VIRY.CZ

Dobrý den
Špatně se mi načítají stránky u všech prohlížečů co mám zasekávají se chvilku to trvá než to začne znovu načítat tak kdyby jste mihli poradit
Děkuji Venca

Zdravím!
Dejte log RSIT: http://forum.viry.cz/viewtopic.php?f=13&t=130786 .

Logfile of random's system information tool 1.10 (written by random/random)
Run by fr at 2015-01-23 17:54:45
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 36 GB (36%) free of 100 GB
Total RAM: 2047 MB (17% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:54:48, on 23.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\SlimDrivers\SlimDrivers.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Users\fr\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\Microsoft Office\Office14\GROOVEMN.EXE
C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\totalcmd\TOTALCMD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Users\fr\Desktop\RSIT.exe
C:\Program Files\trend micro\fr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=ddrnw
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [snpstd] C:\Windows\vsnpstd.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_AB2C620475F00BACF9C9850501F65449] "C:\Program Files\Comodo\Dragon\dragon.exe" --no-startup-window
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_8AA4BD0D899485AE602DD3FB27B21FD4] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [SkyDrive] "C:\Users\fr\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office14\GROOVEMN.EXE
O4 - HKCU\..\Run: [Directory Opus Desktop Dblclk] "C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe" /dblclk
O4 - HKCU\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [HlidacKatastru] C:\Program Files\Hlídač katastru\DRM.WinKlient.exe -h (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [HlidacKatastru] C:\Program Files\Hlídač katastru\DRM.WinKlient.exe -h (User 'Default user')
O4 - Startup: Microsoft SharePoint Workspace.lnk = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Aktualizovat ESET licenci.lnk = C:\Program Files\ESET\MiNODLogin\MiNODLogin.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Přidat do stávajícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O21 - SSODL: EldosMountNotificator-cbfs5 - {9A4B9CD5-F271-4116-A62B-851CA50B49D1} - C:\Windows\system32\cbfsMntNtf5.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {9A4B9CD5-F271-4116-A62B-851CA50B49D1} - C:\Windows\system32\cbfsMntNtf5.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo Security Solutions, Inc. - C:\Program Files\Comodo\Dragon\dragon_updater.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files\Zrychleni Pocitace\PCSUService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 14343 bytes

