VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

prosim o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=141769

Stránka 1 z 1

prosim o kontrolu logu

Napsal: 10 pro 2014 07:32
od belikdavid@gmail.com
Logfile of random's system information tool 1.10 (written by random/random)
Run by David Belik at 2014-12-10 07:32:36
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 137 GB (63%) free of 217 GB
Total RAM: 7877 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:32:38, on 10.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal

Running processes:
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\David Belik\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Users\David Belik\AppData\Local\Akamai\netsession_win.exe
C:\Users\David Belik\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Users\David Belik\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Integrated Camera\Monitor.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe
C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files\trend micro\David Belik.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp& ... LW105MT8LW
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp& ... LW105MT8LW
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp& ... LW105MT8LW
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp& ... LW105MT8LW
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: e105fff0f3e80131b6584734478597d40061911 - {11111111-1111-1111-1111-110611191111} - C:\Program Files (x86)\Ge-Force\Ge-Force-bho.dll
O2 - BHO: eee1ef70083a013208d37190b1a6e5ef0063429 - {11111111-1111-1111-1111-110611341129} - C:\Program Files (x86)\SavePass 1.1\SavePass 1.1-bho.dll
O2 - BHO: e62a1271b6524ab3b4f60ca546d3b4d20065781 - {11111111-1111-1111-1111-110611571181} - C:\Program Files (x86)\HQ-Video-Pro-2.1cV04.12\HQ-Video-Pro-2.1cV04.12-bho.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL
O2 - BHO: ShopperProBHO - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - C:\ProgramData\ShopperPro\ShopperPro.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [PWMTRV] rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
O4 - HKLM\..\Run: [Integrated Camera_Monitor] "C:\Program Files (x86)\Integrated Camera\monitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\PROGRAM FILES\CCLEANER\CCLEANER64.EXE" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\David Belik\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\David Belik\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\David Belik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: ANTS CTI Client.lnk = C:\Program Files\ANTS\CtiClient\CtiC.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ADU Service (Nokia Software Recovery Tool) (ADUServiceNSRT) - Unknown owner - C:\Program Files (x86)\Common Files\Nokia\ADUService\ADUService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ants Update Service - ANTS spol. s r.o. - C:\Program Files\ANTS\AntsUpdateService\AntsUpdateService.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DH LogCollecting Service - Ricoh Co., Ltd. - C:\PROGRA~2\COMMON~1\RDHWEB~1\LOGCOL~1\bin\CLTaskSchd.exe
O23 - Service: DH LogManagement Service - Ricoh Co., Ltd. - C:\PROGRA~2\COMMON~1\RDHWEB~1\LOGMAN~1\bin\MGTaskSchd.exe
O23 - Service: DH Trap Daemon Service - Unknown owner - C:\PROGRA~2\COMMON~1\RDHWEB~1\MngCore\PM2Trapd.exe
O23 - Service: discProxy - Alexandria Software Consulting - C:\PROGRA~2\COMMON~1\RDHSHA~1\discProxy\discProxyService.exe
O23 - Service: DisplayLinkManager (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
O23 - Service: DmComSc - RICOH Company Ltd. - C:\Program Files (x86)\Common Files\RDH Shared2\bin\DmComSc.exe
O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: DH ManagementCore (IOPlatform) - Ricoh Co., Ltd. - C:\PROGRA~2\COMMON~1\RDHWEB~1\MngCore\bin\rmanserv.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Lenovo Virtual Camera Controller (LENOVO.TVTVCAM) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: lnvDiscoveryWinSvc - Lenovo - C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Lenovo Fingerprint Manager Pro Service (omniserv) - Softex Inc. - C:\Program Files\Lenovo\Fingerprint Manager Pro\OmniServ.exe
O23 - Service: Power Manager Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
O23 - Service: Lenovo QuickControl Master Service (QuickControlMasterSvc) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
O23 - Service: Lenovo QuickControl Service (QuickControlService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
O23 - Service: RdhTomcatService - Alexandria Software Consulting - C:\PROGRA~2\COMMON~1\RDHSHA~1\Tomcat\bin\tomcat.exe
O23 - Service: RdhWebService2 - Apache Software Foundation - C:\PROGRA~2\COMMON~1\RDHSHA~1\Apache\bin\Apache.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RSI Service (RsiSvc) - RICOH Company Ltd. - C:\PROGRA~2\RMWSDMEX\bin\RsiSvc.exe
O23 - Service: RuaServer - RICOH Company Ltd. - C:\Program Files (x86)\Common Files\RDH Shared2\bin\Ruaserver.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServerAgentService - Unknown owner - C:\Program Files (x86)\Common Files\RDH Shared2\bin\UAUDSAS.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: User Account/Directory Data Server (UAUDServer) - RICOH Company, Ltd. - C:\Program Files (x86)\Common Files\RDH Shared2\bin\SydServer.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update snipsmart - Unknown owner - C:\Program Files (x86)\snipsmart\updatesnipsmart.exe
O23 - Service: Util snipsmart - Unknown owner - C:\Program Files (x86)\snipsmart\bin\utilsnipsmart.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Mobile Broadband Service (WMCoreService) - Ericsson AB - C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 19849 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
winlogon.exe
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Lenovo\Fingerprint Manager Pro\OmniServ.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

