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-16 12:46 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-16 12:46 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-16 12:46 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-16 12:46 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-16 12:46 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-16 12:46 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-16 12:46 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-16 12:46 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-16 12:46 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-16 12:46 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-16 12:46 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-16 12:46 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-16 12:46 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-16 12:46 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-16 12:46 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-16 12:46 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-16 12:46 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-16 12:46 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-16 12:46 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-16 12:46 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-16 12:46 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-16 12:46 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-16 12:46 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-16 12:46 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-16 12:46 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-16 12:46 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-16 12:46 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-16 12:46 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-16 12:46 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-16 12:46 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-16 12:46 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-16 12:46 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-16 12:46 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-16 12:46 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-16 12:46 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-16 12:46 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-16 12:46 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-16 12:46 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-16 12:46 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-16 12:46 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-16 12:46 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-16 12:46 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-16 12:46 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-16 12:46 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-16 12:46 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-16 12:46 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-16 12:46 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-16 12:46 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-16 12:46 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-16 12:46 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-16 12:46 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-16 12:45 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-14 22:47 - 2014-11-14 22:48 - 00860160 _____ () C:\Users\Kalča\Downloads\K-Lite_Codec_Pack_std.exe
2014-11-14 22:35 - 2014-11-14 22:35 - 00003164 _____ () C:\Windows\System32\Tasks\{308D2DEB-8907-46C7-82EB-63397E91043C}
2014-11-14 18:56 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-14 18:56 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-14 18:56 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-14 18:56 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-14 18:56 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-14 18:56 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-14 18:56 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-14 18:56 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-14 18:56 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-14 17:59 - 2014-11-14 17:59 - 00022425 _____ () C:\Users\Kalča\Downloads\Les.Miserables.2012.DVDRip.torrent
2014-11-14 17:24 - 2014-11-14 17:24 - 00033560 _____ () C:\Users\Kalča\Downloads\Interstellar (2014) 720p BrRip x264 YIFY.torrent
2014-11-14 17:12 - 2014-11-14 17:12 - 00032999 _____ () C:\Users\Kalča\Downloads\Rush 2013.torrent
2014-11-14 16:26 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-14 16:26 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-14 16:26 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-14 16:26 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-14 16:26 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-14 16:26 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-14 16:26 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-14 16:26 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-14 16:26 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-14 16:26 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-14 16:26 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-14 16:26 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-13 18:57 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-13 18:57 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-13 18:57 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-13 18:17 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-13 18:17 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-13 18:17 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-13 18:17 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-13 18:03 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-13 18:03 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-13 10:20 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-13 10:20 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-13 10:20 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-13 10:20 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-13 10:20 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-13 10:20 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-13 10:20 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-13 10:20 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-13 09:51 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-13 09:51 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-13 09:50 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-13 09:50 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-13 09:50 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-13 09:49 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-13 09:49 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 21:03 - 2014-11-12 21:03 - 17926832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-11-12 20:45 - 2014-11-12 20:45 - 00000000 ____D () C:\Users\Kalča\Downloads\KaPiGraf
2014-11-12 20:43 - 2014-11-12 20:45 - 00000000 ____D () C:\Program Files\Kapi graf
2014-11-12 20:42 - 2014-11-12 20:42 - 01048565 _____ () C:\Users\Kalča\Downloads\kapigraf.zip
2014-11-11 20:03 - 2014-11-11 20:03 - 00000218 _____ () C:\Users\Kalča\AppData\Local\recently-used.xbel
2014-11-10 19:35 - 2014-11-18 21:13 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-11-10 19:33 - 2014-11-10 19:33 - 01055928 _____ (Microsoft Corporation) C:\Users\Kalča\Desktop\Setup.X86.en-us_O365ProPlusRetail_70d32342-6ed7-4f9d-b84e-928a199f49bb_TX_PR_.exe
2014-11-10 18:57 - 2014-11-10 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-11-10 18:43 - 2014-11-11 16:44 - 00000000 ____D () C:\Users\Kalča\Downloads\Project Professional 2013 with SP1 32 and 64-Bit - DVD (English)
2014-11-10 17:46 - 2014-11-11 16:59 - 2136643033 _____ () C:\Users\Kalča\Downloads\en_windows_7_professional_n_with_sp1_x86_dvd_u_677328.sdc
2014-11-10 17:46 - 2014-11-10 19:03 - 2815175828 _____ () C:\Users\Kalča\Downloads\en_windows_7_professional_n_with_sp1_x64_dvd_u_677207.sdc
2014-11-10 17:45 - 2014-11-10 17:45 - 00003141 _____ () C:\Users\Kalča\Desktop\Shortcut to SecureDownloadManager.exe.lnk
2014-11-10 17:45 - 2014-11-10 17:45 - 00000000 ____D () C:\Users\Kalča\AppData\Roaming\e-academy Inc
2014-11-10 17:45 - 2014-11-10 17:45 - 00000000 ____D () C:\Users\Kalča\AppData\Local\e-academy Inc
2014-11-10 16:18 - 2014-11-10 16:20 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-11-10 16:18 - 2014-11-10 16:18 - 00002026 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-11-03 17:31 - 2014-11-03 17:31 - 00014043 _____ () C:\Users\Kalča\Downloads\torrentdls com Cista duse.avi.torrent
2014-10-23 15:54 - 2014-10-23 15:54 - 00013418 _____ () C:\Users\Kalča\Downloads\Výslekdy 10km VAŠE LIGA.xlsx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-22 10:49 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-11-22 10:44 - 2014-06-24 15:10 - 00000000 ____D () C:\Users\Administrator
2014-11-22 10:43 - 2012-08-29 14:51 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-11-22 10:42 - 2013-08-26 17:23 - 00001170 _____ () C:\Windows\Tasks\Torntv 2-codedownloader.job
2014-11-22 10:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-22 10:41 - 2009-07-14 05:51 - 00208977 _____ () C:\Windows\setupact.log
2014-11-22 10:40 - 2009-10-02 09:37 - 00749576 _____ () C:\Windows\PFRO.log
2014-11-22 10:36 - 2012-03-30 05:59 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-22 10:36 - 2011-10-19 21:34 - 00000982 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2958001259-3159344954-3972479531-1000UA.job
2014-11-22 10:36 - 2011-10-19 21:34 - 00000960 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2958001259-3159344954-3972479531-1000Core.job
2014-11-22 10:36 - 2009-11-21 18:49 - 02000844 _____ () C:\Windows\WindowsUpdate.log
2014-11-22 04:26 - 2014-09-14 14:15 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-21 19:39 - 2009-07-14 05:45 - 00022208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-21 19:39 - 2009-07-14 05:45 - 00022208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-21 16:26 - 2014-09-14 14:16 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-21 16:25 - 2014-09-14 14:15 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-11-21 16:25 - 2014-09-14 14:15 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-21 16:25 - 2014-09-14 14:15 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-11-21 16:25 - 2014-09-14 14:15 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-21 16:25 - 2014-09-14 14:15 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-11-21 16:25 - 2014-09-14 14:15 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-21 16:25 - 2014-09-14 14:15 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-21 15:08 - 2013-08-26 17:19 - 00000276 _____ () C:\Windows\Tasks\PC Performer_DEFAULT.job
2014-11-21 15:07 - 2014-08-15 08:31 - 00003118 _____ () C:\Windows\System32\Tasks\PC Performer
2014-11-19 18:19 - 2013-08-26 17:19 - 00000284 _____ () C:\Windows\Tasks\PC Performer_UPDATES.job
2014-11-18 21:18 - 2009-10-02 09:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-17 10:52 - 2014-09-09 10:10 - 00000000 ____D () C:\Users\Kalča\AppData\Local\CrashDumps
2014-11-14 23:02 - 2013-08-11 20:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-14 22:53 - 2010-06-22 22:46 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-14 22:49 - 2013-09-10 14:38 - 00000000 ____D () C:\Users\Kalča\AppData\Roaming\BitTorrent
2014-11-14 18:25 - 2011-10-19 20:07 - 00000000 ____D () C:\Users\Kalča\AppData\Roaming\vlc
2014-11-14 08:33 - 2014-05-07 13:46 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-13 18:48 - 2011-02-01 19:38 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 18:48 - 2011-02-01 19:38 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-13 18:48 - 2011-02-01 19:38 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-13 18:48 - 2011-02-01 19:38 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-13 17:31 - 2009-07-14 05:45 - 00441672 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 21:03 - 2012-03-30 05:59 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 21:03 - 2012-03-30 05:59 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 21:03 - 2011-07-20 16:25 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-11 20:03 - 2014-05-27 17:02 - 00000000 ____D () C:\Users\Kalča\.bluefish
2014-11-10 19:08 - 2010-03-02 18:14 - 00111632 _____ () C:\Users\Kalča\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-10 18:56 - 2010-03-28 19:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-11-10 18:55 - 2009-07-14 16:37 - 00000000 ____D () C:\Windows\ShellNew
2014-11-10 18:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-11-10 18:53 - 2010-03-28 19:08 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-11-10 16:18 - 2009-10-02 09:27 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-10 16:17 - 2012-08-13 08:26 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-11-08 09:26 - 2009-07-14 16:18 - 00669132 _____ () C:\Windows\system32\perfh005.dat
2014-11-08 09:26 - 2009-07-14 16:18 - 00141760 _____ () C:\Windows\system32\perfc005.dat
2014-11-08 09:26 - 2009-07-14 06:13 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-01 11:48 - 2011-03-29 17:27 - 00001146 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-01 11:48 - 2011-03-29 17:27 - 00001146 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-30 12:25 - 2010-04-30 19:13 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-28 17:11 - 2011-09-05 14:34 - 00002190 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-28 12:24 - 2010-03-28 19:08 - 00000000 ____D () C:\Users\Kalča\AppData\Local\Microsoft Help
2014-10-24 14:00 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD

Files to move or delete:
====================
C:\Users\Kalča\VBACV10.DLL
C:\Users\Kalča\VBACV10D.DLL

Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\COMAP.EXE
C:\Users\Kalča\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Kalča\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Kalča\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Kalča\AppData\Local\Temp\kmp.exe
C:\Users\Kalča\AppData\Local\Temp\ose00000.exe
C:\Users\Kalča\AppData\Local\Temp\tmp1668.exe
C:\Users\Kalča\AppData\Local\Temp\tmp5F4E.exe
C:\Users\Kalča\AppData\Local\Temp\utt8DBC.tmp.exe
C:\Users\Kalča\AppData\Local\Temp\x5zck6vp.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-11-05 22:20

==================== End Of Log ============================

Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve >Scan< a potom na >Clean< (smazat)
Proběhne skenováni a pak se objeví log, který sem vložte.

Díky za pomoc, stáhnul jsem si adwcleaner, posílám log, jinak avast mi dál bohužel hlásí útok malwaru

# AdwCleaner v4.101 - Report created 22/11/2014 at 12:22:47
# Updated 09/11/2014 by Xplode
# Database : 2014-11-16.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Kalča - TOSHIBA
# Running from : C:\Users\Kalča\Desktop\adwcleaner_4.101.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar
Folder Deleted : C:\Program Files (x86)\Minibar
Folder Deleted : C:\Program Files (x86)\PC Performer
Folder Deleted : C:\Program Files (x86)\Speed Analysis 2
Folder Deleted : C:\Program Files (x86)\TornTV.com
Folder Deleted : C:\Program Files (x86)\VNT
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\Administrator\AppData\Local\VNT
Folder Deleted : C:\Users\KALA~1\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Kalča\AppData\Local\apn
Folder Deleted : C:\Users\Kalča\AppData\Local\AppsHat Mobile Apps
Folder Deleted : C:\Users\Kalča\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\Kalča\AppData\Local\FilesFrog Update Checker
Folder Deleted : C:\Users\Kalča\AppData\Local\Minibar
Folder Deleted : C:\Users\Kalča\AppData\Local\VNT
Folder Deleted : C:\Users\Kalča\AppData\Local\webplayer
Folder Deleted : C:\Users\Kalča\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Kalča\AppData\LocalLow\Minibar
Folder Deleted : C:\Users\Kalča\AppData\Roaming\7go
Folder Deleted : C:\Users\Kalča\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Kalča\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\Kalča\AppData\Roaming\SeeSimilar02
Folder Deleted : C:\Users\Kalča\AppData\Roaming\SpeedAnalysis2
Folder Deleted : C:\Users\Kalča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Folder Deleted : C:\Users\Kalča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Deleted : C:\Users\Kalča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj
Folder Deleted : C:\Users\Kalča\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj
Folder Deleted : C:\Users\Kalča\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Kalča\AppData\Roaming\speedanalysis.ico
File Deleted : C:\Users\Kalča\Desktop\TornTV.lnk
File Deleted : C:\Users\Kalča\AppData\Roaming\Mozilla\Firefox\Profiles\s21srihv.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Kalča\AppData\Roaming\Mozilla\Firefox\Profiles\s21srihv.default\searchplugins\daemon-search.xml
File Deleted : C:\Users\Kalča\AppData\Roaming\Mozilla\Firefox\Profiles\s21srihv.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Kalča\AppData\Roaming\Mozilla\Firefox\Profiles\s21srihv.default\searchplugins\Startsear.xml
File Deleted : C:\Users\Kalča\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gjajpkikblccgefaibcafkfbanllpefi
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [AppsHat]
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFile3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFileWMA3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.Reporter
Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.Reporter.1
Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 2.BackgroundHostObject
Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 2.BackgroundHostObject.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035578.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035578.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035578.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035578.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5E50AE1D-BC76-418B-94C4-EFEAC0CEF80C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7025E484-D4B0-441A-9F0B-69063BD679CE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{8258B35C-05B8-4C0E-9525-9BCCC70F8F2D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A89256AD-EC17-4A83-BEF5-4B8BC4F39306}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{539F76FD-084E-4858-86D5-62F02F54AE86}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60EACC1A-33FA-443D-9846-17B28E2C9BDB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EB93AADE-9884-47F0-AA9D-0920E1D1203F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322552278}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355555578}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366556678}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BB30FEA7-5866-406A-B47D-FB69E1AF8FD7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F13D3582-1359-4F8F-9A48-EF3AE9F5701C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344554478}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{539F76FD-084E-4858-86D5-62F02F54AE86}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EB93AADE-9884-47F0-AA9D-0920E1D1203F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{17BF1E05-C0E8-413C-BD1F-A481EEA3B8E9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{453DB0C5-F41C-4D97-8DD6-CC72ECD5F699}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4AFC07D0-59BB-46B8-B097-1A46E88EEF71}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6511CE4C-4722-40D0-AD3D-4AFA2F50978A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{65A16874-2ED0-460E-A547-5FE2EC3A13A7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{71E02280-5212-45C3-B174-4D5A35DA254F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{83B2FE06-BA20-4F7D-96C6-6FC3A4E877D3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BEC9B38-BF39-4899-806E-A1C5DFEB60A2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B32966A2-F7C2-4362-A6CF-399EC8B44110}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B86D82BF-D39F-439A-A07C-43EDDC6F6EA6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DA6305B9-0869-4235-8C1D-533A65E639E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E6961C59-CFCE-4CCD-B794-BC78DB98413A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F8B4EC8A-2407-4BE0-AEE2-0F430D65A90D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355555578}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366556678}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Deleted : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\PerformerSoft
Key Deleted : HKCU\Software\Somoto
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\vShare.tv
Key Deleted : HKCU\Software\Webplayer
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Minibar
Key Deleted : HKLM\SOFTWARE\PerformerSoft
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AppsHat Mobile Apps
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v32.0 (x86 cs)

[s21srihv.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "Ask.com");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Ask.com");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.apn_dbr", "cr_23.0.1271.95");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.cbid", "^T8");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.cr-o", "14670cr");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.crumb", "2012.12.10+08.22.07-toolbar006iad-CZ-UHJhZ3VlLEN6ZWNoIFJlcHVibGlj");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l}&q={query}&dm=all");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.dtid", "^YYYYYY^YY^CZ");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q=");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.guid", "8ee51808-a364-4325-a1a9-6fbcaecd9769");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.hpr", "YES");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.if", "first");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.l", "dis");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.last-search-timestamp", "1373194699408");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.locale", "en_EU");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.location", "Prague,Czech Republic");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.nthp", "YES");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.nthp_prev", "0");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.o", "14670");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.qsrc", "2871");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.sa", "YES");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.saguid", "A99AFC34-2933-43C0-82DC-4D280E2BDE4E");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.search-history-queries", "tour de france 2013");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.themeid", "");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.timeinstalled", "10.12.2012 17:23:17");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.to", "");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
[s21srihv.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.engineVerified", false);
[s21srihv.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.hiddenElements", "itb_options");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.installTime", "1277058537");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.newtab_state", "1");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
[s21srihv.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.suggestions", false);
[s21srihv.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.uninstStatSent", true);
[s21srihv.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.uniqueID", "127700114912770010821277058537436");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1277058539);
[s21srihv.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
[s21srihv.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");

-\\ Google Chrome v39.0.2171.65

[C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh
[C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : kpionmjnkbpcdpcflammlgllecmejgjj
[C:\Users\Kalča\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ATU2&o=14670&locale=en_EU&apn_uid=8ee51808-a364-4325-a1a9-6fbcaecd9769&apn_ptnrs=%5ET8&apn_sauid=A99AFC34-2933-43C0-82DC-4D280E2BDE4E&apn_dtid=%5EYYYYYY%5EYY%5ECZ&q={searchTerms}
[C:\Users\Kalča\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ATU2&o=14670&locale=en_EU&apn_uid=8ee51808-a364-4325-a1a9-6fbcaecd9769&apn_ptnrs=%5ET8&apn_sauid=A99AFC34-2933-43C0-82DC-4D280E2BDE4E&apn_dtid=%5EYYYYYY%5EYY%5ECZ&q={searchTerms}
[C:\Users\Kalča\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://startsear.ch/?src=sp&aff=67&cf=c5708101-559d-11e2-8910-90e6ba9ed076&q={searchTerms}
[C:\Users\Kalča\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.search.ask.com/web?p2=%5EB7N%5EYYYY ... earchTerms}
[C:\Users\Kalča\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Kalča\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.ask.com/web?o=APN10257&doi=2014-07-16&apn_dtid=%5ECMD011%5EYY%5EUS&apn_ptnrs=%5EAGO&q={searchTerms}

-\\ Comodo Dragon v33.1.0.1

[C:\Users\Kalča\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ATU2&o=14670&locale=en_EU&apn_uid=8ee51808-a364-4325-a1a9-6fbcaecd9769&apn_ptnrs=%5ET8&apn_sauid=A99AFC34-2933-43C0-82DC-4D280E2BDE4E&apn_dtid=%5EYYYYYY%5EYY%5ECZ&q={searchTerms}
[C:\Users\Kalča\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ATU2&o=14670&locale=en_EU&apn_uid=8ee51808-a364-4325-a1a9-6fbcaecd9769&apn_ptnrs=%5ET8&apn_sauid=A99AFC34-2933-43C0-82DC-4D280E2BDE4E&apn_dtid=%5EYYYYYY%5EYY%5ECZ&q={searchTerms}
[C:\Users\Kalča\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://startsear.ch/?src=sp&aff=67&cf=c5708101-559d-11e2-8910-90e6ba9ed076&q={searchTerms}
[C:\Users\Kalča\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.search.ask.com/web?p2=%5EB7N%5EYYYY ... earchTerms}
[C:\Users\Kalča\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Kalča\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.ask.com/web?o=APN10257&doi=2014-07-16&apn_dtid=%5ECMD011%5EYY%5EUS&apn_ptnrs=%5EAGO&q={searchTerms}
[C:\Users\Kalča\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Deleted [Extension] : cmaiofennmphjldldcpphcechfnnohja

*************************

AdwCleaner[R0].txt - [28113 octets] - [22/11/2014 12:16:03]
AdwCleaner[S0].txt - [29379 octets] - [22/11/2014 12:22:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [29440 octets] ##########
# AdwCleaner v4.102 - Report created 24/11/2014 at 20:58:10
# Updated 23/11/2014 by Xplode
# Database : 2014-11-24.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Kalča - TOSHIBA
# Running from : C:\Users\Kalča\Desktop\adwcleaner_4.102.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar
Folder Deleted : C:\Program Files (x86)\Minibar
Folder Deleted : C:\Program Files (x86)\PC Performer
Folder Deleted : C:\Program Files (x86)\Speed Analysis 2
Folder Deleted : C:\Program Files (x86)\TornTV.com
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\Administrator\AppData\Local\VNT
Folder Deleted : C:\Users\Kalča\AppData\Local\AppsHat Mobile Apps
Folder Deleted : C:\Users\Kalča\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\Kalča\AppData\Local\Minibar
Folder Deleted : C:\Users\Kalča\AppData\Local\VNT
Folder Deleted : C:\Users\Kalča\AppData\Local\webplayer
Folder Deleted : C:\Users\Kalča\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Kalča\AppData\Roaming\7go
Folder Deleted : C:\Users\Kalča\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\Kalča\AppData\Roaming\SeeSimilar02
Folder Deleted : C:\Users\Kalča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Folder Deleted : C:\Users\Kalča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Deleted : C:\Users\Kalča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj
Folder Deleted : C:\Users\Kalča\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj
Folder Deleted : C:\Users\Kalča\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Kalča\AppData\Roaming\speedanalysis.ico
File Deleted : C:\Users\Kalča\Desktop\TornTV.lnk

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gjajpkikblccgefaibcafkfbanllpefi
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [AppsHat]
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFile3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFileWMA3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.Reporter
Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.Reporter.1
Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 2.BackgroundHostObject
Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 2.BackgroundHostObject.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035578.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035578.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035578.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035578.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5E50AE1D-BC76-418B-94C4-EFEAC0CEF80C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7025E484-D4B0-441A-9F0B-69063BD679CE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{8258B35C-05B8-4C0E-9525-9BCCC70F8F2D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A89256AD-EC17-4A83-BEF5-4B8BC4F39306}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{539F76FD-084E-4858-86D5-62F02F54AE86}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60EACC1A-33FA-443D-9846-17B28E2C9BDB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EB93AADE-9884-47F0-AA9D-0920E1D1203F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322552278}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355555578}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366556678}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BB30FEA7-5866-406A-B47D-FB69E1AF8FD7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F13D3582-1359-4F8F-9A48-EF3AE9F5701C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344554478}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{539F76FD-084E-4858-86D5-62F02F54AE86}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EB93AADE-9884-47F0-AA9D-0920E1D1203F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{17BF1E05-C0E8-413C-BD1F-A481EEA3B8E9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{453DB0C5-F41C-4D97-8DD6-CC72ECD5F699}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4AFC07D0-59BB-46B8-B097-1A46E88EEF71}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6511CE4C-4722-40D0-AD3D-4AFA2F50978A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{65A16874-2ED0-460E-A547-5FE2EC3A13A7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{71E02280-5212-45C3-B174-4D5A35DA254F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{83B2FE06-BA20-4F7D-96C6-6FC3A4E877D3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BEC9B38-BF39-4899-806E-A1C5DFEB60A2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B32966A2-F7C2-4362-A6CF-399EC8B44110}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B86D82BF-D39F-439A-A07C-43EDDC6F6EA6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DA6305B9-0869-4235-8C1D-533A65E639E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E6961C59-CFCE-4CCD-B794-BC78DB98413A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F8B4EC8A-2407-4BE0-AEE2-0F430D65A90D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355555578}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366556678}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Deleted : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\PerformerSoft
Key Deleted : HKCU\Software\Somoto
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\vShare.tv
Key Deleted : HKCU\Software\Webplayer
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Minibar
Key Deleted : HKLM\SOFTWARE\PerformerSoft
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AppsHat Mobile Apps
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v32.0 (x86 cs)

[s21srihv.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "Ask.com");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Ask.com");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.apn_dbr", "cr_23.0.1271.95");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.cbid", "^T8");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.cr-o", "14670cr");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.crumb", "2012.12.10+08.22.07-toolbar006iad-CZ-UHJhZ3VlLEN6ZWNoIFJlcHVibGlj");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l}&q={query}&dm=all");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.dtid", "^YYYYYY^YY^CZ");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q=");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.guid", "8ee51808-a364-4325-a1a9-6fbcaecd9769");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.hpr", "YES");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.if", "first");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.l", "dis");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.last-search-timestamp", "1373194699408");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.locale", "en_EU");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.location", "Prague,Czech Republic");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.nthp", "YES");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.nthp_prev", "0");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.o", "14670");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.qsrc", "2871");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.sa", "YES");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.saguid", "A99AFC34-2933-43C0-82DC-4D280E2BDE4E");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.search-history-queries", "tour de france 2013");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.themeid", "");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.timeinstalled", "10.12.2012 17:23:17");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.to", "");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
[s21srihv.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.engineVerified", false);
[s21srihv.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.hiddenElements", "itb_options");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.installTime", "1277058537");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.newtab_state", "1");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
[s21srihv.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.suggestions", false);
[s21srihv.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.uninstStatSent", true);
[s21srihv.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.uniqueID", "127700114912770010821277058537436");
[s21srihv.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1277058539);
[s21srihv.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
[s21srihv.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");

-\\ Google Chrome v38.0.2125.111

-\\ Comodo Dragon v33.1.0.1

*************************

AdwCleaner[R0].txt - [53320 octets] - [22/11/2014 12:16:03]
AdwCleaner[R1].txt - [1019 octets] - [22/11/2014 12:55:55]
AdwCleaner[R2].txt - [2540 octets] - [22/11/2014 23:15:08]
AdwCleaner[R3].txt - [2762 octets] - [23/11/2014 17:01:47]
AdwCleaner[R4].txt - [2773 octets] - [24/11/2014 16:46:36]
AdwCleaner[S0].txt - [54186 octets] - [22/11/2014 12:22:47]
AdwCleaner[S1].txt - [1083 octets] - [22/11/2014 13:31:54]
AdwCleaner[S2].txt - [4095 octets] - [22/11/2014 23:17:30]
AdwCleaner[S3].txt - [4319 octets] - [23/11/2014 17:05:13]
AdwCleaner[S4].txt - [4328 octets] - [24/11/2014 16:48:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [54487 octets] ##########

Dejte nový log FRST.

Zde je:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-11-2014 01
Ran by Kalča (administrator) on TOSHIBA on 24-11-2014 21:25:39
Running from C:\Users\Kalča\Desktop
Loaded Profile: Kalča (Available profiles: Kalča & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation.) C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(Toshiba Europe GmbH) C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(TOSHIBA Corporation.) C:\Program Files\TOSHIBA\HDMICtrlMan\HCMSoundChanger.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
() C:\Users\Kalča\AppData\Roaming\FrameworkUpdate\GoogleUpdate.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Společnost TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngtool.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosHdpProc.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\mftutil.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2009-08-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [596328 2009-08-06] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35160 2009-08-06] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050000 2009-08-26] (Toshiba Europe GmbH)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [497504 2009-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [909624 2009-08-05] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7982112 2009-07-28] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [312832 2009-07-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [ThpSrv] => C:\Windows\system32\thpsrv /logon
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-07-29] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1481568 2009-09-03] (TOSHIBA Corporation)
HKLM\...\Run: [HDMICtrlMan] => C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [1032536 2009-08-03] (TOSHIBA Corporation.)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711000 2009-08-04] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [134032 2009-08-25] (Toshiba Europe GmbH)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [TUSBSleepChargeSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe [252288 2009-07-02] (TOSHIBA)
HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-21] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-08-17] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2446648 2009-08-11] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-24] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [Infium] => "C:\Program Files (x86)\QIP 2010\qip.exe" /autorun
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [Facebook Update] => "C:\Users\Kal
a\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [Zoner Photo Studio Service 16] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe [27648 2014-06-16] ()
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833024 2014-06-16] (ZONER software)
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [doskey] => "C:\Users\Kal
a\AppData\Roaming\Microsoft\Windows\IEUpdate\doskey.exe"
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [YkzPack] => regsvr32.exe C:\Users\Kal
a\AppData\Local\YkzPack\rasnetExt.dll <===== ATTENTION
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [Ollics] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Kal
a\AppData\Local\Iznvsoft\rasnetExt.dll
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [RMActivate_isv] => "C:\Users\Kal
a\AppData\Roaming\Microsoft\Windows\IEUpdate\RMActivate_isv.exe"
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [GoogleUpdate] => C:\Users\Kal
a\AppData\Roaming\FrameworkUpdate\GoogleUpdate.exe
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\MountPoints2: {40b89521-bb5c-11df-aef7-f79d88422171} - H:\RunGame.exe
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Command Processor: "C:\Users\Kalča\AppData\Roaming\Microsoft\Windows\IEUpdate\RMActivate_isv.exe" <===== ATTENTION!
HKU\S-1-5-18\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Kalča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\doskey.lnk
ShortcutTarget: doskey.lnk -> C:\Users\Kalča\AppData\Roaming\Microsoft\Windows\IEUpdate\doskey.exe (No File)
Startup: C:\Users\Kalča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RMActivate_isv.lnk
ShortcutTarget: RMActivate_isv.lnk -> C:\Users\Kalča\AppData\Roaming\Microsoft\Windows\IEUpdate\RMActivate_isv.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll ()
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-2958001259-3159344954-3972479531-1000] => proxy.vscht.cz:3128
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=TSEH
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = ${SEARCH_URL}{searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-2958001259-3159344954-3972479531-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Kalča\AppData\Roaming\Mozilla\Firefox\Profiles\s21srihv.default
FF DefaultSearchUrl: https://www.google.com/search
FF Homepage: about:home
FF NetworkProxy: "http", "proxy.vscht.cz"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2958001259-3159344954-3972479531-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kalča\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npffvsharetvplg.dll (vShare.tv)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Kalča\AppData\Roaming\Mozilla\Firefox\Profiles\s21srihv.default\searchplugins\seznam-avast.xml
FF Extension: QuestDns - C:\Program Files (x86)\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97} [2010-07-24]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-12]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-14]
FF HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com", "https://www.seznam.cz/?clid=22668"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Kalča\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\Kalča\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-14]
CHR Extension: (Peněženka Google) - C:\Users\Kalča\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
CHR HKLM\...\Chrome\Extension: [aaaajabnoiehionljhjpclogplgillib] - C:\ProgramData\AskPartnerNetwork\Toolbar\CME-V7\CRX\ToolbarCR.crx []
CHR HKLM-x32\...\Chrome\Extension: [aaaajabnoiehionljhjpclogplgillib] - C:\ProgramData\AskPartnerNetwork\Toolbar\CME-V7\CRX\ToolbarCR.crx []
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-24] (AVAST Software)
S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-11-24] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-24] (Avast Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2139328 2014-05-27] (Comodo Security Solutions, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116104 2009-08-26] (Toshiba Europe GmbH)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-21] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-11-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-21] (AVAST Software)
S0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2014-11-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-21] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R1 PMCF; C:\Windows\system32\drivers\PMCF.sys [16392 2009-03-20] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-09-08] () [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-24] (Avast Software)
U3 a2i7unic; C:\Windows\System32\Drivers\a2i7unic.sys [0 ] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-24 21:25 - 2014-11-24 21:27 - 00028575 _____ () C:\Users\Kalča\Desktop\FRST.txt
2014-11-24 21:25 - 2014-11-24 21:25 - 00000000 ____D () C:\Users\Kalča\Desktop\FRST-OlderVersion
2014-11-24 21:06 - 2014-11-24 21:09 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-11-24 21:06 - 2014-11-24 21:09 - 00000000 ____D () C:\Windows\system32\vbox
2014-11-24 20:49 - 2014-11-24 20:49 - 02148864 _____ () C:\Users\Kalča\Desktop\adwcleaner_4.102.exe
2014-11-24 20:48 - 2014-11-24 20:48 - 01976320 _____ () C:\Users\Kalča\Desktop\adwcleaner_4.000.exe
2014-11-24 17:25 - 2014-11-21 16:25 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-24 17:23 - 2014-11-24 17:23 - 00000000 __SHD () C:\Users\Kalča\AppData\Local\EmieUserList
2014-11-24 17:23 - 2014-11-24 17:23 - 00000000 __SHD () C:\Users\Kalča\AppData\Local\EmieSiteList
2014-11-24 17:23 - 2014-11-24 17:23 - 00000000 __SHD () C:\Users\Kalča\AppData\Local\EmieBrowserModeList
2014-11-24 17:21 - 2014-11-24 21:07 - 00000552 _____ () C:\ProgramData\@system.temp
2014-11-24 17:20 - 2014-11-24 21:07 - 00000288 ____H () C:\ProgramData\@system3.att
2014-11-24 17:20 - 2014-11-24 17:20 - 00000480 ____H () C:\Users\Kalča\AppData\Roaming\麽鎒駓覜
2014-11-24 17:20 - 2014-11-24 17:20 - 00000000 ____D () C:\Users\Kalča\AppData\Roaming\FrameworkUpdate
2014-11-22 12:16 - 2014-11-24 20:58 - 00000000 ____D () C:\AdwCleaner
2014-11-22 10:48 - 2014-11-24 21:25 - 00000000 ____D () C:\FRST
2014-11-21 17:16 - 2014-11-24 21:25 - 02118144 _____ (Farbar) C:\Users\Kalča\Desktop\FRST64.exe
2014-11-21 16:28 - 2014-11-24 17:27 - 00002037 _____ () C:\Users\Public\Desktop\Avast SafeZone.lnk
2014-11-21 16:28 - 2014-11-24 17:27 - 00001977 _____ () C:\Users\Public\Desktop\Avast Internet Security.lnk
2014-11-21 16:28 - 2014-11-24 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-21 16:26 - 2014-11-21 16:24 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-11-21 16:25 - 2014-11-21 16:25 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-21 16:23 - 2014-11-21 16:23 - 00449936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-11-18 20:55 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-18 20:55 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-18 20:55 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-18 20:55 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-18 20:24 - 2014-11-24 17:22 - 00000000 ____D () C:\Users\Kalča\AppData\Local\Iznvsoft
2014-11-18 20:24 - 2014-11-18 20:24 - 00000000 ____D () C:\Users\Kalča\AppData\Local\YkzPack
2014-11-16 12:46 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-16 12:46 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-16 12:46 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-16 12:46 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-16 12:46 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-16 12:46 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-16 12:46 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-16 12:46 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-16 12:46 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-16 12:46 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-16 12:46 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-16 12:46 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-16 12:46 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-16 12:46 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-16 12:46 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-16 12:46 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-16 12:46 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-16 12:46 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-16 12:46 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-16 12:46 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-16 12:46 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-16 12:46 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-16 12:46 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-16 12:46 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-16 12:46 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-16 12:46 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-16 12:46 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-16 12:46 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-16 12:46 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-16 12:46 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-16 12:46 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-16 12:46 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-16 12:46 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-16 12:46 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-16 12:46 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-16 12:46 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-16 12:46 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-16 12:46 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-16 12:46 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-16 12:46 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-16 12:46 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-16 12:46 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-16 12:46 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-16 12:46 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-16 12:46 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-16 12:46 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-16 12:46 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-16 12:46 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-16 12:46 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-16 12:46 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-16 12:46 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-16 12:46 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-16 12:46 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-16 12:46 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-16 12:46 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-16 12:45 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-14 22:47 - 2014-11-14 22:48 - 00860160 _____ () C:\Users\Kalča\Downloads\K-Lite_Codec_Pack_std.exe
2014-11-14 22:35 - 2014-11-14 22:35 - 00003164 _____ () C:\Windows\System32\Tasks\{308D2DEB-8907-46C7-82EB-63397E91043C}
2014-11-14 18:56 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-14 18:56 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-14 18:56 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-14 18:56 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-14 18:56 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-14 18:56 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-14 18:56 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-14 18:56 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-14 18:56 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-14 17:59 - 2014-11-14 17:59 - 00022425 _____ () C:\Users\Kalča\Downloads\Les.Miserables.2012.DVDRip.torrent
2014-11-14 17:24 - 2014-11-14 17:24 - 00033560 _____ () C:\Users\Kalča\Downloads\Interstellar (2014) 720p BrRip x264 YIFY.torrent
2014-11-14 17:12 - 2014-11-14 17:12 - 00032999 _____ () C:\Users\Kalča\Downloads\Rush 2013.torrent
2014-11-14 16:26 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-14 16:26 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-14 16:26 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-14 16:26 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-14 16:26 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-14 16:26 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-14 16:26 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-14 16:26 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-14 16:26 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-14 16:26 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-14 16:26 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-14 16:26 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-13 18:57 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-13 18:57 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-13 18:57 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-13 18:17 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-13 18:17 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-13 18:17 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-13 18:17 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-13 18:03 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-13 18:03 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-13 10:20 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-13 10:20 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-13 10:20 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-13 10:20 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-13 10:20 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-13 10:20 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-13 10:20 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-13 10:20 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-13 09:51 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-13 09:51 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-13 09:50 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-13 09:50 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-13 09:50 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-13 09:49 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-13 09:49 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 21:03 - 2014-11-12 21:03 - 17926832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-11-12 20:45 - 2014-11-12 20:45 - 00000000 ____D () C:\Users\Kalča\Downloads\KaPiGraf
2014-11-12 20:43 - 2014-11-12 20:45 - 00000000 ____D () C:\Program Files\Kapi graf
2014-11-12 20:42 - 2014-11-12 20:42 - 01048565 _____ () C:\Users\Kalča\Downloads\kapigraf.zip
2014-11-11 20:03 - 2014-11-11 20:03 - 00000218 _____ () C:\Users\Kalča\AppData\Local\recently-used.xbel
2014-11-10 19:35 - 2014-11-18 21:13 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-11-10 19:33 - 2014-11-10 19:33 - 01055928 _____ (Microsoft Corporation) C:\Users\Kalča\Desktop\Setup.X86.en-us_O365ProPlusRetail_70d32342-6ed7-4f9d-b84e-928a199f49bb_TX_PR_.exe
2014-11-10 18:57 - 2014-11-10 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-11-10 18:43 - 2014-11-11 16:44 - 00000000 ____D () C:\Users\Kalča\Downloads\Project Professional 2013 with SP1 32 and 64-Bit - DVD (English)
2014-11-10 17:46 - 2014-11-11 16:59 - 2136643033 _____ () C:\Users\Kalča\Downloads\en_windows_7_professional_n_with_sp1_x86_dvd_u_677328.sdc
2014-11-10 17:46 - 2014-11-10 19:03 - 2815175828 _____ () C:\Users\Kalča\Downloads\en_windows_7_professional_n_with_sp1_x64_dvd_u_677207.sdc
2014-11-10 17:45 - 2014-11-10 17:45 - 00003141 _____ () C:\Users\Kalča\Desktop\Shortcut to SecureDownloadManager.exe.lnk
2014-11-10 17:45 - 2014-11-10 17:45 - 00000000 ____D () C:\Users\Kalča\AppData\Roaming\e-academy Inc
2014-11-10 17:45 - 2014-11-10 17:45 - 00000000 ____D () C:\Users\Kalča\AppData\Local\e-academy Inc
2014-11-10 16:18 - 2014-11-10 16:20 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-11-10 16:18 - 2014-11-10 16:18 - 00002026 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-11-03 17:31 - 2014-11-03 17:31 - 00014043 _____ () C:\Users\Kalča\Downloads\torrentdls com Cista duse.avi.torrent

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-24 21:23 - 2009-11-21 18:49 - 02090632 _____ () C:\Windows\WindowsUpdate.log
2014-11-24 21:12 - 2011-10-19 21:34 - 00000982 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2958001259-3159344954-3972479531-1000UA.job
2014-11-24 21:11 - 2009-07-14 05:45 - 00022208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-24 21:11 - 2009-07-14 05:45 - 00022208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-24 21:01 - 2013-08-26 17:23 - 00001170 _____ () C:\Windows\Tasks\Torntv 2-codedownloader.job
2014-11-24 21:01 - 2012-08-29 14:51 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-11-24 21:01 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-24 21:00 - 2009-10-02 09:37 - 00749128 _____ () C:\Windows\PFRO.log
2014-11-24 21:00 - 2009-07-14 05:51 - 00209033 _____ () C:\Windows\setupact.log
2014-11-24 20:45 - 2012-03-30 05:59 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-24 17:25 - 2014-09-14 14:16 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-24 17:25 - 2014-09-14 14:15 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-24 17:21 - 2014-06-24 15:10 - 00000000 ____D () C:\Users\Administrator
2014-11-24 17:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-11-24 17:17 - 2010-03-02 18:10 - 00000000 ____D () C:\Users\Kalča
2014-11-24 17:15 - 2014-07-16 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-11-24 17:15 - 2014-07-16 18:21 - 00000000 ____D () C:\Program Files (x86)\Comodo
2014-11-24 17:15 - 2014-07-02 17:33 - 00000000 ____D () C:\Users\Kalča\Desktop\FLASH
2014-11-24 17:15 - 2014-01-23 09:35 - 00000000 ____D () C:\Users\Kalča\Desktop\EAP
2014-11-24 17:15 - 2014-01-23 09:35 - 00000000 ____D () C:\Users\Kalča\Desktop\DATA
2014-11-24 17:15 - 2014-01-23 09:35 - 00000000 ____D () C:\Users\Kalča\Desktop\91_92_SE_Driver
2014-11-24 17:15 - 2014-01-16 18:54 - 00000000 ____D () C:\Users\Kalča\Desktop\ČZU
2014-11-24 17:15 - 2013-09-17 17:46 - 00000000 ____D () C:\Users\Kalča\Desktop\hry
2014-11-24 17:15 - 2011-09-05 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-24 17:15 - 2011-02-01 19:39 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-11-24 17:15 - 2010-03-28 19:08 - 00000000 ____D () C:\Users\Kalča\AppData\Local\Microsoft Help
2014-11-24 17:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-24 17:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-21 16:25 - 2014-09-14 14:15 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-11-21 16:25 - 2014-09-14 14:15 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-21 16:25 - 2014-09-14 14:15 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-11-21 16:25 - 2014-09-14 14:15 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-21 16:25 - 2014-09-14 14:15 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-11-21 16:25 - 2014-09-14 14:15 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-21 16:25 - 2014-09-14 14:15 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-21 09:12 - 2011-10-19 21:34 - 00000960 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2958001259-3159344954-3972479531-1000Core.job
2014-11-18 21:18 - 2009-10-02 09:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-17 10:52 - 2014-09-09 10:10 - 00000000 ____D () C:\Users\Kalča\AppData\Local\CrashDumps
2014-11-14 23:02 - 2013-08-11 20:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-14 22:53 - 2010-06-22 22:46 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-14 22:49 - 2013-09-10 14:38 - 00000000 ____D () C:\Users\Kalča\AppData\Roaming\BitTorrent
2014-11-14 18:25 - 2011-10-19 20:07 - 00000000 ____D () C:\Users\Kalča\AppData\Roaming\vlc
2014-11-14 08:33 - 2014-05-07 13:46 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-13 18:48 - 2011-02-01 19:38 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 18:48 - 2011-02-01 19:38 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-13 18:48 - 2011-02-01 19:38 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-13 18:48 - 2011-02-01 19:38 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-13 17:31 - 2009-07-14 05:45 - 00441672 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 21:03 - 2012-03-30 05:59 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 21:03 - 2012-03-30 05:59 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 21:03 - 2011-07-20 16:25 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-11 20:03 - 2014-05-27 17:02 - 00000000 ____D () C:\Users\Kalča\.bluefish
2014-11-10 19:08 - 2010-03-02 18:14 - 00111632 _____ () C:\Users\Kalča\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-10 18:56 - 2010-03-28 19:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-11-10 18:55 - 2009-07-14 16:37 - 00000000 ____D () C:\Windows\ShellNew
2014-11-10 18:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-11-10 18:53 - 2010-03-28 19:08 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-11-10 16:18 - 2009-10-02 09:27 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-10 16:17 - 2012-08-13 08:26 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-11-08 09:26 - 2009-07-14 16:18 - 00669132 _____ () C:\Windows\system32\perfh005.dat
2014-11-08 09:26 - 2009-07-14 16:18 - 00141760 _____ () C:\Windows\system32\perfc005.dat
2014-11-08 09:26 - 2009-07-14 06:13 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-01 11:48 - 2011-03-29 17:27 - 00001146 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-01 11:48 - 2011-03-29 17:27 - 00001146 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-30 12:25 - 2010-04-30 19:13 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-28 17:11 - 2011-09-05 14:34 - 00002190 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

Files to move or delete:
====================
C:\Users\Kalča\VBACV10.DLL
C:\Users\Kalča\VBACV10D.DLL

Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\COMAP.EXE
C:\Users\Kalča\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Kalča\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Kalča\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Kalča\AppData\Local\Temp\kmp.exe
C:\Users\Kalča\AppData\Local\Temp\ose00000.exe
C:\Users\Kalča\AppData\Local\Temp\Quarantine.exe
C:\Users\Kalča\AppData\Local\Temp\sqlite3.dll
C:\Users\Kalča\AppData\Local\Temp\tmp1668.exe
C:\Users\Kalča\AppData\Local\Temp\tmp5F4E.exe
C:\Users\Kalča\AppData\Local\Temp\update.exe
C:\Users\Kalča\AppData\Local\Temp\utt8DBC.tmp.exe
C:\Users\Kalča\AppData\Local\Temp\x5zck6vp.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-11-05 22:20

==================== End Of Log ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [Facebook Update] => "C:\Users\Kala\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
C:\Users\Kala\AppData\Local\Facebook\Update
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [YkzPack] => regsvr32.exe C:\Users\Kala\AppData\Local\YkzPack\rasnetExt.dll <===== ATTENTION
C:\Users\Kala\AppData\Local\YkzPack
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [Ollics] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Kala\AppData\Local\Iznvsoft\rasnetExt.dll
C:\Users\Kala\AppData\Local\Iznvsoft
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\MountPoints2: {40b89521-bb5c-11df-aef7-f79d88422171} - H:\RunGame.exe
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Command Processor: "C:\Users\Kalča\AppData\Roaming\Microsoft\Windows\IEUpdate\RMActivate_isv.exe" <===== ATTENTION!
ShortcutTarget: doskey.lnk -> C:\Users\Kalča\AppData\Roaming\Microsoft\Windows\IEUpdate\doskey.exe (No File)
ShortcutTarget: RMActivate_isv.lnk -> C:\Users\Kalča\AppData\Roaming\Microsoft\Windows\IEUpdate\RMActivate_isv.exe (No File)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = ${SEARCH_URL}{searchTerms}
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
c:\Program Files (x86)\Google\Google Toolbar
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-2958001259-3159344954-3972479531-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin HKU\S-1-5-21-2958001259-3159344954-3972479531-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kalča\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
CHR HKLM\...\Chrome\Extension: [aaaajabnoiehionljhjpclogplgillib] - C:\ProgramData\AskPartnerNetwork\Toolbar\CME-V7\CRX\ToolbarCR.crx []
CHR HKLM-x32\...\Chrome\Extension: [aaaajabnoiehionljhjpclogplgillib] - C:\ProgramData\AskPartnerNetwork\Toolbar\CME-V7\CRX\ToolbarCR.crx []
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-21]
C:\Users\Kalča\AppData\Roaming\麽鎒駓覜
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2958001259-3159344954-3972479531-1000UA.job
C:\Windows\Tasks\Torntv 2-codedownloader.job
C:\ProgramData\McAfee Security Scan
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Kalča\VBACV10.DLL
C:\Users\Kalča\VBACV10D.DLL
C:\Users\Administrator\AppData\Local\Temp
C:\Users\Kalča\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-11-2014 01
Ran by Kalča at 2014-11-25 15:54:42 Run:1
Running from C:\Users\Kalča\Desktop
Loaded Profile: Kalča (Available profiles: Kalča & Administrator)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [Facebook Update] => "C:\Users\Kala\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
C:\Users\Kala\AppData\Local\Facebook\Update
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [YkzPack] => regsvr32.exe C:\Users\Kala\AppData\Local\YkzPack\rasnetExt.dll <===== ATTENTION
C:\Users\Kala\AppData\Local\YkzPack
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Run: [Ollics] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Kala\AppData\Local\Iznvsoft\rasnetExt.dll
C:\Users\Kala\AppData\Local\Iznvsoft
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\MountPoints2: {40b89521-bb5c-11df-aef7-f79d88422171} - H:\RunGame.exe
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Command Processor: "C:\Users\Kalča\AppData\Roaming\Microsoft\Windows\IEUpdate\RMActivate_isv.exe" <===== ATTENTION!
ShortcutTarget: doskey.lnk -> C:\Users\Kalča\AppData\Roaming\Microsoft\Windows\IEUpdate\doskey.exe (No File)
ShortcutTarget: RMActivate_isv.lnk -> C:\Users\Kalča\AppData\Roaming\Microsoft\Windows\IEUpdate\RMActivate_isv.exe (No File)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = ${SEARCH_URL}{searchTerms}
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
c:\Program Files (x86)\Google\Google Toolbar
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-2958001259-3159344954-3972479531-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin HKU\S-1-5-21-2958001259-3159344954-3972479531-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kalča\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
CHR HKLM\...\Chrome\Extension: [aaaajabnoiehionljhjpclogplgillib] - C:\ProgramData\AskPartnerNetwork\Toolbar\CME-V7\CRX\ToolbarCR.crx []
CHR HKLM-x32\...\Chrome\Extension: [aaaajabnoiehionljhjpclogplgillib] - C:\ProgramData\AskPartnerNetwork\Toolbar\CME-V7\CRX\ToolbarCR.crx []
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-21]
C:\Users\Kalča\AppData\Roaming\麽鎒駓覜
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2958001259-3159344954-3972479531-1000UA.job
C:\Windows\Tasks\Torntv 2-codedownloader.job
C:\ProgramData\McAfee Security Scan
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Kalča\VBACV10.DLL
C:\Users\Kalča\VBACV10D.DLL
C:\Users\Administrator\AppData\Local\Temp
C:\Users\Kalča\AppData\Local\Temp
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => value deleted successfully.
"C:\Users\Kala\AppData\Local\Facebook\Update" => File/Directory not found.
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\Software\Microsoft\Windows\CurrentVersion\Run\\YkzPack => value deleted successfully.
"C:\Users\Kala\AppData\Local\YkzPack" => File/Directory not found.
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Ollics => value deleted successfully.
"C:\Users\Kala\AppData\Local\Iznvsoft" => File/Directory not found.
"HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{40b89521-bb5c-11df-aef7-f79d88422171}" => Key deleted successfully.
"HKCR\CLSID\{40b89521-bb5c-11df-aef7-f79d88422171}" => Key not found.
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\Software\Microsoft\Command Processor\\AutoRun => value deleted successfully.
C:\Users\Kalča\AppData\Roaming\Microsoft\Windows\IEUpdate\doskey.exe not found.
C:\Users\Kalča\AppData\Roaming\Microsoft\Windows\IEUpdate\RMActivate_isv.exe not found.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
c:\Program Files (x86)\Google\Google Toolbar => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key deleted successfully.
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin" => Key deleted successfully.
C:\Users\Kalča\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll not found.
HKU\S-1-5-21-2958001259-3159344954-3972479531-1000\Software\Mozilla\Firefox\Extensions\\{e4f94d1e-2f53-401e-8885-681602c0ddd8} => value deleted successfully.
C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => Moved successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\aaaajabnoiehionljhjpclogplgillib" => Key deleted successfully.
"C:\ProgramData\AskPartnerNetwork\Toolbar\CME-V7\CRX\ToolbarCR.crx" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaajabnoiehionljhjpclogplgillib" => Key deleted successfully.
"C:\ProgramData\AskPartnerNetwork\Toolbar\CME-V7\CRX\ToolbarCR.crx" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => Key deleted successfully.
Could not move "C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx" => Scheduled to move on reboot.
C:\Users\Kalča\AppData\Roaming\麽鎒駓覜 => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2958001259-3159344954-3972479531-1000UA.job => Moved successfully.
C:\Windows\Tasks\Torntv 2-codedownloader.job => Moved successfully.
C:\ProgramData\McAfee Security Scan => Moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Users\Kalča\VBACV10.DLL => Moved successfully.
C:\Users\Kalča\VBACV10D.DLL => Moved successfully.
C:\Users\Administrator\AppData\Local\Temp => Moved successfully.

"C:\Users\Kalča\AppData\Local\Temp" directory move:

C:\Users\Kalča\AppData\Local\Temp\027347AE-8ADD-47A6-9178-4EBDE8239A40.Diagnose.0.etl => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\1228164.od => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\14036689.od => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\15568587.od => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\17958351.od => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\18065305.od => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\18157377.od => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\207591513.od => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\207594227.od => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\215038798.od => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\2447031.od => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3406422.od => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\381328.od => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\393DC2CB-AF8A-4FB4-BD17-11CD2573D843.Diagnose.0.etl => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\44284260-AA7F-42B0-997F-117D5AC9B239.Diagnose.0.etl => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\4D01683E.TMP => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\5263021.od => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\5355966.od => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\5498473.od => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\67204AED-D2A9-4A5B-B8BD-244C6662BC46.Diagnose.0.etl => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\7869517.od => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\9118820.od => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\9238660.od => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\957E8414-8270-4409-B047-DC2BC508C475.Diagnose.0.etl => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\A8E1F0BD-98E1-4C32-9EE6-9AD203417B74.Diagnose.0.etl => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\AdobeARM.log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\AdobeARM_NotLocked.log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\AdobeSFX.log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\adwcleaner.db => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\atcMRUList.idx => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\au-descriptor-1.7.0_65-b20.xml => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\au-descriptor-1.7.0_67-b01.xml => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\au-descriptor-1.7.0_71-b14.xml => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\AUCHECK_PARSER.txt => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\AutoRecovery Save of Global (1).MPT => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\AutoRecovery Save of Global (2).MPT => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\AutoRecovery Save of Global (3).MPT => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\AutoRecovery Save of Global.MPT => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\B05B.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\binsis142.xml => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\binsischeck654.xml => Moved successfully.
Could not move "C:\Users\Kalča\AppData\Local\Temp\BIT8552.tmp" => Scheduled to move on reboot.
C:\Users\Kalča\AppData\Local\Temp\BITCE55.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\C66A.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\cab7357.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\CF.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\chart_data.dat => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\chrome_installer.log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\CLV19E6.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\CLV19E6.tmp.sig => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\CLVB348.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\CLVB348.tmp.sig => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\CVR144D.tmp.cvr => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\CVR2464.tmp.cvr => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\CVR2ED1.tmp.cvr => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\CVR3B00.tmp.cvr => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\CVR4EAD.tmp.cvr => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\CVR56B7.tmp.cvr => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\CVR5CF.tmp.cvr => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\CVR8ECB.tmp.cvr => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\CVR9859.tmp.cvr => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\CVRA2F3.tmp.cvr => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\CVRA799.tmp.cvr => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\CVRAB8A.tmp.cvr => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\CVRB9BE.tmp.cvr => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\CVRBD84.tmp.cvr => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\CVRC767.tmp.cvr => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\CVRD190.tmp.cvr => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\CVRE669.tmp.cvr => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\CVRF41.tmp.cvr => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\CVRF884.tmp.cvr => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\CVRFA56.tmp.cvr => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\D1A.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\Donate.ico => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\EB19.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_0h02M9AQJ5hoNmv => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_2VpsNGQSgPT0X0s => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_3qmXJIUtpHNxS4P => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_7JYOggx1ncsLHYB => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_8zVbrIHuk6Qjfbb => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_A0jMVS8Wneh8618 => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_A4iABgg3H6TG4nz => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_al69KKjdBvVMlUE => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_bArJWD4X2ynpAmT => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_bAxLSeJTw0irKge => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_bkMgCgY3EW9fuIc => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_D25jLH9cyD0ZXFQ => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_E5mB4u4GdukbVEU => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_ehGrW9K1wJgqOXh => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_HTfmEpgLBassO4U => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_Lci8vTNBs3QOjnZ => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_MxEb69K9TP3AZlK => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_n8bzMX00RNWa6Xs => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_njvwnv6mfUeRFkc => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_nKyfrvDNcuyjStc => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_Os4Sm8a971DIncs => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_Qcxt6mhrzYIfmTg => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_sQH1vpPAKWpAbps => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_SxvzaCX4d9YmwpH => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_TdPUUCvH1Eot9rq => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_U94mCmNsOOfYoAC => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_WOD43ebDTHkVk48 => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_wtlDskqtqCfsef5 => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_WyFno5zfHbfj27y => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_XdFC72vgYE330BO => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_xQEl5PkElUcmnn9 => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_XXJHtfGhg4SnVqs => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_Ypnlaef5m6MteS3 => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_ZCRv5AtXBVQs33U => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\etilqs_zlcKHNDZVXZogff => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\EULA.txt => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\flvplayer.png => Moved successfully.
Could not move "C:\Users\Kalča\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(20140702114932DC0).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(20140712193023EDC).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(20140712194703978).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(201407142020321530).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(20140721194839FC).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(2014072120113211DC).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(20140721202046870).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(201407312310171958).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(201408191121161730).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(20140822130132F7C).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(201409021019566A0).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(2014090212224215D0).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(20140908092721D84).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(20140911101450460).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(201409161936011488).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(2014091619434012F8).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(201409161952391210).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(20140921194202137C).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(201410022058381718).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(201410031038229C8).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(20141014212106BF0).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(2014110114254525C).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(201411011428485B8).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(201411021629581DD4).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(201411081431221014).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(20141109171630520).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\GimmeSetup(2014111017594816F4).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\i0000001.cmd => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\IEC22EA.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\IpAdrSet.log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\JAUReg.log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\JavaDeployReg.log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\java_install.log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\java_install_reg.log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\java_install_sp.log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\jinstall.cfg => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\jusched.log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\kmp.exe => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_20140628_104147951-MSI_vc_red.msi.txt => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_20140628_104147951.html => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\MSI33566.LOG => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\MSIa61b3.LOG => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\nsb7759.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\nsg680E.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\ose00000.exe => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\PCW4A73.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\PCW4A73.xml => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\Rar$LS85.267 => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\RD1EE5.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\RD5F8E.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\RDBEDC.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\RDD46E.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\RDD633.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\RDE5AD.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\Report.ico => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\Scan.ico => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(20140702114931DC0).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(20140712193021EDC).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(20140712194702978).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(201407142020311530).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(20140721194838FC).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(2014072120113211DC).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(20140721202046870).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(201407312310161958).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(201408191121161730).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(20140822130131F7C).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(201409021019556A0).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(2014090212224115D0).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(20140908092721D84).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(20140911101449460).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(201409161935581488).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(2014091619433912F8).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(201409161952381210).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(20140921194159137C).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(201410022058371718).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(201410031038229C8).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(20141014212105BF0).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(2014110114254025C).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(201411011428445B8).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(201411021629561DD4).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(201411081431211014).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(20141109171628520).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(2014111017594416F4).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\SetupExe(201411101851181774).log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\sqlite3.dll => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\streaming_updates.dat => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\StructuredQuery.log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\TEMPROTrayError.txt => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\tmp10D9.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\tmp1668.exe => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\tmp218B.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\tmp5F4E.exe => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\tmpD272.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\TOSHIBA-20141110-1934.log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\TOSHIBA-20141110-1934a.log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\TOSHIBA-20141110-1936.log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\TOSHIBA-20141110-1941.log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\TOSHIBA-20141116-1233.log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\TOSHIBA-20141123-2318.log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\TOSHIBA-20141124-1706.log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\Uninstall.ico => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\update.exe => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\utt2B1A.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\utt2B1B.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\utt2B1C.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\utt2B1D.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\utt2B1E.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\utt4BF8.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\utt4BF9.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\utt4BFA.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\utt4BFB.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\utt4BFC.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\utt5CE7.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\utt5CE8.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\utt5CE9.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\utt5CEA.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\utt5CEB.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\utt8DBC.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\utt8DBC.tmp.exe => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\uttA155.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\uttA156.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\uttA157.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\uttA158.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\uttA159.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\uttCA16.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\uttCA17.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\uttCA18.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\uttCA19.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\uttCA1A.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\uttCDBC.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\uttCDBC.tmp.bat => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\uttF281.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\uttF282.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\uttF283.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\uttF284.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\uttF285.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\wmplog00.sqm => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\wmsetup.log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\x5zck6vp.0.cs => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\x5zck6vp.cmdline => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\x5zck6vp.dll => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\x5zck6vp.err => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\x5zck6vp.out => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\x5zck6vp.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\~DF1B3ED8B5945EFE1D.TMP => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\~DF29F18A3AF2D86B70.TMP => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\~DF43CEC7FE850709E9.TMP => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\~DF520ED05CC464E0C1.TMP => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\~DF82BD5E497512E9AB.TMP => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\~DFA08D9D3A9401E8DA.TMP => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\~DFA54F17EC9397770E.TMP => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\~DFA93A19AE24F14832.TMP => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\~DFAB45C2AE00207CE2.TMP => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\~DFBAB83C8C3EBEFD8F.TMP => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\~DFC1FF0A0ABF14F019.TMP => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\~DFFA59BB6B7C4A9FC6.TMP => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{E1B98989-3560-4082-A309-012AF1BD43DB}\SetupUT3.exe => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{B3235503-24F3-4651-83A8-51D10302E79D}\fpb.tmp => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{4F6D1ADF-999C-456B-BE27-819AABE5354A}\UpdateCache\compappscontent.dll => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{4F6D1ADF-999C-456B-BE27-819AABE5354A}\UpdateCache\epplauncher.exe => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{4F6D1ADF-999C-456B-BE27-819AABE5354A}\UpdateCache\eppmanifest.dll => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{4F6D1ADF-999C-456B-BE27-819AABE5354A}\UpdateCache\MSEInstall.exe => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{4F6D1ADF-999C-456B-BE27-819AABE5354A}\UpdateCache\setup.ini => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{4F6D1ADF-999C-456B-BE27-819AABE5354A}\UpdateCache\setupres.dll => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{4F6D1ADF-999C-456B-BE27-819AABE5354A}\UpdateCache\x86\legitlib.dll => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{4F6D1ADF-999C-456B-BE27-819AABE5354A}\UpdateCache\en-us\amhelp.chm => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{4F6D1ADF-999C-456B-BE27-819AABE5354A}\UpdateCache\en-us\epploc.cab => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{4F6D1ADF-999C-456B-BE27-819AABE5354A}\UpdateCache\en-us\epploc_amd64.msi => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{4F6D1ADF-999C-456B-BE27-819AABE5354A}\UpdateCache\en-us\eula.rtf => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{4F6D1ADF-999C-456B-BE27-819AABE5354A}\UpdateCache\en-us\setupres.dll.mui => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{4F6D1ADF-999C-456B-BE27-819AABE5354A}\UpdateCache\cs-cz\amhelp.chm => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{4F6D1ADF-999C-456B-BE27-819AABE5354A}\UpdateCache\cs-cz\epploc.cab => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{4F6D1ADF-999C-456B-BE27-819AABE5354A}\UpdateCache\cs-cz\epploc_amd64.msi => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{4F6D1ADF-999C-456B-BE27-819AABE5354A}\UpdateCache\cs-cz\eula.rtf => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{4F6D1ADF-999C-456B-BE27-819AABE5354A}\UpdateCache\cs-cz\setupres.dll.mui => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{4F6D1ADF-999C-456B-BE27-819AABE5354A}\UpdateCache\cs-cz\amd64\amloc-cs-cz.msi => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{4F6D1ADF-999C-456B-BE27-819AABE5354A}\UpdateCache\amd64\dw20shared.msi => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{4F6D1ADF-999C-456B-BE27-819AABE5354A}\UpdateCache\amd64\epp.msi => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{4F6D1ADF-999C-456B-BE27-819AABE5354A}\UpdateCache\amd64\mp_ambits.msi => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{4F6D1ADF-999C-456B-BE27-819AABE5354A}\UpdateCache\amd64\setup.exe => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{4F6D1ADF-999C-456B-BE27-819AABE5354A}\UpdateCache\amd64\sqmapi.dll => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{4F6D1ADF-999C-456B-BE27-819AABE5354A}\UpdateCache\amd64\windows6.0-kb981889-v2.msu => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\{4F6D1ADF-999C-456B-BE27-819AABE5354A}\UpdateCache\amd64\windows6.1-kb981889.msu => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\VBE\MSForms.exd => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\Temporary Internet Files\Content.IE5\desktop.ini => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\Temporary Internet Files\Content.IE5\XOYTKGCP\desktop.ini => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\Temporary Internet Files\Content.IE5\WQ7MDLFE\desktop.ini => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\Temporary Internet Files\Content.IE5\ILR1UHGY\desktop.ini => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\Temporary Internet Files\Content.IE5\2K8RBCE5\desktop.ini => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\TCD91F7.tmp\Welcome to Project.mpt => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\TCD759E.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\Setup00001958\BRANDING.XML => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\Setup00001958\OSETUP.DLL => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\Setup00001958\OSETUPUI.DLL => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\Setup00001958\SETUP.CHM => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\scoped_dir_5948_4120\7go.crx => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\scoped_dir_5948_29252\SpeedAnalysis.crx => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\scoped_dir_4860_24038\CRX_INSTALL\ci.content.pack.js => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\scoped_dir_4860_24038\CRX_INSTALL\content.js => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\scoped_dir_4860_24038\CRX_INSTALL\icon128.png => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\scoped_dir_4860_24038\CRX_INSTALL\icon16.png => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\scoped_dir_4860_24038\CRX_INSTALL\icon18.ico => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\scoped_dir_4860_24038\CRX_INSTALL\icon18.png => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\scoped_dir_4860_24038\CRX_INSTALL\icon24.ico => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\scoped_dir_4860_24038\CRX_INSTALL\icon24.png => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\scoped_dir_4860_24038\CRX_INSTALL\icon32.ico => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\scoped_dir_4860_24038\CRX_INSTALL\icon32.png => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\scoped_dir_4860_24038\CRX_INSTALL\icon48.png => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\scoped_dir_4860_24038\CRX_INSTALL\jquery-1.9.1.min.js => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\scoped_dir_4860_24038\CRX_INSTALL\jquery.uuid.js => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\scoped_dir_4860_24038\CRX_INSTALL\manifest.json => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\scoped_dir_4860_24038\CRX_INSTALL\popup.js => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\scoped_dir_4860_24038\CRX_INSTALL\settings.json => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\scoped_dir_4860_24038\CRX_INSTALL\speedanalysis02.rdf => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\scoped_dir_4860_24038\CRX_INSTALL\mz\background.js => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\scoped_dir_4860_24038\CRX_INSTALL\mz\content.js => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\outlook logging\firstrun.log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\OfficeC2RB04B6096\hash.txt => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\OfficeC2RB04B6096\v32.cab => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\OfficeC2RB04B6096\VersionDescriptor.xml => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\OfficeC2R816D02D9\i641033.cab => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\nsmEF32.tmp\winamp_full.exe => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\nslD809.tmp\Banner.dll => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\nslD809.tmp\DropboxNSISTools.dll => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\nslD809.tmp\System.dll => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\nslD809.tmp\UAC.dll => Moved successfully.
Could not move "C:\Users\Kalča\AppData\Local\Temp\Low\JavaDeployReg.log" => Scheduled to move on reboot.
C:\Users\Kalča\AppData\Local\Temp\is-HPH12.tmp\Offercast33_ATU3_.exe => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\History\History.IE5\desktop.ini => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\History\History.IE5\index.dat => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\Cookies\index.dat => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\Comodo LogsFolder\Au_.exe.log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\Comodo LogsFolder\Dragon_AskSetup_new.exe.log => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\avastBCLTMP\wrc@avast.com.zip => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\avastBCLTMP\{3ad14f0c-ed16-4e43-b6d8-661b03f6a1ef}.zip => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\avastBCLTMP\firefox\{e4f94d1e-2f53-401e-8885-681602c0ddd8}\icon.png => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\avastBCLTMP\chrome\Default\Web Data => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\CbsProvider.dll => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\CompatProvider.dll => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\DismCore.dll => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\DismCorePS.dll => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\DismHost.exe => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\DismProv.dll => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\DmiProvider.dll => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\FolderProvider.dll => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\IntlProvider.dll => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\LogProvider.dll => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\MsiProvider.dll => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\OSProvider.dll => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\SmiProvider.dll => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\TransmogProvider.dll => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\UnattendProvider.dll => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\wdscore.dll => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\WimProvider.dll => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\cs-CZ\CbsProvider.dll.mui => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\cs-CZ\CompatProvider.dll.mui => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\cs-CZ\DismCore.dll.mui => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\cs-CZ\DismProv.dll.mui => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\cs-CZ\DmiProvider.dll.mui => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\cs-CZ\FolderProvider.dll.mui => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\cs-CZ\IntlProvider.dll.mui => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\cs-CZ\LogProvider.dll.mui => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\cs-CZ\MsiProvider.dll.mui => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\cs-CZ\OSProvider.dll.mui => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\cs-CZ\SmiProvider.dll.mui => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\cs-CZ\TransmogProvider.dll.mui => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\cs-CZ\UnattendProvider.dll.mui => Moved successfully.
C:\Users\Kalča\AppData\Local\Temp\3693F8DD-5AA3-4CFD-A2C0-E2A49EE412CB\cs-CZ\WimProvider.dll.mui => Moved successfully.
Could not move "C:\Users\Kalča\AppData\Local\Temp" directory. => Scheduled to move on reboot.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-11-25 15:58:28)<=

"C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx" => File could not move.
C:\Users\Kalča\AppData\Local\Temp\BIT8552.tmp => Is moved successfully.
C:\Users\Kalča\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\Kalča\AppData\Local\Temp\Low\JavaDeployReg.log => Is moved successfully.
C:\Users\Kalča\AppData\Local\Temp => Moved successfully.

==== End of Fixlog ====

Zdravím, ještě přidávám info, že mě avast! Internet Security bombarduje zprávami o napadení respektive zastavení útoků malwaru web. štítem.

To je vcelku dobrá zpráva. Znamená, že AV do PC nic nepustil. Udělejte ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php . Dejte log. Předem nic nemažte

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 25.11.2014
Scan Time: 21:24:59
Logfile: log_1.txt
Administrator: Yes

Version: 0.00.0.0000
Malware Database: v2014.11.25.13
Rootkit Database: v2014.11.22.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: KalÄ?a

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 369796
Time Elapsed: 39 min, 30 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

PC by již měl být čistý.

Jj, AV ani MAM nic nehlásí, díky moc za pomoc! :guitar:

Nemáte zač!

VIRY.CZ

Malware

Malware

Re: Malware

Re: Malware

Re: Malware

Re: Malware

Re: Malware

Re: Malware

Re: Malware

Re: Malware

Re: Malware

Re: Malware

Re: Malware

Re: Malware