======Scheduled tasks folder======

C:\Windows\tasks\9373b297-ad22-4ed6-b9ad-a348657528ba-1.job - C:\Program Files\ClickMovie1-Downloaderv10\ClickMovie1-Downloaderv10-codedownloader.exe /rawdata=TSYKwGoEecaDI7S7eGGPP11ZgZuhI00pXwPbY1k8WutgPSoypGZ7B2i2gSTVsLEiIvd+TY0SAJliSedU2/Q9skQjobfGDICDk6KpvCkK8IWc1X4cTh8Q9FKP5LWt4tQfzpO0HfK1zuiTHgXIuI4UWPaP0CUdVdyz6tz0pJnRaWh7Z4PkVlPBChnay8ek2Qq4KLXTPZl0+BbeJbyHT405YihhPjiLz1EL4GHevAFWT2VshxfkLUEvtPfVUA1LS6LTVG6C9kaf+XSlhpDska50p6FZAB72iO/GA0JT1lvQ0pmxWHvsERalxobauwe4d2bODuov2glqz2Htlqs3ohRdEFh1B7UqwLAQF2kKOBtO6s+PzjNGkQKwuNesG6D+DKSGy4LvhC7cweL2cRPOw+BU8PnE/GWHEXZkxpOfSj0+RoSUw8f70Egod3wrRGzdKVenweqDcZPOyn/ELhiHM5U2isNMwlUAnjxnihxsFV6dWplaJV9e7sZdO/UJ7/nnOCdfOkmd6Y6E35U0r0GeasRCI3ZHyLW0nOiVaHcyQMQTzC5ndkDw6rWS8YTtPuARjRDgJ2FaLM/frkWzMAI9PcUfJVkqsYZtzzby+z1iOkPTEDEartAQCJ6EWBfklUq0YmSjsMUN7qnJg8H+WZPEu7ZN8qHKBXIwnXTFMZ7zq1dZ+ESXnEj39RiOI+JKEQcFEH1oXexozOxWXzuBpM85fMccrEi5pJGI+cDCbx8HOXP7yDdB4T3nsY8q0nAorAjn/IdsxwL90vimfddxT8bSK7y+9zTscKEorAoRuS3blkTpkWJbIkbPfqTw1ypG1iP6tG86ExCvkDlCCyqDazdU98DvxDRLGemtoAplPQkbvJS1AtbI9wgZTEKNTGX0tu9/8hwyatNjrs9Np53IDXTQvJZ2vTCOt8wQhzlEL53//6uYukRcGlLlE9hXIoK2quu5hMitX+jgTbIylxHGGNIP4RNIpLRjgmgWeOVTj25J5JETfmqbSowP7JJYXlSwEFZX70uaJ+NmRWk7CRIytCMy7l7XbA4/EHr61bSvdW4rDg8SPcd1j9jEjFQD+EYU1jeK9J4L53qlWDibD5sjkLMnZUu6Hv14BOTrzr6w8DkJWWZvd05AAjL3/ZTrS7uOohz2yRjaxF7IlMv3zKIDp3GKb/pD8drydyc1uC/9XjRdeustNxx77VEusFloMDnsL0JU93ZidCL4ma4bYEBXcYN3xDfz5zEA+k7ncu7yVP+JEi3hwHGht2e8Zsd34KaC/lZBbUtEkIctwFFqZ2ApaQNTPKBuMNbpMWm6DOxkCO6UVkjGCApiTO8Am+cSHtJ8jGo8LR7TLrPI83HCdJTxHd0VZ2CvVli49snKgrFP8xV+WsR3WnnYJgP/1g6c5w4T41ZuceiPhN+xDXopWq5dSt3qAJ0H8behXSeQYGb2NIqV0ie353DrOQvIXQpozBJvTv7/Tyw78JTs8/iui2P+qEPOxIAsrrPS7TniHFaoHV9wa49GP+sqHNWdHYqoNBLXtMjXOmI7
C:\Windows\tasks\9373b297-ad22-4ed6-b9ad-a348657528ba-11.job - C:\Program Files\ClickMovie1-Downloaderv10\9373b297-ad22-4ed6-b9ad-a348657528ba-11.exe /rawdata=PxsGB9cnwHRQSoLCWxfWTp4a3vq7E4+CCPRnin3GNi2bW0VssZIkZ3oEVIRKzDgo9BmRaLc0+avEDKK5wtcdsNVhbfAI7Fq9tgnMda5MICehMr/L7cr63rFvBDv5//IKa54b01U2V2mKZUUPkkkuSa+Vo1X8hkGCZC8V2Lh0NCSROXZg3EI5Bae9G43eEQxBe2RP0XcEyM8AONZ/xNorvzF4pYMc0ssNVf0E6it8XZ8o0u3S9pUxThB3K4FkCSN6ul5wnuG8uJVKUtk/b8wkLLNcyHWPTggiAXpfDhxMHH0cVyupxo8ad2d0rAhSBrjGhyhXSWeLmqWloE/RaM2FXK9LKASxkXLyCFUNZUQStEc9AuNHCJCF7EMv5155tAVfgh+WgLJH78HhWqB1/UJTAqS0028dCrofxN3tX7N4v1tO0UDRRsbmszVybuNn4/ehRmtwjWsXjVq41BmiovxEBb7PvyS7SbROgkVdoQv8WYABcL4tMW+z+Wj9Mde2Xzo3oX+zSXlIq47zqT0zUX3bDUEDNFpa25wd3JP3+6/4NcvFWksJL7R5RfeifwH1WDs8InxEh6AqBa8hHR2Coqp+dh3ZOplocZ2Y5fJr4ylBvbp+W9xZ/mGt90rfMwiUOkFBUiT9nkJl6O8S7o1ZcEbnPTsRs+UmwriUrsq7qq3FfyiE7Tr6RlZQZEg0q7VvkUUzoK826LUanHwBx36iy1cMJNvrSaOxwl24mYHSoHYkmalIAvkAsxlGQaxFnHLuP0bVsSDu+yKsu3nt6ttXs3TCZa5rLWB7Uz722Nio05tjX5IgB+DJhHiG03G17ypuu73GBLdX2ZkXZ3FBfZg39jhjvlHfhZ0pqEJNrqlzKvd3iD5k8JMa6q6Z03G+xrX9yxHVYUbBok2oIaw2pHQVBx/olFRcg4WFhI+J+Ewg2LatbR8MehXPcYf2f8zEaxMXx39ntDGclcvckx91cIg6i6PTlR41rb/gZ+e+SvXpxBJ0R/1b3lHLTTJBebRjnPG3vwI7jXs1DZHvspo6hssMWX33MmznnQMkh7L+COy0YzrPRT6HfsuFox9krI0n5vP38UQ0oWVa3rVqjVnrQMVYf8a0sT5oIUVe8lDbbgNSRhwjIUEgTqU/wLQmwfiRgxcyv0EjfA0ST5ESYWBGTESCgMNmYx+mI8YqeDXxkzxmKQQkARQNhDuP41nRgnD3X4yTLpAGiZ4OXzh58UM8ukeE3NpGnEftMWkmN3umeMpzxVzjpf6oy6OKYS8EOwRVhfC2rwxf9p9Gar/Blq7wSjvB8rFmhPELiD1MamJcQZ0aI9a6YbAdeNzrb6FyqedooUTuucLWNXeaLWM5RJ4LBr3Gpd11JJeOGuXXExdsLDc/tH8Th2IACxSgx4uZTrr4bUOL0qkY7M0xNttSggeK1UK8iF+gf+4UhK9CBznTWYsKNqinhkR5ZEGcmc6/f9YJXA9cMLcRQpldaK69RyD9X46QGVBlysTvnPGe1WHzx8HzzCuNDbakDiuwpwxk/FuJvU43qOsLjODKfZVZDELHP7gH9kBy5a7+QF8uuJ3bO1EfBvTuAeOt/X8SOawKaKonRg5GXNKuXUhbO7er5c0f7MhR8szDdAzLW3Ra4kr8qep43FYNWgMIl9YMQrAeYUnAZvinS9IYqMZOVYwr/RGrQ7HY5U4V6gfpUj7usDknqH3CZpCKRTcYLQD4ErXsXf4jrWFDVEK4dKL//KMVFL94o3w4kswYY+VyJPtWya+HS8gJKRT9npLQoyn16legWAmLkIzJ9++UtDhcFlakEqASDDnzEIA7NbmEgOXshsz45wS7zgx9CYs6TR6IKlRBruY4BTDGalv382jNylKPMVK/ClXsHbcfWyUevKk9X9wJAuvmY5uhzeJKiNjrrWwiyNVrWv0z/7/4ttyI2tVwyJapjWKI3Zk23NaM8XAaPHmOQcuYgVM2sCysepBIZmupLcbi9tdntAORhUpCPo/u5Gv7EQTz/xiVzdyLhY4lhscN2ycCD7m0v23sY5csplK5gx8pCugu+JbvSq77Mc47H3ex0O9cq7r/sD8npt6uuT6naq7eZYVZHF2aFYeJxVmDPIX5ByXWGne4mFgxgOB0SXtJsw2ZOrR9VjalTsmmvwMTxLLuTrXGzfOdEaYw4NidH8+l9RZZUL1CSMlFOb24aw99++tPcLMuhjcsKqRwje86IWWTuZe9X62aU85jc1Jk5ay7dZGZew1IA1ICm7Iai4ghQlok1q23UOswYedx82M+o6zGA3p327lldFo4Rawcbs2cxk7wzCmBeQHrFiWPo7YoFOLmk8QaUK09cwftMfuotiqD3CipIAbTPswkPPYX/WUcTwKCRiPNytGDz6MDnAVWjY5QcWx05A==
C:\Windows\tasks\9373b297-ad22-4ed6-b9ad-a348657528ba-2.job - C:\Program Files\ClickMovie1-Downloaderv10\9373b297-ad22-4ed6-b9ad-a348657528ba-2.exe /rawdata=XDjqR5hxiSq0zb3w4brBNa8WoL7c/Ak6ygBVjRKaVoWFC/CualsxZ29laPV0QegaX+ujEHM3mF4VRs3ozLFqFfn5rNVwZdcM6QmItEZBhkRKGH6CI4IHXllZb8499GAl9KqMYmCGbpGGDvBf0E+tO74u65GV3YUtjOqYe0xNBWCX3JuoB5cRJaVy64siqKkLntVBX3YNwjeWCP1fC0m6fvg8JXTtT7snhZJVhIxWoy4voVVjvij96YfmOGxuG6E4YftDlaLcFvbfKK+7x5EIR53a8in3ZsD2QfD1z/ScrfX4nTlfrXSYbUyCBdLReQpy0UpWNtjET5QjaeWm8mGBc3mJaLWiJqoMq+hYMRfYVnmvzC0ebHpxDyLnTucbVd47kuRTQ/Qhmoc+5sDSsBrco31Bfsfdz6VXkpPh0VANlSf84dFwRS5FX0FrAcgxfDK15WlqHDJSQznFvD8gdIvhSKP8EoiPK8T9ZByTu3VJsqGmsZkfuM9/PMpm5rFuV8pvx5NRXUkS92cNUbcKEq/rcllqwJrit7AAIN9JpZ1gRzHSsJZkfURWyhFm+sDu0rFhr4RBOjEdJ4hBf/3/QYucnKzUh92MpiVw0adLTJOr2DHXcnS6dJfCTJEYZ4G5srYrJGZN3nbyfPl5I7flpqjJv+gEcHNgCZfZXdi30JXiYls+hv7/tZ41DZdpeLz/sOtjfydJQVXq8WryjAeMS4JF1qyAMWgcsqsC75CeOEKHQ7Y3JnqQvQ7egPLTi724QhyfUKk7sgmBTUFPdgL/dRrM2a35uSkLKHqYtsCPDIvYPDaC0jPSA2scBtgmH2e0p0NzzavPJw4HO2dDq044QjmGWw==