"C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-390ff4db-8ee9-44d1-85d6-ad6e83c5a93f -SystemEventPortName:HostProcess-798c2051-1672-49a1-a102-f8c517b08a32 -IoCancelEventPortName:HostProcess-f35a138d-6f1e-4693-b4da-18c7f57a3f6c -NonStateChangingEventPortName:HostProcess-1dfbe6bc-4734-4692-9bb6-7653b5ce31b7 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:1a3cf195-6241-4fe7-8ba5-07a29df41086 -DeviceGroupId:
"C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe 27999248
\??\C:\Windows\system32\conhost.exe "34913588-7924805441947391013169543379713046964971302390465-1338266457-785887183
taskeng.exe {0D5B5E7D-A485-4D72-9CBB-77AD28B1D795}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k WbioSvcGroup
"C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Nokia\ADUService\ADUService.exe"
C:\PROGRA~2\COMMON~1\RDHWEB~1\LOGCOL~1\bin\CLTaskSchd.exe
C:\PROGRA~2\COMMON~1\RDHWEB~1\LOGMAN~1\bin\MGTaskSchd.exe
C:\PROGRA~2\COMMON~1\RDHWEB~1\MngCore\PM2Trapd.exe
"C:\Program Files (x86)\Common Files\RDH WebService\logCollector\bin\CLResWatch.exe" CLResWatch.exe
"C:\Program Files (x86)\Common Files\RDH WebService\logCollector\bin\logTransactor.exe" logTransactor.exe
"C:\Program Files (x86)\Common Files\RDH WebService\logCollector\bin\ServerCmdMgr.exe" ServerCmdMgr.exe
C:\PROGRA~2\COMMON~1\RDHSHA~1\discProxy\discProxyService.exe
"C:\Program Files (x86)\Common Files\RDH Shared2\bin\DmComSc.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\PROGRA~2\COMMON~1\RDHWEB~1\MngCore\bin\rmanserv.exe
C:\PROGRA~2\COMMON~1\RDHSHA~1\JDK\bin\java.exe -Xrs -Dorg.apache.axis.components.net.SocketFactory=jp.co.ricoh.rdh.management.connection.EncryptionSecureSocketFactory -Dorg.apache.axis.components.net.SecureSocketFactory=jp.co.ricoh.rdh.management.connection.EncryptionSecureSocketFactory -classpath lib/WsdmSCM.jar;lib/WsdmSCM-jni.jar;lib/activation.jar;lib/mail.jar;lib/axis.jar;lib/commons-discovery.jar;lib/commons-logging.jar;lib/jaxrpc.jar;lib/saaj.jar;lib/wsdl4j.jar;lib/core.proxy.jar;lib/plugins.log.jar;lib/plugins.axis.jar;lib/sqljdbc.jar;conf;lib/log4j-1.2.8.jar;classes;lib/xsltc.jar;lib/serializer.jar;lib/xalan.jar;lib/xercesImpl.jar;lib/xml-apis.jar;lib/resolver.jar jp.co.ricoh.rdh.management.deployment.ComponentDeployer conf/deployment.xml
"C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe"
\??\C:\Windows\system32\conhost.exe "1377691276284418410-64513134619192239692098067610-2048400700-135326905-905166633
"C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"
"C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe"
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
"C:\Program Files (x86)\Microsoft SQL Server\MSSQL$RDHWEBSERVICE\Binn\sqlservr.exe" -sRDHWEBSERVICE
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\PROGRA~2\COMMON~1\RDHSHA~1\Tomcat\bin\tomcat.exe
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\PROGRA~2\RMWSDMEX\bin\RsiSvc.exe
"C:\Program Files (x86)\Common Files\RDH Shared2\bin\Ruaserver.exe"
"C:\Program Files (x86)\Common Files\RDH Shared2\bin\UAUDSAS.exe"
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
"C:\Program Files (x86)\Common Files\RDH Shared2\bin\SydServer.exe" /RegistryPath "HKEY_LOCAL_MACHINE\SOFTWARE\RICOH\UAUD"
"C:\Program Files (x86)\snipsmart\updatesnipsmart.exe"
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlk.exe
"C:\Program Files (x86)\snipsmart\bin\utilsnipsmart.exe"
C:\Windows\SysWOW64\vmnat.exe
"C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe" servicemode
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\ANTS\AntsUpdateService\AntsUpdateService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
"C:\PROGRA~2\COMMON~1\RDHSHA~1\Apache\bin\Apache.exe" -k runservice
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
"C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe"
C:\Windows\SysWOW64\vmnetdhcp.exe
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
C:\PROGRA~2\COMMON~1\RDHSHA~1\Apache\bin\rotatelogs.exe C:/PROGRA~2/COMMON~1/RDHSHA~1/Apache/logs/error%Y-%m-%d.log 86400
C:\PROGRA~2\COMMON~1\RDHSHA~1\Apache\bin\rotatelogs.exe C:/PROGRA~2/COMMON~1/RDHSHA~1/Apache/logs/error_log%Y-%m-%d 86400
\??\C:\Windows\system32\conhost.exe "-2096027665-574068873188995082019829483381942717548-58157396-1693310071573413278
C:\PROGRA~2\COMMON~1\RDHSHA~1\Apache\bin\rotatelogs.exe C:/PROGRA~2/COMMON~1/RDHSHA~1/Apache/logs/access%Y-%m-%d.log 86400
\??\C:\Windows\system32\conhost.exe "-19477236122109921451-13042475201422858729-9469229418703230715434707971940671382
C:\PROGRA~2\COMMON~1\RDHSHA~1\Apache\bin\rotatelogs.exe C:/PROGRA~2/COMMON~1/RDHSHA~1/Apache/logs/access_log%Y-%m-%d 86400
\??\C:\Windows\system32\conhost.exe "1619413068645942975794207617-531171616-2102554651-2026352816459928488-532413701
\??\C:\Windows\system32\conhost.exe "1602194677218350153-158069887614505837481395367257-185433539519562651791434105379
C:\PROGRA~2\COMMON~1\RDHSHA~1\Apache\bin\Apache.exe -d "C:/Program Files (x86)/Common Files/RDH Shared2/Apache" -D SSL
C:\PROGRA~2\COMMON~1\RDHSHA~1\Apache\bin\rotatelogs.exe C:/PROGRA~2/COMMON~1/RDHSHA~1/Apache/logs/error%Y-%m-%d.log 86400
C:\PROGRA~2\COMMON~1\RDHSHA~1\Apache\bin\rotatelogs.exe C:/PROGRA~2/COMMON~1/RDHSHA~1/Apache/logs/error_log%Y-%m-%d 86400
\??\C:\Windows\system32\conhost.exe "1465778534633821760-7591221502626402981772119406231332977604188620-1599702464
C:\PROGRA~2\COMMON~1\RDHSHA~1\Apache\bin\rotatelogs.exe C:/PROGRA~2/COMMON~1/RDHSHA~1/Apache/logs/access%Y-%m-%d.log 86400
\??\C:\Windows\system32\conhost.exe "704228965-998430265651930346-14070300522112047355-91908308412702222771330794395
C:\PROGRA~2\COMMON~1\RDHSHA~1\Apache\bin\rotatelogs.exe C:/PROGRA~2/COMMON~1/RDHSHA~1/Apache/logs/access_log%Y-%m-%d 86400
\??\C:\Windows\system32\conhost.exe "380499730-14669417871807028513-94770197-167126758514926572963589274452111283719
\??\C:\Windows\system32\conhost.exe "-199698669221364597481497515153-74008895817627667741668710718-1133411737-1515934431
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"taskhost.exe"
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
taskeng.exe {9BB49715-7B3B-4274-8EEE-ED194DD7666B}
C:\Windows\system32\rundll32.exe "C:\Program Files\LENOVO\HOTKEY\hotkey.dll",InstallAudioHotkeyHook
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe" -Embedding
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe"
"C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe"
\??\C:\Windows\system32\conhost.exe "100033476914382225332006775124-1267758375-2099624734-1077570026107488945-1938088783
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-db4d7bcf-6b17-4565-898e-f9407e55884b -SystemEventPortName:HostProcess-8ba7f695-b952-4417-96bc-d4672d6540fa -IoCancelEventPortName:HostProcess-77b3d912-95c6-49ea-a212-f39dd65b7830 -NonStateChangingEventPortName:HostProcess-0b8a1235-e80d-4ce5-82c0-658ddadf00bf -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:48508109-2ffa-4062-ab8b-0b6a4481a1a6 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe"
"C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe" /IpNotifyInstance
"C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\Skdaemon.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe"
"C:\Windows\System32\TiltWheelMouse.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\David Belik\AppData\Local\Akamai\netsession_win.exe"
"C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" -tray
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"C:/Users/David Belik/AppData/Local/Akamai/netsession_win.exe" --client
"C:\Users\David Belik\AppData\Roaming\Seznam.cz\szninstall.exe" -c
"C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe"
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" /ELEVATED
"C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe" /n
"C:\Program Files\Lenovo\Fingerprint Manager Pro\opvapp.exe"
szndesktop.exe default start
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
"C:\Program Files\ANTS\CtiClient\CtiC.exe"
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
"C:\Users\David Belik\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "-1129714006-588803672-1971138984-19095018401336608489-1479935869-1762480045418148692
{0D7EB6BA-98E9-4E0E-930E-92F05D54EFE5}
{50B8837E-CF19-4538-ACD6-AAAAECE2C099}
"C:\Program Files (x86)\Integrated Camera\Monitor.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Common Files\RDH WebService\logManager\bin\MGResWatch.exe" MGResWatch.exe
"C:\Program Files (x86)\Common Files\RDH WebService\logManager\bin\ServiceInfoMgr.exe" ServiceInfoMgr.exe
"C:\Program Files (x86)\Common Files\RDH WebService\logManager\bin\CollectCmdMgr.exe" CollectCmdMgr.exe
"C:\Program Files (x86)\Common Files\RDH WebService\logManager\bin\LogView.exe" LogView.exe
"C:\Program Files (x86)\Common Files\RDH WebService\logManager\bin\EnvView.exe" EnvView.exe
"C:\Program Files (x86)\Common Files\RDH WebService\logManager\bin\SyncMaster.exe" SyncMaster.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
{7E35CC2B-9626-43D6-8F04-44CCB260F9F0}
"C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\system32\wbem\unsecapp.exe -Embedding
taskeng.exe {B98D0120-B596-43FA-A193-EEAD82508ADD}
"C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files\Lenovo\QuickDisplay\QuickDisplayAgent.exe" Hidden
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /uac
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /SHOWASYNC
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\David Belik\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\361f8355-b3de-40c6-b157-e34720621897.job - C:\Program Files (x86)\HQ-Video-Pro-2.1cV04.12\361f8355-b3de-40c6-b157-e34720621897.exe /agentregpath='HQ-Video-Pro-2.1cV04.12' /appid=65781 /srcid='002255' /subid='0' /zdata='0' /bic=832F3FFF7BB14122830BBAAE356F3635IE /verifier=ab0f913f68ae728f02f715456d0ecc46 /installerversion=1_35_11_26 /installationtime=1417701458 /statsdomain=http://stats.newstaticdatacloud.com /errorsdomain=http://errors.newstaticdatacloud.com /extensionname='Information' /torpedoiesleeps=1000 /torpedoieplugins=93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 /monetizationdomain=http://logs.newstaticdatacloud.com /runfrom='task' /externallog=''
C:\Windows\tasks\387aa7a6-d4ec-436a-854a-880127b1eeed-1.job - C:\Program Files (x86)\HQ-Video-Pro-2.1cV04.12\HQ-Video-Pro-2.1cV04.12-codedownloader.exe /rawdata=GwoG8OE5u95JtKbeiJzvkKGeUzcrIHSd4tAqpIscipVr7sQWrg1bDTGlcFDAb3zsbjxUOXhdnQRKmxiA4JDNRF62f8Lv7qiblB2BM6l73PaoJpCwT6iyAeCMPjgkn6sEbn3kUeSLnhewj5tcpzX7TmVvvbQI2t/FRRjVzj1PtxK9X1nuzqp9i4uVp3CxPVTNHNi83IT5mGlpINRMVpiSdJ81VjHwTHeqqWRj6u1h7gA3KlhFsvWa3oku1KVR3Giwpp+NIuJKgaB/X1COCHVLWXLjjzaegqyUBa2BdV14RnekJLj2rMEbvIx+6ujdli53WihNzmYrIZUH25/jxhn5D6NucvdpgkSOjjs6IpdCfQydisHBzeAO65wjWEMdgcY5kRS81VBmsFOr6HiGpg6qIhyanz7m8mBqGDmNpEaDacULvA+Tl0pv5ZP4YJilTB7h0eUre2Lb3i0eIw+f3HsgPiTbeKznPVpYj/L3q9ap8AU+OUc8M8xv6JImahTEaJgbKJCYPnLmT1dyBKyPqC0P/n8MNvaVYrG3ovaxyK3jat5E0wUERbhNZOasUE8zJh+3u/ckJSDusGAiRlxdFCT6wQsOEXVNi4WlG5xRtaRVigb6qahqu9Dl9ODcJK4JtSdPuIXHpCUfV2euZoQYj1nQS4ZYOTojNXAY7P5sOKeyzOF6nSL5uT4a9u2dJwo77ClKp1bWHl41ikplshNWH3QjWGUN4RaxvUfMGxlj11Z1C7I7E0QNH/z1+1Purbo1ikom4k5XNiY+xWCv9LTfNmfk5rDV/Zor7NMs1dM99qBZDH+DejpC8oZx3NGw7AQIM51fHUgCV5MpjL33JFRu9kqmXEMo56u+jgBCh3QwE3o6QHcLjK4rzmlEPI99ow26FF1AFoyhBadcF4304xvHJRUXxqDpPYImXnUZmi8Bl57bVkDvbONDTZIAgc5aQnbqWro4LM0PgUjMikGEUDHbvZz6BxcNIBhgz7nFmlLFUDaC5Q2Ts7kR/PRWaa0e0aZy14w9UG5qtnbm4204GfyyaCKjmKNi4VnfXs3ryHbT1i9cvXEk6HFqpb9RKym/Yu+I2Meb1AOZjMkPp3o5nf9DBnhOy1ZZa4DR/0Fh3EWc3Pi7qw9zNdfFyusYyPrXaV8AEUBdrMreVLPjLIBz7Pbuim/Hb3jAYGOEHyUGQnCeMzMCbriHdyBfCIKYwVv6BnvTALZuCicN+QVkgKVFw9ZQNTr9KkQ0eiS+INxHLt5DyC7Tz5tk7zkU0ZOQ713EN9gVGLSC9Qw5GY3EYKnCog0AkxOEEPzxxTKM6uGpy35EKzmAy7JHDghHA0NPqSIELjCp2rhum1zeO2zsK5X9PAVaGXa3GIE5LP6sS1RMEccV+JAZqokNAgq1tEbfA1QVNp0mWt4i5RUupg2GS7RbI9s5N78vPx95y+lEw+dhzQV4fj2vndZKKFgO4aQ47R2lVMMD/LwKYJ9KhbnM5qeOkfp2jw0iY/vRRy3B2b6/72MQtzsVHiTaXbqQVgqNB6a8wDt2FlUL
C:\Windows\tasks\387aa7a6-d4ec-436a-854a-880127b1eeed-5.job - C:\Program Files (x86)\HQ-Video-Pro-2.1cV04.12\387aa7a6-d4ec-436a-854a-880127b1eeed-5.exe /rawdata=OZPcjWy2F8znoXAWqhiQ/UdyOPWXuTDGiVEH4zLoE7zMkhj8CrNn9N1JUSKLGwIHx+Cht5JARVp2sPOxWJQSzOHIx4YnBX8bXzPF3sfeCe30GUhfmv/oOu1NUq5hcZVbE31LNDEdiciY/nCHy+XldHvXwkgLUlrP/RhtxWUt53FJiDdJmCDqLS3vRYoiBaRChZ/epJ5eDaqHNWUWuPkn34w784LSjqKhq3u1bXJPr7NygQ6b6cZvRG3JeDagEMfO0C44lRbcIxhwpABgJOrVdzq4GyGBzcsYbEpzclGrvIlegtAesInszVr4kJmstxBRtQoebUnL4Dq8ImcLgAmxzkm+r8lQpU3b1h7rn/0yHeHOmRUAPpv5PH9hn4t5UzUlrrsSncobfULEgbhH+2xI2oeNLd3tOKr58XadpAk/IKZUO/7dff3TWtpomMZ+Ts20iwqqm0rc4pKXzTxZqupZ8RZ5++ydyS1uRSFfp6s6zSEIt/fY/bdWTCFn0r2Ax5T2R16iM2SQKNlW7oajh+DacjhI02AZ4Yr+L3I/1u/trNWVgmOpxbEbwPbNyMs4CIV3B7ghoxd6rfqgDvJKJr8zdP/H6tMB18ViDvPqSGH6M2VpvgYxUHAdCPspFg8mKMU6cWUOFliLMvhzFCkXgMo0x2CYaSKp9f/cz+dpHC9AgiSdyuV7ZmNZquNn1qoOa9S7Pb1nTd+dSgEiwb48tJSxhBTFASbFtSqBdDS+UJu9lAnIQ0a8cu6hslitszRoCWJPrBLahvZHTNbhoT12i/eefgAryEjL0GcjqdSg8kx1la4A602HApss8FUyRl+/gecy/zIR5lSeQGZIFQFKjMhSFyJyH9fr00WSSuCe9oKnflniYfylQUSQ0F6VM3GrgFfJ8pJ3Uyz8DDLNESE4KIKn7UcS8fNe2J19HOWpYr5P7HcuT6Lc56R3rTVSoP6CllFBIvtvItsEZ/EuiYM2lpsOBH1MgH33JJyVAi1UKR9vk5X9jREfoyCzRFJiNixMfCVY
C:\Windows\tasks\387aa7a6-d4ec-436a-854a-880127b1eeed-5_user.job - C:\Program Files (x86)\HQ-Video-Pro-2.1cV04.12\387aa7a6-d4ec-436a-854a-880127b1eeed-5.exe /rawdata=OZPcjWy2F8znoXAWqhiQ/UdyOPWXuTDGiVEH4zLoE7zMkhj8CrNn9N1JUSKLGwIHx+Cht5JARVp2sPOxWJQSzOHIx4YnBX8bXzPF3sfeCe30GUhfmv/oOu1NUq5hcZVbE31LNDEdiciY/nCHy+XldHvXwkgLUlrP/RhtxWUt53FJiDdJmCDqLS3vRYoiBaRChZ/epJ5eDaqHNWUWuPkn34w784LSjqKhq3u1bXJPr7NygQ6b6cZvRG3JeDagEMfO0C44lRbcIxhwpABgJOrVdzq4GyGBzcsYbEpzclGrvIlegtAesInszVr4kJmstxBRtQoebUnL4Dq8ImcLgAmxzkm+r8lQpU3b1h7rn/0yHeHOmRUAPpv5PH9hn4t5UzUlrrsSncobfULEgbhH+2xI2oeNLd3tOKr58XadpAk/IKZUO/7dff3TWtpomMZ+Ts20iwqqm0rc4pKXzTxZqupZ8RZ5++ydyS1uRSFfp6s6zSEIt/fY/bdWTCFn0r2Ax5T2R16iM2SQKNlW7oajh+DacjhI02AZ4Yr+L3I/1u/trNWVgmOpxbEbwPbNyMs4CIV3B7ghoxd6rfqgDvJKJr8zdP/H6tMB18ViDvPqSGH6M2VpvgYxUHAdCPspFg8mKMU6cWUOFliLMvhzFCkXgMo0x2CYaSKp9f/cz+dpHC9AgiSdyuV7ZmNZquNn1qoOa9S7Pb1nTd+dSgEiwb48tJSxhBTFASbFtSqBdDS+UJu9lAnIQ0a8cu6hslitszRoCWJPrBLahvZHTNbhoT12i/eefgAryEjL0GcjqdSg8kx1la4A602HApss8FUyRl+/gecy/zIR5lSeQGZIFQFKjMhSF6iS1/x2X6qKikPrx+qlxBng/OwrYI6NGsY3sywkvYkxHaNMOUZb/eDyzP3ECKa/PRwdVSgNe4dO7HCtGOSuT/Qmxn1wgF56xdMlPvevEXc3huh+1TyeUiRKDeG69Vxc2IEJMXdYi7og5vIBrdUGJ+b7SEZrdOudxpjG2cAHKWhB
C:\Windows\tasks\834b55ac-b156-431b-82d5-8cc6e64aff40-1.job - C:\Program Files (x86)\Ge-Force\Ge-Force-codedownloader.exe /rawdata=fNhi0Bme/ySlcK2XhIqde+C9cAt/NckGMRrEJtecf7OtYpAwEWXUIEzYL/HQdZnJ94Z71vT3AF+sbywO90M5IPWle2jTudNlWnX+kym3o86j5BCpFu/DHXv7708QGl14YlrujvIz3iQiXmNrUJ4APwKF83wZdaOgAIgPqQP80xWaDjnu2uxg86f/ofauaS4VmWqrX/0zTTMwbtFCDeU2bltIw4aaGpyMIjo1AbhfSQCbzfke9LI9drkMzc/p/BqYZ7qIouZzWnrO8WsqcQXR2ECpOn3f7rktixS8AImhy+Rx/VWyt+WrIpsgLwfSyyPvTQ9d4TeT9YvBKcZhT8pa3wSu5Pz85STCiUHosbqAAvX+eKDfjCrvdrJQyUjgIvE0i9OWpiDgPjENiafTTCPZ5klle40Wch8u8yg3n2GI6sYhs3EllfWD+XHyUNIuWt7QzqgoKyngCvc3qfdzXiLi1/UxB5qlVq9ucoXBLrgy4ie25JIBPrzSP3Wfk4mNhtPBJvDwO5mlt3Th2huZeTZBfd0CTVDsC9yXStm9eu8O2hfaiMQL+fBNwraQVXfuJ4R0qwzNijKWnXH+XzDe4/rS7r85rTMdAveMY6G3EJ/WrtxqmzsmiVdmAGQIWw42I95OiG+8K9gbBWbYb5NtLTL4xaoKcZULkvFXzv8hcPFNjf3D50pzfQMGe+q3OsJ17eKoqQEhulS3uBm28kki/EMLuWXpF/Ha6BAGB187H3UxruPdy+ty2wn2iINQ8QzJXnuF9s3Kqao0QGToqRNdaamxLp7HrGleuaJ90H8rEMSz9ecz9ZTm/vhisbLmMWDZFJ0xCYWlX3cHZh8yjhgL/a1Mt3FddWgqTgj2yOe4rlUgP+3WPq+V2Q9NvdibJFItnWbca+/voKHnyyarR9ld/ZAkpxzJpzWBXDRl2APscrhvElX2gRZ9mfVzEx1JxBnGSiNRFVQHve4ZARjXPwIAvpET0DLfutdCg6bcNekgU7L/dVVSO8VHnNE+VuwjRLAIvmTZxSHKN9dnCGup4DvxRz4oVIdNgwp30KgqAV3RGDGozZQz/qJxhzidCMUd4q5GlBLYLh4pmbGjthHVesFQ0JSm6cP52PqXEVr8pyOTPNLy5ImF2yXSzGuPLXaGOm+srd6Pp9jGzRBB8FpT/Ja5Ne70Svp+L5U19KWJTwSaxLt1eAghlATplvQmqdNjY77v5DefR6cExDeI6lIJOu140ibi6BZpfgZbzX5ICfAmyaPnkURyp1GRDCoX1wITOlEZyri+RN8xKJ0koP1+HDnHtx7J0Mdjtsb1XWbIGDxfb/C+Eh+Pv4dZbzbHK7BIRc/Y+fvRaPzFV4cbRkpuocGYbsxoZsM7+Jll65QrFVX/wpXrXHxF+p4kbmx6M8HhBa7tDn6cqvmQyoVGZesotKZlgYtcwlA2ZzAwAzMT5QB2PJpp4bj+O4T7vsrgrzS+n5GDd7sso1Yy9cqvcj9+H9wwbqgqPQPcM1pFuWf5d173dAOfJIKqROXKvz0KQSzD3DwX47uSJ1s5JuekkJGTDvSbp/uWXv9MASTrtRwTtTF/uBjliKlEl5fSCwj7AJj1zRk+SAUGDOb6uFJ4XaDzD0u3Qeys+Pcl0A1TJQFdHctUFumNkuJ/kfkm+trDT04gojXDSU+YZAv43piRVxXlPrBPXG/9CAPZhocAJTd+8/fa0jn4nzE=
C:\Windows\tasks\834b55ac-b156-431b-82d5-8cc6e64aff40-5.job - C:\Program Files (x86)\Ge-Force\834b55ac-b156-431b-82d5-8cc6e64aff40-5.exe /rawdata=SNDucCotZvv5+ShVqxcoHy788L9kuuL+0fLy5/eq41L6KEhIfy3TxugAe9d0VPuhkhZDEnT04aO4lMAAW4S7paOypQZfamK6HtQqHaquJTtpzbUN6ybVl2ckRcjBYOiqb+R2L56GrB+t6/plx319rFI15korEomOoduc8xf3F5kZIMPC/KeKBiHg1I3RiFmQswAoI7MsanLksR/clNEkbK2lbQKiP1yUmRpfVBj24habKHza3pimmtLzBYnhFw+exDbRECJ5zNYsh3fOgqqWqRGeOXicdAlU5INBlFkTRDYaGC62zA45+NLfh0PUoibtMZMr/rbRmGfh/NTLAmq6rYcLAZAuSKo7fEdbwiQymmCx4CG0i3iGjPiMyS0GNX5kKeiTzbbDMeai3qKrTmWLzEMs47WEYH28yeZ1AYMC55oOE6mZ6y1ucL5kfmydpCHbN02brciipMQW0249c1+E4jyDbgbAcYoeJE5n2ZmP/L9B55hnWjEHwnCBqRRPB5YibgsUzOA6lyA1ctLd6Dl5f6HZp1urEqlBZsdVzSpffy3O0muVi6by0KSDmMZp4lwLwdAdcgkVPE5IQpSHAiJA1JIw9gJYAwL+XX3UBOEA9u1n56Lx8pxk+iWOKufu+DD/chHT4EcnEZ90dTF8lZUuzs8+KDVCLXCG5H8KhnmstSieEcDik1aFFhfe9+Xt+YtNQUBAAL0eK1BPwVlkLJEq4VRuk1YzGsZZu9Ig/kvIuJ9K/vUqfsSKYCcqT4YxUiVn2g+3xjj24KX3tc0txRS/cPnAj4hWJ5U3qUzFV3CyTHm8xQI0aO6LWWUgSJC0PDuAU6cQOkZ/pOPWYvplcbLvx1t1uHrqZg6ERiAQ7NEz/0CEIifjKjNFctkvFddHRhpHBxotgGT5o+VR2Ja2X2OwjUx4FIJb153jeaqfYLEKkXxEnKtzZwmsCPvReoIcAaHkhc2+7lG7JczGElt9ix9elnn2XaiF/6egxhWK0dp8dr2jNVO/T8+8eHUTrfsWI0u2iSoabVg06uSKEfii89gNTQ8c3xMjINRIdgWHBD2UY+k3Dqc5hF1nKLU8Y4JGGy3lKlOhzBQCaoJ60pzdzSqHwuK6nKSi/laMTbPUtd5U8+8tfigJR5gYADE9kiAhSPz+lEXXrDSbN59ertKcVFO07Vo/+U3H24mzu21UTohGV+8=
C:\Windows\tasks\834b55ac-b156-431b-82d5-8cc6e64aff40-5_user.job - C:\Program Files (x86)\Ge-Force\834b55ac-b156-431b-82d5-8cc6e64aff40-5.exe /rawdata=SNDucCotZvv5+ShVqxcoHy788L9kuuL+0fLy5/eq41L6KEhIfy3TxugAe9d0VPuhkhZDEnT04aO4lMAAW4S7paOypQZfamK6HtQqHaquJTtpzbUN6ybVl2ckRcjBYOiqb+R2L56GrB+t6/plx319rFI15korEomOoduc8xf3F5kZIMPC/KeKBiHg1I3RiFmQswAoI7MsanLksR/clNEkbK2lbQKiP1yUmRpfVBj24habKHza3pimmtLzBYnhFw+exDbRECJ5zNYsh3fOgqqWqRGeOXicdAlU5INBlFkTRDYaGC62zA45+NLfh0PUoibtMZMr/rbRmGfh/NTLAmq6rYcLAZAuSKo7fEdbwiQymmCx4CG0i3iGjPiMyS0GNX5kKeiTzbbDMeai3qKrTmWLzEMs47WEYH28yeZ1AYMC55oOE6mZ6y1ucL5kfmydpCHbN02brciipMQW0249c1+E4jyDbgbAcYoeJE5n2ZmP/L9B55hnWjEHwnCBqRRPB5YibgsUzOA6lyA1ctLd6Dl5f6HZp1urEqlBZsdVzSpffy3O0muVi6by0KSDmMZp4lwLwdAdcgkVPE5IQpSHAiJA1JIw9gJYAwL+XX3UBOEA9u1n56Lx8pxk+iWOKufu+DD/chHT4EcnEZ90dTF8lZUuzs8+KDVCLXCG5H8KhnmstSieEcDik1aFFhfe9+Xt+YtNQUBAAL0eK1BPwVlkLJEq4VRuk1YzGsZZu9Ig/kvIuJ9K/vUqfsSKYCcqT4YxUiVn2g+3xjj24KX3tc0txRS/cPnAj4hWJ5U3qUzFV3CyTHm8xQI0aO6LWWUgSJC0PDuAU6cQOkZ/pOPWYvplcbLvx1t1uHrqZg6ERiAQ7NEz/0CEIifjKjNFctkvFddHRhpHBxotgGT5o+VR2Ja2X2OwjUx4FIJb153jeaqfYLEKkXxEnKtzZwmsCPvReoIcAaHkhc2+7lG7JczGElt9ix9elnn2XaiF/6egxhWK0dp8dr2jNVO/T8+8eHUTrfsWI0u2lPYWA4sNBEzTIO0IPNe7tZSR+Vi2hYPqzVvJIaPJtCqW9x8LwWWdefJqF3ISideEkzW1HtKGp8HxAX4HfrsHYCCV9w1JFdZPxSqg33LmK85enrQ4JFQhvqh4YsOIECI+TZg2VGsl+6zA/IAHhXOYDP9AD5FCkibMJRJbrA0YgE0NNX64xGSsyqcDl9Ijp3W343nRCW9wHwHkKgEp0s0sZ+hOiByTsyxIwyk9pCXyT1MCUtD5/NMyya3/cFyMhtcmbgC/a42gZl25j49JJPDWHso+oXrM7RsDfnsXuqv5RGDUqkzYhgZmWvtYsaPcA6enaT45XvhbrVtm2ZPJdmPHxQ==
C:\Windows\tasks\AmiUpdXp.job - C:\Users\David Belik\AppData\Local\23319\Updater.exe
C:\Windows\tasks\bc3e5259-216b-45ab-922d-6380dea9f0d0.job - C:\Program Files (x86)\SavePass 1.1\bc3e5259-216b-45ab-922d-6380dea9f0d0.exe 001504 832F3FFF7BB14122830BBAAE356F3635IE 63429 1417701314 93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 SavePass 1.1
C:\Windows\tasks\bd235320-55b3-4b4c-b65d-42e16109800c-1.job - C:\Program Files (x86)\SavePass 1.1\SavePass 1.1-codedownloader.exe /rawdata=RsvLIMCRYMiLOrmHtiSxQmv8WsemT1489KAIkvhx7+lUI6wurrfPy2WXn9EIx1IysCZ37zYurlMijTDzh8Ggeh5aa7SDwUJudWhfuFC4KlR45YxkbHExNmKKnXBSUoRj5gZ9Y44PtmWwafDdpixzh/+Iivx7oXlj8FWGkmkPdastS8WLwT+zQAnDYBQQtMSApKTvrYqvImIuRww7P6UvV8yH526ifJB76+fjPSZqtb7AcC6yHAA5A7iGmy6NLRlD03JyuQN6WRBEMruGzTsF7a4UzA2V5n6V9XPkmsBjxa0LYSWyUSVvcCo9P6g5fdGwe5w2QWxlOjSldgJfI8gZ3EXMJyiGdShqpCoX3RZQPAL6PantDEg4G8POH8WzcJ2l3BcaEcTprBgW0H9qZoGkzDfrdshssbxxtKHJeJ8awvy5UkNi/sfyczdhteC5jjebJDQnTVTt+DOmJOWjKQ0HLibVxk50Kndr7+6jZFOtJal23uckiTRtJKbY8hI1k0eFIOFUApf9PbbRAKDdfnLCGmdEdSL+x5JHWR5LXvhocpl9zbqqZPcF5Bu+iZuKWKVAaHt4VFsFgbwafBeg5jhkAsazsfAh1XrhbT4bLneJ12f3bhxY2DoIUY4ObwaKkCqcRJuFFC1Bz7VNmJ2lu2AgJljBMGbF3iHds4sgFM4tpqEv6Gw0JrDc2oJW1QCizP9J3B0h8jj34nUKU985x6JE2hYJJxuSE1MCNXvGlqP3TdDA63j/1vL6anA61GJBmW8ryEIKOsl7GlG6XAIK04ZbICBPBcRV5aqU7tQ33/wM4cMv4ANXOlIvB5H64fAgZBACLrmcR2QARNlH5oqTC4C5C1RqiQXUmLqE/LQ5F8e++iB7cFJKuPMHEHcd78ElB9hFnup3W+FYIPSvCjStzj64XdW29TXGr3KqCIzuqEzUUU1sgqTQHD4kWlxVOD0Y+ob+6lBGWZWOdMy1KLm/1HzBwcFx7HSR+e5XAJEwN/8btP1JMmFVXRCfeYGUczm3xCtZtZBsGuiznJoX29oXSP3pLzCU0LnQ38HOhDQ7lVJhVOwXZiODD7QtvxjAfDhju1XQbpbtrgPWkVBiLBnpxHPHnukO+4XL/mz2Vs1kWtZqUkNTZOgKNm9enBSMPWMF9K40NvguPapdZQTg8/hw5n3HPLQaFz4qpDd0SAX/cjhMx2l/y6eUkU64W798C5a2ruwre60HLMSNRPi4O9XrmpJXqEU3WXKqgPQicmz62dfwLK6q0mIMW2Ejhvy/m9BRcg2xABx7QvnH2YbmjV1CZhvv8fyODZvrWJ8XT/cLb8RCQmgTi4n0v1qV+R7/5PCldIob5oYPKhDxZHEzn9qVWch+joiIeghz8HRQNtDn7wZ86Zoh+Y+2Cjp74rXvFT492ACBLCFTo250vZ8kGSxsb1/hqorofYder+UH2LedKrpLCu0IJPhgzMQrQXbQWrupQZErMfHPBnivrcKccsOVAI1UFJbLdc3olWXW9OHRLqkyUOG8tQuYnoFurqVbAGwtSgfv
C:\Windows\tasks\bd235320-55b3-4b4c-b65d-42e16109800c-5.job - C:\Program Files (x86)\SavePass 1.1\bd235320-55b3-4b4c-b65d-42e16109800c-5.exe /rawdata=tOk6U5mFyMGkhBrvYpTFTXSKBRgVv1y/g4gRFINtSoRrK/vaI4JT3aJRC8DigjX+GNuCS176KjMOQJSyu2/V4c1PAbthYpwDvmfrqtw3cX8LBHt5rHJ9vS0aOW+YK93bcp39xbiFB6foic1IpvIbKn24PI4UBlSGosk+kv3EyMx2DlntUocXG/HSC/hVAmW5TzvTj4+XAReGRg/pPQgd6SCPjhgETE0siSq6IOhWgOmPlbtT2jORyf3XlzLz8ILAoh36euvhVBB08Yrfr1+9FlLYHDLrcUcHLnDtJvFzPeefHWyK/vuskNY5uGLRHGLufDsY4c8NEYPU3upSIVroipdBFGbiBdKe9XoC2sfFE6RCEGTexHq7mt0EzbKBB+92YVPTVbEmQRv/2k4FLBGiEqgwsSRzahbEFdlX6LJdKQ7gPGFOYITwEv3G5bRDU2RzLdsOxkK9Ddbwm7YFSWuIPgyLpYJWhqBSbiCefIatMLxAh396I72B5z87a8UywKfmHu9JAG/AsoCmN0JjltlByv6iOmusze3u8qtSnXnKDMHJI6uwkh3J49dsfAwkEnPnYf054SShg0TCVVvIdjvOYU7AIURo/1iY9y2kJZwlrPF3f6tUhA/tN0c9Vk4NvuD3u7tiX8tsgOvMcTatsoZTl42dFSwLZ/j+kX+TmaupPf44+S2hhjmVYBYE0VqahNWLfeupQJEwBnoeFIVHoELBIBuKSRtyXktWAaC1dJMYe9a/Ct2eN8ZjzPyDG0E+VVV9OVQXJVVW9AsywU0KUpfgfzz3rLaK2EZoVBXgJCuM/wIoO5hX3lbAftoU2/DL0dbwdMwvQXhLQBMga5+w+wf0XEDr6God8HATvqv4gSJd9wy5yFGXxChXpSXdXb8l76fFYlvRyc3erDlM0pdX0ImTkg3Jzsr5OFCDkgDHqYXqCf98ehzfh2irWofgURlmxLdhaX29NbRJP9TtStGq6K5DJxD+ZdLEZUPRemeOCxpEYVq2wTmCUulsACHG6Zv/22DC
C:\Windows\tasks\bd235320-55b3-4b4c-b65d-42e16109800c-5_user.job - C:\Program Files (x86)\SavePass 1.1\bd235320-55b3-4b4c-b65d-42e16109800c-5.exe /rawdata=tOk6U5mFyMGkhBrvYpTFTXSKBRgVv1y/g4gRFINtSoRrK/vaI4JT3aJRC8DigjX+GNuCS176KjMOQJSyu2/V4c1PAbthYpwDvmfrqtw3cX8LBHt5rHJ9vS0aOW+YK93bcp39xbiFB6foic1IpvIbKn24PI4UBlSGosk+kv3EyMx2DlntUocXG/HSC/hVAmW5TzvTj4+XAReGRg/pPQgd6SCPjhgETE0siSq6IOhWgOmPlbtT2jORyf3XlzLz8ILAoh36euvhVBB08Yrfr1+9FlLYHDLrcUcHLnDtJvFzPeefHWyK/vuskNY5uGLRHGLufDsY4c8NEYPU3upSIVroipdBFGbiBdKe9XoC2sfFE6RCEGTexHq7mt0EzbKBB+92YVPTVbEmQRv/2k4FLBGiEqgwsSRzahbEFdlX6LJdKQ7gPGFOYITwEv3G5bRDU2RzLdsOxkK9Ddbwm7YFSWuIPgyLpYJWhqBSbiCefIatMLxAh396I72B5z87a8UywKfmHu9JAG/AsoCmN0JjltlByv6iOmusze3u8qtSnXnKDMHJI6uwkh3J49dsfAwkEnPnYf054SShg0TCVVvIdjvOYU7AIURo/1iY9y2kJZwlrPF3f6tUhA/tN0c9Vk4NvuD3u7tiX8tsgOvMcTatsoZTl42dFSwLZ/j+kX+TmaupPf44+S2hhjmVYBYE0VqahNWLfeupQJEwBnoeFIVHoELBIBuKSRtyXktWAaC1dJMYe9a/Ct2eN8ZjzPyDG0E+VVV9OVQXJVVW9AsywU0KUpfgfzz3rLaK2EZoVBXgJCuM/wIoO5hX3lbAftoU2/DL0dbwdMwvQXhLQBMga5+w+wf0XIrlHnUsfsNvzHgs23ag5ev9Z7D6QlDopS4adrEkB6CCvsBEQzOylWS0BEKQVaHaTpoLSwZLlYHfB0d0olN+Te1jKffz4lqcbwHVTsedCVv0KKwuYwzF1yOnmJVZqmP7EHI3nSLDY78S6CUPHjc98isS/yoSfswWfaxzjUfPsUPB
C:\Windows\tasks\c156bda9-04bd-481a-9a92-a48043392a25.job - C:\Program Files (x86)\SavePass 1.1\c156bda9-04bd-481a-9a92-a48043392a25.exe /agentregpath='SavePass 1.1' /appid=63429 /srcid='001504' /subid='0' /zdata='170890685' /bic=832F3FFF7BB14122830BBAAE356F3635IE /verifier=ab0f913f68ae728f02f715456d0ecc46 /installerversion=1_35_11_26 /installationtime=1417701314 /statsdomain=http://stats.newstaticclientstack.com /errorsdomain=http://errors.newstaticclientstack.com /extensionname='Information' /torpedoiesleeps=1000 /torpedoieplugins=93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 /monetizationdomain=http://logs.newstaticclientstack.com /runfrom='task' /externallog=''
C:\Windows\tasks\d4ca004f-43b3-4bb8-a968-e57b85a4b0bf.job - C:\Program Files (x86)\HQ-Video-Pro-2.1cV04.12\d4ca004f-43b3-4bb8-a968-e57b85a4b0bf.exe 002255 832F3FFF7BB14122830BBAAE356F3635IE 65781 1417701458 93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 HQ-Video-Pro-2.1cV04.12
C:\Windows\tasks\edcb6ad5-9ca6-42b7-b108-699d72228f1f-1.job - C:\Program Files (x86)\Sense\Sense-codedownloader.exe /rawdata=EEOw26hJ4wiFMUn32OXBsedk1AXP0HNKbw5HeGmXeB4uvvNpTs12zd2YaFZI6cDBejIKo3nPy/4BQReDBJbrvJWEY5WsiqA+Bo6rDR8CHrWyDYLD7plW1522iKNeqG1cUNwH6LN1vYy+if8tiYZieieLGGiwfLzg1uY0TT+kXqAhWRli0q+oosfvZibKBdNHDW0/K5AHNX5R5QaXYvFMC9I9IpdxTDNU6ey9bIf7VnwVYxmY/3ns5P1pe20PMKnCA0DQh3Kzv3/sr/AlaXal5dWhuFdErSFu88ZnYclp8d5PciPvl36R2P1vNHT8yH+2xGiUo2tbIxTyRPvtvNLTp34Z2kfD18U4Ix5jtiFWQ4oRqpujF4WNt7Q3VvZ1iBhjGT2gOJ+/r6t0XaPC8e1JfpsCdT93IPa2kYXshknYssCjgn3g8w/kMOyGoScYfOYpR/hfGJaKOW9H1xuWxlsStcXUHG2G4+rFkbD80w9UimTJU1o0W1AQkxgqcSLtLx+Ja8ROqV0+uJVvR+9k3SbLX49YCNd9gz/NoJ8gyqmsMvQKYSlS+Q+OTG1GA300pZ7P1cReVx0OfxqM/4/yiFxRmFyZ8jmAaaw2BRYQDWCY+HnxQg/7WEqA0Ph2exltF4K5V4q0QQ1mpQ6tJwMh5+Vz7WR8VaEPS0mff+ngeCoZaDsp2gfUbjeqRxGAtTggLohCYAMpS9KYR5H7CHZFMJ/GWymZX+cC8VSUtXMkjhB3G3Hku273sSZCS6qmCggYln9A2yl3iHc1vg8IbAFAM9TaVRFXWmakXF/2CaHjkQwWGGutmhxH5h/XOdk5Vhgg//Th0bdnxEzYd5w5RMRGVaO+s4vOaOytPvCb85Yfdgpl5XjoGoNB2ahpn6wfIr0J8dd/5uuDv4P/3ze/qUioke8Qe27iFYNDRS5EwSrrgriqHPVFP/DGw52cZsNuPFD67PT2m+XZ2MsGqBx6r/VkkQ0PGqraR5N11K8JTMdBMo2Aru/q2WAqiNPNSL3ZBzuXQYXssFtbQsi8T44gJeRWPjo/h330G/JEu9oBNTnUEbGByueYS/Vu3scnU4+uTUXKRl1yPNe6gaLEvApaHEG8qrTIp+S+NC263OTXREKKbhD4S7p79cp37X/FlbJUgtrWi8xUQ4v081FuwNSqgjwnsR6EvF0eQpfKzerqzMpfumjZtUomQaofLq5qM6KWzblehp28eMih2DceDl81TQqOv7YJleTDQIHemG7RjnlICFAoc8CZnEHTZq62TrpFgvj3RbduUa92ocnTNRjg0f6QHYMJOvQO70VWgznqFGb8hahxBO80dE5BV1hD2bulZvaTDmCfwgUFLLQMCAr6xsaHc3DmqFS/S44UaPY2qVnY3t/zTQLlkqIip7urYMxHdOO4m+gxj4tr/2TztNQhrnVy50lZWcUq2HSu4MAVgJqnkQ+4WRMzk8hIhn1GasGqF6RxOU1yhpIvJ8LtaHc5ByjtQNM+z6v3u5mEuYqCz+0rPEYEnLfGtn0e9y4mNd/EPDGXJPdIJG2x40UK83gVxMHvossq3s1MhONimML5quWGd3FhTslG/XyENps90qtCD9651I0AaJnsh0qqOp1So9JNn6yngjYnd9KvpAv56kqWS1NgFIO/AvYBtQIaFMRGZS7kDUXyTyNbTLwx1HP9fiYoO8kdacGXvtU2u8z36YXJ25FGsJY=
C:\Windows\tasks\edcb6ad5-9ca6-42b7-b108-699d72228f1f-5.job - C:\Program Files (x86)\Sense\edcb6ad5-9ca6-42b7-b108-699d72228f1f-5.exe /rawdata=mZ1cQ4srj+IC9VmPE+xz6toUnt2cHCntj3hQnBIi8hUDl6+cNm4k77X/AnekB9xZ8BLilvtmsQSjAq/f6qEDO4hKHBrZFI+ArI5A7BtjAA8blcIKeAV4Z8tXHeErN+NrVR9RNGgPrsnnMZvc6aOflm6hK6j67Pc9jYFWkKzdu78GdPf79w/DjemIvY9jp3YnHID9QwFsLf5hGZdqnB15MvQhOPhk3JKv1Lt27ZtGNmZdK1nGNVVocCWmqhjqOjAdSfaOmZzy+PGXq5DnhU+5YP+BFwmyveolSr3eIz3on9ZCuBAldlRIi7yHrVUEatP3ku2k9np1hup2PSc4Aglte71fWe7Oqn2Li5WncLE9VM0c2LzchPmYaWkg1ExWmJJ0nzVWMfBMd6qpZGPq7WHuADcqWEWy9ZreiS7UpVHcaLCmn40i4kqBoH9fUI4IdUtZcuOPNp6CrJQFrYF1XXhGd6QkuPaswRu8jH7q6N2WLndaKE3OZishlQfbn+PGGfkPCBM9t+pVnfr4Y4/ZB/w939IjzHvvPxR/OiXij3Xo/2z+AoZ44lvQYDOJx4lFhPb1CogwtZY7A9gYgo7DkesTReiDZtjuywJuMvm84aqpOyplCg4hKY0ah90i42F9wz6uRa57O7bu8IOqOc7ykjhGUC7hWDTCsiFLZHg173K6uklxhM1NDmluktMvtxkIO14YyH41byAEl2E1KOtRONo6uXjsYQYU4WCUsQaftDb3Ve7h+iP3zwfQZhEkQo8iLFYJtt3RIgZEmxz5fSENeKaPLBchx9b6fKFrrVmCCkLjftKdldiZujh43AtImpSHuVepSeTg1gfST+sNy8c8qr8RJ0+IpA9Xhq3t0QYAh4CLFL7zQl3lt9H8ajW+CxeoOk4iljhsZFBgDzY3PJ4+YgccOvkCrOfPFOBrAljlGwXI4dWv6S9y1lPCBgDJ8NU4tD9+820GbmTwWsLNzAX2/3a29WxRn8LXPN6ty1GnSDogtIbg9YLMQBMXTod8RHY16FeGlumQkvbGbr2+GfTdTwRp3UR5GwDLYhqBI4nsD2AdYl72uVKm8x79A4Z059EJqEZvHjhtoWP7wlt1M1Q2hvwQ5NrvNpCq17BRUH8XlQf2LnG5thGuadLcDA2G5Rq6h8h9i4KDk5EXZ9SGZ+fz4mfOLNzu9aNFze+GhbEnemsuwxY=
C:\Windows\tasks\edcb6ad5-9ca6-42b7-b108-699d72228f1f-5_user.job - C:\Program Files (x86)\Sense\edcb6ad5-9ca6-42b7-b108-699d72228f1f-5.exe /rawdata=mZ1cQ4srj+IC9VmPE+xz6toUnt2cHCntj3hQnBIi8hUDl6+cNm4k77X/AnekB9xZ8BLilvtmsQSjAq/f6qEDO4hKHBrZFI+ArI5A7BtjAA8blcIKeAV4Z8tXHeErN+NrVR9RNGgPrsnnMZvc6aOflm6hK6j67Pc9jYFWkKzdu78GdPf79w/DjemIvY9jp3YnHID9QwFsLf5hGZdqnB15MvQhOPhk3JKv1Lt27ZtGNmZdK1nGNVVocCWmqhjqOjAdSfaOmZzy+PGXq5DnhU+5YP+BFwmyveolSr3eIz3on9ZCuBAldlRIi7yHrVUEatP3ku2k9np1hup2PSc4Aglte71fWe7Oqn2Li5WncLE9VM0c2LzchPmYaWkg1ExWmJJ0nzVWMfBMd6qpZGPq7WHuADcqWEWy9ZreiS7UpVHcaLCmn40i4kqBoH9fUI4IdUtZcuOPNp6CrJQFrYF1XXhGd6QkuPaswRu8jH7q6N2WLndaKE3OZishlQfbn+PGGfkPCBM9t+pVnfr4Y4/ZB/w939IjzHvvPxR/OiXij3Xo/2z+AoZ44lvQYDOJx4lFhPb1CogwtZY7A9gYgo7DkesTReiDZtjuywJuMvm84aqpOyplCg4hKY0ah90i42F9wz6uRa57O7bu8IOqOc7ykjhGUC7hWDTCsiFLZHg173K6uklxhM1NDmluktMvtxkIO14YyH41byAEl2E1KOtRONo6uXjsYQYU4WCUsQaftDb3Ve7h+iP3zwfQZhEkQo8iLFYJtt3RIgZEmxz5fSENeKaPLBchx9b6fKFrrVmCCkLjftKdldiZujh43AtImpSHuVepSeTg1gfST+sNy8c8qr8RJ0+IpA9Xhq3t0QYAh4CLFL7zQl3lt9H8ajW+CxeoOk4iljhsZFBgDzY3PJ4+YgccOvkCrOfPFOBrAljlGwXI4dWv6S9y1lPCBgDJ8NU4tD9+820GbmTwWsLNzAX2/3a29WxRn8LXPN6ty1GnSDogtIbg9YLMQBMXTod8RHY16FeGByeSfqQ3nkiUFELK7NLlwqTqU/RIrYuJmkldE4gdMvMofo9J4VhH+scpZgqHGyDoukts5FUANPXFhtmR2o8LxyEXt11qOsLM1+jRRtovRDrrOs3ZzPW4AG00h8JUKSnSfrus14UttMTDDuolGdUvuo6tJJGwe249okS6MSstN0A=
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191111}]
Ge-Force - C:\Program Files (x86)\Ge-Force\Ge-Force-bho64.dll [2014-12-04 867808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611341129}]
SavePass 1.1 - C:\Program Files (x86)\SavePass 1.1\SavePass 1.1-bho64.dll [2014-12-04 894424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571181}]
HQ-Video-Pro-2.1cV04.12 - C:\Program Files (x86)\HQ-Video-Pro-2.1cV04.12\HQ-Video-Pro-2.1cV04.12-bho64.dll [2014-12-04 808928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]
Shopper Pro - C:\ProgramData\ShopperPro\ShopperPro64.dll [2014-12-02 500584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191111}]
Ge-Force - C:\Program Files (x86)\Ge-Force\Ge-Force-bho.dll [2014-12-04 646624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611341129}]
SavePass 1.1 - C:\Program Files (x86)\SavePass 1.1\SavePass 1.1-bho.dll [2014-12-04 702424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571181}]
HQ-Video-Pro-2.1cV04.12 - C:\Program Files (x86)\HQ-Video-Pro-2.1cV04.12\HQ-Video-Pro-2.1cV04.12-bho.dll [2014-12-04 720352]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL [2014-08-26 392336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]
Shopper Pro - C:\ProgramData\ShopperPro\ShopperPro.dll [2014-12-02 418664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BLEServicesCtrl"=C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [2013-11-13 184632]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2014-01-13 7825208]
"Enhanced Performance Keyboard"=C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKDaemon.exe [2012-08-08 335360]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-02-25 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-02-25 771568]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-02-25 770544]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-04-07 2810608]
"TpShocks"=C:\Windows\system32\TpShocks.exe [2014-02-18 384344]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [2014-05-29 295768]
"AcWin7Hlpr"=C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [2014-05-30 63832]
"MouseDriver"=C:\Windows\system32\TiltWheelMouse.exe [2012-12-19 241152]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-10-01 5595336]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2014-11-04 2774904]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2014-11-04 3681656]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\PROGRAM FILES\CCLEANER\CCLEANER64.EXE [2014-09-26 6482200]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-10-01 22066272]
"Akamai NetSession Interface"=C:\Users\David Belik\AppData\Local\Akamai\netsession_win.exe [2014-10-29 4673432]
""= []
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2011-11-01 1053056]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"PC Suite Tray"=C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
"cz.seznam.software.autoupdate"=C:\Users\David Belik\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\David Belik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2014-09-12 437248]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2013-12-03 134616]
"PWMTRV"=rundll32 C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL,PwrMgrBkGndMonitor []
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2013-08-15 292848]
"Lenovo Registration"=C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [2011-06-01 4315872]
"Integrated Camera_Monitor"=C:\Program Files (x86)\Integrated Camera\monitor.exe [2014-02-20 1719968]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-05-10 958576]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Service Manager.lnk - C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