C:\Windows\tasks\9373b297-ad22-4ed6-b9ad-a348657528ba-3.job - C:\Program Files\ClickMovie1-Downloaderv10\9373b297-ad22-4ed6-b9ad-a348657528ba-3.exe /rawdata=APswNisEDK16OMi7TsjR2UbgQIDrTxKgJb0ZrrNw3TlNhLEPkjK7TAuy8w/oYQp7CyMCc9Mi3xNh2EIE8O5TlvkIqCarP5ouajthefGW83yEonnKN5/c082azfjY4E8cL3ui9skswYU7/toER4UAEwCH7pkgiJmQCXKoTUlgXlq+zk/HEgBBI9aqyFlvI41ZtoMa7vFSvc2XIXzGLqxFe9Uhz+aNhRfOqI0xXZ6+XN29cqhguz7wA/kmQlPFaghLJ8GALrO5D5NzQGQN9JpDLsMIE/5tn/qEmN812OXCa6xfCNyghZvvq9KyuFo8lrkOg/Pv79i0IC4L0ddVVOTe4QhRLeWZkQFhbL5XZTKc5j+fhTWGePsyl4TVkkfagpdOaoXny3mkBsiy74esTcykbt9uurYgefHBZji88KfTShPbV4ojiOvlzu0m7N6n6Rp1iBP7NwcYaf8oCuew29l5CvtQbFvXMjjyqQ8HVZIj+XRlo9MrNjfrAg43UUTSoQ7YSmuuUXz05PqCJzr+az/oU+m1jr+SjKCYqFTTuD1YUEQyLTMopqF4jIOltnfQrV3STBdhwi83njs0HLOdx2D1+6++yrbBu6tTeGRAuSg2fTWWJIR3Q+vCDs65EcfBp4WaaUfQU9aQLAIdvsf7Myve52AJxl/oi8qzEJu+Q1BoiV1CPU4kxBeZ5rrCDbCNVXBXndvz0x0h7zhbT8Op6hjWGCHTezssFTPcQpVKVP3d5eFgqdNVwsTbLh4UAJnHq5a6JDM6HEyZGITlLBIsVewgSCeR1ZFjJfseyf8b2PvZSdPBihPsluvkGCOpEjckJCrjhmxwt1ZsEEAnawy/+h4o0JvwauCjzHTRoPuuwt6teukBgzmcA1QLTJT7wvzp7qNgyacDUXiiUnFjbh6IkJG55RRNE1/2ykQd5ZbvnJaZB3BbrSF9vXYnn3aGtPMqsDOTWJefJgT62XBNFzUN3aCKBY4xqCZm2JffKFIan4zzYijHuDz66A/zoaCdCVmcVrzdlFP+mMXvXpqQX6dcgGxTWZnzpo0kezQNc9d135ybrnESHzxmI6QISgW7EyoAegHZBzu6EeJS75MTYXVan4bgW/F4DQ/sNuwYgP+JWvtwi7SkT7mUoxahV09JPvh8PEcNaRWNx/KXkI5RLyd2wY8NwMp6E4oTmmWtNTCByk+Jbd8oQjTIpLGMraOSeLoPz1gju35ZNTYozRpwPnLy+PKpZSvu7oVcdmWzdBglwUi2/bQuQBXB7daxMLM2AeCKor1643VgN1vFs+hwuxATpIv2LcjU78ucfCMXYrXTlNiXf81IFo+2vuxCEve9ZKejFl4ugxGVx3xu/2XmFym3buXnBhhVZq90LFhS0UH7NJcXJgLXg0jcRAWiW9vttYta7vusiEGwtlqcdKyDZ5IxtlplJX5bCvk43DdR4zEOSbOh6RjgpX0Y2nkc1CoJTqHTedyepAoeQ+Bf+/ski9DTGuUXB8EkdKCHpIVqa0YUZyULnBXXG+pYMXmBPWiOvT03DqUk
C:\Windows\tasks\9373b297-ad22-4ed6-b9ad-a348657528ba-4.job - C:\Program Files\ClickMovie1-Downloaderv10\9373b297-ad22-4ed6-b9ad-a348657528ba-4.exe /rawdata=C4Rylv7cpi4SCg4pLhvWrEa2WJkFKcig0U+8G4n0Zy0H9rtdXw0urpVnmf46JOY4edZrx8eEADr8pP0OzJwIQCRNHSPQSjRc+188DKsoglD82ca9ZQ1S2UNcZrDBOdY6xlIElIifoA9LGCUaNs0wmZuD/FD/ILc5t8AYlQQU10Axu6liDeshsHZlAkVIHZ4IKMPwyO6UuphNinC2uO8Jp/yklWwrIb+TYiFqMTKHiwQ++kyrbtRBHRjZmgLftMmwnmiN2AuV37py9xhkCe6Wh1urAuJEPIuh1hqSxXTYFA3cmf2HQCTJLaHav1jMKdBL5ws6RjipXzzKG/90s1Os6Jdpl7HnZ1xWD5jXeusTYrHnKgcwSXfoSomQkUCG9DWLq2DeKxdZ8pL9Ha0x9hZkKE50IOrU9/YXVzzf9CTzu6REb5FvrkJYZNqc2v4yhTFHWU/WWQe1+do/TwJHi7QfSUF/2l6PVoBzZZnJghNDkS6i3H6tHta/t/WIOErJ8RxLr9jzjTwskALUSIx822V390kt9PibOHJqFBg6kaR3NyEmCCmOJ/D/ffsoWkGBv+RkDOdeEqiIWetMCjh0bWAY/T9rk1ZIVDCk6bYnC4rmc0JyR3xK8jxSyIPBDsQXzWpgzoJXuccWIYLI4PL6qatlWv1Vj5SLSzbJ/pV8I9tuJkMO4yZe75xhHNsHSiOyQCfckHfu/kBOsJXNNGZIr/3ntvE/lRwNboOl/VCzeyy7ZIqzAQ8CJKcTK38PzEBGFOLCl+LA+2f/3dIoscrcwRTiewtfZnhgaJnIWeu0cp2h+0NawSMEZBpYE+vIRI1+I0nJaFT+zB+mKjeIVcD6l/2Nb78mh8yEiFPudXCC9wuZosIWRaiLvMMZA6w5cKmZJX5YDTMt74jNaAeYawX2cP0chcE7RunmyqG4TVmsVSJf71oDuhLsrfV0tA1O9NMYph1IYSMOks/3No04z5G0tA2mvp/keSv4/hUnxUc1x5HAdQOEIupYb7ZVPx9HWdJ7dNgjCq5cK3aUuG7I18pC4G54G5jrfrcPdmf0ZoQ2jsrJvHlCi/DOkygeTwg6CN+F32JjZRV9nWg1LDw7VckFgd3dNQfrm0Y749dKAUhvMCe/Mgdfn5POHQ0a51p5VxJkpBohw2UzTkghZPIFc14yPs04K7GfrVUQtt952nwQqg1Qt6y5r0QM4k1DM4iCG5QedhW5MIExqzRWOycFNhZePemL8ZnPemlI428A0r5rXTEBOKm0liytWII5NMyx8CeYFSRKmeMYFiOqVjjd9sY29GPuUchzHYbFjREwpGrMZl1VtWGCWcPLvy9sCXnD5ajnRfQ/+QNFqLLueOTw/yf70i+l9rF37Mx8n610CPMCZPPdWFJGXWT258FfLvrgn5ZQjb4q2jznf2KNDxtbInlfjEx7adnl2zN1Cb1A8Ti5/MXnTFzxVBmsDpEL23oJRm/YyzmraujxdkiG+vLDZiOEdBOc7t5xCyMR8ruPJV/KtHYqfEngIhov7T8zpcOkwY+sI/9sGh8a7XY6Mj4/lx7z7hiEvmoVsSzlue6jdqRO5XVNB6cgFXs9g3SQLu3akyt3LucUUmdPqO1DibbMZSgNjrpFJl+oJqbYeAxe3mNPuJST1ONOnnBV6viUAT3+Xb/hg4Pj+zwPYM9j0xp0funZF86+4MroTnXZJ8j9bDb6Wowk/cuI1EMuXL9/JZpSO2L40oOs1TiNpiSoudb22d4ekYViqQpmCaX+fv8NDr3UZ6vM8ACviAIGpnx+uk8PVWlS2hH7fmmTYUBHTP3TBJm58zPX3UWtkAjzeooQN2VSOmhmtCdNYIDy7EerrpTm6/FqmvTF2AM+QxO1iCzUHBhsepy3Z0ZFUemhFG3gw6XoqqpPlHj3HxQKsAf2dvIm7e1/U4NB3jf3JJ1IC+pPETmExPA4krNheQ+eEN1fqUIGurCAqyFGODQr87IEb0mavsI4E65QAnd1mV8dcsmhpEh4ntt9whbOai5kHn2JdS4Cxjq8G2iuHAVRxazyYTd9SfqFbBWI
C:\Windows\tasks\9373b297-ad22-4ed6-b9ad-a348657528ba-5.job - C:\Program Files\ClickMovie1-Downloaderv10\9373b297-ad22-4ed6-b9ad-a348657528ba-5.exe /rawdata=i0bWLjhN3v3R+J0Jc4OZiagqmqVVKgbnujV4KFkzC79j6v6bb5V6yiwOVXmuYw34aLXqvP824zbPJsB1qD4AEt9/S0ayZ3U4PdnYnTvWs7bCl97oRaSd9YPIgcav6Wv84lNe0X9j4lx0iz1lZbDYWwdWG1PYi8Om1x0nuIVAmnZL/6RBuh1LJjDkGI5dWipSaPqlX9pnpYXgXRW5GLN76WtzZFzjqzVngT4g0n0X3yhcXUlY6/g7Z13aXdXu2hWNgWA/7KnmZ3X3aCergWpi9G8hl3GZAUWikpZh5Sztpd8T8avUJrG1SH3T6jFNvjmpNZCcfJ9S0wm1kwSHy0/zCLLJFrOGr+oBcJHedIyr9rhAMx2tsZ93rB1t8ldaHx3EBct7pC6wPkBhbcUylRwwzu0bsDGWfqU0QVOfWkLN0S0+Ih9QOQf4tMqCNEhf29CHwX6eIqKBIdYGWjgEuswRnkqUvOk2aSRrsdJqcJjyleJT1zRGEoudUoXI7I71i2iSSfq6HMyspF0Cwx+nAkXdZGO8sqik5DmhaHfHx+t6+PZUAEfJMmL04jJ/SuNCgx8RR4PspQzj24QOPx8y/N0x0HBhnxLoeLIONa5qsohrUlSEK6aiRN6ZGkvoYH3Qo0BYIspucVI1ccg+uxY5lIWZDYpFTVamEUX+5Clp4eQmjPxzKk2Yj1yFrmFFSn+xN0HGN/tFytBozrHa+u4aN0XiJMKc+E+cPUsnYYjCNPU4XslGNhrwaThsRyjFhbKijPgC0Gb03x6fXvDQdv++m1jef0/2y+wCkYHNcXsU740Hum42aVGjOK0MxCLqW8eWspNJxwF1efFK8nGGSG4/75pwHI5uhNfQIEPFqPrrPFbb6lOc7Wlxc0M85keHJ17M4CLMG/bBi/DHxzNC8ujVyE1LBWinEfrn8mvuffJr+a+541yYPTi4K0gE9pqPNXflxNAdGugdAYi0skLS/OZ2YyqfGuT211ppX8I4BzoAeY1Ya8eyBYdcZRgbSxqvllaVtomF
C:\Windows\tasks\9373b297-ad22-4ed6-b9ad-a348657528ba-5_user.job - C:\Program Files\ClickMovie1-Downloaderv10\9373b297-ad22-4ed6-b9ad-a348657528ba-5.exe /rawdata=i0bWLjhN3v3R+J0Jc4OZiagqmqVVKgbnujV4KFkzC79j6v6bb5V6yiwOVXmuYw34aLXqvP824zbPJsB1qD4AEt9/S0ayZ3U4PdnYnTvWs7bCl97oRaSd9YPIgcav6Wv84lNe0X9j4lx0iz1lZbDYWwdWG1PYi8Om1x0nuIVAmnZL/6RBuh1LJjDkGI5dWipSaPqlX9pnpYXgXRW5GLN76WtzZFzjqzVngT4g0n0X3yhcXUlY6/g7Z13aXdXu2hWNgWA/7KnmZ3X3aCergWpi9G8hl3GZAUWikpZh5Sztpd8T8avUJrG1SH3T6jFNvjmpNZCcfJ9S0wm1kwSHy0/zCLLJFrOGr+oBcJHedIyr9rhAMx2tsZ93rB1t8ldaHx3EBct7pC6wPkBhbcUylRwwzu0bsDGWfqU0QVOfWkLN0S0+Ih9QOQf4tMqCNEhf29CHwX6eIqKBIdYGWjgEuswRnkqUvOk2aSRrsdJqcJjyleJT1zRGEoudUoXI7I71i2iSSfq6HMyspF0Cwx+nAkXdZGO8sqik5DmhaHfHx+t6+PZUAEfJMmL04jJ/SuNCgx8RR4PspQzj24QOPx8y/N0x0HBhnxLoeLIONa5qsohrUlSEK6aiRN6ZGkvoYH3Qo0BYIspucVI1ccg+uxY5lIWZDYpFTVamEUX+5Clp4eQmjPxzKk2Yj1yFrmFFSn+xN0HGN/tFytBozrHa+u4aN0XiJMKc+E+cPUsnYYjCNPU4XslGNhrwaThsRyjFhbKijPgC0Gb03x6fXvDQdv++m1jef0/2y+wCkYHNcXsU740Hum42aVGjOK0MxCLqW8eWspNJxwF1efFK8nGGSG4/75pwHBPIwg07gfh+noP8brg1alrhRUkIRZgY7P3PKXbt1FYNQFp8infin2M+utO5xmTgQ+txN2gi4gPs3+1MmTyYwfYqS02n/sjZwc3uAT9lFVegpVhmLzy9F0L9ioa/8P9vlK+euakQMZkszsbUl7frqhxSyDtuzgIlUGFf7L7cN8Tp