C:\Users\David Belik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
ANTS CTI Client.lnk - C:\Program Files\ANTS\CtiClient\CtiC.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-23 624640]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-12-10 06:59:05 ----D---- C:\rsit
2014-12-10 06:59:05 ----D---- C:\Program Files\trend micro
2014-12-09 08:51:51 ----D---- C:\Users\David Belik\AppData\Roaming\Spyware Terminator
2014-12-09 08:51:51 ----D---- C:\ProgramData\Spyware Terminator
2014-12-09 08:51:51 ----A---- C:\Windows\system32\drivers\stflt.sys
2014-12-09 08:51:27 ----D---- C:\Program Files (x86)\Spyware Terminator
2014-12-09 07:06:34 ----D---- C:\ProgramData\ESET
2014-12-09 07:06:34 ----D---- C:\Program Files\ESET
2014-12-04 15:01:10 ----D---- C:\Program Files (x86)\Seznam.cz
2014-12-04 15:01:02 ----D---- C:\Users\David Belik\AppData\Roaming\Seznam.cz
2014-12-04 15:00:42 ----A---- C:\Users\David Belik\AppData\Roaming\Font__7226_il146.exe
2014-12-04 15:00:23 ----A---- C:\Users\David Belik\AppData\Roaming\WinInstallFlashLog.ini
2014-12-04 14:58:24 ----D---- C:\Program Files (x86)\snipsmart
2014-12-04 14:58:23 ----D---- C:\Windows\system32\appmgmt
2014-12-04 14:57:42 ----D---- C:\Program Files (x86)\HQ-Video-Pro-2.1cV04.12
2014-12-04 14:57:17 ----D---- C:\Program Files (x86)\Zrychleni Pocitace
2014-12-04 14:56:53 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-12-04 14:56:52 ----D---- C:\ProgramData\IePluginServices
2014-12-04 14:56:47 ----D---- C:\Program Files (x86)\SupTab
2014-12-04 14:56:41 ----D---- C:\ProgramData\WindowsMangerProtect
2014-12-04 14:56:19 ----D---- C:\Program Files (x86)\Ge-Force
2014-12-04 14:56:18 ----D---- C:\Program Files (x86)\Sense
2014-12-04 14:55:48 ----D---- C:\Program Files (x86)\YTDownloader
2014-12-04 14:55:35 ----D---- C:\ProgramData\ShopperPro
2014-12-04 14:55:35 ----D---- C:\Program Files (x86)\ShopperPro
2014-12-04 14:55:19 ----D---- C:\Users\David Belik\AppData\Roaming\omiga-plus
2014-12-04 14:55:18 ----D---- C:\Program Files (x86)\SavePass 1.1
2014-11-20 12:40:34 ----D---- C:\Users\David Belik\AppData\Roaming\Nokia Suite
2014-11-19 08:43:35 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 08:43:35 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-19 08:43:35 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 08:43:35 ----A---- C:\Windows\system32\kerberos.dll
2014-11-19 08:15:37 ----D---- C:\Users\David Belik\AppData\Roaming\ObviousIdea
2014-11-19 08:12:33 ----D---- C:\Program Files (x86)\ObviousIdea
2014-11-13 08:42:57 ----D---- C:\ProgramData\Microsoft Help
2014-11-12 06:59:02 ----A---- C:\Windows\system32\generaltel.dll
2014-11-12 06:59:02 ----A---- C:\Windows\system32\aepdu.dll
2014-11-12 06:59:02 ----A---- C:\Windows\system32\aeinv.dll
2014-11-12 06:59:00 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-11-12 06:59:00 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-11-12 06:59:00 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-12 06:59:00 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-12 06:59:00 ----A---- C:\Windows\system32\termsrv.dll
2014-11-12 06:59:00 ----A---- C:\Windows\system32\msaudite.dll
2014-11-12 06:59:00 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-12 06:59:00 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-12 06:59:00 ----A---- C:\Windows\system32\adtschema.dll
2014-11-12 06:58:59 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-12 06:58:59 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-12 06:58:59 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-11-12 06:58:59 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-11-12 06:58:59 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-11-12 06:58:58 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-12 06:58:58 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-12 06:58:58 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-12 06:58:58 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-12 06:58:58 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-12 06:58:58 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-12 06:58:58 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-11-12 06:58:58 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-12 06:58:58 ----A---- C:\Windows\system32\urlmon.dll
2014-11-12 06:58:58 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 06:58:58 ----A---- C:\Windows\system32\iernonce.dll
2014-11-12 06:58:58 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-12 06:58:58 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-12 06:58:57 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-12 06:58:57 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-11-12 06:58:57 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-11-12 06:58:57 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-11-12 06:58:57 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-12 06:58:57 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-12 06:58:57 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-12 06:58:57 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 06:58:57 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-12 06:58:57 ----A---- C:\Windows\system32\iesetup.dll
2014-11-12 06:58:57 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 06:58:57 ----A---- C:\Windows\system32\ieapfltr.dll
2014-11-12 06:58:57 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-12 06:58:56 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-12 06:58:56 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-11-12 06:58:56 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-12 06:58:56 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-11-12 06:58:56 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-11-12 06:58:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-12 06:58:56 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-12 06:58:56 ----A---- C:\Windows\system32\ieUnatt.exe
2014-11-12 06:58:56 ----A---- C:\Windows\system32\iertutil.dll
2014-11-12 06:58:55 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-11-12 06:58:55 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-12 06:58:55 ----A---- C:\Windows\system32\jscript9diag.dll
2014-11-12 06:58:55 ----A---- C:\Windows\system32\jscript9.dll
2014-11-12 06:58:55 ----A---- C:\Windows\system32\ieui.dll
2014-11-12 06:58:55 ----A---- C:\Windows\system32\ieframe.dll
2014-11-12 06:58:55 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-12 06:58:54 ----A---- C:\Windows\system32\wininet.dll
2014-11-12 06:58:54 ----A---- C:\Windows\system32\vbscript.dll
2014-11-12 06:58:54 ----A---- C:\Windows\system32\msrating.dll
2014-11-12 06:58:54 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-11-12 06:58:54 ----A---- C:\Windows\system32\mshtml.dll
2014-11-12 06:55:45 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-11-12 06:55:45 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-12 06:55:45 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2014-11-12 06:55:45 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-11-12 06:55:45 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-11-12 06:55:45 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-11-12 06:55:45 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-12 06:55:45 ----A---- C:\Windows\system32\msxml3.dll
2014-11-12 06:55:45 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-12 06:55:45 ----A---- C:\Windows\system32\EncDump.dll
2014-11-12 06:55:45 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-12 06:55:45 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-12 06:55:45 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-12 06:55:45 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-12 06:55:44 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-11-12 06:55:44 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-11-12 06:55:44 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-12 06:55:44 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-11-12 06:55:44 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-11-12 06:55:44 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-11-12 06:55:44 ----A---- C:\Windows\system32\wdigest.dll
2014-11-12 06:55:44 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-12 06:55:44 ----A---- C:\Windows\system32\schannel.dll
2014-11-12 06:55:44 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-12 06:55:44 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-12 06:55:44 ----A---- C:\Windows\system32\credssp.dll
2014-11-12 06:55:43 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-12 06:55:43 ----A---- C:\Windows\system32\packager.dll
2014-11-12 06:55:42 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-12 06:55:42 ----A---- C:\Windows\system32\win32k.sys
2014-11-12 06:55:42 ----A---- C:\Windows\system32\msi.dll
2014-11-12 06:55:41 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-12 06:55:41 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-11 11:18:22 ----D---- C:\Users\David Belik\AppData\Roaming\Nokia
2014-11-11 11:16:56 ----D---- C:\ProgramData\Installations

======List of files/folders modified in the last 1 month======

2014-12-10 07:32:38 ----D---- C:\Windows\Temp
2014-12-10 07:32:04 ----D---- C:\Windows\SoftwareDistribution
2014-12-10 07:32:04 ----D---- C:\Windows\inf
2014-12-10 07:32:04 ----D---- C:\Windows
2014-12-10 07:31:35 ----D---- C:\Users\David Belik\AppData\Roaming\Skype
2014-12-10 07:30:48 ----D---- C:\Windows\system32\config
2014-12-10 07:30:38 ----HD---- C:\ProgramData
2014-12-10 07:30:35 ----D---- C:\ProgramData\VMware
2014-12-10 06:59:05 ----RD---- C:\Program Files
2014-12-10 06:57:34 ----D---- C:\Windows\winsxs
2014-12-10 06:57:30 ----D---- C:\Windows\system32\catroot2
2014-12-09 11:08:07 ----D---- C:\Program Files (x86)\Radmin Viewer 3
2014-12-09 11:08:06 ----SHD---- C:\System Volume Information
2014-12-09 08:51:51 ----D---- C:\Windows\system32\drivers
2014-12-09 08:51:27 ----RD---- C:\Program Files (x86)
2014-12-09 07:07:02 ----SHD---- C:\Windows\Installer
2014-12-09 07:06:56 ----D---- C:\Windows\system32\DriverStore
2014-12-09 06:42:51 ----A---- C:\Windows\win.ini
2014-12-09 06:38:48 ----D---- C:\Windows\system32\Tasks
2014-12-08 10:00:15 ----D---- C:\Windows\System32
2014-12-08 10:00:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-05 10:09:53 ----D---- C:\Users\David Belik\AppData\Roaming\VMware
2014-12-05 08:50:25 ----D---- C:\Users\David Belik\AppData\Roaming\TeamViewer
2014-12-05 08:50:25 ----D---- C:\Users\David Belik\AppData\Roaming\DAEMON Tools Lite
2014-12-05 07:03:53 ----D---- C:\Windows\system32\GroupPolicy
2014-12-04 15:22:06 ----D---- C:\Windows\Microsoft.NET
2014-12-04 15:03:47 ----D---- C:\Windows\system32\drivers\UMDF
2014-12-04 15:03:41 ----RSD---- C:\Windows\assembly
2014-12-04 15:03:40 ----SD---- C:\Users\David Belik\AppData\Roaming\Microsoft
2014-12-04 15:03:40 ----SD---- C:\ProgramData\Microsoft
2014-12-04 15:02:44 ----D---- C:\Windows\Tasks
2014-12-04 14:59:29 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-12-04 14:59:02 ----D---- C:\Program Files (x86)\CyberLink
2014-12-04 14:58:19 ----D---- C:\Windows\system32\WinBioPlugIns
2014-12-04 14:58:19 ----D---- C:\Windows\system32\catroot
2014-12-04 14:56:59 ----D---- C:\Program Files\Common Files\System
2014-12-04 11:18:31 ----D---- C:\Users\David Belik\AppData\Roaming\PC Suite
2014-12-04 07:34:54 ----D---- C:\Program Files (x86)\Opera
2014-12-04 07:29:27 ----D---- C:\ProgramData\Validity
2014-12-03 17:00:00 ----A---- C:\IFRToolLog.txt
2014-12-01 09:18:09 ----D---- C:\ProgramData\Lenovo
2014-11-25 10:32:25 ----D---- C:\Windows\SysWOW64
2014-11-24 08:05:48 ----A---- C:\Windows\odbc.ini
2014-11-21 03:02:54 ----D---- C:\Program Files (x86)\Common Files
2014-11-21 03:02:41 ----RSD---- C:\Windows\Fonts
2014-11-18 19:47:58 ----D---- C:\Windows\system32\NDF
2014-11-17 17:30:49 ----D---- C:\Program Files\Microsoft Office 15
2014-11-17 15:49:00 ----D---- C:\Windows\rescache
2014-11-13 13:37:03 ----D---- C:\Program Files (x86)\MSBuild
2014-11-13 08:55:17 ----D---- C:\Windows\Minidump
2014-11-13 08:55:17 ----D---- C:\Windows\debug
2014-11-13 03:20:06 ----SD---- C:\Windows\system32\CompatTel
2014-11-13 03:20:06 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-13 03:20:06 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-13 03:20:06 ----D---- C:\Windows\system32\en-US
2014-11-13 03:20:06 ----D---- C:\Windows\system32\cs-CZ
2014-11-13 03:20:06 ----D---- C:\Program Files\Internet Explorer
2014-11-13 03:20:06 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-13 03:04:11 ----D---- C:\Windows\system32\MRT
2014-11-13 03:00:49 ----A---- C:\Windows\system32\MRT.exe
2014-11-11 11:18:21 ----D---- C:\Program Files\DIFX
2014-11-11 11:18:13 ----D---- C:\Program Files (x86)\Nokia