C:\Windows\tasks\9373b297-ad22-4ed6-b9ad-a348657528ba-6.job - C:\Program Files\ClickMovie1-Downloaderv10\9373b297-ad22-4ed6-b9ad-a348657528ba-6.exe /rawdata=loBw6Z3ti7IPs/YwLg0EZeuB1qJrw85OLpnik4bcRxg/rq7HuFASiWdW8D77yW06vSAcKsdDpTSUSsTDPMSDmTxT9Z4GHHchvAnv3148FCkmAbTJtdAQ8UnaK7U9zCUJHJ9APvaRxp5JrK4wUVDh4A9ZlLtUt2K9XtRu4QuaptQ3aelG5S5cyZpk2GxxWViLkMHGFWzp15VfJ94Uv0/DgqRv+1DBQ7FXisFBxN0/bxEx55tF2DsOESmkUSDBTzbORX12N3ejE5eEV6Lv4hrB8UOrmc2QuhMQ5xXJJ+PgtUDrXz7ge8MEORE4AB7FJ6jWW/bpoo225Ulj5XamGw2aDQ+0NhtaAuSw+CJcMMp87cJMdP66iQi7ESlc2PMT3YaCK8qFeUTz9k3WX7s7nRTI69ugBASVWM6ME961qUdFO3ZgRiserbizvV+cI6wsBmvwoWokUfswHlvT3mRI2h4ptOweKQjBTGL4F7pzIKLoeXvalr2k4F9ANA/FiE2A1VerpRQoEz4t853mJ972ZGSdw3kDgWBzewBaVa3mhSxsUUrzILzXzI15vKEs3tlv3UEtNOWkO6smCxgKcYuJcTotv2LwvkuU7w1B+cLs/9zINRmQjbrNhm+09cDsFebP9JBIsoZQhHUzd2mNbXusc0FKlwo6LlnpO5WQB9gwM9Y84vZzDoeVEKL9rUGEYGfoLcSQA2jbInp2wAmx/lgglG2tJfkzuL2nSx3bWYI8wBwr9keXPB67pmULfLSebZhsyG1jX6xts08UbQiI5wiwokn5MzXE6Vj7Wv5acQ3IgsffwiDOAsQ88kC6RMncSgEFgG197PJe/SHarQYUWQGuF8NZXCWdSPm4kOW4/1s8qkFE+axZeISx2Y5CuW4CNOzpRahY6GF9Jmcs6f5CYpDZ8/k2B259XxlTTCSkux7fv9/g5MxT9c2OCE5pVh0B9Wy/U/N4+Fw5oJ0loFWvM+06sz0zepbRC8zxWMHwW3YzSIzi1ijzWJNHr/JOdOrnu16KRXplfQ4XhIjW2PFl0JlwPKpT2Ebhh++nYFm4dfHHIcMFI9IV+QnN5yq8mQwPnRzN43dYx+QYwnClUs0nYkWSJ/DUiXi+WcpiFnJUciE1DajkdxZAvD5iJGpelZqtVPheSikTq7j7qQB8ziwW/NzSau7WyaBfB/U6M87PRRgHxa/CVylKQE0Xk3Z4EGzq6wFpl5PwprNnCBRdAxqttdkFAHZl+ANdecAHdJmgHXHU4WfPYxp9K0bwY1SYotwoCiReFawnfzQKxEAig7PiH7P80/9fT6s1R3iksC4kY4nJidZeTJ6vIBYjAHI6LC1YjuuALWYJg87Sv/PqPNr43XddIjy/IVtkmEeoWW7Nf4s/Qm8wBsPpm2plAlCaWcMxJM1kMPXPS5eQrx8lTSTTML5tEauV+dR/4EQi0ZmBUDBmJJbXPSWJvLLyoRMNM5Ukj7E2khdq+IH1xdldleMVTPN06sh9DzhJAS/3A86GaYH7ebWAqgpjZ8ubdCEvoSP+ehjwj2IoEtMaDQX6w/cdKxupMUqwskKuHvvKlzp8byAIoo1jUXvCx6oq0B59DGf4yywYrTu3QuhuNDIBTC7OqrW9GOcefs1Y9fYYB9tp3futTR9tZuhRHNzE8fkyANbE1Xt4nS8UECpL0CtdgNiewxzsKjsaNAxbNx+PN76awV44DtGxyhmqgDC2Myr1ZdYqejj93F1qHe/44QuD09yIxQrWdUAxH/9OY62GSBZ6V9wXMizkxlI+2f6vrsJ23n3x5+s6EBQ1qDOWmaOCSvbqtprlc9rOt733ofFZxk35uMcFOS8gLVOGxpz6qLO1omhwInJYmJzDyTSzt8zD0hkvlnRv5nAFjw==
C:\Windows\tasks\9373b297-ad22-4ed6-b9ad-a348657528ba-7.job - C:\Program Files\ClickMovie1-Downloaderv10\9373b297-ad22-4ed6-b9ad-a348657528ba-7.exe /rawdata=wuUSO4/bk57MBiOQ7EW3g89USGoB1j68b+ub/hNgCa0QMt8UAUl739k5HZ9jDBEFOVZDfmtSdUQFqd1DA5c+Orm5eXIqqF5dOHTSj4Un8i3btyAFHoBtPLRwre3Roqi58bMvKEhWs0TE7GR63jqD32EuNJpPaE9NtZXewJLy6YuvSygEsZFy8ghVDWVEErRHPQLjRwiQhexDL+deebQFX4IfloCyR+/B4Vqgdf1CUwKktNNvHQq6H8Td7V+zeL9bTtFA0UbG5rM1cm7jZ+P3oUZrcI1rF41auNQZoqL8RAW+z78ku0m0ToJFXaEL/FmAAXC+LTFvs/lo/THXtl86N6F/s0l5SKuO86k9M1F92w1BAzRaWtucHdyT9/uv+DXLxVpLCS+0eUX3on8B9Vg7PCJ8RIegKgWvIR0dgqKqfnYd2TqZaHGdmOXya+MpQb26flvcWf5hrfdK3zMIlDpBQVIk/Z5CZejvEu6NWXBG5z07EbPlJsK4lK7Ku6qtxX8oZHX5SX4BbZvmNAjRbLYWDTR1W6p3TyK9zIz/B8AyCPvWLm1omBVcF+IgQSPFt9iw9mcpZwUlbbbZ0yd6URwiZ+nGrXqz1gyhOctM6aMjN13Gm6UgIV2Na1l16ABbZ+a/GK8uB4H81EiSZA8SjOjeByGB8d2N0Ws/YNHVlF2hzzINfLzivvNlh4CkEGV++oyJtZPh+TAMokC3DMbQpQH+UKE9dcIRNZI28VAOIzD4OdMu0qYhZYrWcQHjy01FovPGOtBNSvO8jrVBLXWEaBc7Yp030dPZPZz+S4HVYAoVm4uvQ+JxXEYhzycwSFby+MFatMXfwE8l4NxvAW9x5sNEOxNdGHFFGJZoQ9pVIe9o7ouZhsspOhkf2j3wgxGpnIEuw6DrWCI6cclHGIuRBOQ3mcgV8bLaHno6cXXHeadFfCi0dpor5r03UEJfAVN+Efq7H8SeyTuld3Myco7Il2kLG2TTUW+9yyPOtxhfVvcRQpHA14QJ/zWftASLYXtGepegYo5EktQPSPFhzZZkIMX1elGZvmfKNrGpHKL9spGHY/FEpY9N9awrMv4uL1zqj++PJwvbc82ZFxbihnMA8tJr27bPvLvfWN6id7/k5UqaxbLPvQ4Lr0IRelPYB7ttzfIXeSv4Eqcy8Dq0rMS6BDDkRvAgVUWmnSdQ93gzt8wGLXqvkCpA3sjnXeA+OYdea+4c3YiCG6xVQJElZDb/Rc7wn6rsJzQbqKNgLYTMG/Ab/oFdB6RJpKGIQW78kzXRQdTDnRonCH70xiEkqIO8uSGmZVujCZDIfOgXsKIZ3/GZwQ2rYTk7QroodJWf+FurmfyIibn88sOh5e/iRXr+IKOsemtVzOqpAWfonqXsCUJpNi6zAJ5nFhc7YAA+94ECMyr0Xceb+youEYxI6VPa8t7LPOxIwR9khP/EvXUkJUzECFHczqLODyQNvupSu4MIz/sfNkJLOEQTF9nGPWmMqQTXLk+JAjcGcva20Gf5Kt/ZaRoCylJDPLuCMiE07fYMYyz6PMBuUJLiWv9cdlMmM0eJfmuEFNlWrqygzKkq7di4FptObmwObxXy+gclATVO7s9RbsPbod6OwiQevQ9qZxDXyWepJpEZRBC5N5lP/9p6z+OI0Cp2vqyWeEBH6TYSHw/gDIP1R+0MdQwMypCgwABQXkx4Xby0oQny1WoZTkF3FFM=
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\BOHYODIQ.job - C:\Users\fr\AppData\Roaming\BOHYODIQ.exe /infocmdline=gP8S+ANKBQz3FLFvZmPWKIudjBKlK6JrLYt4WQn8Sw6yUqCscbe+a/yr06FRWi/yr5Yweo4koVeWVHeIvXw0Rcu1VPJ/k6lR2k98EX3+UdA0++qhjAz85gwf9E6YtXlIZ7mOZo6ZiPYubTat16iTouSCepZ0+sKpBpVQX3p2ROg9IdcCGXuySbCSkofuNjEVgANV26adte/8HxWqxgCYn2KUrUkbrlCB8ReHRnK32UYGy4d4Gy71jypOy1GbF18uXeoy1PQABc2EtLZa/fhLs3XNwg/kjG1ooFK9BSeGEQP3BHfdKaUnmPYUOoox4pAz4/ROndifA/mm/j6nPvKSrYuqsQVW1d13BTcplLTeoZgleGopxV2Hoh/d8EXe4afQtiKq3KEobTtZelWsXrkI8gSr6F4d5G1VsJtt7xlCw0qa9jxKkH9sEm7Q+95foy9iI5Aeb+1Myey1rTsXGslbYt9/bZmRE7z4oYrR9C+gQX94aLby9CMvjrbxxeTp6Wc3sZkLutK+wRg09MBTdV6esMVJAnVrHQ18v7KwLAnjHLQ6qygpZwcc4FRKmt288xLM80NNLghoNjL7A5LleUPNwEK91s0rHvKmd83SdnKb64/+DklNpVBvfiP1S7ufH9ZR3T06y0c1dfgiSyZsKto8dEXbr5D/fQu+D2xz3adWKyg=
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf8f667f06706.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf2e03625ecb23.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\SIR.job - C:\Users\fr\AppData\Roaming\SIR.exe /infocmdline=mHak8qujWd9M/Q4S1UwmxP0roWaIRxvzplM1e0zGIWxFARpqkKXRJ3t1og0deNBkdpgWsGRVfpVe6suwI5Bxhvg68a7msqbOxe1M5dZxU9iVc4cI43BWM9CRdFhqs4/Jeb+t0t+QMl+ty796VbRLYi5K6zkgU9cLFB8qYUxdkRN7p25VyvsXFAXoPJCmzHnFqqclT3nNe15+C45bv2jqbcgMd4fssQ5vXeYAjKVyQWvLAUw6CBulbL5EBCmxLcNFclpKDwA+eBzdxpsD7op+N6Cfmvwpu5c3tNt+tgK/YOzLQGBrlA8EfgB8njQuXg2XsLKBYcVQp+OlNjWjHDpKfro05k8cj23/YA0IYHdGKzunNSe7TR1fWlL+wH0RchSrL59jUrqJXHtFg0irggIK5pOSMVuDuX4kazrYycMKFtzMh0MWHqdnYE+8eRirKhKf7CbvNINKwZwsMZxd/zm97kI4VZ4aB9Ut7DhalMm/jRWX6qza1XBxtGwYNQy8H/J5
C:\Windows\tasks\SlimDrivers Startup.job - C:\Program Files\SlimDrivers\SlimDrivers.exe -boot