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 DzHDD64;DzHDD64; C:\Windows\System32\DRIVERS\DzHDD64.sys [2014-06-23 29512]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-11-15 632168]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-11-15 28008]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-08-15 20464]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-10-29 30496]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx64.sys [2014-01-29 152888]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM64.sys [2014-01-29 29496]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-11-05 283064]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 OMNISMI;OMNISMI; \??\C:\Windows\SysWOW64\drivers\omnismi.sys [2014-03-31 14776]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [2014-06-23 20736]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2014-10-10 158968]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2013-08-26 53816]
R2 sbmntr;SBMNTR; \??\C:\PROGRA~2\YTDOWN~1\sbmntr.sys [2014-08-25 58728]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2014-12-09 51496]
R2 SPDRIVER_1.38.0.1425;SPDRIVER_1.38.0.1425; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.38.0.1425\jsdrv.sys [2014-12-02 52584]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D; C:\Windows\system32\DRIVERS\e1d62x64.sys [2014-03-05 488216]
R3 ecnssndis; Mobile Broadband Driver; C:\Windows\System32\Drivers\wwuss64.sys [2011-10-05 26664]
R3 ecnssndisfltr; Mobile Broadband Driver Filter; C:\Windows\System32\Drivers\wwussf64.sys [2011-10-05 29736]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2013-11-07 54528]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-23 4221440]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-03-04 3882456]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-08-15 368624]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-08-15 790000]
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys [2013-11-12 25528]
R3 l36wgps; Mobile Broadband GPS Port; C:\Windows\system32\DRIVERS\l36wgps64.sys [2012-03-01 103184]
R3 Mbm3CBus;N5321 gw Mobile Broadband Device (WDM); C:\Windows\system32\DRIVERS\Mbm3CBus.sys [2013-04-22 443648]
R3 Mbm3DevMt; Mobile Broadband Device Management Driver (WDM); C:\Windows\system32\DRIVERS\Mbm3DevMt.sys [2013-04-22 455936]
R3 Mbm3mdfl; Mobile Broadband Modem Port Filter; C:\Windows\system32\DRIVERS\Mbm3mdfl.sys [2013-04-22 22272]
R3 Mbm3Mdm; Mobile Broadband Modem Port Driver; C:\Windows\system32\DRIVERS\Mbm3Mdm.sys [2013-04-22 508160]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-12-03 100824]
R3 NETwNs64;___ Intel(R) Wireless Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\Netwsw02.sys [2014-06-18 3442144]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2011-12-26 40248]
R3 RTSPER;Realtek PCIE Card Reader - PER; C:\Windows\system32\DRIVERS\RtsPer.sys [2013-07-24 423128]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-04-07 31472]
R3 SPUVCbv;SPUVCb Driver Service; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2014-03-18 1521312]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-04-07 554224]
R3 SzCCID;USB SmartCard Reader Driver; C:\Windows\system32\DRIVERS\SzCCID.sys [2013-07-18 39264]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\BASHDefs\20141024.001\BHDrvx64.sys [2014-10-03 1587416]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2013-11-07 140600]
S3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2013-12-11 1419576]
S3 ccSet_NIS;NIS Settings Manager; C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys [2014-02-21 162392]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-09-30 487216]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-09-30 142640]
S3 HPFXBULK;HPFXBULK; C:\Windows\system32\drivers\hpfx64bulk.sys [2007-07-16 20504]
S3 HPFXFAX;HPFXFAX; C:\Windows\system32\drivers\hpfx64fax.sys [2007-07-16 23064]
S3 ibtusb;Intel(R) Wireless Bluetooth(R) 4.0 + HS Adapter; C:\Windows\system32\DRIVERS\ibtusb.sys [2014-04-02 169680]
S3 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\IPSDefs\20141030.001\IDSvia64.sys [2014-09-30 633560]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-11-12 35256]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-01-23 450520]
S3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20141030.036\ENG64.SYS [2014-10-09 129752]
S3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20141030.036\EX64.SYS [2014-10-09 2137304]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2013-01-23 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2013-01-23 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS [2014-08-26 876248]
S3 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS [2014-08-26 37592]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1506000.020\SYMDS64.SYS [2013-10-30 493656]
S3 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1506000.020\SYMEFA64.SYS [2014-03-04 1148120]
S3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2014-09-04 177752]
S3 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS [2014-08-06 266968]
S3 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS [2014-02-18 593112]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcPrfMgrSvc;AcPrfMgrSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe [2014-05-30 133464]
R2 AcSvc;AcSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe [2014-05-30 272728]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-09 65640]
R2 ADUServiceNSRT;ADU Service (Nokia Software Recovery Tool); C:\Program Files (x86)\Common Files\Nokia\ADUService\ADUService.exe [2014-08-22 100984]
R2 Ants Update Service;Ants Update Service; C:\Program Files\ANTS\AntsUpdateService\AntsUpdateService.exe [2013-12-05 45056]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2014-01-13 1198456]
R2 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2014-01-13 1710456]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2014-01-13 1161592]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DH LogCollecting Service;DH LogCollecting Service; C:\PROGRA~2\COMMON~1\RDHWEB~1\LOGCOL~1\bin\CLTaskSchd.exe [2007-12-05 90112]
R2 DH LogManagement Service;DH LogManagement Service; C:\PROGRA~2\COMMON~1\RDHWEB~1\LOGMAN~1\bin\MGTaskSchd.exe [2007-12-05 106496]
R2 DH Trap Daemon Service;DH Trap Daemon Service; C:\PROGRA~2\COMMON~1\RDHWEB~1\MngCore\PM2Trapd.exe [2009-10-08 368640]
R2 discProxy;discProxy; C:\PROGRA~2\COMMON~1\RDHSHA~1\discProxy\discProxyService.exe [2006-05-09 65536]
R2 DisplayLinkService;DisplayLinkManager; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [2014-04-01 9954096]
R2 DmComSc;DmComSc; C:\Program Files (x86)\Common Files\RDH Shared2\bin\DmComSc.exe [2006-06-20 180224]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-10-01 1349576]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2014-05-30 632048]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2013-11-07 66856]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 IOPlatform;DH ManagementCore; C:\PROGRA~2\COMMON~1\RDHWEB~1\MngCore\bin\rmanserv.exe [2011-03-16 106496]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2014-05-29 59224]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2014-04-07 110128]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2014-05-29 73048]
R2 LENOVO.TVTVCAM;Lenovo Virtual Camera Controller; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2014-05-29 197464]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2012-08-11 136288]
R2 MSSQL$RDHWEBSERVICE;MSSQL$RDHWEBSERVICE; C:\Program Files (x86)\Microsoft SQL Server\MSSQL$RDHWEBSERVICE\Binn\sqlservr.exe [2005-05-03 9150464]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-29 893216]
R2 omniserv; Lenovo Fingerprint Manager Pro Service; C:\Program Files\Lenovo\Fingerprint Manager Pro\OmniServ.exe [2014-06-25 94208]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 RdhWebService2;RdhWebService2; C:\PROGRA~2\COMMON~1\RDHSHA~1\Apache\bin\Apache.exe [2006-05-09 20537]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2014-05-30 154864]
R2 RsiSvc;RSI Service; C:\PROGRA~2\RMWSDMEX\bin\RsiSvc.exe [2004-09-16 81920]
R2 RuaServer;RuaServer; C:\Program Files (x86)\Common Files\RDH Shared2\bin\Ruaserver.exe [2008-01-11 229376]
R2 ServerAgentService;ServerAgentService; C:\Program Files (x86)\Common Files\RDH Shared2\bin\UAUDSAS.exe [2007-02-14 229376]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2014-11-04 1146272]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-09-12 4799760]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2014-04-01 124464]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2014-04-01 126512]
R3 QuickControlService;Lenovo QuickControl Service; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [2014-06-12 316400]
R3 RdhTomcatService;RdhTomcatService; C:\PROGRA~2\COMMON~1\RDHSHA~1\Tomcat\bin\tomcat.exe [2006-05-09 65536]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-01 116648]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-03 169432]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-12-03 390616]
S2 lnvDiscoveryWinSvc;lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [2014-02-21 21552]
S2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe [2014-09-21 276376]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-10-29 1260320]
S2 QuickControlMasterSvc;Lenovo QuickControl Master Service; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [2014-06-12 61936]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-02-25 279024]
S3 DozeSvc;Lenovo Doze Mode Service; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2014-06-23 320560]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-01 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-06 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28 174368]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-08-06 559872]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-09-03 272776]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2005-05-03 73728]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2014-05-30 284912]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-09-25 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2014-09-25 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Power Manager DBC Service;Power Manager Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2014-06-23 1669920]
S3 PwmEWSvc;Cisco EnergyWise Enabler; C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [2014-06-23 1664800]
S3 SQLAgent$RDHWEBSERVICE;SQLAgent$RDHWEBSERVICE; C:\Program Files (x86)\Microsoft SQL Server\MSSQL$RDHWEBSERVICE\Binn\sqlagent.EXE [2005-05-03 323584]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2014-06-18 24560]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG64.exe [2014-01-29 49976]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Re: prosim o kontrolu logu

Napsal: 10 pro 2014 08:12
od vyosek
Zdravim :)

:arrow: Odinstalujte Spyware Terminator

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Po spusteni probehne stazeni databaze
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
:arrow: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do okna vlozte skript nize

  • Kód: Vybrat vše

    autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
  • Nasledne kliknete na Run Script
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: prosim o kontrolu logu

Napsal: 10 pro 2014 09:29
od belikdavid@gmail.com
log z adwc zde:

# AdwCleaner v4.105 - Report created 10/12/2014 at 09:27:38
# Updated 08/12/2014 by Xplode
# Database : 2014-12-08.2 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : David Belik - DAVIDBELIK-PC
# Running from : C:\Users\David Belik\Desktop\adwcleaner_4.105.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : sbmntr
[#] Service Deleted : Update snipsmart
[#] Service Deleted : Util snipsmart

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\ShopperPro
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\Program Files (x86)\Sense
Folder Deleted : C:\Program Files (x86)\ShopperPro
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Program Files (x86)\YTDownloader
Folder Deleted : C:\Program Files (x86)\snipsmart
Folder Deleted : C:\Program Files (x86)\SavePass 1.1
Folder Deleted : C:\Program Files (x86)\Zrychleni Pocitace
Folder Deleted : C:\Program Files (x86)\Ge-Force
Folder Deleted : C:\Program Files (x86)\HQ-Video-Pro-2.1cV04.12
Folder Deleted : C:\Windows\Util
Folder Deleted : C:\Users\David Belik\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp
Folder Deleted : C:\Users\David Belik\AppData\Local\CrashRpt
Folder Deleted : C:\Users\David Belik\AppData\Roaming\omiga-plus
Folder Deleted : C:\Users\David Belik\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\David Belik\AppData\Roaming\RHEng
Folder Deleted : C:\Users\David Belik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Folder Deleted : C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe
File Deleted : C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_ilhhefepljbmehhbmjcflhcchkddfaon_0.localstorage
File Deleted : C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\ilhhefepljbmehhbmjcflhcchkddfaon

***** [ Scheduled Tasks ] *****

Task Deleted : AmiUpdXp
Task Deleted : ShopperPro
Task Deleted : ShopperProJSUpd
Task Deleted : SMupdate1
Task Deleted : SPDriver
Task Deleted : YTDownloader
Task Deleted : 361f8355-b3de-40c6-b157-e34720621897
Task Deleted : 387aa7a6-d4ec-436a-854a-880127b1eeed-1
Task Deleted : 387aa7a6-d4ec-436a-854a-880127b1eeed-5
Task Deleted : 387aa7a6-d4ec-436a-854a-880127b1eeed-5_user
Task Deleted : 834b55ac-b156-431b-82d5-8cc6e64aff40-1
Task Deleted : 834b55ac-b156-431b-82d5-8cc6e64aff40-5
Task Deleted : 834b55ac-b156-431b-82d5-8cc6e64aff40-5_user
Task Deleted : bc3e5259-216b-45ab-922d-6380dea9f0d0
Task Deleted : bd235320-55b3-4b4c-b65d-42e16109800c-1
Task Deleted : bd235320-55b3-4b4c-b65d-42e16109800c-5
Task Deleted : bd235320-55b3-4b4c-b65d-42e16109800c-5_user
Task Deleted : c156bda9-04bd-481a-9a92-a48043392a25
Task Deleted : d4ca004f-43b3-4bb8-a968-e57b85a4b0bf
Task Deleted : edcb6ad5-9ca6-42b7-b108-699d72228f1f-1
Task Deleted : edcb6ad5-9ca6-42b7-b108-699d72228f1f-5
Task Deleted : edcb6ad5-9ca6-42b7-b108-699d72228f1f-5_user

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\David Belik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\David Belik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\David Belik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\David Belik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\David Belik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update snipsmart
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util snipsmart
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611341129}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622342229}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611191111}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611571181}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611811153}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622192211}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622572281}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655195511}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655345529}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655575581}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655815553}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666196611}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666346629}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666576681}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666816653}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644194411}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644344429}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644574481}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644814453}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611341129}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191111}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571181}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6f13ac39-ded5-4210-a1d6-10dc72d4d3f0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a013dd62-08f8-401d-863a-f436845064b8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aefee8fd-2146-4f7f-8108-14a5ce8f4ed8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fd380be0-5f24-4515-a2e3-5bcf27c23609}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{336221b4-41c0-4edd-a595-444270e141bb}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc7e4ecb-20d6-4314-9279-132652944240}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c141435d-88cc-48e4-93d4-9b4e8b1fab26}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c98fc67f-96c8-4dfc-840c-e1144ef4aff9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611341129}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622342229}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611191111}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611571181}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611811153}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622192211}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622572281}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655195511}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655345529}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655575581}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655815553}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666196611}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666346629}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666576681}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666816653}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611341129}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191111}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571181}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6f13ac39-ded5-4210-a1d6-10dc72d4d3f0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a013dd62-08f8-401d-863a-f436845064b8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aefee8fd-2146-4f7f-8108-14a5ce8f4ed8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fd380be0-5f24-4515-a2e3-5bcf27c23609}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{336221b4-41c0-4edd-a595-444270e141bb}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc7e4ecb-20d6-4314-9279-132652944240}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c141435d-88cc-48e4-93d4-9b4e8b1fab26}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c98fc67f-96c8-4dfc-840c-e1144ef4aff9}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\snipsmart
Key Deleted : HKCU\Software\YTDownloader
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\SavePass 1.1
Key Deleted : HKCU\Software\AppDataLow\Software\Sense
Key Deleted : HKCU\Software\AppDataLow\Software\Ge-Force
Key Deleted : HKCU\Software\AppDataLow\Software\HQ-Video-Pro-2.1cV04.12
Key Deleted : HKLM\SOFTWARE\Description
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\omiga-plusSoftware
Key Deleted : HKLM\SOFTWARE\SavePass 1.1
Key Deleted : HKLM\SOFTWARE\Sense
Key Deleted : HKLM\SOFTWARE\ShopperPro
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\snipsmart
Key Deleted : HKLM\SOFTWARE\YTDownloader
Key Deleted : HKLM\SOFTWARE\Ge-Force
Key Deleted : HKLM\SOFTWARE\HQ-Video-Pro-2.1cV04.12
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SavePass 1.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sense
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\omiga-plus uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YTDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ge-Force
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HQ-Video-Pro-2.1cV04.12
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro
Key Deleted : [x64] HKLM\SOFTWARE\YTDownloader
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\snipsmart

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v39.0.2171.71

[C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1417701865&from=obw&uid=TOSHIBAXTHNSFJ256GCSU_84BS105MT8LW105MT8LW&q={searchTerms}
[C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1417701865&from=obw&uid=TOSHIBAXTHNSFJ256GCSU_84BS105MT8LW105MT8LW&q={searchTerms}
[C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1417701865&from=obw&uid=TOSHIBAXTHNSFJ256GCSU_84BS105MT8LW105MT8LW&q={searchTerms}
[C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1417701865&from=obw&uid=TOSHIBAXTHNSFJ256GCSU_84BS105MT8LW105MT8LW&q={searchTerms}

-\\ Opera v26.0.1656.32

[C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1417701865&from=obw&uid=TOSHIBAXTHNSFJ256GCSU_84BS105MT8LW105MT8LW&q={searchTerms}
[C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1417701865&from=obw&uid=TOSHIBAXTHNSFJ256GCSU_84BS105MT8LW105MT8LW&q={searchTerms}
[C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1417701865&from=obw&uid=TOSHIBAXTHNSFJ256GCSU_84BS105MT8LW105MT8LW&q={searchTerms}
[C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1417701865&from=obw&uid=TOSHIBAXTHNSFJ256GCSU_84BS105MT8LW105MT8LW&q={searchTerms}
[C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : aaipilfmheplbcghignccoiiebekkdhe
[C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : elchiiiejkobdbblfejjkbphbddgmljf
[C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : ffhfoagmjcnkolneahbpagjcjjaeofbg
[C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : hjghiofiijcepdnocbgefbdlbckjfheg
[C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : iklgpchfbohgmghgfagediakopecfmbm
[C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : kfgaibfbmkjgmimhbbaikfnpkkjkpoan
[C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : lmnbobhffedhdhfpcjkjphcfpeeiocdn
[C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : kjpifmjicccpbkfjdkehimhgklfkbanh
[C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : hoidflomjnnnbiemmkjdjkkialmhbago
[C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : ekpibplnnkfdcafdpoekhoffegcajene
[C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : ipljmghelflfikejmgkmlmpjmehfjodc
[C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : ejddjnilmdncjilbfjgameihlklfpohp
[C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : eagomcfjiefffhpaejnlpjccikpipdoe

*************************

AdwCleaner[R0].txt - [22466 octets] - [10/12/2014 09:25:57]
AdwCleaner[S0].txt - [20211 octets] - [10/12/2014 09:27:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [20272 octets] ##########

Re: prosim o kontrolu logu

Napsal: 10 pro 2014 09:47
od belikdavid@gmail.com
log z zeok


Zoek.exe v5.0.0.0 Updated 08-December-2014
Tool run by David Belik on st 10.12.2014 at 9:30:42,88.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\David Belik\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