=========Mozilla firefox=========

ProfilePath - C:\Users\fr\AppData\Roaming\Mozilla\Firefox\Profiles\vas3qjow.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://search.tb.ask.com/search/GGmain. ... searchfor="

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.257 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_257.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll


C:\Users\fr\AppData\Roaming\Mozilla\Firefox\Profiles\vas3qjow.default\extensions\
5effxtbr@TranslationBuddy_5e.com
LPESNIOB27154074@RO39491085.com
staged

C:\Users\fr\AppData\Roaming\Mozilla\Firefox\Profiles\vas3qjow.default\searchplugins\
ask-web-search.xml
funmoods.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23 72336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-11-12 710864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"snpstd"=C:\Windows\vsnpstd.exe [2005-10-11 339968]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5110672]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_AB2C620475F00BACF9C9850501F65449"=C:\Program Files\Comodo\Dragon\dragon.exe [2014-11-27 725696]
"iCloudDrive"=C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe [2014-10-20 43816]
"GoogleChromeAutoLaunch_8AA4BD0D899485AE602DD3FB27B21FD4"=C:\Program Files\Google\Chrome\Application\chrome.exe [2015-01-09 856904]
"iCloudServices"=C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [2014-10-17 43816]
"ApplePhotoStreams"=C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2014-11-21 43816]
"SkyDrive"=C:\Users\fr\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [2014-12-29 277672]
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2014-10-14 720064]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office14\GROOVEMN.EXE [2013-03-06 945856]
"Directory Opus Desktop Dblclk"=C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe [2008-10-27 275952]
"Device Detector"=DevDetect.exe -autorun []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2014-11-21 5282584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApplePhotoStreams]
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2014-11-21 43816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices]
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [2014-10-17 43816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe [2014-09-23 314664]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Aktualizovat ESET licenci.lnk - C:\Program Files\ESET\MiNODLogin\MiNODLogin.exe

C:\Users\fr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft SharePoint Workspace.lnk - C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
Odeslat do OneNote.lnk - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
EldosMountNotificator-cbfs5 - {9A4B9CD5-F271-4116-A62B-851CA50B49D1} - C:\Windows\system32\cbfsMntNtf5.dll [2013-11-25 157480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Virtual Storage Mount Notification - {9A4B9CD5-F271-4116-A62B-851CA50B49D1} - C:\Windows\system32\cbfsMntNtf5.dll [2013-11-25 157480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
"{3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE}"=C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [2008-10-27 693744]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"EnableShellExecuteHooks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"VIDC.ACDV"=ACDV.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-01-23 17:54:45 ----D---- C:\rsit
2015-01-23 17:46:33 ----D---- C:\Program Files\trend micro
2015-01-23 15:29:57 ----HD---- C:\OneDriveTemp
2015-01-22 08:47:49 ----D---- C:\Program Files\CCleaner
2015-01-22 07:34:13 ----D---- C:\1
2015-01-14 06:54:00 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-14 06:54:00 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-01-14 06:53:30 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 06:53:29 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 06:53:27 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 06:53:26 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-10 11:11:05 ----A---- C:\Windows\SNVerifyDLL.dll
2015-01-10 11:11:05 ----A---- C:\Windows\AquaReal.scr
2015-01-10 11:11:04 ----D---- C:\Program Files\Formosoft
2015-01-10 11:10:15 ----D---- C:\Program Files\Common Files\InstallShield
2015-01-10 11:09:24 ----D---- C:\Program Files\SereneScreen
2015-01-10 11:07:56 ----D---- C:\Program Files\Prolific Publishing, Inc
2015-01-10 11:06:17 ----D---- C:\Users\fr\AppData\Roaming\Marine Aquarium 3
2015-01-06 14:09:55 ----D---- C:\Users\fr\AppData\Roaming\GPSoftware
2015-01-06 14:05:28 ----D---- C:\ProgramData\GPSoftware
2015-01-06 14:05:26 ----D---- C:\Program Files\GPSoftware
2015-01-06 13:39:24 ----D---- C:\Zvonění
2015-01-06 10:22:44 ----D---- C:\Users\fr\AppData\Roaming\MOBILedit
2015-01-06 10:13:59 ----D---- C:\Program Files\MOBILedit!
2014-12-25 10:51:45 ----D---- C:\Users\fr\AppData\Roaming\ACD Systems
2014-12-25 10:49:44 ----D---- C:\ProgramData\ACD Systems
2014-12-25 10:49:29 ----D---- C:\Program Files\Common Files\ACD Systems
2014-12-25 10:49:29 ----D---- C:\Program Files\ACD Systems
2014-12-25 10:21:37 ----D---- C:\IrfanView
2014-12-25 10:10:54 ----D---- C:\Users\fr\AppData\Roaming\Anthropics
2014-12-25 10:08:16 ----D---- C:\Program Files\Portrait Professional Studio 9
2014-12-25 08:51:46 ----D---- C:\Vylepší fotku

======List of files/folders modified in the last 1 month======

2015-01-23 17:54:46 ----D---- C:\Windows\Temp
2015-01-23 17:52:51 ----D---- C:\Windows\Prefetch
2015-01-23 17:46:33 ----RD---- C:\Program Files
2015-01-23 17:45:02 ----D---- C:\Staženbo
2015-01-23 16:25:41 ----D---- C:\Windows\system32\config
2015-01-23 15:11:54 ----D---- C:\ProgramData\AutoKMS
2015-01-23 15:11:22 ----D---- C:\Windows\system32\drivers
2015-01-23 07:34:43 ----D---- C:\Windows\System32
2015-01-23 07:34:28 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-01-22 15:11:41 ----D---- C:\Windows\inf
2015-01-22 15:11:26 ----D---- C:\Windows
2015-01-22 08:51:28 ----D---- C:\Windows\Panther
2015-01-22 08:51:23 ----D---- C:\Windows\Logs
2015-01-22 08:51:22 ----D---- C:\Windows\debug
2015-01-22 08:48:06 ----D---- C:\Windows\system32\Tasks
2015-01-21 13:15:21 ----D---- C:\Windows\system32\appmgmt
2015-01-21 13:14:02 ----SHD---- C:\System Volume Information
2015-01-18 17:51:35 ----SHD---- C:\Windows\Installer
2015-01-17 16:04:20 ----D---- C:\6
2015-01-15 06:40:27 ----D---- C:\Windows\winsxs
2015-01-14 17:39:28 ----D---- C:\Windows\system32\MRT
2015-01-14 17:31:51 ----A---- C:\Windows\system32\MRT.exe
2015-01-14 15:09:08 ----D---- C:\Program Files\Zrychleni Pocitace
2015-01-14 13:58:57 ----D---- C:\2
2015-01-10 11:17:15 ----AD---- C:\ProgramData\TEMP
2015-01-10 11:11:03 ----HD---- C:\Program Files\InstallShield Installation Information
2015-01-10 11:10:15 ----D---- C:\Program Files\Common Files
2015-01-10 10:43:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-06 14:05:28 ----HD---- C:\ProgramData
2015-01-06 10:19:12 ----D---- C:\Windows\system32\DriverStore
2015-01-06 10:17:38 ----D---- C:\Program Files\Compiled Driver Disk (Nokia)
2015-01-06 10:17:37 ----D---- C:\Program Files\Phone Drivers Downloader
2015-01-06 04:36:02 ----N---- C:\Windows\system32\MpSigStub.exe
2015-01-05 19:52:35 ----SD---- C:\Users\fr\AppData\Roaming\Microsoft
2014-12-29 11:15:49 ----D---- C:\3
2014-12-27 06:36:44 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-12-25 10:52:28 ----D---- C:\ProgramData\Installations
2014-12-25 10:27:28 ----D---- C:\Users\fr\AppData\Roaming\Identities
2014-12-24 06:48:56 ----D---- C:\Windows\Microsoft.NET
2014-12-24 06:46:44 ----RSD---- C:\Windows\assembly

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 49240]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-06-28 436792]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 cbfs5;cbfs5; \??\C:\Windows\system32\drivers\cbfs5.sys [2013-11-25 346688]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 188808]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 134248]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 37416]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 174400]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x86.sys [2009-10-13 49152]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 ac6m0tkh;ac6m0tkh; C:\Windows\system32\drivers\ac6m0tkh.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 49856]
S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-07-29 25112]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 snpstd;Trust Webcam 14823; C:\Windows\system32\DRIVERS\snpstd.sys [2006-05-03 390784]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2015-01-23 13464]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2013-03-18 45056]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2014-11-11 1679536]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2014-11-27 2370240]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2013-09-12 1337752]
R2 PCSUService;PC Speed Up Service; C:\Program Files\Zrychleni Pocitace\PCSUService.exe [2011-09-28 234720]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 1713904]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2014-09-12 4846168]
S2 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-23 267440]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-10-19 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-25 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-12-01 654848]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-10-19 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-25 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 102912]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 540968]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-22 114288]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-09-12 150600]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-11-24 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v4.108 - Report created 24/01/2015 at 07:15:22
# Updated 17/01/2015 by Xplode
# Database : 2015-01-23.3 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : fr - FR-PC
# Running from : C:\Users\fr\Desktop\adwcleaner_4.108.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : pcsuservice

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zrychleni Pocitace
Folder Deleted : C:\Program Files\driver-soft
Folder Deleted : C:\Program Files\Funmoods
Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Program Files\RegClean Pro
Folder Deleted : C:\Program Files\Zrychleni Pocitace
Folder Deleted : C:\Program Files\ClickMovie1-Downloaderv10
Folder Deleted : C:\Users\fr\AppData\Local\cool_mirage
Folder Deleted : C:\Users\fr\AppData\Local\globalUpdate
Folder Deleted : C:\Users\fr\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp
Folder Deleted : C:\Users\fr\AppData\Roaming\Systweak
Folder Deleted : C:\Users\fr\Documents\PCSpeedUp
Folder Deleted : C:\Users\fr\Documents\drivergenius
Folder Deleted : C:\Users\fr\AppData\Roaming\Mozilla\Firefox\Profiles\vas3qjow.default\Extensions\LPESNIOB27154074@RO39491085.com
Folder Deleted : C:\Users\fr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhhjmlmdpcpiojiffodbldlkgcnaeogp
Folder Deleted : C:\Users\fr\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki
Folder Deleted : C:\Users\fr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol
Folder Deleted : C:\Users\fr\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbebdjcjllheeclffnofhgcimmlkkbon
Folder Deleted : C:\Users\fr\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dhhjmlmdpcpiojiffodbldlkgcnaeogp
Folder Deleted : C:\Users\fr\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol
Folder Deleted : C:\Users\fr\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
Folder Deleted : C:\Users\fr\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jbebdjcjllheeclffnofhgcimmlkkbon
File Deleted : C:\Users\fr\AppData\Roaming\Mozilla\Firefox\Profiles\vas3qjow.default\searchplugins\ask-web-search.xml
File Deleted : C:\Users\fr\AppData\Roaming\Mozilla\Firefox\Profiles\vas3qjow.default\searchplugins\funmoods.xml
File Deleted : C:\Users\fr\AppData\Roaming\Mozilla\Firefox\Profiles\vas3qjow.default\user.js