10.12.2014 9:31:14 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\Users\David Belik\AppData\Local\CrashDumps deleted successfully
C:\Users\David Belik\AppData\Local\NokiaAccount deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3538489218-1053188516-2441038507-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{336221b4-41c0-4edd-a595-444270e141bb} deleted successfully
HKEY_USERS\S-1-5-21-3538489218-1053188516-2441038507-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6f13ac39-ded5-4210-a1d6-10dc72d4d3f0} deleted successfully
HKEY_USERS\S-1-5-21-3538489218-1053188516-2441038507-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75c7968e-b371-435e-8e26-e629e5e41fe7} deleted successfully
HKEY_USERS\S-1-5-21-3538489218-1053188516-2441038507-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{86f16aec-d8aa-4041-ad77-d942d0025e0c} deleted successfully
HKEY_USERS\S-1-5-21-3538489218-1053188516-2441038507-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a013dd62-08f8-401d-863a-f436845064b8} deleted successfully
HKEY_USERS\S-1-5-21-3538489218-1053188516-2441038507-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aefee8fd-2146-4f7f-8108-14a5ce8f4ed8} deleted successfully
HKEY_USERS\S-1-5-21-3538489218-1053188516-2441038507-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c141435d-88cc-48e4-93d4-9b4e8b1fab26} deleted successfully
HKEY_USERS\S-1-5-21-3538489218-1053188516-2441038507-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c98fc67f-96c8-4dfc-840c-e1144ef4aff9} deleted successfully
HKEY_USERS\S-1-5-21-3538489218-1053188516-2441038507-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d8dc421a-061d-479a-8649-afa78f58b48d} deleted successfully
HKEY_USERS\S-1-5-21-3538489218-1053188516-2441038507-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{db7b34fa-65b9-47e1-b57b-ca2846660f59} deleted successfully
HKEY_USERS\S-1-5-21-3538489218-1053188516-2441038507-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc7e4ecb-20d6-4314-9279-132652944240} deleted successfully
HKEY_USERS\S-1-5-21-3538489218-1053188516-2441038507-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fd380be0-5f24-4515-a2e3-5bcf27c23609} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75c7968e-b371-435e-8e26-e629e5e41fe7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{86f16aec-d8aa-4041-ad77-d942d0025e0c} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d8dc421a-061d-479a-8649-afa78f58b48d} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{db7b34fa-65b9-47e1-b57b-ca2846660f59} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\OperaStable\shell\open\command]
@="C:\\Program Files (x86)\\Opera\\Launcher.exe"

==== Deleting Files \ Folders ======================

C:\Users\David Belik\AppData\Local\23319 deleted
C:\Program Files\Common Files\System\SysMenu.dll deleted
C:\Program Files\Common Files\System\SysMenu64.dll deleted
C:\Users\David Belik\AppData\Roaming\WinInstallFlashLog.ini deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\David Belik\Downloads\SoftonicDownloader_for_nokia-pc-suite.exe deleted
C:\Users\David Belik\Downloads\SoftonicDownloader_for_vmware-player.exe deleted
C:\windows\SysNative\tasks\UNELEVATE_22049 deleted
C:\windows\SysNative\tasks\YTDownloaderUpd deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Users\David Belik\AppData\Roaming\Font__7226_il146.exe deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"fe_7.0@nokia.com"="C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_7.0" [30.10.2014 10:06]

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
iikflkcanblccfahdhdonehdalibjnif - No path found[]

Facebook Select All - David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbcjpjecmkjagmnhgfojblhjhnalbda
AdBlock - David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Invite All Facebook Friends - David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmdahahkkjbalkhobilckjlaekfbeole
snipsmart - David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgflikpcandhinllemlamnhfilnkdcdm
Norton Identity Safe - David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif
Facebook Invite All - David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmmhkeajgflmokoaaoadgkhhmibjbpj
SavePass 1.1 - David Belik\AppData\Roaming\Opera Software\Opera Stable\Extensions\ilhhefepljbmehhbmjcflhcchkddfaon
Ge-Force - David Belik\AppData\Roaming\Opera Software\Opera Stable\Extensions\lffnnnfdablgamegkcboelplpcjoacmm
Sense - David Belik\AppData\Roaming\Opera Software\Opera Stable\Extensions\obibnhlhdkjpopoicbdaahjoalknmhdc

==== Chromium Fix ======================

C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\Extensions\ilhhefepljbmehhbmjcflhcchkddfaon deleted successfully
C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_ilhhefepljbmehhbmjcflhcchkddfaon_0 deleted successfully
C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\ilhhefepljbmehhbmjcflhcchkddfaon deleted successfully
C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\Extensions\lffnnnfdablgamegkcboelplpcjoacmm deleted successfully
C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_lffnnnfdablgamegkcboelplpcjoacmm_0.localstorage deleted successfully
C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_lffnnnfdablgamegkcboelplpcjoacmm_0 deleted successfully
C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\lffnnnfdablgamegkcboelplpcjoacmm deleted successfully
C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\Extensions\obibnhlhdkjpopoicbdaahjoalknmhdc deleted successfully
C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_obibnhlhdkjpopoicbdaahjoalknmhdc_0.localstorage deleted successfully
C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_obibnhlhdkjpopoicbdaahjoalknmhdc_0 deleted successfully
C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\obibnhlhdkjpopoicbdaahjoalknmhdc deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{55DA2CE4-B637-4269-8760-FBBB78A9AAE0} Unknown Url="Not_Found"

==== Reset Google Chrome ======================

C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\David Belik\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3538489218-1053188516-2441038507-1001\Software\Microsoft\Internet Explorer\SearchScopes\{55DA2CE4-B637-4269-8760-FBBB78A9AAE0} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\David Belik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\David Belik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7E04SB66 will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\David Belik\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=289 folders=65 147286872 bytes)

==== Empty Temp Folders ======================

C:\Users\David Belik\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\DAVIDB~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\David Belik\AppData\Local\Packages" not found
"C:\Users\David Belik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7E04SB66" not found

==== EOF on st 10.12.2014 at 9:46:56,13 ======================

Re: prosim o kontrolu logu

Napsal: 10 pro 2014 13:23
od vyosek
Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Re: prosim o kontrolu logu

Napsal: 10 pro 2014 14:07
od belikdavid@gmail.com
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-12-2014
Ran by David Belik (administrator) on DAVIDBELIK-PC on 10-12-2014 14:06:05
Running from C:\Users\David Belik\Desktop
Loaded Profiles: UpdatusUser & David Belik (Available profiles: UpdatusUser & David Belik)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Softex Inc.) C:\Program Files\Lenovo\Fingerprint Manager Pro\OmniServ.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
() C:\Program Files (x86)\Common Files\Nokia\ADUService\ADUService.exe
(Ricoh Co., Ltd.) C:\Program Files (x86)\Common Files\RDH WebService\LogCollector\bin\CLTaskSchd.exe
(Ricoh Co., Ltd.) C:\Program Files (x86)\Common Files\RDH WebService\LogManager\bin\MGTaskSchd.exe
(Ricoh Co., Ltd.) C:\Program Files (x86)\Common Files\RDH WebService\LogCollector\bin\CLResWatch.exe
(Ricoh Co., Ltd.) C:\Program Files (x86)\Common Files\RDH WebService\LogCollector\bin\LogTransactor.exe
() C:\Program Files (x86)\Common Files\RDH WebService\MngCore\PM2Trapd.exe
(Ricoh Co., Ltd.) C:\Program Files (x86)\Common Files\RDH WebService\LogCollector\bin\ServerCmdMgr.exe
(Alexandria Software Consulting) C:\Program Files (x86)\Common Files\RDH Shared2\discProxy\discProxyService.exe
(RICOH Company Ltd.) C:\Program Files (x86)\Common Files\RDH Shared2\bin\DmComSc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Ricoh Co., Ltd.) C:\Program Files (x86)\Common Files\RDH WebService\MngCore\bin\rmanserv.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
() C:\Program Files (x86)\Common Files\RDH Shared2\JDK\bin\java.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL$RDHWEBSERVICE\Binn\sqlservr.exe
(Alexandria Software Consulting) C:\Program Files (x86)\Common Files\RDH Shared2\Tomcat\bin\tomcat.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(RICOH Company Ltd.) C:\Program Files (x86)\RMWSDMEX\bin\RsiSvc.exe
(RICOH Company Ltd.) C:\Program Files (x86)\Common Files\RDH Shared2\bin\Ruaserver.exe
() C:\Program Files (x86)\Common Files\RDH Shared2\bin\UAUDSAS.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(RICOH Company, Ltd.) C:\Program Files (x86)\Common Files\RDH Shared2\bin\SydServer.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(ANTS spol. s r.o.) C:\Program Files\ANTS\AntsUpdateService\AntsUpdateService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Apache Software Foundation) C:\Program Files (x86)\Common Files\RDH Shared2\Apache\bin\Apache.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Apache Software Foundation) C:\Program Files (x86)\Common Files\RDH Shared2\Apache\bin\rotatelogs.exe
(Apache Software Foundation) C:\Program Files (x86)\Common Files\RDH Shared2\Apache\bin\rotatelogs.exe
(Apache Software Foundation) C:\Program Files (x86)\Common Files\RDH Shared2\Apache\bin\rotatelogs.exe
(Apache Software Foundation) C:\Program Files (x86)\Common Files\RDH Shared2\Apache\bin\rotatelogs.exe
(Apache Software Foundation) C:\Program Files (x86)\Common Files\RDH Shared2\Apache\bin\Apache.exe
(Apache Software Foundation) C:\Program Files (x86)\Common Files\RDH Shared2\Apache\bin\rotatelogs.exe
(Apache Software Foundation) C:\Program Files (x86)\Common Files\RDH Shared2\Apache\bin\rotatelogs.exe
(Apache Software Foundation) C:\Program Files (x86)\Common Files\RDH Shared2\Apache\bin\rotatelogs.exe
(Apache Software Foundation) C:\Program Files (x86)\Common Files\RDH Shared2\Apache\bin\rotatelogs.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(LITE-ON TECHNOLOGY CORP.) C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\Skdaemon.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Ricoh Co., Ltd.) C:\Program Files (x86)\Common Files\RDH WebService\LogManager\bin\MGResWatch.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Ricoh Co., Ltd.) C:\Program Files (x86)\Common Files\RDH WebService\LogManager\bin\ServiceInfoMgr.exe
(Akamai Technologies, Inc.) C:\Users\David Belik\AppData\Local\Akamai\netsession_win.exe
(Ricoh Co., Ltd.) C:\Program Files (x86)\Common Files\RDH WebService\LogManager\bin\CollectCmdMgr.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Ricoh Co., Ltd.) C:\Program Files (x86)\Common Files\RDH WebService\LogManager\bin\LogView.exe
(Ricoh Co., Ltd.) C:\Program Files (x86)\Common Files\RDH WebService\LogManager\bin\EnvView.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Ricoh Co., Ltd.) C:\Program Files (x86)\Common Files\RDH WebService\LogManager\bin\SyncMaster.exe
(Akamai Technologies, Inc.) C:\Users\David Belik\AppData\Local\Akamai\netsession_win.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
() C:\Users\David Belik\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(ANTS) C:\Program Files\ANTS\CtiClient\CtiC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(SunplusIT, Inc.) C:\Program Files (x86)\Integrated Camera\Monitor.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
() C:\Users\David Belik\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Program Files\Lenovo\Fingerprint Manager Pro\opvapp.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Lenovo Corporation) C:\Program Files\Lenovo\QuickDisplay\QuickDisplayAgent.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Programy\Docházka\Klient\dloader.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\Windows\System32\mstsc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184632 2013-11-13] (Motorola Solutions, Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Enhanced Performance Keyboard] => C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKDaemon.exe [335360 2012-08-08] (LITE-ON TECHNOLOGY CORP.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2810608 2014-04-07] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [384344 2014-02-18] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [295768 2014-05-29] (Lenovo Group Limited)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63832 2014-05-30] (Lenovo)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-12-03] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-08-15] (Intel Corporation)
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4315872 2011-06-01] (Lenovo, Inc.)
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1719968 2014-02-20] (SunplusIT, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22066272 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [Akamai NetSession Interface] => C:\Users\David Belik\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [] => [X]
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1053056 2011-11-01] (Nokia)
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\David Belik\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\David Belik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [437248 2014-09-12] (ZONER software)
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\MountPoints2: {e0c41553-7b7e-11e4-a467-028037ec0200} - G:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\MountPoints2: {e93e6f48-3418-11e4-a818-806e6f6e6963} - Q:\LenovoQDrive.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-10-29] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-10-29] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Service Manager.lnk
ShortcutTarget: Service Manager.lnk -> C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (Microsoft Corporation)
Startup: C:\Users\David Belik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ANTS CTI Client.lnk
ShortcutTarget: ANTS CTI Client.lnk -> C:\Program Files\ANTS\CtiClient\CtiC.exe (ANTS)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=16194
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3538489218-1053188516-2441038507-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3538489218-1053188516-2441038507-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3538489218-1053188516-2441038507-1001 -> {117800E5-9C81-498E-B513-1D8979527927} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKU\S-1-5-21-3538489218-1053188516-2441038507-1001 -> {217034FB-14B6-4C77-9C72-527A6B1CD11D} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
SearchScopes: HKU\S-1-5-21-3538489218-1053188516-2441038507-1001 -> {6F25F468-B601-44BD-A48C-050CD89CF644} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
SearchScopes: HKU\S-1-5-21-3538489218-1053188516-2441038507-1001 -> {706EE98C-EC54-47EE-8826-47D3E31DF3F7} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-3538489218-1053188516-2441038507-1001 -> {C1C2B884-8489-4F48-B8BA-D442BBB42F3F} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKU\S-1-5-21-3538489218-1053188516-2441038507-1001 -> {D1855106-F03D-4F49-BACD-F12386378AD6} URL = http://www.mapy.cz/?query={searchTerms} ... arch_16194
SearchScopes: HKU\S-1-5-21-3538489218-1053188516-2441038507-1001 -> {D54E8E89-206A-44A4-AC9B-508253734DC6} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-3538489218-1053188516-2441038507-1001 -> {F83A4011-B512-470F-9FF2-11609153E454} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-3538489218-1053188516-2441038507-1001 -> {FD7033B6-CCEF-4B58-BFF4-D2D3808F8E27} URL = http://encyklopedie.seznam.cz/search?q= ... arch_16194
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 194.228.2.1 194.228.2.61

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @vmware.com/vmrc,version=5.1.0.00000 -> C:\Program Files (x86)\Common Files\VMware\VMware Remote Console Plug-in 5.1\Firefox\np-vmware-vmrc.dll (VMware, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF [2014-10-01]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn [2014-12-10]
FF HKLM-x32\...\Firefox\Extensions: [fe_7.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_7.0
FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_7.0 [2014-10-30]
FF HKLM-x32\...\Thunderbird\Extensions: [te_7.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2014-10-30]