***** [ Scheduled Tasks ] *****

Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : YourFileDownloader Installer Starter
Task Deleted : 9373b297-ad22-4ed6-b9ad-a348657528ba-1
Task Deleted : 9373b297-ad22-4ed6-b9ad-a348657528ba-11
Task Deleted : 9373b297-ad22-4ed6-b9ad-a348657528ba-2
Task Deleted : 9373b297-ad22-4ed6-b9ad-a348657528ba-3
Task Deleted : 9373b297-ad22-4ed6-b9ad-a348657528ba-4
Task Deleted : 9373b297-ad22-4ed6-b9ad-a348657528ba-5
Task Deleted : 9373b297-ad22-4ed6-b9ad-a348657528ba-5_user
Task Deleted : 9373b297-ad22-4ed6-b9ad-a348657528ba-6
Task Deleted : 9373b297-ad22-4ed6-b9ad-a348657528ba-7

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\microsoft\shared tools\msconfig\startupreg\PCSpeedUp
Key Deleted : HKCU\Software\55b3825ee39ada2fcddf7c7accbde69e
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611331117}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655335517}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666336617}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644334417}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{92250257-5287-4734-948F-0D6A129EEB65}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\Funmoods
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Speedchecker Limited
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\ClickMovie1-Downloaderv10
Key Deleted : HKLM\SOFTWARE\Driver-Soft
Key Deleted : HKLM\SOFTWARE\Funmoods
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\ClickMovie1-Downloaderv10-nv
Key Deleted : HKLM\SOFTWARE\ClickMovie1-Downloaderv10
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v33.1.1 (x86 cs)

[vas3qjow.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "Ask Web Search");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Ask Web Search");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.aLPESNIOB27154074RO39491085com63317.63317.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%3A[...]
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "149b301db1a863d35f9b1eeb55fadad6");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.aflt", "ddrnw");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.dfltLng", "");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.dfltSrch", true);
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.dnsErr", true);
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.excTlbr", false);
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.hmpg", true);
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=ddrnw");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.id", "b6fbe740000000000000001fc6d67d68");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.instlDay", "16215");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.instlRef", "");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.newTab", true);
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=ddrnw");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.prdct", "funmoods");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.prtnrId", "funmoods");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.smplGrp", "none");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.srchPrvdr", "Search");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.tlbrId", "base");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=ddrnw&q=");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.vrsn", "1.5.11.16");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.11.167:37:16");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.vrsni", "1.5.11.16");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.BUTTON_STRUCTURE", "[{\"b\":221348171,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":221348172,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.browser.search.defaultenginename.prev", "Search");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.browser.search.defaultenginename.savedPrev", "true");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.browser.search.defaultenginename.tb", "Ask Web Search");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.browser.search.selectedEngine.prev", "Search");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.browser.search.selectedEngine.savedPrev", "true");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.browser.search.selectedEngine.tb", "Ask Web Search");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.browser.startup.homepage.prev", "hxxp://www.seznam.cz/");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.browser.startup.homepage.savedPrev", "true");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.browser.startup.homepage.tb", "hxxp://home.tb.ask.com/index.jhtml?ptb=E7CA2B7D-A8B2-4C35-BC03-B8534BE4D84F&n=780c4d8e&p2=^JS^xdm007^YYA^cz&si=CMfB6I[...]
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.browser.startup.page.savedPrev", 1);
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.browser.startup.page.tb", 1);
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.browser.version.last", "33.0");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.competitorDNS", "{\"comment\":\"refresh every 1 week (7*24*60*60*1000)\",\"refreshPeriod\":604800000,\"list\":[{\"url\":\"hxxp://www.dnsrsearch.com/[...]
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.firstKnownVersion", "6.58.4.19980");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=E7CA2B7D-A8B2-4C35-BC03-B8534BE4D84F&n=780c4d8e&p2=^JS^xdm007^YYA^cz&si=CMfB6I6Q2L8CFULmwgodumgAO[...]
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.hp.user.defined", true);
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.initialized", true);
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.installKeysSource", "Cookies");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.installType", "XPI");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.installation.contextKey", "");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.installation.installDate", "2014072206");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.installation.partnerId", "^JS^xdm007^YYA^cz");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.installation.partnerSubId", "CMfB6I6Q2L8CFULmwgodumgAOQ");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.installation.pixelUrl", "hxxp://www.translationbuddy.com/install_pixels ... e2e&cake_i[...]
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.installation.success", true);
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.installation.toolbarId", "E7CA2B7D-A8B2-4C35-BC03-B8534BE4D84F");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.isCompliantUninstallImplementation", true);
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.lastActivePing", "1421160433301");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.lastKnownVersion", "6.83.5.43014");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.options.defaultSearch", true);
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.options.homePageEnabled", true);
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.options.keywordEnabled", true);
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.options.tabEnabled", true);
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.partnerPixelFired", true);
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.successUrl", "hxxp://www.translationbuddy.com/installComplete.jhtml");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.toolbar.versionChanged", false);
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.toolbarCollapsed", true);
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._5eMembers_.weather.location", "10001");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "translationbuddy@mindspark.com");
[vas3qjow.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=E7CA2B7D-A8B2-4C35-BC03-B8534BE4D84F&n=780c4d8e&ind=2014072206&p2=^JS^xdm007^YYA^cz&si=CMfB6I6Q2L8CFULmwgodumgAOQ&sear[...]

-\\ Google Chrome v39.0.2171.99


-\\ Comodo Dragon v36.1.1.21

[C:\Users\fr\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Deleted [Extension] : dhhjmlmdpcpiojiffodbldlkgcnaeogp
[C:\Users\fr\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Deleted [Extension] : lbfehkoinhhcknnbdgnnmjhiladcgbol
[C:\Users\fr\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Deleted [Extension] : cmaiofennmphjldldcpphcechfnnohja
[C:\Users\fr\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Deleted [Extension] : jbebdjcjllheeclffnofhgcimmlkkbon
[C:\Users\fr\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Deleted [Startup_URLs] : hxxp://www.searchnu.com/406

-\\ Opera v0.0.0.0


*************************

AdwCleaner[R1].txt - [19902 octets] - [24/01/2015 07:12:54]
AdwCleaner[S0].txt - [20761 octets] - [24/01/2015 07:15:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [20822 octets] ##########

Dejte nový log RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by fr at 2015-01-24 11:42:26
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 38 GB (38%) free of 100 GB
Total RAM: 2047 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:43:10, on 24.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\SlimDrivers\SlimDrivers.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Users\fr\Desktop\RSIT.exe
C:\Program Files\trend micro\fr.exe
C:\totalcmd\TOTALCMD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_AB2C620475F00BACF9C9850501F65449] "C:\Program Files\Comodo\Dragon\dragon.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [HlidacKatastru] C:\Program Files\Hlídač katastru\DRM.WinKlient.exe -h (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [HlidacKatastru] C:\Program Files\Hlídač katastru\DRM.WinKlient.exe -h (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Přidat do stávajícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O21 - SSODL: EldosMountNotificator-cbfs5 - {9A4B9CD5-F271-4116-A62B-851CA50B49D1} - C:\Windows\system32\cbfsMntNtf5.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {9A4B9CD5-F271-4116-A62B-851CA50B49D1} - C:\Windows\system32\cbfsMntNtf5.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo Security Solutions, Inc. - C:\Program Files\Comodo\Dragon\dragon_updater.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 10421 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\BOHYODIQ.job - C:\Users\fr\AppData\Roaming\BOHYODIQ.exe /infocmdline=gP8S+ANKBQz3FLFvZmPWKIudjBKlK6JrLYt4WQn8Sw6yUqCscbe+a/yr06FRWi/yr5Yweo4koVeWVHeIvXw0Rcu1VPJ/k6lR2k98EX3+UdA0++qhjAz85gwf9E6YtXlIZ7mOZo6ZiPYubTat16iTouSCepZ0+sKpBpVQX3p2ROg9IdcCGXuySbCSkofuNjEVgANV26adte/8HxWqxgCYn2KUrUkbrlCB8ReHRnK32UYGy4d4Gy71jypOy1GbF18uXeoy1PQABc2EtLZa/fhLs3XNwg/kjG1ooFK9BSeGEQP3BHfdKaUnmPYUOoox4pAz4/ROndifA/mm/j6nPvKSrYuqsQVW1d13BTcplLTeoZgleGopxV2Hoh/d8EXe4afQtiKq3KEobTtZelWsXrkI8gSr6F4d5G1VsJtt7xlCw0qa9jxKkH9sEm7Q+95foy9iI5Aeb+1Myey1rTsXGslbYt9/bZmRE7z4oYrR9C+gQX94aLby9CMvjrbxxeTp6Wc3sZkLutK+wRg09MBTdV6esMVJAnVrHQ18v7KwLAnjHLQ6qygpZwcc4FRKmt288xLM80NNLghoNjL7A5LleUPNwEK91s0rHvKmd83SdnKb64/+DklNpVBvfiP1S7ufH9ZR3T06y0c1dfgiSyZsKto8dEXbr5D/fQu+D2xz3adWKyg=
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf8f667f06706.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf2e03625ecb23.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\SIR.job - C:\Users\fr\AppData\Roaming\SIR.exe /infocmdline=mHak8qujWd9M/Q4S1UwmxP0roWaIRxvzplM1e0zGIWxFARpqkKXRJ3t1og0deNBkdpgWsGRVfpVe6suwI5Bxhvg68a7msqbOxe1M5dZxU9iVc4cI43BWM9CRdFhqs4/Jeb+t0t+QMl+ty796VbRLYi5K6zkgU9cLFB8qYUxdkRN7p25VyvsXFAXoPJCmzHnFqqclT3nNe15+C45bv2jqbcgMd4fssQ5vXeYAjKVyQWvLAUw6CBulbL5EBCmxLcNFclpKDwA+eBzdxpsD7op+N6Cfmvwpu5c3tNt+tgK/YOzLQGBrlA8EfgB8njQuXg2XsLKBYcVQp+OlNjWjHDpKfro05k8cj23/YA0IYHdGKzunNSe7TR1fWlL+wH0RchSrL59jUrqJXHtFg0irggIK5pOSMVuDuX4kazrYycMKFtzMh0MWHqdnYE+8eRirKhKf7CbvNINKwZwsMZxd/zm97kI4VZ4aB9Ut7DhalMm/jRWX6qza1XBxtGwYNQy8H/J5
C:\Windows\tasks\SlimDrivers Startup.job - C:\Program Files\SlimDrivers\SlimDrivers.exe -boot

=========Mozilla firefox=========

ProfilePath - C:\Users\fr\AppData\Roaming\Mozilla\Firefox\Profiles\vas3qjow.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.257 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_257.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll


C:\Users\fr\AppData\Roaming\Mozilla\Firefox\Profiles\vas3qjow.default\extensions\
5effxtbr@TranslationBuddy_5e.com
staged

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23 72336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-11-12 710864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5110672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_AB2C620475F00BACF9C9850501F65449"=C:\Program Files\Comodo\Dragon\dragon.exe [2014-11-27 725696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApplePhotoStreams]
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2014-11-21 43816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner.exe [2014-11-21 5282584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Detector]
DevDetect.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Directory Opus Desktop Dblclk]
C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe [2008-10-27 275952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_8AA4BD0D899485AE602DD3FB27B21FD4]
C:\Program Files\Google\Chrome\Application\chrome.exe [2015-01-09 856904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_AB2C620475F00BACF9C9850501F65449]
C:\Program Files\Comodo\Dragon\dragon.exe [2014-11-27 725696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office14\GROOVEMN.EXE [2013-03-06 945856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudDrive]
C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe [2014-10-20 43816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices]
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [2014-10-17 43816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2014-10-14 720064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyDrive]
C:\Users\fr\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [2014-12-29 277672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd]
C:\Windows\vsnpstd.exe [2005-10-11 339968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Aktualizovat ESET licenci.lnk]
C:\PROGRA~1\ESET\MINODL~1\MiNODLogin.exe [2012-03-09 74240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^fr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft SharePoint Workspace.lnk]
C:\PROGRA~1\MICROS~1\Office14\GROOVE.EXE [2013-12-19 30814400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^fr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Odeslat do OneNote.lnk]
C:\PROGRA~1\Microsoft Office 15\root\office15\ONENOTEM.EXE [2014-09-28 195240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^fr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk]
C:\PROGRA~1\MICROS~1\Office14\ONENOTEM.EXE [2013-06-25 228552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
EldosMountNotificator-cbfs5 - {9A4B9CD5-F271-4116-A62B-851CA50B49D1} - C:\Windows\system32\cbfsMntNtf5.dll [2013-11-25 157480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Virtual Storage Mount Notification - {9A4B9CD5-F271-4116-A62B-851CA50B49D1} - C:\Windows\system32\cbfsMntNtf5.dll [2013-11-25 157480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
"{3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE}"=C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [2008-10-27 693744]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"EnableShellExecuteHooks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"VIDC.ACDV"=ACDV.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-01-24 10:34:45 ----D---- C:\Windows\pss
2015-01-24 07:17:57 ----D---- C:\ProgramData\AutoKMS
2015-01-24 07:12:46 ----D---- C:\AdwCleaner
2015-01-23 18:30:41 ----D---- C:\rsit
2015-01-23 17:46:33 ----D---- C:\Program Files\trend micro
2015-01-23 15:29:57 ----HD---- C:\OneDriveTemp
2015-01-22 08:47:49 ----D---- C:\Program Files\CCleaner
2015-01-22 07:34:13 ----D---- C:\1
2015-01-14 06:54:00 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-14 06:54:00 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-01-14 06:53:30 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 06:53:29 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 06:53:27 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 06:53:26 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-10 11:11:05 ----A---- C:\Windows\SNVerifyDLL.dll
2015-01-10 11:11:05 ----A---- C:\Windows\AquaReal.scr
2015-01-10 11:11:04 ----D---- C:\Program Files\Formosoft
2015-01-10 11:10:15 ----D---- C:\Program Files\Common Files\InstallShield
2015-01-10 11:09:24 ----D---- C:\Program Files\SereneScreen
2015-01-10 11:07:56 ----D---- C:\Program Files\Prolific Publishing, Inc
2015-01-10 11:06:17 ----D---- C:\Users\fr\AppData\Roaming\Marine Aquarium 3
2015-01-06 14:09:55 ----D---- C:\Users\fr\AppData\Roaming\GPSoftware
2015-01-06 14:05:28 ----D---- C:\ProgramData\GPSoftware
2015-01-06 14:05:26 ----D---- C:\Program Files\GPSoftware
2015-01-06 13:39:24 ----D---- C:\Zvonění
2015-01-06 10:22:44 ----D---- C:\Users\fr\AppData\Roaming\MOBILedit
2015-01-06 10:13:59 ----D---- C:\Program Files\MOBILedit!
2014-12-25 10:51:45 ----D---- C:\Users\fr\AppData\Roaming\ACD Systems
2014-12-25 10:49:44 ----D---- C:\ProgramData\ACD Systems
2014-12-25 10:49:29 ----D---- C:\Program Files\Common Files\ACD Systems
2014-12-25 10:49:29 ----D---- C:\Program Files\ACD Systems
2014-12-25 10:21:37 ----D---- C:\IrfanView
2014-12-25 10:10:54 ----D---- C:\Users\fr\AppData\Roaming\Anthropics
2014-12-25 10:08:16 ----D---- C:\Program Files\Portrait Professional Studio 9
2014-12-25 08:51:46 ----D---- C:\Vylepší fotku

======List of files/folders modified in the last 1 month======

2015-01-24 11:42:27 ----D---- C:\Windows\Temp
2015-01-24 11:38:03 ----D---- C:\Windows\Prefetch
2015-01-24 11:37:00 ----D---- C:\Windows\system32\config
2015-01-24 11:35:48 ----D---- C:\Windows\system32\drivers
2015-01-24 10:34:45 ----D---- C:\Windows
2015-01-24 07:17:57 ----HD---- C:\ProgramData
2015-01-24 07:16:08 ----D---- C:\Windows\Tasks
2015-01-24 07:16:07 ----D---- C:\Windows\system32\Tasks
2015-01-24 07:15:32 ----RD---- C:\Program Files
2015-01-24 07:11:33 ----D---- C:\Staženbo
2015-01-24 07:01:49 ----SHD---- C:\System Volume Information
2015-01-23 07:34:43 ----D---- C:\Windows\System32
2015-01-23 07:34:28 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-01-22 15:11:41 ----D---- C:\Windows\inf
2015-01-22 08:51:28 ----D---- C:\Windows\Panther
2015-01-22 08:51:23 ----D---- C:\Windows\Logs
2015-01-22 08:51:22 ----D---- C:\Windows\debug
2015-01-21 13:15:21 ----D---- C:\Windows\system32\appmgmt
2015-01-18 17:51:35 ----SHD---- C:\Windows\Installer
2015-01-17 16:04:20 ----D---- C:\6
2015-01-15 06:40:27 ----D---- C:\Windows\winsxs
2015-01-14 17:39:28 ----D---- C:\Windows\system32\MRT
2015-01-14 17:31:51 ----A---- C:\Windows\system32\MRT.exe
2015-01-14 13:58:57 ----D---- C:\2
2015-01-10 11:17:15 ----AD---- C:\ProgramData\TEMP
2015-01-10 11:11:03 ----HD---- C:\Program Files\InstallShield Installation Information
2015-01-10 11:10:15 ----D---- C:\Program Files\Common Files
2015-01-10 10:43:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-06 10:19:12 ----D---- C:\Windows\system32\DriverStore
2015-01-06 10:17:38 ----D---- C:\Program Files\Compiled Driver Disk (Nokia)
2015-01-06 10:17:37 ----D---- C:\Program Files\Phone Drivers Downloader
2015-01-06 04:36:02 ----N---- C:\Windows\system32\MpSigStub.exe
2015-01-05 19:52:35 ----SD---- C:\Users\fr\AppData\Roaming\Microsoft
2014-12-29 11:15:49 ----D---- C:\3
2014-12-27 06:36:44 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-12-25 10:52:28 ----D---- C:\ProgramData\Installations
2014-12-25 10:27:28 ----D---- C:\Users\fr\AppData\Roaming\Identities

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 49240]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-06-28 436792]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 cbfs5;cbfs5; \??\C:\Windows\system32\drivers\cbfs5.sys [2013-11-25 346688]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 188808]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 134248]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 37416]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 174400]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x86.sys [2009-10-13 49152]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 a0endsr3;a0endsr3; C:\Windows\system32\drivers\a0endsr3.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 49856]
S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-07-29 25112]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 snpstd;Trust Webcam 14823; C:\Windows\system32\DRIVERS\snpstd.sys [2006-05-03 390784]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2015-01-24 13464]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2013-03-18 45056]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2014-11-11 1679536]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2014-11-27 2370240]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2013-09-12 1337752]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 1713904]
S2 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-23 267440]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-25 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-12-01 654848]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-25 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 102912]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 540968]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-22 114288]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-09-12 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2014-09-12 4846168]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-11-24 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files\Skype\Toolbars
C:\Windows\tasks\BOHYODIQ.job
C:\Users\fr\AppData\Roaming\BOHYODIQ.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf8f667f06706.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf2e03625ecb23.job
C:\Windows\tasks\SIR.job
C:\Users\fr\AppData\Roaming\SIR.exe
C:\PROGRA~1\ESET\MINODL~1\MiNODLogin.exe
C:\ProgramData\AutoKMS

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Aktualizovat ESET licenci.lnk]

:services
c2cautoupdatesvc
c2cpnrsvc

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by fr at 2015-01-24 12:57:07
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 38 GB (38%) free of 100 GB
Total RAM: 2047 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:57:14, on 24.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\SlimDrivers\SlimDrivers.exe
C:\Windows\notepad.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\totalcmd\TOTALCMD.EXE
C:\Users\fr\Desktop\RSIT.exe
C:\Program Files\trend micro\fr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_AB2C620475F00BACF9C9850501F65449] "C:\Program Files\Comodo\Dragon\dragon.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [HlidacKatastru] C:\Program Files\Hlídač katastru\DRM.WinKlient.exe -h (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [HlidacKatastru] C:\Program Files\Hlídač katastru\DRM.WinKlient.exe -h (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Přidat do stávajícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O21 - SSODL: EldosMountNotificator-cbfs5 - {9A4B9CD5-F271-4116-A62B-851CA50B49D1} - C:\Windows\system32\cbfsMntNtf5.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {9A4B9CD5-F271-4116-A62B-851CA50B49D1} - C:\Windows\system32\cbfsMntNtf5.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo Security Solutions, Inc. - C:\Program Files\Comodo\Dragon\dragon_updater.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 10638 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\SlimDrivers Startup.job - C:\Program Files\SlimDrivers\SlimDrivers.exe -boot

=========Mozilla firefox=========

ProfilePath - C:\Users\fr\AppData\Roaming\Mozilla\Firefox\Profiles\vas3qjow.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.257 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_257.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll


C:\Users\fr\AppData\Roaming\Mozilla\Firefox\Profiles\vas3qjow.default\extensions\
5effxtbr@TranslationBuddy_5e.com
staged

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23 72336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-11-12 710864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5110672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_AB2C620475F00BACF9C9850501F65449"=C:\Program Files\Comodo\Dragon\dragon.exe [2014-11-27 725696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApplePhotoStreams]
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2014-11-21 43816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner.exe [2014-11-21 5282584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Detector]
DevDetect.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Directory Opus Desktop Dblclk]
C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe [2008-10-27 275952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_8AA4BD0D899485AE602DD3FB27B21FD4]
C:\Program Files\Google\Chrome\Application\chrome.exe [2015-01-09 856904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_AB2C620475F00BACF9C9850501F65449]
C:\Program Files\Comodo\Dragon\dragon.exe [2014-11-27 725696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office14\GROOVEMN.EXE [2013-03-06 945856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudDrive]
C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe [2014-10-20 43816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices]
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [2014-10-17 43816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2014-10-14 720064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyDrive]
C:\Users\fr\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [2014-12-29 277672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd]
C:\Windows\vsnpstd.exe [2005-10-11 339968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^fr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft SharePoint Workspace.lnk]
C:\PROGRA~1\MICROS~1\Office14\GROOVE.EXE [2013-12-19 30814400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^fr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Odeslat do OneNote.lnk]
C:\PROGRA~1\Microsoft Office 15\root\office15\ONENOTEM.EXE [2014-09-28 195240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^fr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk]
C:\PROGRA~1\MICROS~1\Office14\ONENOTEM.EXE [2013-06-25 228552]

C:\Users\fr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
EldosMountNotificator-cbfs5 - {9A4B9CD5-F271-4116-A62B-851CA50B49D1} - C:\Windows\system32\cbfsMntNtf5.dll [2013-11-25 157480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Virtual Storage Mount Notification - {9A4B9CD5-F271-4116-A62B-851CA50B49D1} - C:\Windows\system32\cbfsMntNtf5.dll [2013-11-25 157480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
"{3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE}"=C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [2008-10-27 693744]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"EnableShellExecuteHooks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"VIDC.ACDV"=ACDV.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-01-24 12:57:07 ----D---- C:\rsit
2015-01-24 12:51:57 ----D---- C:\_OTM
2015-01-24 10:34:45 ----D---- C:\Windows\pss
2015-01-24 07:12:46 ----D---- C:\AdwCleaner
2015-01-23 17:46:33 ----D---- C:\Program Files\trend micro
2015-01-23 15:29:57 ----HD---- C:\OneDriveTemp
2015-01-22 08:47:49 ----D---- C:\Program Files\CCleaner
2015-01-22 07:34:13 ----D---- C:\1
2015-01-14 06:54:00 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-14 06:54:00 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-01-14 06:53:30 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 06:53:29 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 06:53:27 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 06:53:26 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-10 11:11:05 ----A---- C:\Windows\SNVerifyDLL.dll
2015-01-10 11:11:05 ----A---- C:\Windows\AquaReal.scr
2015-01-10 11:11:04 ----D---- C:\Program Files\Formosoft
2015-01-10 11:10:15 ----D---- C:\Program Files\Common Files\InstallShield
2015-01-10 11:09:24 ----D---- C:\Program Files\SereneScreen
2015-01-10 11:07:56 ----D---- C:\Program Files\Prolific Publishing, Inc
2015-01-10 11:06:17 ----D---- C:\Users\fr\AppData\Roaming\Marine Aquarium 3
2015-01-06 14:09:55 ----D---- C:\Users\fr\AppData\Roaming\GPSoftware
2015-01-06 14:05:28 ----D---- C:\ProgramData\GPSoftware
2015-01-06 14:05:26 ----D---- C:\Program Files\GPSoftware
2015-01-06 13:39:24 ----D---- C:\Zvonění
2015-01-06 10:22:44 ----D---- C:\Users\fr\AppData\Roaming\MOBILedit
2015-01-06 10:13:59 ----D---- C:\Program Files\MOBILedit!
2014-12-25 10:51:45 ----D---- C:\Users\fr\AppData\Roaming\ACD Systems
2014-12-25 10:49:44 ----D---- C:\ProgramData\ACD Systems
2014-12-25 10:49:29 ----D---- C:\Program Files\Common Files\ACD Systems
2014-12-25 10:49:29 ----D---- C:\Program Files\ACD Systems
2014-12-25 10:21:37 ----D---- C:\IrfanView
2014-12-25 10:10:54 ----D---- C:\Users\fr\AppData\Roaming\Anthropics
2014-12-25 10:08:16 ----D---- C:\Program Files\Portrait Professional Studio 9
2014-12-25 08:51:46 ----D---- C:\Vylepší fotku

======List of files/folders modified in the last 1 month======

2015-01-24 12:54:37 ----HD---- C:\ProgramData
2015-01-24 12:54:31 ----D---- C:\Windows\Temp
2015-01-24 12:54:21 ----D---- C:\Windows\system32\drivers
2015-01-24 12:52:50 ----D---- C:\Windows\system32\config
2015-01-24 12:52:41 ----D---- C:\Windows\Prefetch
2015-01-24 12:52:03 ----RD---- C:\Program Files\Skype
2015-01-24 12:52:03 ----D---- C:\Windows\Tasks
2015-01-24 12:49:50 ----D---- C:\Staženbo
2015-01-24 10:34:45 ----D---- C:\Windows
2015-01-24 07:16:07 ----D---- C:\Windows\system32\Tasks
2015-01-24 07:15:32 ----RD---- C:\Program Files
2015-01-24 07:01:49 ----SHD---- C:\System Volume Information
2015-01-23 07:34:43 ----D---- C:\Windows\System32
2015-01-23 07:34:28 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-01-22 15:11:41 ----D---- C:\Windows\inf
2015-01-22 08:51:28 ----D---- C:\Windows\Panther
2015-01-22 08:51:23 ----D---- C:\Windows\Logs
2015-01-22 08:51:22 ----D---- C:\Windows\debug
2015-01-21 13:15:21 ----D---- C:\Windows\system32\appmgmt
2015-01-18 17:51:35 ----SHD---- C:\Windows\Installer
2015-01-17 16:04:20 ----D---- C:\6
2015-01-15 06:40:27 ----D---- C:\Windows\winsxs
2015-01-14 17:39:28 ----D---- C:\Windows\system32\MRT
2015-01-14 17:31:51 ----A---- C:\Windows\system32\MRT.exe
2015-01-14 13:58:57 ----D---- C:\2
2015-01-10 11:17:15 ----AD---- C:\ProgramData\TEMP
2015-01-10 11:11:03 ----HD---- C:\Program Files\InstallShield Installation Information
2015-01-10 11:10:15 ----D---- C:\Program Files\Common Files
2015-01-10 10:43:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-06 10:19:12 ----D---- C:\Windows\system32\DriverStore
2015-01-06 10:17:38 ----D---- C:\Program Files\Compiled Driver Disk (Nokia)
2015-01-06 10:17:37 ----D---- C:\Program Files\Phone Drivers Downloader
2015-01-06 04:36:02 ----N---- C:\Windows\system32\MpSigStub.exe
2015-01-05 19:52:35 ----SD---- C:\Users\fr\AppData\Roaming\Microsoft
2014-12-29 11:15:49 ----D---- C:\3
2014-12-27 06:36:44 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-12-25 10:52:28 ----D---- C:\ProgramData\Installations
2014-12-25 10:27:28 ----D---- C:\Users\fr\AppData\Roaming\Identities

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 49240]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-06-28 436792]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 cbfs5;cbfs5; \??\C:\Windows\system32\drivers\cbfs5.sys [2013-11-25 346688]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 188808]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 134248]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 37416]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 174400]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x86.sys [2009-10-13 49152]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 adxuh566;adxuh566; C:\Windows\system32\drivers\adxuh566.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 49856]
S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-07-29 25112]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 snpstd;Trust Webcam 14823; C:\Windows\system32\DRIVERS\snpstd.sys [2006-05-03 390784]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2015-01-24 13464]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2013-03-18 45056]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2014-11-11 1679536]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2014-11-27 2370240]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2013-09-12 1337752]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 1713904]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2014-09-12 4846168]
S2 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-23 267440]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-25 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-12-01 654848]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-25 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 102912]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 540968]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-22 114288]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-09-12 150600]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-11-24 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

Dvouklikem na soubor C:\Program Files\trend micro\fr.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

Moc děkuji zatím to jde

To jsem rád. Rádo se stalo!