Chrome:
=======
CHR HomePage: Default -> https://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://isearch.omiga-plus.com/?type=hp&ts=1417701865&from=obw&uid=TOSHIBAXTHNSFJ256GCSU_84BS105MT8LW105MT8LW"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Crash Bandicoot Online HD) - C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aamlbcjbejchalkkingolaibfgkkiinp [2014-12-05]
CHR Extension: (Prezentace Google) - C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-01]
CHR Extension: (Dokumenty Google) - C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-01]
CHR Extension: (Disk Google) - C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-01]
CHR Extension: (YouTube) - C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-01]
CHR Extension: (Select all Facebook friends) - C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbcjpjecmkjagmnhgfojblhjhnalbda [2014-12-05]
CHR Extension: (Vyhledávání Google) - C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-01]
CHR Extension: (Tabulky Google) - C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-01]
CHR Extension: (AdBlock) - C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-12-05]
CHR Extension: (Invite All Facebook Friends) - C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmdahahkkjbalkhobilckjlaekfbeole [2014-12-05]
CHR Extension: (snipsmart) - C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgflikpcandhinllemlamnhfilnkdcdm [2014-12-05]
CHR Extension: (Norton Identity Safe) - C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-10-08]
CHR Extension: (Facebook Invite All) - C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmmhkeajgflmokoaaoadgkhhmibjbpj [2014-12-05]
CHR Extension: (Peněženka Google) - C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-01]
CHR Extension: (Gmail) - C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-01]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ADUServiceNSRT; C:\Program Files (x86)\Common Files\Nokia\ADUService\ADUService.exe [100984 2014-08-22] ()
R2 Ants Update Service; C:\Program Files\ANTS\AntsUpdateService\AntsUpdateService.exe [45056 2013-12-05] (ANTS spol. s r.o.) [File not signed]
R2 DH LogCollecting Service; C:\Program Files (x86)\Common Files\RDH WebService\LogCollector\bin\CLTaskSchd.exe [90112 2007-12-05] (Ricoh Co., Ltd.) [File not signed]
R2 DH LogManagement Service; C:\Program Files (x86)\Common Files\RDH WebService\LogManager\bin\MGTaskSchd.exe [106496 2007-12-05] (Ricoh Co., Ltd.) [File not signed]
R2 DH Trap Daemon Service; C:\Program Files (x86)\Common Files\RDH WebService\MngCore\PM2Trapd.exe [368640 2009-10-08] () [File not signed]
R2 discProxy; C:\Program Files (x86)\Common Files\RDH Shared2\discProxy\discProxyService.exe [65536 2006-05-09] (Alexandria Software Consulting) [File not signed]
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9954096 2014-04-01] (DisplayLink Corp.)
R2 DmComSc; C:\Program Files (x86)\Common Files\RDH Shared2\bin\DmComSc.exe [180224 2006-06-20] (RICOH Company Ltd.) [File not signed]
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320560 2014-06-23] (Lenovo.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 IOPlatform; C:\Program Files (x86)\Common Files\RDH WebService\MngCore\bin\rmanserv.exe [106496 2011-03-16] (Ricoh Co., Ltd.) [File not signed]
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-03] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [559872 2014-08-06] (Lenovo)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [197464 2014-05-29] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-11] (Lenovo Group Limited)
R2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [21552 2014-02-21] (Lenovo)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-09-03] ()
R2 MSSQL$RDHWEBSERVICE; C:\Program Files (x86)\Microsoft SQL Server\MSSQL$RDHWEBSERVICE\Binn\sqlservr.exe [9150464 2005-05-03] (Microsoft Corporation) [File not signed]
S3 MSSQLServerADHelper; C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [73728 2005-05-03] (Microsoft Corporation) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-30] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2014-04-28] (Hewlett-Packard) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe [276376 2014-09-21] (Symantec Corporation)
R2 omniserv; C:\Program Files\Lenovo\Fingerprint Manager Pro\OmniServ.exe [94208 2014-06-25] (Softex Inc.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2014-04-28] (Hewlett-Packard) [File not signed]
S2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [61936 2014-06-12] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [316400 2014-06-12] (Lenovo Group Limited)
R3 RdhTomcatService; C:\Program Files (x86)\Common Files\RDH Shared2\Tomcat\bin\tomcat.exe [65536 2006-05-09] (Alexandria Software Consulting) [File not signed]
R2 RdhWebService2; C:\Program Files (x86)\Common Files\RDH Shared2\Apache\bin\Apache.exe [20537 2006-05-09] (Apache Software Foundation) [File not signed]
R2 RsiSvc; C:\Program Files (x86)\RMWSDMEX\bin\RsiSvc.exe [81920 2004-09-16] (RICOH Company Ltd.) [File not signed]
R2 RuaServer; C:\Program Files (x86)\Common Files\RDH Shared2\bin\Ruaserver.exe [229376 2008-01-11] (RICOH Company Ltd.) [File not signed]
R2 ServerAgentService; C:\Program Files (x86)\Common Files\RDH Shared2\bin\UAUDSAS.exe [229376 2007-02-14] () [File not signed]
S3 SQLAgent$RDHWEBSERVICE; C:\Program Files (x86)\Microsoft SQL Server\MSSQL$RDHWEBSERVICE\Binn\sqlagent.EXE [323584 2005-05-03] (Microsoft Corporation) [File not signed]
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
R2 UAUDServer; C:\Program Files (x86)\Common Files\RDH Shared2\bin\SydServer.exe [28754 2008-07-22] (RICOH Company, Ltd.) [File not signed]
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [689560 2012-10-18] (Ericsson AB)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-30] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\BASHDefs\20141024.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1419576 2013-12-11] (Motorola Solutions, Inc.)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-05] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [488216 2014-03-05] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-10-10] (ESET)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241368 2014-10-10] (ESET)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-30] (Symantec Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-10-10] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [158968 2014-10-10] (ESET)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-30] (Symantec Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-15] (Intel Corporation)
S3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [169680 2014-04-02] (Intel Corporation)
R3 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\IPSDefs\20141030.001\IDSvia64.sys [633560 2014-09-30] (Symantec Corporation)
R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [103184 2012-03-01] (Ericsson AB)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [443648 2013-04-22] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [455936 2013-04-22] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [22272 2013-04-22] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [508160 2013-04-22] (MCCI Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100824 2013-12-03] (Intel Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20141030.036\ENG64.SYS [129752 2014-10-09] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20141030.036\EX64.SYS [2137304 2014-10-09] (Symantec Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3442144 2014-06-18] (Intel Corporation)
R1 OMNISMI; C:\Windows\SysWOW64\drivers\omnismi.sys [14776 2014-03-31] ()
R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [423128 2013-07-24] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2014-04-07] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1521312 2014-03-18] (Sunplus)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1506000.020\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1506000.020\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-09-04] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
R3 SzCCID; C:\Windows\System32\DRIVERS\SzCCID.sys [39264 2013-07-18] (Generic)
R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2013-06-21] (Windows (R) Win 7 DDK provider)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-08-15] (VMware, Inc.)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [284912 2013-11-25] (Ericsson AB)
S2 SPDRIVER_1.38.0.1425; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.38.0.1425\jsdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-10 14:06 - 2014-12-10 14:06 - 00038529 _____ () C:\Users\David Belik\Desktop\FRST.txt
2014-12-10 14:05 - 2014-12-10 14:06 - 00000000 ____D () C:\FRST
2014-12-10 14:05 - 2014-12-10 14:05 - 02119680 _____ (Farbar) C:\Users\David Belik\Desktop\FRST64.exe
2014-12-10 14:04 - 2014-12-10 14:04 - 00015327 _____ () C:\Users\David Belik\Desktop\LM.bat
2014-12-10 14:03 - 2014-12-10 14:03 - 00112640 _____ (forum.viry.cz) C:\Users\David Belik\Downloads\Nepotvrzeno 680619.crdownload
2014-12-10 14:02 - 2014-12-10 14:04 - 00029696 _____ () C:\Users\David Belik\AppData\Local\MSGBOX.EXE
2014-12-10 14:01 - 2014-12-10 14:02 - 00112640 _____ (forum.viry.cz) C:\Users\David Belik\Desktop\FRSTLauncher.exe
2014-12-10 09:50 - 2014-12-10 09:50 - 00103424 ____N () C:\Users\David Belik\Desktop\seznam-provozů ČR_11_2014 - doat IČ + lomítko pro Urbana.xls
2014-12-10 09:47 - 2014-12-10 09:47 - 00000000 ____D () C:\Users\David Belik\AppData\Local\Packages
2014-12-10 09:47 - 2014-12-10 09:47 - 00000000 ____D () C:\Users\David Belik\AppData\Local\NokiaAccount
2014-12-10 09:42 - 2014-12-10 09:30 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-10 09:39 - 2014-12-10 09:46 - 00000000 ____D () C:\zoek
2014-12-10 09:31 - 2014-12-10 09:46 - 00014074 _____ () C:\zoek-results.log
2014-12-10 09:30 - 2014-12-10 09:40 - 00000000 ____D () C:\zoek_backup
2014-12-10 09:30 - 2014-12-10 09:30 - 01295360 _____ () C:\Users\David Belik\Desktop\zoek.exe
2014-12-10 09:24 - 2014-12-10 09:27 - 00000000 ____D () C:\AdwCleaner
2014-12-10 09:20 - 2014-12-10 09:46 - 00000992 _____ () C:\Windows\PFRO.log
2014-12-10 09:19 - 2014-12-10 09:19 - 02166272 _____ () C:\Users\David Belik\Desktop\adwcleaner_4.105.exe
2014-12-10 07:40 - 2014-12-10 09:56 - 00000615 _____ () C:\Windows\setupact.log
2014-12-10 07:40 - 2014-12-10 07:40 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-10 07:32 - 2014-12-10 10:46 - 00111771 _____ () C:\Windows\WindowsUpdate.log
2014-12-10 06:59 - 2014-12-10 07:32 - 00000000 ____D () C:\Program Files\trend micro
2014-12-10 06:59 - 2014-12-10 06:59 - 00000000 ____D () C:\rsit
2014-12-10 06:57 - 2014-12-10 06:57 - 01222144 _____ () C:\Users\David Belik\Downloads\RSITx64.exe
2014-12-09 08:51 - 2014-12-09 08:51 - 00937208 _____ (Crawler.com ) C:\Users\David Belik\Downloads\SpywareTerminatorSetup.exe
2014-12-09 08:51 - 2014-12-09 08:51 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-12-09 07:13 - 2014-12-09 07:13 - 00000000 ____D () C:\Users\David Belik\AppData\Local\ESET
2014-12-09 07:06 - 2014-12-09 07:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-12-09 07:06 - 2014-12-09 07:06 - 00000000 ____D () C:\ProgramData\ESET
2014-12-09 07:06 - 2014-12-09 07:06 - 00000000 ____D () C:\Program Files\ESET
2014-12-09 07:05 - 2014-12-09 07:05 - 01761992 _____ (ESET) C:\Users\David Belik\Downloads\eset_nod32_antivirus_live_installer_.exe
2014-12-08 07:30 - 2014-12-08 07:30 - 00000110 ____H () C:\Users\David Belik\Downloads\logo4.jpg.uid-zps
2014-12-05 23:22 - 2014-12-05 23:22 - 00000110 ____H () C:\Users\David Belik\Downloads\uvod pro FB.jpg.uid-zps
2014-12-05 22:37 - 2014-12-05 22:37 - 00002324 _____ () C:\Users\David Belik\Desktop\Spouštěč aplikací Chrome.lnk
2014-12-05 22:37 - 2014-12-05 22:37 - 00000000 ____D () C:\Users\David Belik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-05 22:37 - 2014-12-05 22:37 - 00000000 ____D () C:\Users\David Belik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2014-12-05 09:03 - 2014-12-10 07:29 - 00000000 ____D () C:\Users\David Belik\Desktop\OBJEDNAVKOVY SYSTEM
2014-12-05 09:01 - 2014-12-05 09:03 - 00000000 ____D () C:\Users\David Belik\Desktop\BSKS
2014-12-05 08:50 - 2014-12-05 08:51 - 00992124 _____ () C:\Users\David Belik\Downloads\Driver Toolkit 8.3.5 Crack Download Full Version Key.exe
2014-12-05 08:39 - 2014-12-10 09:46 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-05 07:47 - 2014-12-05 07:48 - 05747510 _____ () C:\Users\David Belik\Downloads\Desktop.rar
2014-12-05 07:25 - 2014-12-05 07:25 - 13354208 _____ () C:\Users\David Belik\Downloads\DTLite4491-0356.exe
2014-12-04 15:01 - 2014-12-10 09:52 - 00000000 ____D () C:\Users\David Belik\AppData\Roaming\Seznam.cz
2014-12-04 15:01 - 2014-12-04 15:01 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-12-04 14:58 - 2014-12-04 14:58 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-12-04 14:57 - 2014-12-04 14:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-04 14:56 - 2014-12-04 14:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-04 14:55 - 2014-12-04 14:55 - 00003192 _____ () C:\Windows\System32\Tasks\{3ACA5F22-74FC-4EA1-8B77-E9C5B4550EC1}
2014-12-04 14:54 - 2014-12-04 14:55 - 00000000 ____D () C:\Users\David Belik\Desktop\keygen
2014-12-04 14:54 - 2014-12-04 14:54 - 01013748 _____ () C:\Users\David Belik\Downloads\Keygen_v1.3.zip
2014-12-04 11:10 - 2014-12-04 11:10 - 00075222 _____ () C:\Users\Public\Documents\BS@mi059976@WGQNMMW1@db0d3b82-fcb2-486f-b33c-57bd207a4c17-0.zip
2014-12-03 08:59 - 2014-12-03 08:59 - 00006717 _____ () C:\Users\David Belik\Downloads\stažený soubor (2).htm
2014-12-03 08:58 - 2014-12-03 08:58 - 00006922 _____ () C:\Users\David Belik\Downloads\stažený soubor.htm
2014-12-03 08:58 - 2014-12-03 08:58 - 00006717 _____ () C:\Users\David Belik\Downloads\stažený soubor (1).htm
2014-12-02 14:54 - 2014-12-02 14:55 - 38163432 _____ (Logitech, Inc.) C:\Users\David Belik\Downloads\logitech_quickcam_111_64 (1).exe
2014-12-02 14:54 - 2014-12-02 14:54 - 01060984 _____ () C:\Users\David Belik\Downloads\Agere_lsi_soft_modem_2.2.98.0_win7.zip
2014-12-02 14:30 - 2014-12-02 14:32 - 228465091 _____ () C:\Users\David Belik\Downloads\realtek_hd_audio_7111_win.zip
2014-12-02 14:20 - 2014-12-02 14:20 - 00099565 _____ () C:\Users\David Belik\Downloads\b6daaa28e2454743997583dfcec2b31c.zip
2014-12-02 14:19 - 2014-12-02 14:19 - 38163432 _____ (Logitech, Inc.) C:\Users\David Belik\Downloads\logitech_quickcam_111_64.exe
2014-12-02 14:19 - 2014-12-02 14:19 - 03181383 _____ () C:\Users\David Belik\Downloads\93f1c6673be606fb2e50e966f7a845ab.zip
2014-12-02 14:08 - 2014-12-02 14:08 - 05958390 _____ () C:\Users\David Belik\Downloads\realtek_rtl81xx_netcard_driver_5824_01072014_winxp.zip
2014-12-02 14:07 - 2014-12-02 14:08 - 121639707 _____ () C:\Users\David Belik\Downloads\NVIDIA_179.48_notebook_xp32_beta.zip
2014-12-02 14:05 - 2014-12-02 14:05 - 02448688 _____ (Megaify Software ) C:\Users\David Belik\Downloads\driver_setup (3).exe
2014-12-02 14:05 - 2014-12-02 14:05 - 02448688 _____ (Megaify Software ) C:\Users\David Belik\Downloads\driver_setup (2).exe
2014-12-02 14:05 - 2014-12-02 14:05 - 02448688 _____ (Megaify Software ) C:\Users\David Belik\Downloads\driver_setup (1).exe
2014-12-02 14:03 - 2014-12-02 14:03 - 02448688 _____ (Megaify Software ) C:\Users\David Belik\Downloads\driver_setup.exe
2014-12-01 12:19 - 2014-12-01 12:20 - 140570624 _____ () C:\Users\David Belik\Downloads\avg_arl_cdi_all_120_140716a7851.iso
2014-12-01 07:30 - 2014-12-01 07:30 - 02240336 _____ () C:\Users\David Belik\Downloads\CDM v2.12.00 WHQL Certified.exe
2014-11-27 10:41 - 2014-11-27 15:19 - 00000000 ____D () C:\Users\David Belik\Desktop\EDI
2014-11-25 12:05 - 2014-11-25 12:05 - 00000000 ____D () C:\Users\David Belik\Desktop\ksenia
2014-11-25 10:49 - 2014-11-25 10:50 - 47815789 _____ () C:\Users\David Belik\Downloads\basis-win.zip
2014-11-25 09:34 - 2014-11-25 09:34 - 26637336 _____ (Lenovo Group Limited ) C:\Users\David Belik\Downloads\ggcx01ww.exe
2014-11-25 09:28 - 2014-11-25 09:28 - 01239728 _____ (Lenovo Group Limited ) C:\Users\David Belik\Downloads\7cwc05ww.exe
2014-11-25 07:50 - 2014-11-25 07:51 - 00000000 ____D () C:\Users\David Belik\Desktop\NEVYKRYTE_OBJ_ARCHIV
2014-11-24 08:14 - 2014-11-24 08:14 - 00002048 _____ () C:\Users\David Belik\Desktop\SERVER DOCHAZKA.RDP
2014-11-24 08:14 - 2014-11-24 08:14 - 00002044 _____ () C:\Users\David Belik\Desktop\SERVER TEST.RDP
2014-11-21 07:10 - 2014-11-21 07:10 - 00000124 ____N () C:\Users\David Belik\Desktop\gaben.lic
2014-11-20 13:04 - 2014-11-20 13:04 - 00005750 _____ () C:\Users\Public\Documents\smotlacha_kontakty_mobil.rar
2014-11-20 13:03 - 2014-11-20 13:04 - 00000000 ____D () C:\Users\Public\Documents\smotlacha_kontakty_mobil
2014-11-20 12:40 - 2014-11-20 12:40 - 00000000 ____D () C:\Users\David Belik\AppData\Roaming\Nokia Suite
2014-11-20 09:49 - 2014-11-20 09:51 - 00000000 ____D () C:\Users\Public\Documents\matulova_kontakty_mobil_2
2014-11-19 08:43 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 08:43 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 08:43 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 08:43 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-19 08:15 - 2014-11-26 12:25 - 00000000 ____D () C:\Users\David Belik\AppData\Roaming\ObviousIdea
2014-11-19 08:15 - 2014-11-19 08:22 - 00000000 ____D () C:\Users\David Belik\Desktop\prodejna_frycovice
2014-11-19 08:12 - 2014-11-19 08:12 - 00001211 _____ () C:\Users\David Belik\Desktop\Light Image Resizer 4.lnk
2014-11-19 08:12 - 2014-11-19 08:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ObviousIdea
2014-11-19 08:12 - 2014-11-19 08:12 - 00000000 ____D () C:\Program Files (x86)\ObviousIdea
2014-11-19 07:35 - 2014-11-19 07:35 - 00000161 ____N () C:\Users\David Belik\Desktop\Statistika prodeje výrobků.sql
2014-11-19 07:09 - 2014-11-19 07:09 - 00000000 ____D () C:\Users\David Belik\Desktop\cejnek
2014-11-18 15:11 - 2014-11-18 15:11 - 00000000 ____D () C:\Users\David Belik\Desktop\radhost2014
2014-11-17 20:38 - 2014-11-17 20:38 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-11-17 20:38 - 2014-11-17 20:38 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-11-17 17:24 - 2014-12-08 10:23 - 00000000 ____D () C:\Users\David Belik\Desktop\Beskyd
2014-11-17 17:22 - 2014-12-04 07:27 - 00000000 ____D () C:\Users\David Belik\Desktop\Telefonica O2
2014-11-17 17:21 - 2014-11-17 17:21 - 00000000 ____D () C:\Users\David Belik\Desktop\JAPA
2014-11-13 12:53 - 2014-11-13 12:54 - 00000000 ____D () C:\Users\David Belik\Desktop\productkey
2014-11-13 12:52 - 2014-11-13 12:52 - 00056750 _____ () C:\Users\David Belik\Downloads\produkey.zip
2014-11-13 10:15 - 2014-11-13 10:49 - 264404992 _____ () C:\Users\David Belik\Downloads\SW_DVD9_Windows_Svr_Std_and_DataCtr_2012_R2_64Bit_Czech_-3_MLF_X19-53596.ISO
2014-11-13 08:42 - 2014-11-21 03:05 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 06:59 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 06:59 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 06:59 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 06:59 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 06:59 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 06:59 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 06:59 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 06:59 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 06:59 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 06:59 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 06:59 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 06:59 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 06:58 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 06:58 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 06:58 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 06:58 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 06:58 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 06:58 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 06:58 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 06:58 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 06:58 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 06:58 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 06:58 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 06:58 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 06:58 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 06:58 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 06:58 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 06:58 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 06:58 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 06:58 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 06:58 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 06:58 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 06:58 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 06:58 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 06:58 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 06:58 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 06:58 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 06:58 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 06:58 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 06:58 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 06:58 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 06:58 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 06:58 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 06:58 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 06:58 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 06:58 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 06:58 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 06:58 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 06:58 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 06:58 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 06:58 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 06:58 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 06:58 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 06:58 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 06:58 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 06:58 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 06:58 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 06:58 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 06:58 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 06:58 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 06:58 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 06:58 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 06:58 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 06:58 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 06:58 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 06:58 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 06:58 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 06:58 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 06:55 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 06:55 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 06:55 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 06:55 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 06:55 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 06:55 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 06:55 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 06:55 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 06:55 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 06:55 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 06:55 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 06:55 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 06:55 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 06:55 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 06:55 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 06:55 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 06:55 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 06:55 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 06:55 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 06:55 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 06:55 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 06:55 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 06:55 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 06:55 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 06:55 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 06:55 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 06:55 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 06:55 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 06:55 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 06:55 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 06:55 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 06:55 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 06:55 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-11 18:18 - 2014-11-11 18:18 - 00000000 ____D () C:\Users\David Belik\Documents\Eschop
2014-11-11 18:17 - 2014-11-11 18:17 - 11333888 _____ () C:\Users\David Belik\Downloads\opencart-2.0.0.0.zip
2014-11-11 11:19 - 2014-11-11 11:20 - 00000000 ____D () C:\Users\Public\Documents\barvik
2014-11-11 11:18 - 2014-11-20 12:40 - 00000000 ____D () C:\Users\David Belik\AppData\Roaming\Nokia
2014-11-11 11:18 - 2014-11-11 11:18 - 00002049 _____ () C:\Users\Public\Desktop\Nokia PC Suite.lnk
2014-11-11 11:18 - 2014-11-11 11:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite
2014-11-11 11:16 - 2014-11-11 11:16 - 67963216 _____ () C:\Users\David Belik\Downloads\Nokia_PC_Suite_ALL.exe
2014-11-11 11:16 - 2014-11-11 11:16 - 00000000 ____D () C:\ProgramData\Installations
2014-11-11 11:13 - 2014-11-11 11:13 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
2014-11-10 15:03 - 2014-11-17 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-11-10 15:02 - 2014-11-10 15:02 - 00000000 ____D () C:\Windows\PCHEALTH
2014-11-10 15:00 - 2014-11-10 15:00 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-11-10 15:00 - 2014-11-10 15:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-10 13:55 - 2014-10-01 07:22 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-10 13:53 - 2014-10-04 18:27 - 00000000 ____D () C:\Users\David Belik\AppData\Roaming\Skype
2014-12-10 13:49 - 2014-10-01 08:27 - 00000000 ____D () C:\Users\David Belik\Documents\Soubory aplikace Outlook
2014-12-10 09:53 - 2009-07-14 05:45 - 00032128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-10 09:53 - 2009-07-14 05:45 - 00032128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-10 09:51 - 2014-09-04 10:39 - 00691322 _____ () C:\Windows\system32\perfh005.dat
2014-12-10 09:51 - 2014-09-04 10:39 - 00151370 _____ () C:\Windows\system32\perfc005.dat
2014-12-10 09:51 - 2009-07-14 06:13 - 01645020 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-10 09:46 - 2014-10-03 12:58 - 00000000 ____D () C:\ProgramData\VMware
2014-12-10 09:46 - 2014-10-02 06:16 - 00000000 ____D () C:\Users\David Belik\Desktop\belik
2014-12-10 09:46 - 2014-10-01 07:22 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-10 09:46 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-10 09:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2014-12-10 09:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-12-10 09:27 - 2014-10-01 14:07 - 00000992 _____ () C:\Users\David Belik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-10 09:27 - 2014-10-01 07:23 - 00001301 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-10 09:27 - 2014-10-01 07:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-10 07:27 - 2014-10-13 09:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced IP Scanner
2014-12-10 07:27 - 2014-10-02 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced LAN Scanner
2014-12-09 11:08 - 2014-10-01 13:51 - 00000000 ____D () C:\Program Files (x86)\Radmin Viewer 3
2014-12-09 06:42 - 2009-07-14 03:34 - 00000580 _____ () C:\Windows\win.ini
2014-12-08 10:07 - 2014-10-01 07:33 - 00002046 ____H () C:\Users\David Belik\Documents\Default.rdp
2014-12-05 10:33 - 2014-10-01 14:07 - 00000000 ____D () C:\Users\David Belik\AppData\Local\VirtualStore
2014-12-05 10:09 - 2014-10-03 13:01 - 00000000 ____D () C:\Users\David Belik\AppData\Roaming\VMware
2014-12-05 09:03 - 2014-11-04 15:20 - 00000000 ____D () C:\Users\David Belik\Desktop\Z-ware_cipy_dochazka
2014-12-05 08:50 - 2014-11-05 07:49 - 00000000 ____D () C:\Users\David Belik\AppData\Roaming\DAEMON Tools Lite
2014-12-05 08:50 - 2014-10-02 12:16 - 00000000 ____D () C:\Users\David Belik\AppData\Roaming\TeamViewer
2014-12-04 14:59 - 2014-09-04 11:06 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-12-04 14:59 - 2014-09-04 10:53 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-04 14:58 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2014-12-04 11:18 - 2014-10-30 09:23 - 00000000 ____D () C:\Users\David Belik\AppData\Roaming\PC Suite
2014-12-04 07:34 - 2014-11-05 07:50 - 00003840 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1415170221
2014-12-04 07:34 - 2014-11-05 07:50 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-04 07:29 - 2014-09-04 11:06 - 00000000 ____D () C:\ProgramData\Validity
2014-12-01 09:18 - 2014-09-03 18:20 - 00000000 ____D () C:\ProgramData\Lenovo
2014-11-24 08:05 - 2014-10-30 13:13 - 00000124 _____ () C:\Windows\odbc.ini
2014-11-21 06:47 - 2014-10-01 14:07 - 00117968 _____ () C:\Users\David Belik\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-21 03:21 - 2009-07-14 05:45 - 00453272 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-20 11:42 - 2014-10-06 12:31 - 00000000 ____D () C:\Users\David Belik\Documents\CCM
2014-11-18 19:47 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-18 19:00 - 2014-10-17 09:10 - 00003718 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-11-18 12:07 - 2014-10-10 12:45 - 00000000 ____D () C:\Users\David Belik\AppData\Local\Microsoft Help
2014-11-17 17:35 - 2014-10-21 07:53 - 00000000 ____D () C:\Users\David Belik\Desktop\flash_klicenka
2014-11-17 17:30 - 2014-10-01 08:22 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-11-17 17:24 - 2014-11-06 08:59 - 00000000 ____D () C:\Users\David Belik\Desktop\Gabeti_2_tiskarny_instalacka
2014-11-17 15:49 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 13:37 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-11-13 08:55 - 2014-11-05 18:18 - 00000000 ____D () C:\Windows\Minidump
2014-11-13 03:20 - 2014-10-01 08:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-13 03:04 - 2014-10-01 07:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 03:00 - 2014-10-01 07:58 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-11 11:18 - 2014-10-30 09:21 - 00000000 ____D () C:\Program Files (x86)\Nokia
2014-11-11 11:18 - 2014-09-04 10:52 - 00000000 ____D () C:\Program Files\DIFX
2014-11-10 15:03 - 2014-02-03 15:34 - 00000000 ____D () C:\Windows\ShellNew
2014-11-10 15:02 - 2014-09-04 11:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-11-10 15:02 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared

Some content of TEMP:
====================
C:\Users\David Belik\AppData\Local\Temp\NOSEventMessages.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-08 11:34

==================== End Of Log ============================

Re: prosim o kontrolu logu

Napsal: 10 pro 2014 23:37
od vyosek
:arrow: Takze jeste jednou - odinstalujte Spyware Terminator, jinak bude kolidovat s ESETem

:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
CloseProcesses:

HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22066272 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [Akamai NetSession Interface] => C:\Users\David Belik\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [] => [X]
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1053056 2011-11-01] (Nokia)
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\David Belik\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\David Belik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [437248 2014-09-12] (ZONER software)
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\MountPoints2: {e0c41553-7b7e-11e4-a467-028037ec0200} - G:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\MountPoints2: {e93e6f48-3418-11e4-a818-806e6f6e6963} - Q:\LenovoQDrive.exe

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3538489218-1053188516-2441038507-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

CHR Extension: (Select all Facebook friends) - C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbcjpjecmkjagmnhgfojblhjhnalbda [2014-12-05]
CHR Extension: (Invite All Facebook Friends) - C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmdahahkkjbalkhobilckjlaekfbeole [2014-12-05]
CHR Extension: (snipsmart) - C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgflikpcandhinllemlamnhfilnkdcdm [2014-12-05]
CHR Extension: (Facebook Invite All) - C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmmhkeajgflmokoaaoadgkhhmibjbpj [2014-12-05]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path

2014-12-10 14:06 - 2014-12-10 14:06 - 00038529 _____ () C:\Users\David Belik\Desktop\FRST.txt
2014-12-10 14:04 - 2014-12-10 14:04 - 00015327 _____ () C:\Users\David Belik\Desktop\LM.bat
2014-12-10 14:03 - 2014-12-10 14:03 - 00112640 _____ (forum.viry.cz) C:\Users\David Belik\Downloads\Nepotvrzeno 680619.crdownload
2014-12-10 14:02 - 2014-12-10 14:04 - 00029696 _____ () C:\Users\David Belik\AppData\Local\MSGBOX.EXE
2014-12-10 14:01 - 2014-12-10 14:02 - 00112640 _____ (forum.viry.cz) C:\Users\David Belik\Desktop\FRSTLauncher.exe
2014-12-10 09:42 - 2014-12-10 09:30 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-10 09:39 - 2014-12-10 09:46 - 00000000 ____D () C:\zoek
2014-12-10 09:31 - 2014-12-10 09:46 - 00014074 _____ () C:\zoek-results.log
2014-12-10 09:30 - 2014-12-10 09:40 - 00000000 ____D () C:\zoek_backup
2014-12-10 09:30 - 2014-12-10 09:30 - 01295360 _____ () C:\Users\David Belik\Desktop\zoek.exe
2014-12-10 09:24 - 2014-12-10 09:27 - 00000000 ____D () C:\AdwCleaner
2014-12-10 09:20 - 2014-12-10 09:46 - 00000992 _____ () C:\Windows\PFRO.log
2014-12-10 09:19 - 2014-12-10 09:19 - 02166272 _____ () C:\Users\David Belik\Desktop\adwcleaner_4.105.exe
2014-12-10 07:40 - 2014-12-10 09:56 - 00000615 _____ () C:\Windows\setupact.log
2014-12-10 07:40 - 2014-12-10 07:40 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-10 07:32 - 2014-12-10 10:46 - 00111771 _____ () C:\Windows\WindowsUpdate.log
2014-12-10 06:59 - 2014-12-10 07:32 - 00000000 ____D () C:\Program Files\trend micro
2014-12-10 06:59 - 2014-12-10 06:59 - 00000000 ____D () C:\rsit
2014-12-10 06:57 - 2014-12-10 06:57 - 01222144 _____ () C:\Users\David Belik\Downloads\RSITx64.exe
2014-12-09 08:51 - 2014-12-09 08:51 - 00937208 _____ (Crawler.com ) C:\Users\David Belik\Downloads\SpywareTerminatorSetup.exe
2014-11-25 09:34 - 2014-11-25 09:34 - 26637336 _____ (Lenovo Group Limited ) C:\Users\David Belik\Downloads\ggcx01ww.exe
2014-11-25 09:28 - 2014-11-25 09:28 - 01239728 _____ (Lenovo Group Limited ) C:\Users\David Belik\Downloads\7cwc05ww.exe

Hosts:
EmptyTemp:
Reboot:
End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt

Re: prosim o kontrolu logu

Napsal: 11 pro 2014 07:32
od belikdavid@gmail.com
spyware terminator jsem odstranil již předtím. Nyní jsem provedl Váš postup a zasílám log.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-12-2014
Ran by David Belik at 2014-12-11 07:26:03 Run:1
Running from C:\Users\David Belik\Desktop
Loaded Profiles: UpdatusUser & David Belik (Available profiles: UpdatusUser & David Belik)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:

HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22066272 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [Akamai NetSession Interface] => C:\Users\David Belik\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [] => [X]
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1053056 2011-11-01] (Nokia)
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\David Belik\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\David Belik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [437248 2014-09-12] (ZONER software)
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\MountPoints2: {e0c41553-7b7e-11e4-a467-028037ec0200} - G:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\...\MountPoints2: {e93e6f48-3418-11e4-a818-806e6f6e6963} - Q:\LenovoQDrive.exe

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3538489218-1053188516-2441038507-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

CHR Extension: (Select all Facebook friends) - C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbcjpjecmkjagmnhgfojblhjhnalbda [2014-12-05]
CHR Extension: (Invite All Facebook Friends) - C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmdahahkkjbalkhobilckjlaekfbeole [2014-12-05]
CHR Extension: (snipsmart) - C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgflikpcandhinllemlamnhfilnkdcdm [2014-12-05]
CHR Extension: (Facebook Invite All) - C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmmhkeajgflmokoaaoadgkhhmibjbpj [2014-12-05]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path

2014-12-10 14:06 - 2014-12-10 14:06 - 00038529 _____ () C:\Users\David Belik\Desktop\FRST.txt
2014-12-10 14:04 - 2014-12-10 14:04 - 00015327 _____ () C:\Users\David Belik\Desktop\LM.bat
2014-12-10 14:03 - 2014-12-10 14:03 - 00112640 _____ (forum.viry.cz) C:\Users\David Belik\Downloads\Nepotvrzeno 680619.crdownload
2014-12-10 14:02 - 2014-12-10 14:04 - 00029696 _____ () C:\Users\David Belik\AppData\Local\MSGBOX.EXE
2014-12-10 14:01 - 2014-12-10 14:02 - 00112640 _____ (forum.viry.cz) C:\Users\David Belik\Desktop\FRSTLauncher.exe
2014-12-10 09:42 - 2014-12-10 09:30 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-10 09:39 - 2014-12-10 09:46 - 00000000 ____D () C:\zoek
2014-12-10 09:31 - 2014-12-10 09:46 - 00014074 _____ () C:\zoek-results.log
2014-12-10 09:30 - 2014-12-10 09:40 - 00000000 ____D () C:\zoek_backup
2014-12-10 09:30 - 2014-12-10 09:30 - 01295360 _____ () C:\Users\David Belik\Desktop\zoek.exe
2014-12-10 09:24 - 2014-12-10 09:27 - 00000000 ____D () C:\AdwCleaner
2014-12-10 09:20 - 2014-12-10 09:46 - 00000992 _____ () C:\Windows\PFRO.log
2014-12-10 09:19 - 2014-12-10 09:19 - 02166272 _____ () C:\Users\David Belik\Desktop\adwcleaner_4.105.exe
2014-12-10 07:40 - 2014-12-10 09:56 - 00000615 _____ () C:\Windows\setupact.log
2014-12-10 07:40 - 2014-12-10 07:40 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-10 07:32 - 2014-12-10 10:46 - 00111771 _____ () C:\Windows\WindowsUpdate.log
2014-12-10 06:59 - 2014-12-10 07:32 - 00000000 ____D () C:\Program Files\trend micro
2014-12-10 06:59 - 2014-12-10 06:59 - 00000000 ____D () C:\rsit
2014-12-10 06:57 - 2014-12-10 06:57 - 01222144 _____ () C:\Users\David Belik\Downloads\RSITx64.exe
2014-12-09 08:51 - 2014-12-09 08:51 - 00937208 _____ (Crawler.com ) C:\Users\David Belik\Downloads\SpywareTerminatorSetup.exe
2014-11-25 09:34 - 2014-11-25 09:34 - 26637336 _____ (Lenovo Group Limited ) C:\Users\David Belik\Downloads\ggcx01ww.exe
2014-11-25 09:28 - 2014-11-25 09:28 - 01239728 _____ (Lenovo Group Limited ) C:\Users\David Belik\Downloads\7cwc05ww.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorShield => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorUpdater => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value deleted successfully.
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value deleted successfully.
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value deleted successfully.
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\Software\Microsoft\Windows\CurrentVersion\Run\\NokiaSuite.exe => value deleted successfully.
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\Software\Microsoft\Windows\CurrentVersion\Run\\PC Suite Tray => value deleted successfully.
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value deleted successfully.
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value deleted successfully.
HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value deleted successfully.
"HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e0c41553-7b7e-11e4-a467-028037ec0200}" => Key deleted successfully.
"HKCR\CLSID\{e0c41553-7b7e-11e4-a467-028037ec0200}" => Key not found.
"HKU\S-1-5-21-3538489218-1053188516-2441038507-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e93e6f48-3418-11e4-a818-806e6f6e6963}" => Key deleted successfully.
"HKCR\CLSID\{e93e6f48-3418-11e4-a818-806e6f6e6963}" => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-3538489218-1053188516-2441038507-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbcjpjecmkjagmnhgfojblhjhnalbda => Moved successfully.
C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmdahahkkjbalkhobilckjlaekfbeole => Moved successfully.
C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgflikpcandhinllemlamnhfilnkdcdm => Moved successfully.
C:\Users\David Belik\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmmhkeajgflmokoaaoadgkhhmibjbpj => Moved successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif" => Key deleted successfully.
C:\Users\David Belik\Desktop\FRST.txt => Moved successfully.
C:\Users\David Belik\Desktop\LM.bat => Moved successfully.
C:\Users\David Belik\Downloads\Nepotvrzeno 680619.crdownload => Moved successfully.
C:\Users\David Belik\AppData\Local\MSGBOX.EXE => Moved successfully.
C:\Users\David Belik\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\David Belik\Desktop\zoek.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Users\David Belik\Desktop\adwcleaner_4.105.exe => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
Could not move "C:\Windows\WindowsUpdate.log" => Scheduled to move on reboot.
C:\Program Files\trend micro => Moved successfully.
C:\rsit => Moved successfully.
C:\Users\David Belik\Downloads\RSITx64.exe => Moved successfully.
C:\Users\David Belik\Downloads\SpywareTerminatorSetup.exe => Moved successfully.
C:\Users\David Belik\Downloads\ggcx01ww.exe => Moved successfully.
C:\Users\David Belik\Downloads\7cwc05ww.exe => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 252.2 MB temporary data.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-12-11 07:28:50)<=

C:\Windows\WindowsUpdate.log => Is moved successfully.

==== End of Fixlog ====

Re: prosim o kontrolu logu

Napsal: 11 pro 2014 07:45
od vyosek
Fajn, jak se chova PC???

Re: prosim o kontrolu logu

Napsal: 11 pro 2014 08:08
od belikdavid@gmail.com
zatím nenaskočila žádna stránka ani reklama..takže v pořádku. Děkuji :) :thumbsup:

Re: prosim o kontrolu logu

Napsal: 11 pro 2014 08:27
od vyosek
Tak jeste uklidime :James008:

:arrow: DelFix https://toolslib.net/downloads/finish/2/
  • Stahnete a spustte
  • Ponechte zatrzitkou pouze u volby Remote disinfection tools
  • Kliknete na Run
:arrow: Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :|
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz