VIRY.CZ

Ahoj,
prosím o pomoc. V posledních dvou dnechje můj počítač silně zatížen a to i když je v naprostém klidu. Procesor jede na 80-100%. Vše je pomalé. Zkoušel jsem mbam a smazal jsem nějakou havět, ale stejně to nepomohlo. Zde je log z rsit. Prosím pomozte, jsem už zoufalej :/

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2015-01-25 14:58:04
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 180 GB (19%) free of 954 GB
Total RAM: 8159 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:58:09, on 25.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~2\Raptr\raptr.exe
C:\PROGRA~2\Raptr\raptr_im.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Petr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (file missing)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.16\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files (x86)\BitComet\tools\BitCometService.exe
O23 - Service: @C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_core.dll,-101 (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe
O23 - Service: DTSAudioService - DTS - C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Text-to-Speech system Epos (ttscp) - Unknown owner - C:\Program Files (x86)\Epos\epos-2.4.85\src\epos.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe

--
End of file - 11470 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe"
"C:\Program Files (x86)\ASUS\AAHM\1.00.16\aaHMSvc.exe"
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe"
"C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe" --type=daemon --host-config="C:\ProgramData\Google\Chrome Remote Desktop\host.json"
"C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe"
"C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe" --type=host --daemon-pipe=384
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Epos\epos-2.4.85\src\epos.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2376
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {DD20AA79-B5E1-47D4-B7BB-E6E4A6EE3D98}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {C8866BB3-46A0-4426-9A7C-5973F75B3196}
"C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe" -open
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-0d1e98b2-de01-4fb4-817f-0eb74d9168f4 -SystemEventPortName:HostProcess-e7b05b02-68d0-4b8b-b220-310a8a99f428 -IoCancelEventPortName:HostProcess-4d94244e-838d-4b60-9ff9-3cf1d9b24fae -NonStateChangingEventPortName:HostProcess-12ffe487-bf8f-483c-84fa-6e03784c21fe -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ceb7be66-7f72-4fd1-9496-c382416c555d -DeviceGroupId:WpdFsGroup
"C:\Windows\System32\schtasks.exe" /create /sc onlogon /tn Origin /rl highest /ru System /tr "C:\ProgramData\Origin\update.vbe"
\??\C:\Windows\system32\conhost.exe "-1841543265121923018312851605473475347241157565090-10230005741169281342137821691
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORDTSUPTBT
"C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe" -c
szndesktop.exe default start
"C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "-16579741735010782941150358278918495326632035701369694261-1031482467522865596
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\PROGRA~2\Raptr\raptr.exe" --log_to_file --from_stub --startup
"C:\Windows\temp\svchost.exe" -a cryptonight -o stratum+tcp://pool.cryptmonero.com:1001 -u 47mfwjL8L95HJUj6iXUmdUe3K63brRcxrWKqeiPVLKosjYPQdfzqWFFStjL2mtEzNsX1fisa4W1SwZLHsiZPWdFe5UpBF7s -p x
\??\C:\Windows\system32\conhost.exe "-2039013634-746161506-1682955428316939886184218332-1078852046-126815836699294374
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Windows\temp\lsass.exe" -a cryptonight -o stratum+tcp://pool.cryptmonero.com:1001 -u 43s6t7KoCXtaBZ48bL5sPDhTEs6FG9FA8RCGkqC5xzkCATVAYzSmykD67mSXkejwnSQ552bjF5DsCCunopJPwAUZEkphFBZ -p x -li 1 -wd 1 -r -1
\??\C:\Windows\system32\conhost.exe "1619115844-386635546-177478759282247482020540704-594446901-477817413774575494
raptr_im.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Raptr\raptr_ep64.exe"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2336.0.1399502028\856106239" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17,38 --gpu-vendor-id=0x1002 --gpu-device-id=0x6719 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=14.501.1003.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group11 pct:1b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_85/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2336.3.900246622\974668547" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group11 pct:1b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_85/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2336.4.1190607244\109754672" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group11 pct:1b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_85/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2336.7.770244499\1113736365" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
"C:\Users\Petr\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\ROC_REG_JAN_DELETE.job - C:\ProgramData\AVG January 2013 Campaign\ROC.exe /DELETE_FROM_SYSTEM=1

=========Mozilla firefox=========

ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\01jqvitu.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.287 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.104.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.118.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.3.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.287 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\01jqvitu.default\extensions\
{AF445D67-154C-4c69-A17B-7F392BCC36A3}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-02-10 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-02-10 210856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-05-07 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-05-07 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-12-12 7560296]
"RtHDVBg_DTS"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-11-15 2277992]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui]
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe /gui []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hoolapp Android]
C:\Users\Petr\AppData\Roaming\HOOLAP~1\Hoolapp.exe /Minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HydraVisionDesktopManager]
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
~C:\Program Files (x86)\ICQ7.7\ICQ.exe silent loginmode=4 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-03-27 421736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
C:\PROGRA~2\Raptr\raptrstub.exe [2014-12-08 55568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyComputer]
C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray]
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe]
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelperSetup.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk]
C:\Users\Petr\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk]
C:\PROGRA~2\Xfire\Xfire.exe [2006-02-15 3631752]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-05-07 256896]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-11-20 767176]
"Raptr"=C:\PROGRA~2\Raptr\raptrstub.exe [2014-12-08 55568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-01-25 14:58:04 ----D---- C:\rsit
2015-01-25 14:58:04 ----D---- C:\Program Files\trend micro
2015-01-25 14:53:21 ----ASH---- C:\hiberfil.sys
2015-01-25 14:27:15 ----D---- C:\FRST
2015-01-24 14:53:42 ----D---- C:\Windows\temp
2015-01-24 14:49:06 ----SHD---- C:\$RECYCLE.BIN
2015-01-24 14:29:08 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-01-24 14:28:40 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-24 14:28:40 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-01-24 14:28:40 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-01-22 19:09:11 ----D---- C:\UCTO2015
2015-01-17 14:55:12 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-01-14 11:35:49 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 11:35:27 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-14 11:35:27 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-14 11:35:27 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 11:35:27 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-14 11:35:26 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 11:35:25 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-01-14 11:35:25 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-01-14 11:35:25 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-01-14 11:35:25 ----A---- C:\Windows\system32\srcore.dll
2015-01-14 11:35:25 ----A---- C:\Windows\system32\srclient.dll
2015-01-14 11:35:25 ----A---- C:\Windows\system32\rstrui.exe
2015-01-14 11:35:25 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-01 17:44:54 ----A---- C:\Windows\SYSWOW64\nwsftUninstall.exe
2014-12-26 10:39:10 ----D---- C:\ProgramData\ATI
2014-12-26 10:38:22 ----D---- C:\Users\Petr\AppData\Roaming\Raptr
2014-12-26 10:38:22 ----D---- C:\Program Files (x86)\Raptr
2014-12-26 10:38:19 ----D---- C:\Program Files (x86)\AMD AVT
2014-12-26 10:37:24 ----D---- C:\Program Files (x86)\AMD

======List of files/folders modified in the last 1 month======

2015-01-25 14:58:09 ----D---- C:\Windows\Prefetch
2015-01-25 14:58:04 ----RD---- C:\Program Files
2015-01-25 14:56:50 ----D---- C:\Windows\system32\config
2015-01-25 14:53:19 ----SHD---- C:\Windows\Installer
2015-01-25 14:53:18 ----D---- C:\Windows\system32\drivers
2015-01-25 14:50:55 ----D---- C:\Windows\system32\Tasks
2015-01-25 14:50:53 ----D---- C:\ProgramData
2015-01-25 14:50:50 ----D---- C:\Program Files (x86)
2015-01-25 14:31:04 ----D---- C:\Windows
2015-01-25 14:25:16 ----D---- C:\Users\Petr\AppData\Roaming\Seznam.cz
2015-01-25 14:24:51 ----D---- C:\Windows\System32
2015-01-25 14:24:51 ----D---- C:\Windows\inf
2015-01-25 14:24:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-25 13:56:35 ----D---- C:\Windows\Microsoft.NET
2015-01-25 12:23:54 ----D---- C:\Config.Msi
2015-01-25 12:23:52 ----D---- C:\Windows\registration
2015-01-24 23:28:11 ----D---- C:\Windows\SysWOW64
2015-01-24 23:28:11 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-01-24 23:26:05 ----SHD---- C:\System Volume Information
2015-01-24 23:25:32 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2015-01-24 20:05:40 ----D---- C:\Users\Petr\AppData\Roaming\BitComet
2015-01-24 16:51:38 ----D---- C:\Downloads
2015-01-24 14:53:43 ----D---- C:\Qoobox
2015-01-24 14:52:57 ----D---- C:\Windows\Tasks
2015-01-24 14:49:06 ----A---- C:\Windows\system.ini
2015-01-24 14:49:01 ----D---- C:\Windows\system32\drivers\etc
2015-01-24 14:47:15 ----D---- C:\Windows\erdnt
2015-01-24 14:45:05 ----D---- C:\Windows\SYSWOW64\drivers
2015-01-24 14:45:05 ----D---- C:\Windows\AppPatch
2015-01-24 14:45:05 ----D---- C:\Program Files (x86)\Common Files
2015-01-24 14:36:30 ----D---- C:\Windows\Globalization
2015-01-24 14:36:30 ----D---- C:\Program Files (x86)\Resident Evil 6
2015-01-24 14:28:42 ----D---- C:\Users\Petr\AppData\Roaming\Malwarebytes
2015-01-24 14:28:40 ----D---- C:\ProgramData\Malwarebytes
2015-01-23 18:16:06 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-21 00:50:14 ----D---- C:\Windows\system32\catroot2
2015-01-18 10:58:18 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-15 12:42:04 ----D---- C:\ProgramData\Origin
2015-01-15 12:39:51 ----D---- C:\Windows\winsxs
2015-01-15 01:43:12 ----D---- C:\Windows\system32\MRT
2015-01-15 01:39:22 ----A---- C:\Windows\system32\MRT.exe
2015-01-14 11:35:09 ----D---- C:\Windows\system32\catroot
2015-01-10 12:10:24 ----D---- C:\Program Files (x86)\Google
2015-01-06 04:36:02 ----N---- C:\Windows\system32\MpSigStub.exe
2015-01-04 19:03:06 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2014-12-30 15:00:00 ----D---- C:\filmy
2014-12-26 10:38:19 ----D---- C:\ProgramData\AMD
2014-12-26 10:35:52 ----D---- C:\Windows\system32\DriverStore
2014-12-26 10:35:27 ----D---- C:\Program Files\AMD
2014-12-26 10:34:11 ----D---- C:\AMD

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mv91xx;mv91xx; C:\Windows\system32\drivers\mv91xx.sys [2010-11-22 303408]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-02-09 564824]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2010-08-24 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2010-08-03 14464]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-06-29 279616]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2014-08-11 231376]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2011-09-21 21992]
R2 iocbios2;iocbios2; \??\C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [2014-02-18 28912]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-11-21 589312]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2010-12-08 122856]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2010-12-08 369640]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2014-06-21 94720]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\Windows\system32\DRIVERS\ICCWDT.sys [2013-08-13 27608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-12-13 4718952]
R3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 30208]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-11-21 25816]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 ScreamBAudioSvc;ScreamBee Audio; C:\Windows\system32\drivers\ScreamingBAudio64.sys [2010-07-01 38992]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys []
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys []
S3 AthDfu;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-10-27 55336]
S3 ATITool;ATITool Overclocking Utility; C:\Windows\system32\DRIVERS\ATITool64.sys [2006-11-10 30720]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys []
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys []
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys []
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys []
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2014-06-13 25640]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-11-21 63704]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2014-01-22 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-02-15 52736]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-11-21 244736]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-02-26 55144]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [2011-10-29 918448]
R2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.16\aaHMSvc.exe [2011-08-09 947328]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2010-10-21 586880]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
R2 DTSAudioService;DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [2011-05-31 210024]
R2 chromoting;@C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_core.dll,-101; C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe [2014-12-15 56648]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-10-31 76888]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 ttscp;Text-to-Speech system Epos; C:\Program Files (x86)\Epos\epos-2.4.85\src\epos.exe [2010-02-09 384000]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-21 969016]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-23 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-03-01 130976]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-03-27 934760]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-17 114800]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-09-23 833728]
S3 SwitchBoard;Adobe SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-06-27 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

Zdravim

Hned na zacatek si vrtnu... Nesmazal jste si (neodbornym) pouzitim ComboFixu UCTO? Coz je pro Vas pravdepodobne vetsi trest nez poruseni licencnich podminek a poruseni pravidel tohoto fora. Kouknem na to.

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Clean
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

Ne nesmazal, stále funguje, ale já to stejně nepoužívám, jen jsem chtěl ukázat sestře něco podobného jak bude v mít v práci. Jedná se o demoverzi, která je volně ke stažení, nechápu tedy co jsem porušil?
Jinak tady je log z adwcleaner:

# AdwCleaner v4.109 - Report created 25/01/2015 at 16:07:04
# Updated 24/01/2015 by Xplode
# Database : 2015-01-25.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Petr - PETR-PC
# Running from : C:\Users\Petr\Downloads\adwcleaner_4.109.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

-\\ Mozilla Firefox v35.0 (x86 cs)

-\\ Google Chrome v39.0.2171.95

-\\ Chromium v

*************************

AdwCleaner[R0].txt - [17054 octets] - [25/01/2015 14:48:58]
AdwCleaner[R1].txt - [1127 octets] - [25/01/2015 16:05:08]
AdwCleaner[S0].txt - [16067 octets] - [25/01/2015 14:50:45]
AdwCleaner[S1].txt - [1053 octets] - [25/01/2015 16:07:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1113 octets] ##########

ok, co jste porusil pokud byl CF spusten bez dozoru zkusene osoby...

licencni ujednani viz zkusena osoba http://www.bleepingcomputer.com/combofi ... t-combofix
Obrázek

dale pravidla fora viz bod 3 http://forum.viry.cz/viewtopic.php?f=12&t=5601

Pravidla fora píše:3. Zvláště utilitu ComboFix nespouštějte i když Vám ji poradil kamarád či nějaký rádoby odborný web. Naše fórum je jediné z CZ\SK antivirových fór, které má právo luštit logy z ComboFixu a máme též plnou podporu autora této utility a přístup k nejaktuálnějším informacím a návodům.

no a pro me to nejdulezitejsi - CF maze spoustu veci, ktere ani v logu neuvede, takze log z RSIT/FRST ma po jeho pouziti vypovidaci hodnotu nula nula nic... uvidime, zda tu havet jeste vypatrame

log z pouziti CF mate? vlozte kdyztak jeho obsah

dejte novy log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

Aha, no jako ono většinou mi to pomohlo. Ale tentokrát nic nefunguje :/ PC stále běží skoro na 100%.
Tady je log ze včerejšího combofixu:

ComboFix 15-01-22.02 - Petr 24.01.2015 14:40:24.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8159.5432 [GMT 1:00]
Spuštěný z: c:\users\Petr\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\17270394964713347761
c:\programdata\17270394964713347761\cd5b15e575e1c3d01c0bdaadcd8280d6.ini
c:\users\mamka\AppData\Roaming\Mozilla\Firefox\Profiles\4i198ni3.default\extensions\staged\bPgS5@BQIeQ.net
c:\users\mamka\AppData\Roaming\Mozilla\Firefox\Profiles\4i198ni3.default\extensions\staged\bPgS5@BQIeQ.net\bootstrap.js
c:\users\mamka\AppData\Roaming\Mozilla\Firefox\Profiles\4i198ni3.default\extensions\staged\bPgS5@BQIeQ.net\content\bg.js
c:\users\mamka\AppData\Roaming\Mozilla\Firefox\Profiles\4i198ni3.default\extensions\staged\bPgS5@BQIeQ.net\chrome.manifest
c:\users\mamka\AppData\Roaming\Mozilla\Firefox\Profiles\4i198ni3.default\extensions\staged\bPgS5@BQIeQ.net\install.rdf
c:\users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\01jqvitu.default\extensions\bPgS5@BQIeQ.net
c:\users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\01jqvitu.default\extensions\bPgS5@BQIeQ.net\bootstrap.js
c:\users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\01jqvitu.default\extensions\bPgS5@BQIeQ.net\content\bg.js
c:\users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\01jqvitu.default\extensions\bPgS5@BQIeQ.net\chrome.manifest
c:\users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\01jqvitu.default\extensions\bPgS5@BQIeQ.net\install.rdf
c:\windows\msdownld.tmp
c:\windows\Temp\lsass.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NEWDRIVER
-------\Service_globalUpdate
-------\Service_NEWDRIVER
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-12-24 do 2015-01-24 )))))))))))))))))))))))))))))))
.
.
2015-01-24 13:47 . 2015-01-24 13:47 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-01-24 13:47 . 2015-01-24 13:47 -------- d-----w- c:\users\mamka\AppData\Local\temp
2015-01-24 13:47 . 2015-01-24 13:47 -------- d-----w- c:\users\Mama\AppData\Local\temp
2015-01-24 13:47 . 2015-01-24 13:47 -------- d-----w- c:\users\Guest\AppData\Local\temp
2015-01-24 13:47 . 2015-01-24 13:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-24 13:29 . 2015-01-24 13:48 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-24 13:28 . 2015-01-24 13:28 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-01-24 13:28 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-01-24 13:28 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-01-23 10:43 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{96509EF8-DEC5-4727-8E0F-489E0D683CA3}\mpengine.dll
2015-01-22 18:09 . 2015-01-22 18:10 -------- d-----w- C:\UCTO2015
2015-01-08 11:25 . 2015-01-24 13:36 -------- d-----w- c:\program files (x86)\uuniisoales
2015-01-08 11:25 . 2015-01-08 11:25 -------- d-----w- c:\programdata\ihmngagjendklnocgmbglilknjjakmmb
2015-01-03 12:41 . 2015-01-03 12:41 -------- d-sh--w- c:\users\Petr\AppData\Local\EmieBrowserModeList
2015-01-01 16:44 . 2015-01-01 16:44 40960 ----a-w- c:\windows\SysWow64\nwsftUninstall.exe
2014-12-26 09:39 . 2014-12-26 09:39 -------- d-----w- c:\programdata\ATI
2014-12-26 09:38 . 2015-01-24 12:59 -------- d-----w- c:\users\Petr\AppData\Roaming\Raptr
2014-12-26 09:38 . 2014-12-26 09:39 -------- d-----w- c:\program files (x86)\Raptr
2014-12-26 09:38 . 2014-12-26 09:38 -------- d-----w- c:\program files (x86)\AMD AVT
2014-12-26 09:37 . 2014-12-26 09:37 -------- d-----w- c:\program files (x86)\AMD
2014-12-25 20:02 . 2014-12-25 20:02 -------- d-----w- c:\users\Petr\AppData\Roaming\mkvtoolnix
2014-12-25 20:01 . 2014-12-25 20:02 -------- d-----w- c:\program files (x86)\MKVToolNix
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-23 20:27 . 2014-07-21 18:40 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2015-01-23 17:16 . 2012-09-03 12:26 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-23 17:16 . 2012-09-03 12:26 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-15 00:39 . 2012-06-28 07:51 113365784 ----a-w- c:\windows\system32\MRT.exe
2015-01-06 03:36 . 2010-11-21 03:27 298120 ------w- c:\windows\system32\MpSigStub.exe
2014-12-13 05:09 . 2014-12-18 10:25 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-13 03:33 . 2014-12-18 10:25 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-04 02:50 . 2014-12-11 11:16 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-04 02:50 . 2014-12-11 11:16 741376 ----a-w- c:\windows\system32\invagent.dll
2014-12-04 02:50 . 2014-12-11 11:16 396800 ----a-w- c:\windows\system32\devinv.dll
2014-12-04 02:50 . 2014-12-11 11:16 830976 ----a-w- c:\windows\system32\appraiser.dll
2014-12-04 02:50 . 2014-12-11 11:16 192000 ----a-w- c:\windows\system32\aepic.dll
2014-12-04 02:50 . 2014-12-11 11:16 227328 ----a-w- c:\windows\system32\aepdu.dll
2014-12-04 02:44 . 2014-12-11 11:16 1083392 ----a-w- c:\windows\system32\aeinv.dll
2014-12-01 23:28 . 2014-12-11 11:16 1232040 ----a-w- c:\windows\system32\aitstatic.exe
2014-11-27 01:43 . 2014-12-11 11:15 389296 ----a-w- c:\windows\system32\iedkcs32.dll
2014-11-22 03:13 . 2014-12-11 11:15 25059840 ----a-w- c:\windows\system32\mshtml.dll
2014-11-22 03:06 . 2014-12-11 11:15 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-22 03:06 . 2014-12-11 11:15 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:50 . 2014-12-11 11:15 66560 ----a-w- c:\windows\system32\iesetup.dll
2014-11-22 02:50 . 2014-12-11 11:15 580096 ----a-w- c:\windows\system32\vbscript.dll
2014-11-22 02:49 . 2014-12-11 11:15 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:49 . 2014-12-11 11:15 2885120 ----a-w- c:\windows\system32\iertutil.dll
2014-11-22 02:48 . 2014-12-11 11:15 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-22 02:41 . 2014-12-11 11:15 54784 ----a-w- c:\windows\system32\jsproxy.dll
2014-11-22 02:40 . 2014-12-11 11:15 34304 ----a-w- c:\windows\system32\iernonce.dll
2014-11-22 02:37 . 2014-12-11 11:15 633856 ----a-w- c:\windows\system32\ieui.dll
2014-11-22 02:35 . 2014-12-11 11:15 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-22 02:34 . 2014-12-11 11:15 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-22 02:34 . 2014-12-11 11:15 6039552 ----a-w- c:\windows\system32\jscript9.dll
2014-11-22 02:26 . 2014-12-11 11:15 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 02:22 . 2014-12-11 11:15 490496 ----a-w- c:\windows\system32\dxtmsft.dll
2014-11-22 02:20 . 2014-12-11 11:15 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-11-22 02:14 . 2014-12-11 11:15 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 02:09 . 2014-12-11 11:15 199680 ----a-w- c:\windows\system32\msrating.dll
2014-11-22 02:08 . 2014-12-11 11:15 92160 ----a-w- c:\windows\system32\mshtmled.dll
2014-11-22 02:07 . 2014-12-11 11:15 501248 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-11-22 02:07 . 2014-12-11 11:15 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-11-22 02:06 . 2014-12-11 11:15 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-11 11:15 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-11-22 02:05 . 2014-12-11 11:15 316928 ----a-w- c:\windows\system32\dxtrans.dll
2014-11-22 01:54 . 2014-12-11 11:15 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-11-22 01:49 . 2014-12-11 11:15 718848 ----a-w- c:\windows\system32\ie4uinit.exe
2014-11-22 01:49 . 2014-12-11 11:15 800768 ----a-w- c:\windows\system32\msfeeds.dll
2014-11-22 01:47 . 2014-12-11 11:15 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:46 . 2014-12-11 11:15 2125312 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-22 01:43 . 2014-12-11 11:15 14412800 ----a-w- c:\windows\system32\ieframe.dll
2014-11-22 01:40 . 2014-12-11 11:15 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-11 11:15 4299264 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-11-22 01:28 . 2014-12-11 11:15 2358272 ----a-w- c:\windows\system32\wininet.dll
2014-11-22 01:22 . 2014-12-11 11:15 2052096 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-11-22 01:21 . 2014-12-11 11:15 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:15 . 2014-12-11 11:15 1548288 ----a-w- c:\windows\system32\urlmon.dll
2014-11-22 01:03 . 2014-12-11 11:15 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2014-11-22 01:00 . 2014-12-11 11:15 1888256 ----a-w- c:\windows\SysWow64\wininet.dll
2014-11-21 05:14 . 2012-04-29 11:24 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-21 02:44 . 2014-11-21 02:44 78432 ----a-w- c:\windows\system32\atimpc64.dll
2014-11-21 02:44 . 2014-11-21 02:44 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2014-11-21 02:44 . 2014-11-21 02:44 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2014-11-21 02:44 . 2014-11-21 02:44 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2014-11-21 02:44 . 2014-04-18 02:43 144328 ----a-w- c:\windows\system32\atiuxp64.dll
2014-11-21 02:44 . 2014-04-18 02:42 126848 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2014-11-21 02:44 . 2014-04-18 02:42 118096 ----a-w- c:\windows\system32\atiu9p64.dll
2014-11-21 02:44 . 2014-11-21 02:44 100032 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2014-11-21 02:44 . 2014-04-18 02:42 1348928 ----a-w- c:\windows\system32\aticfx64.dll
2014-11-21 02:44 . 2014-04-18 02:42 1127496 ----a-w- c:\windows\SysWow64\aticfx32.dll
2014-11-21 02:44 . 2014-04-18 02:42 11076784 ----a-w- c:\windows\system32\atidxx64.dll
2014-11-21 02:44 . 2014-04-18 02:42 9401480 ----a-w- c:\windows\SysWow64\atidxx32.dll
2014-11-21 02:43 . 2014-11-21 02:43 7558816 ----a-w- c:\windows\SysWow64\atiumdva.dll
2014-11-21 02:43 . 2014-11-21 02:43 7077776 ----a-w- c:\windows\SysWow64\atiumdag.dll
2014-11-21 02:43 . 2014-04-18 02:42 8379720 ----a-w- c:\windows\system32\atiumd6a.dll
2014-11-21 02:43 . 2014-04-18 02:42 8369408 ----a-w- c:\windows\system32\atiumd64.dll
2014-11-21 02:41 . 2014-11-21 02:41 294600 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2014-11-21 02:40 . 2014-11-21 02:40 18959360 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2014-11-21 02:33 . 2014-11-21 02:33 235008 ----a-w- c:\windows\system32\clinfo.exe
2014-11-21 02:33 . 2014-11-21 02:33 98816 ----a-w- c:\windows\system32\OpenVideo64.dll
2014-11-21 02:33 . 2014-11-21 02:33 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2014-11-21 02:33 . 2014-11-21 02:33 86528 ----a-w- c:\windows\system32\OVDecode64.dll
2014-11-21 02:33 . 2014-11-21 02:33 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll
2014-11-21 02:33 . 2014-11-21 02:33 47899136 ----a-w- c:\windows\system32\amdocl64.dll
2014-11-21 02:32 . 2014-11-21 02:32 40987136 ----a-w- c:\windows\SysWow64\amdocl.dll
2014-11-21 02:31 . 2014-11-21 02:31 65024 ----a-w- c:\windows\system32\OpenCL.dll
2014-11-21 02:31 . 2014-11-21 02:31 58880 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-11-21 02:24 . 2014-11-21 02:24 28354560 ----a-w- c:\windows\system32\atio6axx.dll
2014-11-21 02:19 . 2014-11-21 02:19 23621632 ----a-w- c:\windows\SysWow64\atioglxx.dll
2014-11-21 02:19 . 2014-11-21 02:19 49664 ----a-w- c:\windows\system32\amdmmcl6.dll
2014-11-21 02:19 . 2014-11-21 02:19 38912 ----a-w- c:\windows\SysWow64\amdmmcl.dll
2014-11-21 02:18 . 2014-11-21 02:18 127488 ----a-w- c:\windows\system32\mantle64.dll
2014-11-21 02:18 . 2014-11-21 02:18 113664 ----a-w- c:\windows\SysWow64\mantle32.dll
2014-11-21 02:18 . 2014-11-21 02:18 5837312 ----a-w- c:\windows\system32\amdmantle64.dll
2014-11-21 02:17 . 2014-11-21 02:17 367104 ----a-w- c:\windows\system32\atiapfxx.exe
2014-11-21 02:17 . 2014-11-21 02:17 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2014-11-21 02:17 . 2014-11-21 02:17 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2014-11-21 02:16 . 2014-11-21 02:16 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2014-11-21 02:16 . 2014-11-21 02:16 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2014-11-21 02:16 . 2014-11-21 02:16 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
2014-11-21 02:16 . 2014-11-21 02:16 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2014-11-21 02:15 . 2014-11-21 02:15 4590592 ----a-w- c:\windows\SysWow64\amdmantle32.dll
2014-11-21 02:13 . 2014-11-21 02:13 91648 ----a-w- c:\windows\system32\mantleaxl64.dll
2014-11-21 02:13 . 2014-11-21 02:13 85504 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D27FC31C-6E3D-4305-8D53-ACDAEFA5F862}]
2011-08-21 09:53 139768 ----a-w- c:\users\Petr\AppData\Roaming\ComplitlyEngine\ComplitlyEngine.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"="c:\users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Petr\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
"FixMyRegistry"="c:\program files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe" [2014-05-26 1886840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-10-26 375000]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-11-20 767176]
"Raptr"="c:\progra~2\Raptr\raptrstub.exe" [2014-12-08 55568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 AthDfu;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files (x86)\BitComet\tools\BitCometService.exe;c:\program files (x86)\BitComet\tools\BitCometService.exe [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 globalUpdatem;globalUpdate Update Service (globalUpdatem);c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe;c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssudserd.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 mv91xx;mv91xx;c:\windows\system32\drivers\mv91xx.sys;c:\windows\SYSNATIVE\drivers\mv91xx.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.16\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.16\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [x]
S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [x]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys;c:\windows\SYSNATIVE\drivers\cpuz135_x64.sys [x]
S2 DTSAudioService;DTSAudioService;c:\program files\Realtek\Audio\HDA\DTSAudioService64.exe;c:\program files\Realtek\Audio\HDA\DTSAudioService64.exe [x]
S2 chromoting;Služba Vzdálené plochy Chrome;c:\program files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe;c:\program files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe [x]
S2 iocbios2;iocbios2;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 ttscp;Text-to-Speech system Epos;c:\program files (x86)\Epos\epos-2.4.85\src\epos.exe;c:\program files (x86)\Epos\epos-2.4.85\src\epos.exe [x]
S2 XTU3SERVICE;Intel(R) Extreme Tuning Utility Service;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
*Deregistered* - AVGIDSDriver
*Deregistered* - AVGIDSFilter
*Deregistered* - AVGIDSHA
*Deregistered* - Avgrkx64
*Deregistered* - Avgtdia
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-10 11:10 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-01-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-03 17:16]
.
2015-01-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-17 14:10]
.
2015-01-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-17 14:10]
.
2013-01-19 c:\windows\Tasks\ROC_REG_JAN_DELETE.job
- c:\programdata\AVG January 2013 Campaign\ROC.exe [2013-01-18 16:07]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-12-12 7560296]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 2277992]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://search.searchcompletion.com?si=10195&bs=true&q=
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/?clid=13415
mDefault_Search_URL = hxxp://search.searchcompletion.com?si=10195&bs=true&q=
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://search.searchcompletion.com?si=10195&bs=true&q=
mSearch Bar = hxxp://search.searchcompletion.com?si=10195&bs=true&q=
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Search the Web - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\01jqvitu.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-Friendly-Strike2 - c:\friendly-strike2\Uninstal.exe
AddRemove-PunkBusterSvc - c:\program files (x86)\Origin Games\Battlefield 4\pbsvc.exe
AddRemove-SolveigMM AVI Trimmer_is1 - c:\program files (x86)\Solveig Multimedia\SolveigMM AVI Trimmer\unins000.exe
AddRemove-Torntv V9.0 - c:\program files (x86)\Torntv V9.0\Uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1555331033-2767668753-408418418-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:77,1a,d6,bd,69,83,ea,2b,4f,c8,fd,f2,4d,89,e2,ed,ba,06,dd,bd,aa,95,24,
a4,5c,ff,01,09,2b,03,15,f5,99,4c,cf,4a,6c,da,f3,ee,49,cc,74,6c,ac,42,6a,e1,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
.
[HKEY_USERS\S-1-5-21-1555331033-2767668753-408418418-1000\Software\SecuROM\License information*]
"datasecu"=hex:d7,c2,f6,76,a9,2f,f4,2f,6e,b4,3b,8a,45,ac,0f,9f,bc,ee,71,71,28,
d5,17,dd,45,0c,36,f0,e2,89,fb,16,bc,8f,e9,14,e0,b9,ba,0a,60,6a,e5,09,f4,fa,\
"rkeysecu"=hex:c1,bb,eb,ee,5b,28,3a,86,48,82,04,de,61,13,00,20
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe
c:\program files (x86)\ASUS\AI Suite II\AsRoutineController.exe
c:\program files (x86)\ASUS\AI Suite II\AI Suite II.exe
c:\program files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
.
**************************************************************************
.
Celkový čas: 2015-01-24 14:53:40 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-01-24 13:53
ComboFix2.txt 2013-10-17 16:29
.
Před spuštěním: Volných bajtů: 197 076 025 344
Po spuštění: Volných bajtů: 191 865 741 312
.
- - End Of File - - AB69256B56A12BE2CB87F2938EE92DA3
A36C5E4F47E84449FF07ED3517B43A31

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by Petr (administrator) on PETR-PC on 25-01-2015 16:43:32
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available profiles: Petr & mamka & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.16\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
() C:\Program Files (x86)\Epos\epos-2.4.85\src\epos.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
() C:\Windows\temp\svchost.exe
() C:\Windows\temp\lsass.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7560296 2011-12-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-12-08] (Raptr, Inc)
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-1555331033-2767668753-408418418-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1555331033-2767668753-408418418-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-1555331033-2767668753-408418418-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1555331033-2767668753-408418418-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1555331033-2767668753-408418418-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1555331033-2767668753-408418418-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-1555331033-2767668753-408418418-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
URLSearchHook: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll No File
URLSearchHook: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 -> {25CB3655-AC61-47A0-ABEA-ABC9FF80932E} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
SearchScopes: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 -> {53F6F216-9777-4205-821E-4F8021B1C5F8} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 -> {68AA5AA0-19C9-4740-BF1B-BD68BD612476} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 -> {6C568E25-C27E-4e95-8DE9-44DEE0B134B7} URL = http://uk.search.yahoo.com/search?p={se ... &type=EGMB
SearchScopes: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 -> {7806CE4E-4065-40BE-817F-6C9FFF6E5EE8} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 -> {9E3FA814-5018-40A9-AF94-8234DAEA302D} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 -> {BEAA9EBD-0DB1-4F50-B959-D959CECCF9C4} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 -> {C5AE0B3F-D906-4955-A654-6BEB711C6423} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 -> {E2AFC1AD-5B87-4d6b-9A8B-8AFE39D5A7F3} URL = http://www.google.com/custom?client=pub ... earchTerms}
SearchScopes: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 -> {FC462980-979D-4A70-8975-FE861F84DF9C} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 -> {FD17243C-DA21-4B16-8D1B-5D49DC1FBB02} URL = http://search.seznam.cz/?q={searchTerms ... arch_13415
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\01jqvitu.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_287.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_287.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.118.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1555331033-2767668753-408418418-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Petr\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1555331033-2767668753-408418418-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKU\S-1-5-21-1555331033-2767668753-408418418-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: Complete YouTube Saver - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\01jqvitu.default\Extensions\{AF445D67-154C-4c69-A17B-7F392BCC36A3} [2015-01-06]
FF Extension: Red1 - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\01jqvitu.default\Extensions\{CCE2B3E0-5E83-4eff-B221-214DE205AD7F}.xpi [2014-07-22]
FF Extension: Greasemonkey - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\01jqvitu.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-04-18]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=13415
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-17]
CHR Extension: (Vyhledávání Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-17]
CHR Extension: (Search by Image (by Google)) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2015-01-25]
CHR Extension: (AdBlock) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-10]
CHR Extension: (Verunka a já ♥) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnefdencakkdcmgakegmfdlgeidnoncl [2014-02-13]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2015-01-10]
CHR Extension: (Peněženka Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-10]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-17]
StartMenuInternet: Opera - C:\Program Files (x86)\Opera\Opera.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [918448 2011-10-29] () [File not signed]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.16\aaHMSvc.exe [947328 2011-08-09] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe [56648 2014-12-15] (Google Inc.)
R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [210024 2011-05-31] (DTS)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-31] ()
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 ttscp; C:\Program Files (x86)\Epos\epos-2.4.85\src\epos.exe [384000 2010-02-09] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 ATITool; C:\Windows\System32\DRIVERS\ATITool64.sys [30720 2006-11-10] () [File not signed]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2012-06-29] (DT Soft Ltd)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-02-09] (Duplex Secure Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
U3 ac2yf9jj; C:\Windows\System32\Drivers\ac2yf9jj.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero size file/folder)
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 VMnetBridge; system32\DRIVERS\vmnetbridge.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 16:43 - 2015-01-25 16:43 - 00029696 _____ () C:\Users\Petr\AppData\Local\MSGBOX.EXE
2015-01-25 16:43 - 2015-01-25 16:43 - 00015327 _____ () C:\Users\Petr\Desktop\LM.bat
2015-01-25 14:58 - 2015-01-25 14:58 - 00000000 ____D () C:\rsit
2015-01-25 14:58 - 2015-01-25 14:58 - 00000000 ____D () C:\Program Files\trend micro
2015-01-25 14:57 - 2015-01-25 14:57 - 01222144 _____ () C:\Users\Petr\Downloads\RSITx64.exe
2015-01-25 14:48 - 2015-01-25 16:07 - 00000000 ____D () C:\AdwCleaner
2015-01-25 14:48 - 2015-01-25 14:48 - 02194432 _____ () C:\Users\Petr\Downloads\adwcleaner_4.109.exe
2015-01-25 14:28 - 2015-01-25 14:28 - 00063925 _____ () C:\Users\Petr\Desktop\FRST3.txt
2015-01-25 14:27 - 2015-01-25 16:43 - 00022064 _____ () C:\Users\Petr\Desktop\FRST.txt
2015-01-25 14:27 - 2015-01-25 16:43 - 00000000 ____D () C:\FRST
2015-01-25 14:26 - 2015-01-25 14:26 - 02129920 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2015-01-25 14:26 - 2015-01-25 14:25 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
2015-01-25 14:25 - 2015-01-25 14:25 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Downloads\FRSTLauncher.exe
2015-01-24 14:53 - 2015-01-24 14:53 - 00032725 _____ () C:\ComboFix.txt
2015-01-24 14:29 - 2015-01-25 16:13 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-24 14:28 - 2015-01-24 14:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-24 14:28 - 2015-01-24 14:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-24 14:28 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-24 14:28 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-24 14:22 - 2015-01-24 14:23 - 05609462 ____R (Swearware) C:\Users\Petr\Downloads\ComboFix.exe
2015-01-22 19:09 - 2015-01-22 19:10 - 00000000 ____D () C:\UCTO2015
2015-01-22 19:09 - 2015-01-22 19:09 - 00001646 _____ () C:\Users\Petr\Desktop\ÚČTO 2015 DOSBOX.LNK
2015-01-22 19:08 - 2015-01-22 19:09 - 29111848 _____ (Tichý & spol., Nový Bor ) C:\Users\Petr\Downloads\u15_64.exe
2015-01-20 17:24 - 2015-01-20 20:14 - 1558509568 _____ () C:\Users\Petr\Downloads\Viděl-jsem-ďábla-thriller-cz-titulky.avi
2015-01-17 16:32 - 2015-01-17 16:32 - 00288731 _____ () C:\Users\Petr\Downloads\practical english usage diagnostic tests_10924_i16332993_il345.exe
2015-01-17 14:55 - 2015-01-17 14:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-14 22:50 - 2015-01-14 22:51 - 00059060 _____ () C:\Users\Petr\Downloads\Behandeling-De-Treatment-The-2014-titulky-cz.srt
2015-01-14 20:11 - 2015-01-14 22:31 - 1295794104 _____ () C:\Users\Petr\Downloads\Behandeling-De-Treatment-The-2014-titulky-cz.avi
2015-01-14 17:23 - 2015-01-14 19:57 - 1362316866 _____ () C:\Users\Petr\Downloads\Kod-Enigmy---The-Imitation-Game-2014-CZ-tit-v-obraze.avi
2015-01-14 11:35 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 11:35 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 11:35 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 11:35 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 11:35 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 11:35 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 11:35 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 11:35 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 11:35 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 11:35 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 11:35 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 11:35 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 11:35 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-10 14:21 - 2015-01-10 14:21 - 11299041 _____ () C:\Users\Petr\Downloads\Converter.zip
2015-01-10 12:10 - 2015-01-10 12:10 - 00002224 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-10 12:10 - 2015-01-10 12:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-10 12:09 - 2015-01-10 12:09 - 00880784 _____ (Google Inc.) C:\Users\Petr\Downloads\ChromeSetup.exe
2015-01-09 16:19 - 2015-01-09 16:19 - 00000000 ____D () C:\Users\Petr\Desktop\Nová složka (15)
2015-01-09 11:30 - 2015-01-23 12:45 - 00061653 _____ () C:\Windows\temp023423.vbe
2015-01-08 12:25 - 2015-01-08 12:25 - 01249280 _____ () C:\Users\Petr\Downloads\Download Breaking Bad Season 1 Complete 720p.BRrip.Sujaidr Torrent - KickassTorrents (1).exe
2015-01-08 12:25 - 2015-01-08 12:25 - 00002113 _____ () C:\Users\Petr\Desktop\Download Breaking Bad Season 1 Complete 720p.BRrip.Sujaidr Torrent - KickassTorrents.lnk
2015-01-08 12:24 - 2015-01-08 12:24 - 01249280 _____ () C:\Users\Petr\Downloads\Download Breaking Bad Season 1 Complete 720p.BRrip.Sujaidr Torrent - KickassTorrents.exe
2015-01-06 20:23 - 2015-01-06 20:23 - 00000000 ____D () C:\Users\Petr\Downloads\Complete YouTube Saver
2015-01-06 20:20 - 2015-01-06 20:23 - 00471848 _____ () C:\Users\Petr\Downloads\1414572253048.webm
2015-01-06 20:01 - 2015-01-06 21:27 - 796437248 _____ () C:\Users\Petr\Downloads\7500-(2014)-CZ-titulky.mp4
2015-01-05 11:49 - 2015-01-05 11:49 - 48691740 _____ () C:\Users\Petr\Downloads\No Time For Caution - 4r4 FLAC.flac
2015-01-04 22:41 - 2015-01-04 22:41 - 00053835 _____ () C:\Users\Petr\Downloads\Under-the-Bed(0000217574).srt
2015-01-04 20:21 - 2015-01-04 21:17 - 1010046976 _____ () C:\Users\Petr\Downloads\Under-the-Bed-(2012)-Dvdrip-by-Helljahve.avi
2015-01-04 19:36 - 2015-01-04 19:36 - 00004814 _____ () C:\Users\Petr\Downloads\stille_nacht.mid
2015-01-04 19:30 - 2015-01-04 19:47 - 05868291 _____ () C:\Users\Petr\Desktop\SEMINÁRNÍ PRÁCE.pptx
2015-01-04 18:26 - 2015-01-04 18:26 - 00583680 _____ () C:\Users\Petr\Downloads\10740243_10203010330812241_1526327940_n (1).ppt
2015-01-04 18:26 - 2015-01-04 18:26 - 00016485 _____ () C:\Users\Petr\Downloads\10740249_10203009326707139_1159570708_n (1).odt
2015-01-04 18:25 - 2015-01-04 18:25 - 00009026 _____ () C:\Users\Petr\Desktop\Nový Prezentace OpenDocument.odp
2015-01-03 22:40 - 2015-01-03 22:41 - 00583680 _____ () C:\Users\Petr\Downloads\10740243_10203010330812241_1526327940_n.ppt
2015-01-03 21:43 - 2015-01-03 21:43 - 00016485 _____ () C:\Users\Petr\Downloads\10740249_10203009326707139_1159570708_n.odt
2015-01-03 13:48 - 2015-01-03 13:48 - 00625608 _____ () C:\Users\Petr\Desktop\animowany-film-auta.jpeg
2015-01-03 13:41 - 2015-01-03 13:41 - 00000000 __SHD () C:\Users\Petr\AppData\Local\EmieBrowserModeList
2015-01-03 13:25 - 2015-01-03 14:06 - 721560058 _____ () C:\Users\Petr\Downloads\Ahi-va-el-Diablo_[Here-Comes-the-Devil]_horor-2012_CZ-titulky.avi
2015-01-03 13:25 - 2015-01-03 13:25 - 00023210 _____ () C:\Users\Petr\Downloads\[kickass.so]here.comes.the.devil.2012.720p.bluray.x264.iguana.publichd.torrent
2015-01-03 13:15 - 2015-01-03 13:15 - 00026681 _____ () C:\Users\Petr\Downloads\10691578_10203003000788995_1619184890_n.odt
2015-01-02 14:36 - 2015-01-02 14:36 - 00583680 _____ () C:\Users\Petr\Downloads\10740043_10203000270680744_579984803_n.ppt
2015-01-02 14:20 - 2015-01-02 14:20 - 00029299 _____ () C:\Users\Petr\Downloads\10740412_10203000181878524_1845334164_n.odt
2015-01-02 13:30 - 2015-01-02 14:22 - 942823722 _____ () C:\Users\Petr\Downloads\The-Taking-of-Deborah-Logan-2014-[HDRip.XviD.AC3]-titulky-CZ-v-obraze.avi
2015-01-01 22:50 - 2015-01-02 00:01 - 1251668114 _____ () C:\Users\Petr\Downloads\'Sci-fi+UFO+Horror..říká-vám-něco-Area-51..tady-je-to-brutal'-Extraterrestrial-(201.)-TitCz.avi
2015-01-01 19:55 - 2015-01-01 19:55 - 00011623 _____ () C:\Users\Petr\Downloads\LeluLove.13.07.08.Voyeur.Secretary.Getting.Dressed.XXX.1080p.WMV-TBP-[rarbg.com].torrent
2015-01-01 19:12 - 2015-01-01 21:01 - 1558198084 _____ () C:\Users\Petr\Downloads\Alien-Abduction---Mimozemský-únos_SCI-FI_CZ.TITULKY_.mp4
2015-01-01 17:44 - 2015-01-01 17:44 - 00040960 _____ () C:\Windows\SysWOW64\nwsftUninstall.exe
2015-01-01 17:43 - 2015-01-01 17:43 - 00004500 _____ () C:\Users\Petr\Downloads\10DD95DCF16506FF3A50F4ADCF05BB34E896A39D.torrent
2015-01-01 17:40 - 2015-01-01 17:40 - 09289528 _____ (New Softwares.net) C:\Users\Petr\Downloads\folder-lock-en.exe
2014-12-29 19:06 - 2014-12-29 19:06 - 02377003 _____ () C:\Users\Petr\Downloads\1419876169722.webm
2014-12-29 15:14 - 2014-12-29 15:14 - 02402828 _____ () C:\Users\Petr\Downloads\1419862379748.webm
2014-12-29 12:42 - 2014-12-29 12:42 - 02986668 _____ () C:\Users\Petr\Downloads\1419850688656.webm
2014-12-29 11:41 - 2014-12-29 11:41 - 00012819 _____ () C:\Users\Petr\Downloads\DEB173F287C2714143793F99CD993E70B3CA5192.torrent
2014-12-29 11:31 - 2014-12-29 11:31 - 00024784 _____ () C:\Users\Petr\Downloads\074D391EB8244A699EF42BEAC431948D5B28D8ED.torrent
2014-12-29 11:16 - 2014-12-29 11:16 - 00374284 _____ () C:\Users\Petr\Downloads\video.htm
2014-12-28 15:08 - 2014-12-28 15:08 - 00026722 _____ () C:\Users\Petr\Downloads\10657264_10202956174978379_198100783_n.odt
2014-12-26 23:05 - 2014-12-26 23:05 - 00091781 _____ () C:\Users\Petr\Downloads\A-Walk-Among-the-Tombstones(0000246733).srt
2014-12-26 22:57 - 2014-12-26 22:57 - 00019087 _____ () C:\Users\Petr\Downloads\[kickass.so]a.walk.among.the.tombstones.2014.1080p.hdrip.x264.aac2.0.rarbg.torrent
2014-12-26 22:54 - 2014-12-26 22:54 - 00066260 _____ () C:\Users\Petr\Downloads\[kickass.so]a.walk.among.the.tombstones.2014.720p.webrip.xvid.ac3.legi0n.torrent
2014-12-26 20:24 - 2014-12-26 20:24 - 00072563 _____ () C:\Users\Petr\Downloads\The-Possession-of-Michael-King(0000244259).srt
2014-12-26 20:12 - 2014-12-26 20:12 - 00007804 _____ () C:\Users\Petr\Downloads\[kickass.so]the.possession.of.michael.king.2014.720p.brrip.x264.yify.torrent
2014-12-26 20:11 - 2014-12-26 20:11 - 00113151 _____ () C:\Users\Petr\Downloads\[kickass.so]the.possession.of.michael.king.2014.1080p.bluray.x264.an0nym0us.torrent
2014-12-26 10:39 - 2014-12-26 10:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-12-26 10:39 - 2014-12-26 10:39 - 00000000 ____D () C:\ProgramData\ATI
2014-12-26 10:38 - 2015-01-25 16:09 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Raptr
2014-12-26 10:38 - 2014-12-26 10:39 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-12-26 10:38 - 2014-12-26 10:38 - 00053392 _____ () C:\Windows\SysWOW64\CCCInstall_201412261038138241.log
2014-12-26 10:38 - 2014-12-26 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-12-26 10:38 - 2014-12-26 10:38 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-12-26 10:37 - 2014-12-26 10:37 - 00000000 ____D () C:\Program Files (x86)\AMD

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 16:37 - 2012-06-26 19:47 - 01217297 _____ () C:\Windows\WindowsUpdate.log
2015-01-25 16:36 - 2014-06-13 13:43 - 00000000 ____D () C:\uninstall
2015-01-25 16:36 - 2013-10-31 15:53 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-25 16:36 - 2011-11-23 13:50 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-01-25 16:22 - 2012-02-17 13:57 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-25 16:16 - 2012-09-03 13:26 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-25 16:15 - 2009-07-14 05:45 - 00028944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-25 16:15 - 2009-07-14 05:45 - 00028944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-25 16:13 - 2013-12-12 16:42 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Seznam.cz
2015-01-25 16:08 - 2014-06-16 17:54 - 03899197 _____ () C:\Windows\setupact.log
2015-01-25 16:08 - 2012-02-17 13:57 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-25 16:08 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-25 16:07 - 2014-06-18 09:38 - 00224038 _____ () C:\Windows\PFRO.log
2015-01-25 14:50 - 2013-02-09 13:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LicenseCrawler
2015-01-25 14:50 - 2012-03-09 16:17 - 00000000 ____D () C:\ProgramData\ICQ
2015-01-25 14:24 - 2011-04-12 09:34 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2015-01-25 14:24 - 2011-04-12 09:34 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2015-01-25 14:24 - 2009-07-14 06:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-25 14:22 - 2014-11-26 15:21 - 00075106 _____ () C:\Users\Petr\Desktop\Nový Textový dokument OpenDocument (13).odt
2015-01-25 14:22 - 2012-06-26 20:07 - 04376576 ___SH () C:\Users\Petr\Desktop\Thumbs.db
2015-01-25 12:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-01-24 23:28 - 2012-07-10 09:23 - 01559268 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-24 23:25 - 2012-01-04 15:45 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\vlc
2015-01-24 20:05 - 2011-12-07 17:49 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\BitComet
2015-01-24 14:53 - 2013-10-17 17:20 - 00000000 ____D () C:\Qoobox
2015-01-24 14:53 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-01-24 14:49 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-01-24 14:47 - 2013-10-17 17:20 - 00000000 ____D () C:\Windows\erdnt
2015-01-24 14:47 - 2009-07-14 03:34 - 85983232 _____ () C:\Windows\system32\config\software.bak
2015-01-24 14:47 - 2009-07-14 03:34 - 22020096 _____ () C:\Windows\system32\config\system.bak
2015-01-24 14:47 - 2009-07-14 03:34 - 00524288 _____ () C:\Windows\system32\config\default.bak
2015-01-24 14:47 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\security.bak
2015-01-24 14:47 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2015-01-24 14:36 - 2013-03-23 16:46 - 00000000 ____D () C:\Program Files (x86)\Resident Evil 6
2015-01-24 14:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Globalization
2015-01-24 14:28 - 2012-04-29 12:24 - 00001071 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-24 14:28 - 2012-04-29 12:24 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Malwarebytes
2015-01-24 14:28 - 2012-04-29 12:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-23 18:16 - 2012-09-03 13:26 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-23 18:16 - 2012-09-03 13:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-23 18:16 - 2012-09-03 13:26 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-23 12:45 - 2014-09-07 16:00 - 00003090 _____ () C:\Windows\System32\Tasks\Origin
2015-01-18 10:58 - 2013-04-10 14:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-15 12:42 - 2011-11-23 14:18 - 00000000 ___HD () C:\ProgramData\Origin
2015-01-15 01:43 - 2013-08-15 12:08 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 01:39 - 2012-06-28 08:51 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-10 12:10 - 2012-02-17 13:57 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-10 12:09 - 2011-11-23 14:19 - 00000000 ____D () C:\Users\Petr\AppData\Local\Google
2015-01-07 01:01 - 2014-11-08 17:22 - 00000264 _____ () C:\Users\Petr\Desktop\Nový textový dokument (10).txt
2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-05 11:57 - 2014-07-21 13:03 - 00000000 ____D () C:\Users\Petr\Desktop\hra
2015-01-04 19:41 - 2013-10-05 16:11 - 00000000 ____D () C:\Users\Petr\AppData\Local\Microsoft Help
2015-01-01 18:05 - 2014-10-27 19:23 - 00000000 ____D () C:\Users\Petr\Desktop\himym
2014-12-30 20:34 - 2014-11-01 16:48 - 00000000 ____D () C:\Users\Petr\Desktop\Nová složka (27)
2014-12-30 20:14 - 2014-06-09 16:53 - 00000000 ____D () C:\Users\Petr\Downloads\Nová složka
2014-12-30 19:24 - 2014-06-13 17:00 - 00000000 ____D () C:\Users\Petr\Desktop\Nová složka (6)
2014-12-30 18:55 - 2014-06-13 17:21 - 00000000 ____D () C:\Users\Petr\Desktop\Nová složka (7)
2014-12-30 17:43 - 2014-09-13 11:58 - 00000000 ____D () C:\Users\Petr\Desktop\Oxford Practice Grammar
2014-12-30 15:18 - 2014-08-08 16:51 - 00000000 ____D () C:\Users\Petr\Downloads\Nová složka (10)
2014-12-30 15:00 - 2014-09-09 09:50 - 00000000 ____D () C:\filmy
2014-12-26 10:38 - 2012-03-14 10:43 - 00000000 ____D () C:\ProgramData\AMD
2014-12-26 10:35 - 2014-02-20 14:47 - 00000000 ____D () C:\Program Files\AMD
2014-12-26 10:34 - 2012-02-01 15:30 - 00000000 ____D () C:\AMD

==================== Files in the root of some directories =======

2014-12-20 11:24 - 2013-03-19 20:14 - 0000084 _____ () C:\Program Files (x86)\update-Skyrim.bat
2014-12-20 11:24 - 2012-06-30 11:13 - 0003153 _____ () C:\Program Files (x86)\visit-nosteam.ro.html
2013-09-19 20:52 - 2013-09-19 20:52 - 0000046 _____ () C:\Users\Petr\AppData\Roaming\Camdata.ini
2013-09-19 20:52 - 2013-09-19 20:52 - 0000408 _____ () C:\Users\Petr\AppData\Roaming\CamLayout.ini
2013-09-19 20:52 - 2013-09-19 20:52 - 0000408 _____ () C:\Users\Petr\AppData\Roaming\CamShapes.ini
2013-09-19 20:52 - 2013-09-19 20:52 - 0004510 _____ () C:\Users\Petr\AppData\Roaming\CamStudio.cfg
2014-11-16 21:39 - 2014-11-16 21:39 - 0000095 _____ () C:\Users\Petr\AppData\Roaming\settings.xml
2012-04-30 08:29 - 2012-04-30 09:05 - 0000046 _____ () C:\Users\Petr\AppData\Roaming\TheHunterSettings_live.cfg
2014-02-13 12:05 - 2014-03-02 12:05 - 0000077 _____ () C:\Users\Petr\AppData\Roaming\WB.CFG
2012-06-29 10:38 - 2014-12-25 15:28 - 0033280 _____ () C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-03-12 16:50 - 2013-03-12 16:50 - 0026900 _____ () C:\Users\Petr\AppData\Local\dt.dat
2015-01-25 16:43 - 2015-01-25 16:43 - 0029696 _____ () C:\Users\Petr\AppData\Local\MSGBOX.EXE
2014-12-14 18:35 - 2014-12-14 18:35 - 0010359 _____ () C:\Users\Petr\AppData\Local\recently-used.xbel

Files to move or delete:
====================
C:\Users\Petr\AppData\Roaming\Origin\update.vbe

Some content of TEMP:
====================
C:\Users\Petr\AppData\Local\Temp\Quarantine.exe
C:\Users\Petr\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-24 01:02

==================== End Of Log ============================

a tady je ten přídavek:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
Ran by Petr at 2015-01-25 16:44:03
Running from C:\Users\Petr\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark 11 (HKLM-x32\...\{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}) (Version: 1.0.2 - Futuremark Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.02.15 - ASUSTeK Computer Inc.)
Alan Wake (HKLM-x32\...\Alan Wake_is1) (Version: - )
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Amnesia - The Dark Descent (HKLM-x32\...\{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1) (Version: 1.0.0 - Frictional Games)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Apple Mobile Device Support (HKLM\...\{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}) (Version: 5.1.1.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.4.5.0 - Asmedia Technology)
ATITool Overclocking Utility (HKLM-x32\...\ATITool) (Version: 0.26 - )
AVI WMV MPEG Converter (HKLM-x32\...\AVI WMV MPEG Converter) (Version: - )
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.6.8941 - )
Batman: Arkham Asylum (HKLM-x32\...\{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}) (Version: 1.0.0.0 - Eidos Interactive Limited)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
BioShock (HKLM-x32\...\Steam App 7670) (Version: - 2K Boston)
BioShock Infinite (HKLM-x32\...\BioShock Infinite_is1) (Version: - )
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
BioShock Infinite Burial at Sea - Episode 1 (HKLM-x32\...\QmlvU2hvY2tJbmZpbml0ZQ==_is1) (Version: 1 - )
Bioshock Infinite Burial at Sea Episode 2 (HKLM-x32\...\Qmlvc2hvY2tJbmZpbml0ZQ==_is1) (Version: 1 - )
BitComet 1.35 (HKLM-x32\...\BitComet) (Version: 1.35 - CometNetwork)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
BurnInTest v7.1 Standard (HKLM\...\BurnInTest_is1) (Version: 7.1 - Passmark Software)
CamStudio version 2.7 (HKLM-x32\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 3.14 - Piriform)
Construct 2 r168 (HKLM\...\Construct 2_is1) (Version: 1.0.168.0 - Scirra)
Convert AVI to MP4 (HKLM-x32\...\{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1) (Version: - convertavitomp4.com)
CPUID CPU-Z 1.59 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CPUID HWMonitor Pro 1.20 (HKLM\...\CPUID HWMonitorPro_is1) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
Darksiders II (HKLM-x32\...\Darksiders II_is1) (Version: - )
Defraggler (HKLM\...\Defraggler) (Version: 2.03 - Piriform)
Dishonored (HKLM-x32\...\Dishonored_is1) (Version: - )
Divinity - Original Sin (HKLM-x32\...\1207664853_is1) (Version: 2.3.0.6 - GOG.com)
Dungeon Siege 2 (HKLM-x32\...\DungeonSiege2) (Version: - Microsoft)
Dungeon Siege 2 Broken World (HKLM-x32\...\{A563C4F4-BE36-4956-BA0B-E02BDD9F70D5}) (Version: 1.00.0000 - Gas Powered Games)
Easy MIDI Cutter version 1.2.0.0 (HKLM-x32\...\{E875592D-5052-48B9-A014-1E6D6FFC8FF6}}_is1) (Version: 1.2.0.0 - SooftMoon Inc.)
English Grammar in Use Extra application (HKLM-x32\...\EnglishGrammarinUseExtra) (Version: 1.0.0 - Cambridge University Press Holdings Limited)
English Grammar in Use Extra application (x32 Version: 1.0.0 - Cambridge University Press Holdings Limited) Hidden
English Grammar in Use Extra content (HKLM-x32\...\English Grammar in Use Extra content) (Version: 1.0.0.0 - Cambridge University Press)
Epos 2.4-85 (HKLM-x32\...\EposAPI 0.1.1_is1) (Version: - IPE AS CR)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.04 - Ubisoft)
Far Cry 4 (HKLM-x32\...\Far Cry 4_is1) (Version: - )
Flvto Youtube Downloader (HKLM-x32\...\Flvto Youtube Downloader) (Version: 0.3.1 - Hotger)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Free MKV To WMV Converter (HKLM-x32\...\{7B256416-E4FB-4FBD-B84C-7C8482611A41}) (Version: 1.0.0 - Convert Audio Free)
Free MKV To WMV Converter (HKLM-x32\...\{7E187F40-CA42-455D-84E1-010B666CEB6E}) (Version: 1.0.0 - Convert Audio Free)
Free Mp3 Wma Converter V 2.2 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Soft)
Friendly-Strike2 (HKLM-x32\...\Friendly-Strike2) (Version: - )
Fritz 13 (HKLM-x32\...\{85EB0F56-3DB3-42CC-9384-A665C5FC5D08}) (Version: 13.0.0.0 - ChessBase)
Fritz11 (HKLM-x32\...\{1A637513-CC46-4C3B-8114-1E4F1D71CF42}) (Version: 11 - ChessBase)
Fritz11 (x32 Version: 11 - ChessBase) Hidden
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.0.0.0 - Futuremark Corporation)
Game Maker 8.0 (HKLM-x32\...\Game Maker 8.0) (Version: - )
GameMaker 8.1 (HKLM-x32\...\GameMaker81) (Version: - )
GameMaker-Studio (HKLM-x32\...\{6628277A-F051-4647-96D7-E829FD86C7B9}) (Version: 1.2.1130 - YoYo Games Ltd.)
Geeks3D FurMark 1.13.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
GIMP 2.8.8 (HKLM\...\GIMP-2_is1) (Version: 2.8.8 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GrafX2 (GNU GPL) (HKLM-x32\...\Grafx2-SDL) (Version: 2.4.wip2035 - )
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
GraphicsGale FreeEdition version 2.03.24 (HKLM-x32\...\GraphicsGale FreeEdition_is1) (Version: - HUMANBALANCE Ltd.)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Hoolapp For Android (HKU\S-1-5-21-1555331033-2767668753-408418418-1000\...\Hoolapp For Android) (Version: - ) <==== ATTENTION
Houdini 2.0 Pro (HKLM\...\{C76E78E4-118F-48B7-815A-7B46B34A2E6A}_is1) (Version: 2.0 - Houdini Chess)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
Chrome Remote Desktop Host (HKLM-x32\...\{6FC79C95-F54F-4515-8012-01F33D894492}) (Version: 40.0.2214.44 - Google Inc.)
ICQ7.7 (HKLM-x32\...\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}) (Version: 7.7 - ICQ)
Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{CF8FFD12-602B-422D-AF1D-511B411E7632}) (Version: 10.6.1.7 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.600 - Oracle)
Java SE Development Kit 7 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle)
Kingo Android ROOT version 1.1.4.1785 (HKLM-x32\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.1.4.1785 - Kingosoft Technology Ltd.)
LanguageLab (HKLM-x32\...\{E6F4BB0D-0239-454C-AA75-03EE8A1D8770}) (Version: 3.9.2.1 - Vitware)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LicenseCrawler verze 1.25 build-298 (HKLM-x32\...\{12151216-3E3F-4118-AE95-49C39F1D7EA2}_is1) (Version: 1.25 build-298 - Martin Klinzmann)
Mafia II (HKLM-x32\...\Mafia II_is1) (Version: - )
Malwarebytes Anti-Malware verze 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1051 - Marvell)
MediaCoder 0.8.18 (HKLM-x32\...\MediaCoder) (Version: 0.8.18 - Broad Intelligence)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft1.7.9 (HKLM-x32\...\Minecraft1.7.9) (Version: - )
MKV TO AVI CONVERTER version 3.0 (HKLM-x32\...\MKV TO AVI CONVERTER_is1) (Version: - )
MKVToolNix 7.4.0 (32bit) (HKLM-x32\...\MKVToolNix) (Version: 7.4.0 - Moritz Bunkus)
MorphVOX Pro (HKLM-x32\...\{76828C87-C612-4329-843B-4DB58060030A}) (Version: 4.4.9 - Screaming Bee)
Mozilla Firefox 35.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 cs)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.0 (HKLM-x32\...\{43245B34-BAEA-4716-B877-38E7E7026698}) (Version: 4.10.9764 - Apache Software Foundation)
Opera 11.64 (HKLM-x32\...\Opera 11.64.1403) (Version: 11.64.1403 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4554 - Electronic Arts, Inc.)
Outlast (HKLM-x32\...\T3V0bGFzdA==_is1) (Version: 1 - )
Outlast: Whistleblower (HKLM-x32\...\T3V0bGFzdFdoaXN0bGVibG93ZXI=_is1) (Version: 1 - )
paint.net 4.0 Pre-Release (HKLM\...\{3F5F509B-E226-417C-8CD1-CAAE756C328A}) (Version: 4.0.0 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
Path of Exile (HKLM-x32\...\{90C5C0B5-923C-4BE0-9A0C-98266CA6E170}) (Version: 0.9.11.18157 - Grinding Gear Games)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PhotoFiltre 7 (HKU\S-1-5-21-1555331033-2767668753-408418418-1000\...\PhotoFiltre 7) (Version: - )
Piano Chords 1.4.2 (HKLM-x32\...\Piano Chords_is1) (Version: 1.4.2 - AB-Tools.com)
PlagueInc 1.0 (HKLM-x32\...\PlagueInc 1.0) (Version: 1.0 - Cat-A-Cat)
Portal 2 (HKLM-x32\...\Postal 2_is1) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.42 - Piriform)
Resident Evil 6 version 1 (HKLM-x32\...\UmVzaWRlbnQgRXZpbCA2_is1) (Version: 1 - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Room Arranger (HKLM-x32\...\Room Arranger) (Version: 7.2.4 - Jan Adamec)
R-Studio 7.0 (HKLM-x32\...\R-Studio 7.0NSIS) (Version: 7.0.154111 - R-Tools Technology Inc.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
Sapphire TRIXX (HKLM-x32\...\Sapphire TRIXX) (Version: - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-1555331033-2767668753-408418418-1000\...\SeznamInstall) (Version: - Seznam.cz)
Smart Tests (HKLM-x32\...\Smart Tests) (Version: 1.0.160.0 - Vitware)
SmartPhone Recovery Pro (HKLM\...\{41E1F3E2-6928-48C5-B71F-225DE3F1112B}) (Version: 2.3 - Enigma Recovery)
Sniper Elite 3 (HKLM-x32\...\Sniper Elite 3_is1) (Version: - Rebellion)
Sniper Elite V2 (HKLM-x32\...\Sniper Elite V2_is1) (Version: - )
SolveigMM AVI Trimmer version 2.1.1407.1 (HKLM-x32\...\SolveigMM AVI Trimmer_is1) (Version: 2.1.1407.1 - Solveig Multimedia)
Sony刷机驱动安装程序 version 1.2 (HKLM-x32\...\{DCF4A01A-4ED7-4E60-8D4B-4B3F59CF3DE0}_is1) (Version: 1.2 - 北京众晶锐驰科技有限公司)
Sp5 (x32 Version: 5.1.4324.0 - Microsoft) Hidden
Sp5Intl (x32 Version: 5.1.4324.0 - Microsoft) Hidden
Sp5TTInt (x32 Version: 5.1.4324.0 - Microsoft) Hidden
SpCommon (x32 Version: 5.1.4324.0 - Microsoft) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
SpPhones (x32 Version: 6.0.3122.0 - Microsoft) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stencyl (HKLM-x32\...\Stencyl) (Version: 1.1.1 - Stencyl, LLC)
Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{906B34E5-573C-445A-A5D3-40B6BF0A2EC4}) (Version: 6.0.21.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Terraria version 1.2.4.1 (HKLM-x32\...\{1520E069-19A9-4B01-BA5D-87B67D56F55D}_is1) (Version: 1.2.4.1 - )
The Settlers II - 10th Anniversary (HKLM-x32\...\S2TNG) (Version: - )
Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
Titan Quest Immortal Throne (HKLM-x32\...\{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}) (Version: 1.00.0000 - Iron Lore)
Tombraider (HKLM-x32\...\Tombraider_is1) (Version: - )
Torchlight (HKLM-x32\...\Runic Games Torchlight) (Version: 0.0.66.192 - )
Torchlight (HKLM-x32\...\Steam App 41500) (Version: - Runic Games, Inc.)
Torchlight 2 Rapid Respec (HKLM-x32\...\Torchlight 2 Rapid Respec) (Version: 2.04 - Chthon)
Torchlight Editor (HKLM-x32\...\Steam App 41520) (Version: - Runic Games, Inc.)
Torchlight II GUTS (HKLM-x32\...\Steam App 223070) (Version: - )
Torntv V9.0 (HKLM-x32\...\Torntv V9.0) (Version: 1.34.6.10 - installdaddy) <==== ATTENTION
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-1555331033-2767668753-408418418-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinX Free AVI to WMV Converter 4.0.6 (HKLM-x32\...\WinX Free AVI to WMV Converter_is1) (Version: - Digiarty Software,Inc.)
WinX Free WMV to MP4 Converter 2.0.1 (HKLM-x32\...\WinX Free WMV to MP4 Converter_is1) (Version: - Digiarty Software,Inc.)
Wireshark 1.7.0 (HKLM-x32\...\Wireshark) (Version: 1.7.0 - The Wireshark developer community, http://www.wireshark.org)
Wondershare Dr.Fone for Android(Build 3.0.0.30) (HKLM-x32\...\{1DB91A95-C548-4BA5-9D4C-18C7DEAAC39F}_is1) (Version: 3.0.0.30 - Wondershare Software Co.,Ltd.)
Xfire (remove only) (HKLM-x32\...\Xfire) (Version: - )
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1555331033-2767668753-408418418-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1555331033-2767668753-408418418-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1555331033-2767668753-408418418-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1555331033-2767668753-408418418-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

15-01-2015 01:38:54 Windows Update
20-01-2015 14:18:15 Windows Update
24-01-2015 14:38:08 ComboFix created restore point
24-01-2015 23:25:50 Windows Update
25-01-2015 16:34:46 Removed Apple Application Support
25-01-2015 16:36:24 Intel Extreme Tuning Utility

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-01-24 14:49 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {49BCDCD3-AA01-4682-81B4-C152383E8F9C} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {6B1AF2F2-3C53-4CD5-B303-83CF6845CC54} - System32\Tasks\Origin => C:\ProgramData\Origin\update.vbe [2015-01-23] () <==== ATTENTION
Task: {708D72F9-FA97-440A-B9B1-B398DE34DD8C} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-26] (ASUSTeK Computer Inc.)
Task: {73D0BF27-2B9F-4B27-A888-51888E6DFCEC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-23] (Adobe Systems Incorporated)
Task: {7B933511-789F-41A2-B6CB-624FAF5842CF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {7E5DE627-5C43-41E3-B1A6-E30233BA0F4B} - \SidebarExecute No Task File <==== ATTENTION
Task: {9C69DA4A-D760-43FF-BCF3-0C7D78C30CF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {A03D48D2-D556-43DF-869C-9C1E4BFCE369} - System32\Tasks\{425C50A1-4BA0-4269-83E3-513891D60EDA} => pcalua.exe -a "C:\program files (x86)\cracked steam\steamapps\common\Bioshock\Builds\Release\Bioshock_CZ.exe" -d "C:\program files (x86)\cracked steam\steamapps\common\Bioshock\Builds\Release"
Task: {AFFBDDBA-B66A-4160-BF61-FE8C72B3342A} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-16] ()
Task: {CF468113-4C9A-42E3-AF4D-D52C61C4D3E7} - System32\Tasks\{A41684E9-BF30-4C8B-8790-CF9CD5ECA110} => pcalua.exe -a C:\PROGRA~2\AVIWMV~1\UNWISE.EXE -c C:\PROGRA~2\AVIWMV~1\INSTALL.LOG
Task: {DEBE541C-517B-4362-9FE5-E08F7E3896AD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe

==================== Loaded Modules (whitelisted) =============

2014-11-05 12:25 - 2011-10-29 09:59 - 00918448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
2014-11-05 12:25 - 2010-10-21 17:52 - 00586880 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2011-11-23 14:49 - 2013-10-31 15:54 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-08-08 12:54 - 2010-02-09 13:36 - 00384000 _____ () C:\Program Files (x86)\Epos\epos-2.4.85\src\epos.exe
2013-12-12 16:42 - 2013-04-15 12:32 - 00060416 _____ () C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\12898libfoxloader-x64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-12-12 16:42 - 2013-04-12 09:13 - 00457208 _____ () C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2013-12-12 16:42 - 2013-04-29 11:53 - 00045560 _____ () C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2015-01-25 14:53 - 2015-01-25 16:08 - 01605120 _____ () C:\Windows\temp\svchost.exe
2015-01-25 14:54 - 2015-01-25 16:08 - 01659904 _____ () C:\Windows\temp\lsass.exe
2014-11-05 12:25 - 2015-01-25 16:08 - 00024576 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.18\PEbiosinterface32.dll
2014-11-05 12:25 - 2010-06-29 10:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.18\ATKEX.dll
2014-11-05 12:26 - 2011-07-12 19:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2014-11-05 12:26 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2014-11-05 12:26 - 2011-09-20 18:11 - 00985600 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2014-11-05 12:26 - 2012-03-01 14:20 - 01296384 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2014-11-05 12:26 - 2011-09-29 15:12 - 00881664 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2014-11-05 12:26 - 2011-09-26 18:37 - 01616384 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2014-11-05 12:26 - 2011-09-19 20:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2014-11-05 12:26 - 2011-07-21 09:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2014-11-05 12:26 - 2011-10-14 20:03 - 00885248 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2014-11-05 12:25 - 2010-08-23 10:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.16\aaHMLib.dll
2014-11-05 12:26 - 2010-10-05 08:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2014-11-05 12:26 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2013-12-12 16:42 - 2013-03-25 15:39 - 00894968 _____ () C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2013-12-12 16:42 - 2013-03-29 12:37 - 00059384 _____ () C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\12898libfoxloader.dll
2015-01-10 12:10 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2015-01-10 12:10 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2015-01-10 12:10 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2015-01-10 12:10 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2015-01-10 12:10 - 2014-12-06 02:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Petr\Downloads\re-_dopis.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => C:\Windows\pss\Facebook Messenger.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk => C:\Windows\pss\Xfire.lnk.Startup
MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: Guard.Mail.ru.gui => "C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
MSCONFIG\startupreg: Hoolapp Android => "C:\Users\Petr\AppData\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: ICQ => ~"C:\Program Files (x86)\ICQ7.7\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: seznam-listicka-distribuce => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
MSCONFIG\startupreg: SpeedUpMyComputer => C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as
MSCONFIG\startupreg: vmware-tray => "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
MSCONFIG\startupreg: Wondershare Helper Compact.exe => "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelperSetup.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-1555331033-2767668753-408418418-500 - Administrator - Disabled)
Guest (S-1-5-21-1555331033-2767668753-408418418-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-1555331033-2767668753-408418418-1009 - Limited - Enabled)
mamka (S-1-5-21-1555331033-2767668753-408418418-1010 - Limited - Enabled) => C:\Users\mamka
Petr (S-1-5-21-1555331033-2767668753-408418418-1000 - Administrator - Enabled) => C:\Users\Petr

==================== Faulty Device Manager Devices =============

Name: VMware Bridge Protocol
Description: VMware Bridge Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VMnetBridge
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/25/2015 04:35:40 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: Petr-PC)
Description: Aplikaci nebo službu Apple Mobile Device nelze restartovat.

Error: (01/25/2015 04:09:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2015 02:55:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2015 00:25:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/24/2015 08:06:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 6.1.7601.17567, časové razítko: 0x4d672ee4
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc000041d
Posun chyby: 0x0000000004b8a250
ID chybujícího procesu: 0x1080
Čas spuštění chybující aplikace: 0xexplorer.exe0
Cesta k chybující aplikaci: explorer.exe1
Cesta k chybujícímu modulu: explorer.exe2
ID zprávy: explorer.exe3

Error: (01/24/2015 08:06:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 6.1.7601.17567, časové razítko: 0x4d672ee4
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000004b8a250
ID chybujícího procesu: 0x1080
Čas spuštění chybující aplikace: 0xexplorer.exe0
Cesta k chybující aplikaci: explorer.exe1
Cesta k chybujícímu modulu: explorer.exe2
ID zprávy: explorer.exe3

Error: (01/24/2015 02:50:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/24/2015 01:58:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2015 11:41:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/22/2015 11:01:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (01/25/2015 04:35:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Apple Mobile Device neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (01/25/2015 04:35:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Apple Mobile Device bylo dosaženo časového limitu (30000 ms).

Error: (01/25/2015 04:08:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba VMware Bridge Protocol neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (01/25/2015 02:53:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba VMware Bridge Protocol neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (01/25/2015 02:51:29 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056

Error: (01/25/2015 02:50:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (01/25/2015 02:50:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MBAMService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/25/2015 02:50:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (01/25/2015 02:50:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ASUS Com Service byla neočekávaně ukončena. Tento stav nastal již 2krát.

Error: (01/25/2015 02:50:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MBAMScheduler byla neočekávaně ukončena. Tento stav nastal již 1krát.

Microsoft Office Sessions:
=========================
Error: (01/25/2015 04:35:40 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: Petr-PC)
Description: 0AppleMobileDeviceService.exeApple Mobile Device03026217816040

Error: (01/25/2015 04:09:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2015 02:55:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2015 00:25:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/24/2015 08:06:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4unknown0.0.0.000000000c000041d0000000004b8a250108001d03808a21d2012C:\Windows\explorer.exeunknown0f4210dc-a3fc-11e4-95f5-f46d0453586b

Error: (01/24/2015 08:06:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4unknown0.0.0.000000000c00000050000000004b8a250108001d03808a21d2012C:\Windows\explorer.exeunknown0cfab061-a3fc-11e4-95f5-f46d0453586b

Error: (01/24/2015 02:50:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/24/2015 01:58:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2015 11:41:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/22/2015 11:01:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

CodeIntegrity Errors:
===================================
Date: 2015-01-25 16:43:15.261
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-25 16:28:52.597
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-25 16:17:54.817
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-25 16:08:08.524
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-25 16:08:00.162
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\ATITool64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-25 16:08:00.084
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\ATITool64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-25 15:58:32.702
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-25 14:53:37.900
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-25 14:53:29.788
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\ATITool64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-25 14:53:29.725
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\ATITool64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 33%
Total physical RAM: 8159.14 MB
Available physical RAM: 5459.3 MB
Total Pagefile: 16316.46 MB
Available Pagefile: 11660.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (vse mozne) (Fixed) (Total:931.51 GB) (Free:183.32 GB) NTFS
Drive d: (zaloha) (Fixed) (Total:229.83 GB) (Free:200.56 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: B569B569)
Partition 1: (Active) - (Size=3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=229.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 159811F4)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Otestujte na virustotal.com C:\Windows\temp023423.vbe - pokud uz byl soubor otestovany, zvolte Reanalyze. Do pristiho prispevku dejte link (odkaz) s vysledky analyzy.

Pokud nepouzivate, odinstalujte Seznam Software - http://forum.viry.cz/viewtopic.php?p=1374436#p1374436

Pokud jeste nemate, presunte ComboFix na plochu.

Otevrete Poznamkovy blok (Start -> Spustit -> notepad)

zkopirujte do nej skript nize a ulozte na plochu jako CFScript (Typ souboru: Textovy dokument)

Kód: Vybrat vše

KillAll::

Driver::
globalUpdatem

Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D27FC31C-6E3D-4305-8D53-ACDAEFA5F862}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FixMyRegistry"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"SwitchBoard"=-
"AdobeCS6ServiceManager"=-
"SunJavaUpdateSched"=-
"BCSSync"=-
"QuickTime Task"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=-

Folder::
c:\program files (x86)\uuniisoales
c:\programdata\ihmngagjendklnocgmbglilknjjakmmb
c:\users\Petr\AppData\Roaming\ComplitlyEngine
c:\program files (x86)\SmartTweak
c:\program files (x86)\globalUpdate
c:\program files (x86)\SweetIM

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\ROC_REG_JAN_DELETE.job

DDS::
uDefault_Search_URL = hxxp://search.searchcompletion.com?si=10195&bs=true&q=
mDefault_Search_URL = hxxp://search.searchcompletion.com?si=10195&bs=true&q=
mSearch Page = hxxp://search.searchcompletion.com?si=10195&bs=true&q=
mSearch Bar = hxxp://search.searchcompletion.com?si=10195&bs=true&q=
IE: Search the Web - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html

RegNull::
[HKEY_USERS\S-1-5-21-1555331033-2767668753-408418418-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
[HKEY_USERS\S-1-5-21-1555331033-2767668753-408418418-1000\Software\SecuROM\License information*]

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

ClearJavaCache::

Reboot::

Tento CFScript.txt chytte, doslova pretahnete nad ikonu ComboFixu a pustte.
Po restartu na Vas vyskoci log, jehoz obsah mi vlozte do dalsi odpovedi.

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou Windows. V tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Tak tady je odkaz na ten soubor :
https://www.virustotal.com/cs/file/25b6 ... 422203767/

Udělal jsem jak jste psal a tady je log z combofixu:

ComboFix 15-01-22.02 - Petr 25.01.2015 17:41:56.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8159.5506 [GMT 1:00]
Spuštěný z: c:\users\Petr\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Petr\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\ROC_REG_JAN_DELETE.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\ROC_REG_JAN_DELETE.job
c:\windows\TEMP\lsass.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-12-25 do 2015-01-25 )))))))))))))))))))))))))))))))
.
.
2015-01-25 16:49 . 2015-01-25 16:49 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-01-25 16:49 . 2015-01-25 16:49 -------- d-----w- c:\users\mamka\AppData\Local\temp
2015-01-25 16:49 . 2015-01-25 16:49 -------- d-----w- c:\users\Mama\AppData\Local\temp
2015-01-25 16:49 . 2015-01-25 16:49 -------- d-----w- c:\users\Guest\AppData\Local\temp
2015-01-25 16:49 . 2015-01-25 16:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-25 13:58 . 2015-01-25 13:58 -------- d-----w- C:\rsit
2015-01-25 13:58 . 2015-01-25 13:58 -------- d-----w- c:\program files\trend micro
2015-01-25 13:48 . 2015-01-25 15:07 -------- d-----w- C:\AdwCleaner
2015-01-25 13:27 . 2015-01-25 15:44 -------- d-----w- C:\FRST
2015-01-24 13:29 . 2015-01-25 15:13 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-24 13:28 . 2015-01-24 13:28 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-01-24 13:28 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-01-24 13:28 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-01-23 10:43 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{96509EF8-DEC5-4727-8E0F-489E0D683CA3}\mpengine.dll
2015-01-22 18:09 . 2015-01-22 18:10 -------- d-----w- C:\UCTO2015
2015-01-03 12:41 . 2015-01-03 12:41 -------- d-sh--w- c:\users\Petr\AppData\Local\EmieBrowserModeList
2015-01-01 16:44 . 2015-01-01 16:44 40960 ----a-w- c:\windows\SysWow64\nwsftUninstall.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-25 12:08 . 2014-07-21 18:40 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2015-01-23 17:16 . 2012-09-03 12:26 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-23 17:16 . 2012-09-03 12:26 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-15 00:39 . 2012-06-28 07:51 113365784 ----a-w- c:\windows\system32\MRT.exe
2015-01-06 03:36 . 2010-11-21 03:27 298120 ------w- c:\windows\system32\MpSigStub.exe
2014-12-13 05:09 . 2014-12-18 10:25 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-13 03:33 . 2014-12-18 10:25 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-04 02:50 . 2014-12-11 11:16 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-04 02:50 . 2014-12-11 11:16 741376 ----a-w- c:\windows\system32\invagent.dll
2014-12-04 02:50 . 2014-12-11 11:16 396800 ----a-w- c:\windows\system32\devinv.dll
2014-12-04 02:50 . 2014-12-11 11:16 830976 ----a-w- c:\windows\system32\appraiser.dll
2014-12-04 02:50 . 2014-12-11 11:16 192000 ----a-w- c:\windows\system32\aepic.dll
2014-12-04 02:50 . 2014-12-11 11:16 227328 ----a-w- c:\windows\system32\aepdu.dll
2014-12-04 02:44 . 2014-12-11 11:16 1083392 ----a-w- c:\windows\system32\aeinv.dll
2014-12-01 23:28 . 2014-12-11 11:16 1232040 ----a-w- c:\windows\system32\aitstatic.exe
2014-11-27 01:43 . 2014-12-11 11:15 389296 ----a-w- c:\windows\system32\iedkcs32.dll
2014-11-22 03:13 . 2014-12-11 11:15 25059840 ----a-w- c:\windows\system32\mshtml.dll
2014-11-22 03:06 . 2014-12-11 11:15 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-22 03:06 . 2014-12-11 11:15 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:50 . 2014-12-11 11:15 66560 ----a-w- c:\windows\system32\iesetup.dll
2014-11-22 02:50 . 2014-12-11 11:15 580096 ----a-w- c:\windows\system32\vbscript.dll
2014-11-22 02:49 . 2014-12-11 11:15 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:49 . 2014-12-11 11:15 2885120 ----a-w- c:\windows\system32\iertutil.dll
2014-11-22 02:48 . 2014-12-11 11:15 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-22 02:41 . 2014-12-11 11:15 54784 ----a-w- c:\windows\system32\jsproxy.dll
2014-11-22 02:40 . 2014-12-11 11:15 34304 ----a-w- c:\windows\system32\iernonce.dll
2014-11-22 02:37 . 2014-12-11 11:15 633856 ----a-w- c:\windows\system32\ieui.dll
2014-11-22 02:35 . 2014-12-11 11:15 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-22 02:34 . 2014-12-11 11:15 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-22 02:34 . 2014-12-11 11:15 6039552 ----a-w- c:\windows\system32\jscript9.dll
2014-11-22 02:26 . 2014-12-11 11:15 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 02:22 . 2014-12-11 11:15 490496 ----a-w- c:\windows\system32\dxtmsft.dll
2014-11-22 02:20 . 2014-12-11 11:15 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-11-22 02:14 . 2014-12-11 11:15 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 02:09 . 2014-12-11 11:15 199680 ----a-w- c:\windows\system32\msrating.dll
2014-11-22 02:08 . 2014-12-11 11:15 92160 ----a-w- c:\windows\system32\mshtmled.dll
2014-11-22 02:07 . 2014-12-11 11:15 501248 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-11-22 02:07 . 2014-12-11 11:15 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-11-22 02:06 . 2014-12-11 11:15 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-11 11:15 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-11-22 02:05 . 2014-12-11 11:15 316928 ----a-w- c:\windows\system32\dxtrans.dll
2014-11-22 01:54 . 2014-12-11 11:15 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-11-22 01:49 . 2014-12-11 11:15 718848 ----a-w- c:\windows\system32\ie4uinit.exe
2014-11-22 01:49 . 2014-12-11 11:15 800768 ----a-w- c:\windows\system32\msfeeds.dll
2014-11-22 01:47 . 2014-12-11 11:15 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:46 . 2014-12-11 11:15 2125312 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-22 01:43 . 2014-12-11 11:15 14412800 ----a-w- c:\windows\system32\ieframe.dll
2014-11-22 01:40 . 2014-12-11 11:15 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-11 11:15 4299264 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-11-22 01:28 . 2014-12-11 11:15 2358272 ----a-w- c:\windows\system32\wininet.dll
2014-11-22 01:22 . 2014-12-11 11:15 2052096 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-11-22 01:21 . 2014-12-11 11:15 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:15 . 2014-12-11 11:15 1548288 ----a-w- c:\windows\system32\urlmon.dll
2014-11-22 01:03 . 2014-12-11 11:15 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2014-11-22 01:00 . 2014-12-11 11:15 1888256 ----a-w- c:\windows\SysWow64\wininet.dll
2014-11-21 05:14 . 2012-04-29 11:24 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-21 02:44 . 2014-11-21 02:44 78432 ----a-w- c:\windows\system32\atimpc64.dll
2014-11-21 02:44 . 2014-11-21 02:44 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2014-11-21 02:44 . 2014-11-21 02:44 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2014-11-21 02:44 . 2014-11-21 02:44 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2014-11-21 02:44 . 2014-04-18 02:43 144328 ----a-w- c:\windows\system32\atiuxp64.dll
2014-11-21 02:44 . 2014-04-18 02:42 126848 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2014-11-21 02:44 . 2014-04-18 02:42 118096 ----a-w- c:\windows\system32\atiu9p64.dll
2014-11-21 02:44 . 2014-11-21 02:44 100032 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2014-11-21 02:44 . 2014-04-18 02:42 1348928 ----a-w- c:\windows\system32\aticfx64.dll
2014-11-21 02:44 . 2014-04-18 02:42 1127496 ----a-w- c:\windows\SysWow64\aticfx32.dll
2014-11-21 02:44 . 2014-04-18 02:42 11076784 ----a-w- c:\windows\system32\atidxx64.dll
2014-11-21 02:44 . 2014-04-18 02:42 9401480 ----a-w- c:\windows\SysWow64\atidxx32.dll
2014-11-21 02:43 . 2014-11-21 02:43 7558816 ----a-w- c:\windows\SysWow64\atiumdva.dll
2014-11-21 02:43 . 2014-11-21 02:43 7077776 ----a-w- c:\windows\SysWow64\atiumdag.dll
2014-11-21 02:43 . 2014-04-18 02:42 8379720 ----a-w- c:\windows\system32\atiumd6a.dll
2014-11-21 02:43 . 2014-04-18 02:42 8369408 ----a-w- c:\windows\system32\atiumd64.dll
2014-11-21 02:41 . 2014-11-21 02:41 294600 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2014-11-21 02:40 . 2014-11-21 02:40 18959360 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2014-11-21 02:33 . 2014-11-21 02:33 235008 ----a-w- c:\windows\system32\clinfo.exe
2014-11-21 02:33 . 2014-11-21 02:33 98816 ----a-w- c:\windows\system32\OpenVideo64.dll
2014-11-21 02:33 . 2014-11-21 02:33 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2014-11-21 02:33 . 2014-11-21 02:33 86528 ----a-w- c:\windows\system32\OVDecode64.dll
2014-11-21 02:33 . 2014-11-21 02:33 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll
2014-11-21 02:33 . 2014-11-21 02:33 47899136 ----a-w- c:\windows\system32\amdocl64.dll
2014-11-21 02:32 . 2014-11-21 02:32 40987136 ----a-w- c:\windows\SysWow64\amdocl.dll
2014-11-21 02:31 . 2014-11-21 02:31 65024 ----a-w- c:\windows\system32\OpenCL.dll
2014-11-21 02:31 . 2014-11-21 02:31 58880 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-11-21 02:24 . 2014-11-21 02:24 28354560 ----a-w- c:\windows\system32\atio6axx.dll
2014-11-21 02:19 . 2014-11-21 02:19 23621632 ----a-w- c:\windows\SysWow64\atioglxx.dll
2014-11-21 02:19 . 2014-11-21 02:19 49664 ----a-w- c:\windows\system32\amdmmcl6.dll
2014-11-21 02:19 . 2014-11-21 02:19 38912 ----a-w- c:\windows\SysWow64\amdmmcl.dll
2014-11-21 02:18 . 2014-11-21 02:18 127488 ----a-w- c:\windows\system32\mantle64.dll
2014-11-21 02:18 . 2014-11-21 02:18 113664 ----a-w- c:\windows\SysWow64\mantle32.dll
2014-11-21 02:18 . 2014-11-21 02:18 5837312 ----a-w- c:\windows\system32\amdmantle64.dll
2014-11-21 02:17 . 2014-11-21 02:17 367104 ----a-w- c:\windows\system32\atiapfxx.exe
2014-11-21 02:17 . 2014-11-21 02:17 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2014-11-21 02:17 . 2014-11-21 02:17 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2014-11-21 02:16 . 2014-11-21 02:16 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2014-11-21 02:16 . 2014-11-21 02:16 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2014-11-21 02:16 . 2014-11-21 02:16 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
2014-11-21 02:16 . 2014-11-21 02:16 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2014-11-21 02:15 . 2014-11-21 02:15 4590592 ----a-w- c:\windows\SysWow64\amdmantle32.dll
2014-11-21 02:13 . 2014-11-21 02:13 91648 ----a-w- c:\windows\system32\mantleaxl64.dll
2014-11-21 02:13 . 2014-11-21 02:13 85504 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-11-20 767176]
"Raptr"="c:\progra~2\Raptr\raptrstub.exe" [2014-12-08 55568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 AthDfu;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files (x86)\BitComet\tools\BitCometService.exe;c:\program files (x86)\BitComet\tools\BitCometService.exe [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssudserd.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 mv91xx;mv91xx;c:\windows\system32\drivers\mv91xx.sys;c:\windows\SYSNATIVE\drivers\mv91xx.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.16\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.16\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys;c:\windows\SYSNATIVE\drivers\cpuz135_x64.sys [x]
S2 DTSAudioService;DTSAudioService;c:\program files\Realtek\Audio\HDA\DTSAudioService64.exe;c:\program files\Realtek\Audio\HDA\DTSAudioService64.exe [x]
S2 chromoting;Služba Vzdálené plochy Chrome;c:\program files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe;c:\program files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe [x]
S2 ttscp;Text-to-Speech system Epos;c:\program files (x86)\Epos\epos-2.4.85\src\epos.exe;c:\program files (x86)\Epos\epos-2.4.85\src\epos.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - AVGIDSDriver
*Deregistered* - AVGIDSFilter
*Deregistered* - AVGIDSHA
*Deregistered* - Avgrkx64
*Deregistered* - Avgtdia
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-10 11:10 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-01-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-03 17:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-12-12 7560296]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 2277992]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.searchcompletion.com?si=10195&home=true
mDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\01jqvitu.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-Friendly-Strike2 - c:\friendly-strike2\Uninstal.exe
AddRemove-PunkBusterSvc - c:\program files (x86)\Origin Games\Battlefield 4\pbsvc.exe
AddRemove-SolveigMM AVI Trimmer_is1 - c:\program files (x86)\Solveig Multimedia\SolveigMM AVI Trimmer\unins000.exe
AddRemove-Torntv V9.0 - c:\program files (x86)\Torntv V9.0\Uninstall.exe
AddRemove-Hoolapp For Android - c:\users\Petr\AppData\Roaming\HoolappForAndroid\UpdateProc\UpdateTask.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\ASUS\AI Suite II\AsRoutineController.exe
c:\program files (x86)\ASUS\AI Suite II\AI Suite II.exe
c:\program files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
.
**************************************************************************
.
Celkový čas: 2015-01-25 17:54:44 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-01-25 16:54
ComboFix2.txt 2015-01-24 13:53
ComboFix3.txt 2013-10-17 16:29
.
Před spuštěním: Volných bajtů: 196 466 548 736
Po spuštění: Volných bajtů: 189 985 333 248
.
- - End Of File - - 579AC81822D680CAE44E458EB55EFC0B
A36C5E4F47E84449FF07ED3517B43A31

Bohužel PC stálé beze změny

yup, vim o tom... ten miner je jinde a smazeme ho az ted

Dejte novy log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
pri druhem a dalsim spusteni je pro vytvoreni Addition.txt nutne tuto volbu explicitne zaskrtnout

Tady je ten první log :

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by Petr (administrator) on PETR-PC on 25-01-2015 18:11:04
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available profiles: Petr & mamka & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.16\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
() C:\Program Files (x86)\Epos\epos-2.4.85\src\epos.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
() C:\Windows\temp\lsass.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
() C:\Windows\temp\svchost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7560296 2011-12-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-12-08] (Raptr, Inc)
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-1555331033-2767668753-408418418-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1555331033-2767668753-408418418-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1555331033-2767668753-408418418-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1555331033-2767668753-408418418-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-1555331033-2767668753-408418418-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchcompletion.com?si=10195&home=true
URLSearchHook: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll No File
URLSearchHook: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 -> {6C568E25-C27E-4e95-8DE9-44DEE0B134B7} URL = http://uk.search.yahoo.com/search?p={se ... &type=EGMB
SearchScopes: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 -> {9E3FA814-5018-40A9-AF94-8234DAEA302D} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 -> {E2AFC1AD-5B87-4d6b-9A8B-8AFE39D5A7F3} URL = http://www.google.com/custom?client=pub ... earchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\01jqvitu.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_287.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_287.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.118.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1555331033-2767668753-408418418-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Petr\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1555331033-2767668753-408418418-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKU\S-1-5-21-1555331033-2767668753-408418418-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: Complete YouTube Saver - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\01jqvitu.default\Extensions\{AF445D67-154C-4c69-A17B-7F392BCC36A3} [2015-01-06]
FF Extension: Red1 - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\01jqvitu.default\Extensions\{CCE2B3E0-5E83-4eff-B221-214DE205AD7F}.xpi [2014-07-22]
FF Extension: Greasemonkey - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\01jqvitu.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-04-18]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=13415
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-17]
CHR Extension: (Vyhledávání Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-17]
CHR Extension: (Search by Image (by Google)) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2015-01-25]
CHR Extension: (AdBlock) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-10]
CHR Extension: (Verunka a já ♥) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnefdencakkdcmgakegmfdlgeidnoncl [2014-02-13]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2015-01-10]
CHR Extension: (Peněženka Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-10]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-17]
StartMenuInternet: Opera - C:\Program Files (x86)\Opera\Opera.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [918448 2011-10-29] () [File not signed]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.16\aaHMSvc.exe [947328 2011-08-09] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe [56648 2014-12-15] (Google Inc.)
R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [210024 2011-05-31] (DTS)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-31] ()
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 ttscp; C:\Program Files (x86)\Epos\epos-2.4.85\src\epos.exe [384000 2010-02-09] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 ATITool; C:\Windows\System32\DRIVERS\ATITool64.sys [30720 2006-11-10] () [File not signed]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2012-06-29] (DT Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-02-09] (Duplex Secure Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
U3 a0pifh19; C:\Windows\System32\Drivers\a0pifh19.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero size file/folder)
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 VMnetBridge; system32\DRIVERS\vmnetbridge.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 18:11 - 2015-01-25 18:11 - 00018373 _____ () C:\Users\Petr\Desktop\FRST.txt
2015-01-25 17:54 - 2015-01-25 17:54 - 00022539 _____ () C:\ComboFix.txt
2015-01-25 14:58 - 2015-01-25 14:58 - 00000000 ____D () C:\rsit
2015-01-25 14:58 - 2015-01-25 14:58 - 00000000 ____D () C:\Program Files\trend micro
2015-01-25 14:57 - 2015-01-25 14:57 - 01222144 _____ () C:\Users\Petr\Downloads\RSITx64.exe
2015-01-25 14:48 - 2015-01-25 16:07 - 00000000 ____D () C:\AdwCleaner
2015-01-25 14:48 - 2015-01-25 14:48 - 02194432 _____ () C:\Users\Petr\Downloads\adwcleaner_4.109.exe
2015-01-25 14:27 - 2015-01-25 18:11 - 00000000 ____D () C:\FRST
2015-01-25 14:26 - 2015-01-25 14:26 - 02129920 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2015-01-25 14:26 - 2015-01-25 14:25 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
2015-01-25 14:25 - 2015-01-25 14:25 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Downloads\FRSTLauncher.exe
2015-01-24 14:29 - 2015-01-25 16:13 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-24 14:28 - 2015-01-24 14:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-24 14:28 - 2015-01-24 14:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-24 14:28 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-24 14:28 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-24 14:22 - 2015-01-24 14:23 - 05609462 ____R (Swearware) C:\Users\Petr\Desktop\ComboFix.exe
2015-01-22 19:09 - 2015-01-22 19:10 - 00000000 ____D () C:\UCTO2015
2015-01-22 19:09 - 2015-01-22 19:09 - 00001646 _____ () C:\Users\Petr\Desktop\ÚČTO 2015 DOSBOX.LNK
2015-01-22 19:08 - 2015-01-22 19:09 - 29111848 _____ (Tichý & spol., Nový Bor ) C:\Users\Petr\Downloads\u15_64.exe
2015-01-21 20:02 - 2015-01-21 22:22 - 1253763072 _____ () C:\Users\Petr\Downloads\Eliza-Graves---E.A.-Poe-Podivný-experiment-2014-cz-tit.avi
2015-01-14 11:35 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 11:35 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 11:35 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 11:35 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 11:35 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 11:35 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 11:35 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 11:35 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 11:35 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 11:35 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 11:35 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 11:35 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 11:35 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-12 11:49 - 2015-01-12 11:49 - 234093137 _____ () C:\Users\Petr\Downloads\PREDESTINATION-2014-CZ-dabing-@xaver.avi.crdownload
2015-01-10 14:21 - 2015-01-10 14:21 - 11299041 _____ () C:\Users\Petr\Downloads\Converter.zip
2015-01-10 13:48 - 2015-01-10 13:48 - 00025705 _____ () C:\Users\Petr\Downloads\1.-Daniel-Defoe-Robinson-Crusoe.odt
2015-01-10 12:10 - 2015-01-10 12:10 - 00002224 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-10 12:10 - 2015-01-10 12:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-10 12:09 - 2015-01-10 12:09 - 00880784 _____ (Google Inc.) C:\Users\Petr\Downloads\ChromeSetup.exe
2015-01-09 16:19 - 2015-01-09 16:19 - 00000000 ____D () C:\Users\Petr\Desktop\Nová složka (15)
2015-01-09 15:56 - 2015-01-09 15:57 - 02961842 _____ () C:\Users\Petr\Downloads\video-1420717601.mp4.mp4
2015-01-09 15:46 - 2015-01-09 16:12 - 160178579 _____ () C:\Users\Petr\Downloads\110114.wowg.michelle.4000.rar
2015-01-09 11:30 - 2015-01-23 12:45 - 00061653 _____ () C:\Windows\temp023423.vbe
2015-01-08 12:25 - 2015-01-08 12:25 - 01249280 _____ () C:\Users\Petr\Downloads\Download Breaking Bad Season 1 Complete 720p.BRrip.Sujaidr Torrent - KickassTorrents (1).exe
2015-01-08 12:25 - 2015-01-08 12:25 - 00002113 _____ () C:\Users\Petr\Desktop\Download Breaking Bad Season 1 Complete 720p.BRrip.Sujaidr Torrent - KickassTorrents.lnk
2015-01-08 12:24 - 2015-01-08 12:24 - 01249280 _____ () C:\Users\Petr\Downloads\Download Breaking Bad Season 1 Complete 720p.BRrip.Sujaidr Torrent - KickassTorrents.exe
2015-01-06 20:25 - 2015-01-06 20:25 - 04933473 _____ () C:\Users\Petr\Downloads\Lisa-Edelstein-striptease-on-House.webm
2015-01-06 20:23 - 2015-01-06 20:23 - 00000000 ____D () C:\Users\Petr\Downloads\Complete YouTube Saver
2015-01-06 20:20 - 2015-01-06 20:23 - 00471848 _____ () C:\Users\Petr\Downloads\1414572253048.webm
2015-01-06 20:19 - 2015-01-06 20:19 - 02824051 _____ () C:\Users\Petr\Downloads\Pole Dancing Lisa Edelstein striptease on House.webm
2015-01-06 20:01 - 2015-01-06 21:27 - 796437248 _____ () C:\Users\Petr\Downloads\7500-(2014)-CZ-titulky.mp4
2015-01-05 11:49 - 2015-01-05 11:49 - 48691740 _____ () C:\Users\Petr\Downloads\No Time For Caution - 4r4 FLAC.flac
2015-01-04 22:41 - 2015-01-04 22:41 - 00053835 _____ () C:\Users\Petr\Downloads\Under-the-Bed(0000217574).srt
2015-01-04 20:21 - 2015-01-04 21:17 - 1010046976 _____ () C:\Users\Petr\Downloads\Under-the-Bed-(2012)-Dvdrip-by-Helljahve.avi
2015-01-04 19:36 - 2015-01-04 19:36 - 00004814 _____ () C:\Users\Petr\Downloads\stille_nacht.mid
2015-01-04 19:30 - 2015-01-04 19:47 - 05868291 _____ () C:\Users\Petr\Desktop\SEMINÁRNÍ PRÁCE.pptx
2015-01-04 18:26 - 2015-01-04 18:26 - 00583680 _____ () C:\Users\Petr\Downloads\10740243_10203010330812241_1526327940_n (1).ppt
2015-01-04 18:26 - 2015-01-04 18:26 - 00016485 _____ () C:\Users\Petr\Downloads\10740249_10203009326707139_1159570708_n (1).odt
2015-01-04 18:25 - 2015-01-04 18:25 - 00009026 _____ () C:\Users\Petr\Desktop\Nový Prezentace OpenDocument.odp
2015-01-03 22:40 - 2015-01-03 22:41 - 00583680 _____ () C:\Users\Petr\Downloads\10740243_10203010330812241_1526327940_n.ppt
2015-01-03 21:43 - 2015-01-03 21:43 - 00016485 _____ () C:\Users\Petr\Downloads\10740249_10203009326707139_1159570708_n.odt
2015-01-03 13:48 - 2015-01-03 13:48 - 00625608 _____ () C:\Users\Petr\Desktop\animowany-film-auta.jpeg
2015-01-03 13:41 - 2015-01-03 13:41 - 00000000 __SHD () C:\Users\Petr\AppData\Local\EmieBrowserModeList
2015-01-03 13:25 - 2015-01-03 14:06 - 721560058 _____ () C:\Users\Petr\Downloads\Ahi-va-el-Diablo_[Here-Comes-the-Devil]_horor-2012_CZ-titulky.avi
2015-01-03 13:25 - 2015-01-03 13:25 - 00023210 _____ () C:\Users\Petr\Downloads\[kickass.so]here.comes.the.devil.2012.720p.bluray.x264.iguana.publichd.torrent
2015-01-03 13:15 - 2015-01-03 13:15 - 00026681 _____ () C:\Users\Petr\Downloads\10691578_10203003000788995_1619184890_n.odt
2015-01-02 14:36 - 2015-01-02 14:36 - 00583680 _____ () C:\Users\Petr\Downloads\10740043_10203000270680744_579984803_n.ppt
2015-01-02 14:20 - 2015-01-02 14:20 - 00029299 _____ () C:\Users\Petr\Downloads\10740412_10203000181878524_1845334164_n.odt
2015-01-02 13:30 - 2015-01-02 14:22 - 942823722 _____ () C:\Users\Petr\Downloads\The-Taking-of-Deborah-Logan-2014-[HDRip.XviD.AC3]-titulky-CZ-v-obraze.avi
2015-01-01 22:50 - 2015-01-02 00:01 - 1251668114 _____ () C:\Users\Petr\Downloads\'Sci-fi+UFO+Horror..říká-vám-něco-Area-51..tady-je-to-brutal'-Extraterrestrial-(201.)-TitCz.avi
2015-01-01 19:55 - 2015-01-01 19:55 - 00011623 _____ () C:\Users\Petr\Downloads\LeluLove.13.07.08.Voyeur.Secretary.Getting.Dressed.XXX.1080p.WMV-TBP-[rarbg.com].torrent
2015-01-01 19:12 - 2015-01-01 21:01 - 1558198084 _____ () C:\Users\Petr\Downloads\Alien-Abduction---Mimozemský-únos_SCI-FI_CZ.TITULKY_.mp4
2015-01-01 17:44 - 2015-01-01 17:44 - 00040960 _____ () C:\Windows\SysWOW64\nwsftUninstall.exe
2015-01-01 17:43 - 2015-01-01 17:43 - 00004500 _____ () C:\Users\Petr\Downloads\10DD95DCF16506FF3A50F4ADCF05BB34E896A39D.torrent
2015-01-01 17:40 - 2015-01-01 17:40 - 09289528 _____ (New Softwares.net) C:\Users\Petr\Downloads\folder-lock-en.exe
2014-12-29 19:06 - 2014-12-29 19:06 - 02377003 _____ () C:\Users\Petr\Downloads\1419876169722.webm
2014-12-29 15:14 - 2014-12-29 15:14 - 02402828 _____ () C:\Users\Petr\Downloads\1419862379748.webm
2014-12-29 12:42 - 2014-12-29 12:42 - 02986668 _____ () C:\Users\Petr\Downloads\1419850688656.webm
2014-12-29 11:41 - 2014-12-29 11:41 - 00012819 _____ () C:\Users\Petr\Downloads\DEB173F287C2714143793F99CD993E70B3CA5192.torrent
2014-12-29 11:31 - 2014-12-29 11:31 - 00024784 _____ () C:\Users\Petr\Downloads\074D391EB8244A699EF42BEAC431948D5B28D8ED.torrent
2014-12-29 11:16 - 2014-12-29 11:16 - 00374284 _____ () C:\Users\Petr\Downloads\video.htm
2014-12-28 15:08 - 2014-12-28 15:08 - 00026722 _____ () C:\Users\Petr\Downloads\10657264_10202956174978379_198100783_n.odt
2014-12-26 23:05 - 2014-12-26 23:05 - 00091781 _____ () C:\Users\Petr\Downloads\A-Walk-Among-the-Tombstones(0000246733).srt
2014-12-26 22:57 - 2014-12-26 22:57 - 00019087 _____ () C:\Users\Petr\Downloads\[kickass.so]a.walk.among.the.tombstones.2014.1080p.hdrip.x264.aac2.0.rarbg.torrent
2014-12-26 22:54 - 2014-12-26 22:54 - 00066260 _____ () C:\Users\Petr\Downloads\[kickass.so]a.walk.among.the.tombstones.2014.720p.webrip.xvid.ac3.legi0n.torrent
2014-12-26 20:24 - 2014-12-26 20:24 - 00072563 _____ () C:\Users\Petr\Downloads\The-Possession-of-Michael-King(0000244259).srt
2014-12-26 20:12 - 2014-12-26 20:12 - 00007804 _____ () C:\Users\Petr\Downloads\[kickass.so]the.possession.of.michael.king.2014.720p.brrip.x264.yify.torrent
2014-12-26 20:11 - 2014-12-26 20:11 - 00113151 _____ () C:\Users\Petr\Downloads\[kickass.so]the.possession.of.michael.king.2014.1080p.bluray.x264.an0nym0us.torrent
2014-12-26 10:39 - 2014-12-26 10:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-12-26 10:39 - 2014-12-26 10:39 - 00000000 ____D () C:\ProgramData\ATI
2014-12-26 10:38 - 2015-01-25 16:09 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Raptr
2014-12-26 10:38 - 2014-12-26 10:39 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-12-26 10:38 - 2014-12-26 10:38 - 00053392 _____ () C:\Windows\SysWOW64\CCCInstall_201412261038138241.log
2014-12-26 10:38 - 2014-12-26 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-12-26 10:38 - 2014-12-26 10:38 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-12-26 10:37 - 2014-12-26 10:37 - 00000000 ____D () C:\Program Files (x86)\AMD

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 17:59 - 2009-07-14 05:45 - 00028944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-25 17:59 - 2009-07-14 05:45 - 00028944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-25 17:55 - 2012-06-26 19:47 - 01231192 _____ () C:\Windows\WindowsUpdate.log
2015-01-25 17:54 - 2013-10-17 17:20 - 00000000 ____D () C:\Qoobox
2015-01-25 17:50 - 2014-06-16 17:54 - 03915361 _____ () C:\Windows\setupact.log
2015-01-25 17:50 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-25 17:50 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-01-25 17:49 - 2014-06-18 09:38 - 00226644 _____ () C:\Windows\PFRO.log
2015-01-25 17:38 - 2013-12-12 16:42 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Seznam.cz
2015-01-25 17:38 - 2013-12-12 16:42 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2015-01-25 17:32 - 2012-01-04 15:45 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\vlc
2015-01-25 17:16 - 2012-09-03 13:26 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-25 16:36 - 2014-06-13 13:43 - 00000000 ____D () C:\uninstall
2015-01-25 16:36 - 2013-10-31 15:53 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-25 16:36 - 2011-11-23 13:50 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-01-25 14:50 - 2013-02-09 13:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LicenseCrawler
2015-01-25 14:50 - 2012-03-09 16:17 - 00000000 ____D () C:\ProgramData\ICQ
2015-01-25 14:24 - 2011-04-12 09:34 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2015-01-25 14:24 - 2011-04-12 09:34 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2015-01-25 14:24 - 2009-07-14 06:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-25 14:22 - 2014-11-26 15:21 - 00075106 _____ () C:\Users\Petr\Desktop\Nový Textový dokument OpenDocument (13).odt
2015-01-25 14:22 - 2012-06-26 20:07 - 04376576 ___SH () C:\Users\Petr\Desktop\Thumbs.db
2015-01-25 12:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-01-24 23:28 - 2012-07-10 09:23 - 01559268 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-24 20:05 - 2011-12-07 17:49 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\BitComet
2015-01-24 14:53 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-01-24 14:47 - 2013-10-17 17:20 - 00000000 ____D () C:\Windows\erdnt
2015-01-24 14:47 - 2009-07-14 03:34 - 85983232 _____ () C:\Windows\system32\config\software.bak
2015-01-24 14:47 - 2009-07-14 03:34 - 22020096 _____ () C:\Windows\system32\config\system.bak
2015-01-24 14:47 - 2009-07-14 03:34 - 00524288 _____ () C:\Windows\system32\config\default.bak
2015-01-24 14:47 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\security.bak
2015-01-24 14:47 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2015-01-24 14:36 - 2013-03-23 16:46 - 00000000 ____D () C:\Program Files (x86)\Resident Evil 6
2015-01-24 14:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Globalization
2015-01-24 14:28 - 2012-04-29 12:24 - 00001071 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-24 14:28 - 2012-04-29 12:24 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Malwarebytes
2015-01-24 14:28 - 2012-04-29 12:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-23 18:16 - 2012-09-03 13:26 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-23 18:16 - 2012-09-03 13:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-23 18:16 - 2012-09-03 13:26 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-23 12:45 - 2014-09-07 16:00 - 00003090 _____ () C:\Windows\System32\Tasks\Origin
2015-01-18 10:58 - 2013-04-10 14:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-15 12:42 - 2011-11-23 14:18 - 00000000 ____D () C:\ProgramData\Origin
2015-01-15 01:43 - 2013-08-15 12:08 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 01:39 - 2012-06-28 08:51 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-10 12:10 - 2012-02-17 13:57 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-10 12:09 - 2011-11-23 14:19 - 00000000 ____D () C:\Users\Petr\AppData\Local\Google
2015-01-07 01:01 - 2014-11-08 17:22 - 00000264 _____ () C:\Users\Petr\Desktop\Nový textový dokument (10).txt
2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-05 11:57 - 2014-07-21 13:03 - 00000000 ____D () C:\Users\Petr\Desktop\hra
2015-01-04 19:41 - 2013-10-05 16:11 - 00000000 ____D () C:\Users\Petr\AppData\Local\Microsoft Help
2015-01-01 18:05 - 2014-10-27 19:23 - 00000000 ____D () C:\Users\Petr\Desktop\himym
2014-12-30 20:34 - 2014-11-01 16:48 - 00000000 ____D () C:\Users\Petr\Desktop\Nová složka (27)
2014-12-30 20:14 - 2014-06-09 16:53 - 00000000 ____D () C:\Users\Petr\Downloads\Nová složka
2014-12-30 19:24 - 2014-06-13 17:00 - 00000000 ____D () C:\Users\Petr\Desktop\Nová složka (6)
2014-12-30 18:55 - 2014-06-13 17:21 - 00000000 ____D () C:\Users\Petr\Desktop\Nová složka (7)
2014-12-30 17:43 - 2014-09-13 11:58 - 00000000 ____D () C:\Users\Petr\Desktop\Oxford Practice Grammar
2014-12-30 15:18 - 2014-08-08 16:51 - 00000000 ____D () C:\Users\Petr\Downloads\Nová složka (10)
2014-12-30 15:00 - 2014-09-09 09:50 - 00000000 ____D () C:\filmy
2014-12-26 10:38 - 2012-03-14 10:43 - 00000000 ____D () C:\ProgramData\AMD
2014-12-26 10:35 - 2014-02-20 14:47 - 00000000 ____D () C:\Program Files\AMD
2014-12-26 10:34 - 2012-02-01 15:30 - 00000000 ____D () C:\AMD

==================== Files in the root of some directories =======

2014-12-20 11:24 - 2013-03-19 20:14 - 0000084 _____ () C:\Program Files (x86)\update-Skyrim.bat
2014-12-20 11:24 - 2012-06-30 11:13 - 0003153 _____ () C:\Program Files (x86)\visit-nosteam.ro.html
2013-09-19 20:52 - 2013-09-19 20:52 - 0000046 _____ () C:\Users\Petr\AppData\Roaming\Camdata.ini
2013-09-19 20:52 - 2013-09-19 20:52 - 0000408 _____ () C:\Users\Petr\AppData\Roaming\CamLayout.ini
2013-09-19 20:52 - 2013-09-19 20:52 - 0000408 _____ () C:\Users\Petr\AppData\Roaming\CamShapes.ini
2013-09-19 20:52 - 2013-09-19 20:52 - 0004510 _____ () C:\Users\Petr\AppData\Roaming\CamStudio.cfg
2014-11-16 21:39 - 2014-11-16 21:39 - 0000095 _____ () C:\Users\Petr\AppData\Roaming\settings.xml
2012-04-30 08:29 - 2012-04-30 09:05 - 0000046 _____ () C:\Users\Petr\AppData\Roaming\TheHunterSettings_live.cfg
2014-02-13 12:05 - 2014-03-02 12:05 - 0000077 _____ () C:\Users\Petr\AppData\Roaming\WB.CFG
2012-06-29 10:38 - 2014-12-25 15:28 - 0033280 _____ () C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-03-12 16:50 - 2013-03-12 16:50 - 0026900 _____ () C:\Users\Petr\AppData\Local\dt.dat
2014-12-14 18:35 - 2014-12-14 18:35 - 0010359 _____ () C:\Users\Petr\AppData\Local\recently-used.xbel

Files to move or delete:
====================
C:\Users\Petr\AppData\Roaming\Origin\update.vbe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-24 01:02

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (vse mozne) (Fixed) (Total:931.51 GB) (Free:177.04 GB) NTFS
Drive d: (zaloha) (Fixed) (Total:229.83 GB) (Free:200.56 GB) NTFS

Available physical RAM: 5873.34 MB
Total physical RAM: 8159.14 MB
Percentage of memory in use: 28%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: B569B569)
Partition 1: (Active) - (Size=3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=229.8 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 159811F4)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Users\Petr\Downloads\re-_dopis.eml:OECustomProperty

==================== Security Center ==================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Petr\Desktop" je 20672 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hoolapp Android
"C:\Users\Petr\AppData\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HydraVisionDesktopManager
"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ
~"C:\Program Files (x86)\ICQ7.7\ICQ.exe" silent loginmode=4 [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr
C:\PROGRA~2\Raptr\raptrstub.exe --startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyComputer
C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelperSetup.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk
C:\Users\Petr\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk
C:\PROGRA~2\Xfire\Xfire.exe

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

==================== End Of Log ==============================

a přídavek :

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
Ran by Petr at 2015-01-25 18:11:32
Running from C:\Users\Petr\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark 11 (HKLM-x32\...\{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}) (Version: 1.0.2 - Futuremark Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.02.15 - ASUSTeK Computer Inc.)
Alan Wake (HKLM-x32\...\Alan Wake_is1) (Version: - )
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Amnesia - The Dark Descent (HKLM-x32\...\{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1) (Version: 1.0.0 - Frictional Games)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Apple Mobile Device Support (HKLM\...\{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}) (Version: 5.1.1.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.4.5.0 - Asmedia Technology)
ATITool Overclocking Utility (HKLM-x32\...\ATITool) (Version: 0.26 - )
AVI WMV MPEG Converter (HKLM-x32\...\AVI WMV MPEG Converter) (Version: - )
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.6.8941 - )
Batman: Arkham Asylum (HKLM-x32\...\{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}) (Version: 1.0.0.0 - Eidos Interactive Limited)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
BioShock (HKLM-x32\...\Steam App 7670) (Version: - 2K Boston)
BioShock Infinite (HKLM-x32\...\BioShock Infinite_is1) (Version: - )
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
BioShock Infinite Burial at Sea - Episode 1 (HKLM-x32\...\QmlvU2hvY2tJbmZpbml0ZQ==_is1) (Version: 1 - )
Bioshock Infinite Burial at Sea Episode 2 (HKLM-x32\...\Qmlvc2hvY2tJbmZpbml0ZQ==_is1) (Version: 1 - )
BitComet 1.35 (HKLM-x32\...\BitComet) (Version: 1.35 - CometNetwork)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
BurnInTest v7.1 Standard (HKLM\...\BurnInTest_is1) (Version: 7.1 - Passmark Software)
CamStudio version 2.7 (HKLM-x32\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 3.14 - Piriform)
Construct 2 r168 (HKLM\...\Construct 2_is1) (Version: 1.0.168.0 - Scirra)
Convert AVI to MP4 (HKLM-x32\...\{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1) (Version: - convertavitomp4.com)
CPUID CPU-Z 1.59 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CPUID HWMonitor Pro 1.20 (HKLM\...\CPUID HWMonitorPro_is1) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
Darksiders II (HKLM-x32\...\Darksiders II_is1) (Version: - )
Defraggler (HKLM\...\Defraggler) (Version: 2.03 - Piriform)
Dishonored (HKLM-x32\...\Dishonored_is1) (Version: - )
Divinity - Original Sin (HKLM-x32\...\1207664853_is1) (Version: 2.3.0.6 - GOG.com)
Dungeon Siege 2 (HKLM-x32\...\DungeonSiege2) (Version: - Microsoft)
Dungeon Siege 2 Broken World (HKLM-x32\...\{A563C4F4-BE36-4956-BA0B-E02BDD9F70D5}) (Version: 1.00.0000 - Gas Powered Games)
Easy MIDI Cutter version 1.2.0.0 (HKLM-x32\...\{E875592D-5052-48B9-A014-1E6D6FFC8FF6}}_is1) (Version: 1.2.0.0 - SooftMoon Inc.)
English Grammar in Use Extra application (HKLM-x32\...\EnglishGrammarinUseExtra) (Version: 1.0.0 - Cambridge University Press Holdings Limited)
English Grammar in Use Extra application (x32 Version: 1.0.0 - Cambridge University Press Holdings Limited) Hidden
English Grammar in Use Extra content (HKLM-x32\...\English Grammar in Use Extra content) (Version: 1.0.0.0 - Cambridge University Press)
Epos 2.4-85 (HKLM-x32\...\EposAPI 0.1.1_is1) (Version: - IPE AS CR)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.04 - Ubisoft)
Far Cry 4 (HKLM-x32\...\Far Cry 4_is1) (Version: - )
Flvto Youtube Downloader (HKLM-x32\...\Flvto Youtube Downloader) (Version: 0.3.1 - Hotger)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Free MKV To WMV Converter (HKLM-x32\...\{7B256416-E4FB-4FBD-B84C-7C8482611A41}) (Version: 1.0.0 - Convert Audio Free)
Free MKV To WMV Converter (HKLM-x32\...\{7E187F40-CA42-455D-84E1-010B666CEB6E}) (Version: 1.0.0 - Convert Audio Free)
Free Mp3 Wma Converter V 2.2 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Soft)
Friendly-Strike2 (HKLM-x32\...\Friendly-Strike2) (Version: - )
Fritz 13 (HKLM-x32\...\{85EB0F56-3DB3-42CC-9384-A665C5FC5D08}) (Version: 13.0.0.0 - ChessBase)
Fritz11 (HKLM-x32\...\{1A637513-CC46-4C3B-8114-1E4F1D71CF42}) (Version: 11 - ChessBase)
Fritz11 (x32 Version: 11 - ChessBase) Hidden
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.0.0.0 - Futuremark Corporation)
Game Maker 8.0 (HKLM-x32\...\Game Maker 8.0) (Version: - )
GameMaker 8.1 (HKLM-x32\...\GameMaker81) (Version: - )
GameMaker-Studio (HKLM-x32\...\{6628277A-F051-4647-96D7-E829FD86C7B9}) (Version: 1.2.1130 - YoYo Games Ltd.)
Geeks3D FurMark 1.13.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
GIMP 2.8.8 (HKLM\...\GIMP-2_is1) (Version: 2.8.8 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GrafX2 (GNU GPL) (HKLM-x32\...\Grafx2-SDL) (Version: 2.4.wip2035 - )
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
GraphicsGale FreeEdition version 2.03.24 (HKLM-x32\...\GraphicsGale FreeEdition_is1) (Version: - HUMANBALANCE Ltd.)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Houdini 2.0 Pro (HKLM\...\{C76E78E4-118F-48B7-815A-7B46B34A2E6A}_is1) (Version: 2.0 - Houdini Chess)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
Chrome Remote Desktop Host (HKLM-x32\...\{6FC79C95-F54F-4515-8012-01F33D894492}) (Version: 40.0.2214.44 - Google Inc.)
ICQ7.7 (HKLM-x32\...\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}) (Version: 7.7 - ICQ)
Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{CF8FFD12-602B-422D-AF1D-511B411E7632}) (Version: 10.6.1.7 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.600 - Oracle)
Java SE Development Kit 7 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle)
Kingo Android ROOT version 1.1.4.1785 (HKLM-x32\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.1.4.1785 - Kingosoft Technology Ltd.)
LanguageLab (HKLM-x32\...\{E6F4BB0D-0239-454C-AA75-03EE8A1D8770}) (Version: 3.9.2.1 - Vitware)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LicenseCrawler verze 1.25 build-298 (HKLM-x32\...\{12151216-3E3F-4118-AE95-49C39F1D7EA2}_is1) (Version: 1.25 build-298 - Martin Klinzmann)
Mafia II (HKLM-x32\...\Mafia II_is1) (Version: - )
Malwarebytes Anti-Malware verze 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1051 - Marvell)
MediaCoder 0.8.18 (HKLM-x32\...\MediaCoder) (Version: 0.8.18 - Broad Intelligence)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft1.7.9 (HKLM-x32\...\Minecraft1.7.9) (Version: - )
MKV TO AVI CONVERTER version 3.0 (HKLM-x32\...\MKV TO AVI CONVERTER_is1) (Version: - )
MKVToolNix 7.4.0 (32bit) (HKLM-x32\...\MKVToolNix) (Version: 7.4.0 - Moritz Bunkus)
MorphVOX Pro (HKLM-x32\...\{76828C87-C612-4329-843B-4DB58060030A}) (Version: 4.4.9 - Screaming Bee)
Mozilla Firefox 35.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 cs)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.0 (HKLM-x32\...\{43245B34-BAEA-4716-B877-38E7E7026698}) (Version: 4.10.9764 - Apache Software Foundation)
Opera 11.64 (HKLM-x32\...\Opera 11.64.1403) (Version: 11.64.1403 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4554 - Electronic Arts, Inc.)
Outlast (HKLM-x32\...\T3V0bGFzdA==_is1) (Version: 1 - )
Outlast: Whistleblower (HKLM-x32\...\T3V0bGFzdFdoaXN0bGVibG93ZXI=_is1) (Version: 1 - )
paint.net 4.0 Pre-Release (HKLM\...\{3F5F509B-E226-417C-8CD1-CAAE756C328A}) (Version: 4.0.0 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
Path of Exile (HKLM-x32\...\{90C5C0B5-923C-4BE0-9A0C-98266CA6E170}) (Version: 0.9.11.18157 - Grinding Gear Games)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PhotoFiltre 7 (HKU\S-1-5-21-1555331033-2767668753-408418418-1000\...\PhotoFiltre 7) (Version: - )
Piano Chords 1.4.2 (HKLM-x32\...\Piano Chords_is1) (Version: 1.4.2 - AB-Tools.com)
PlagueInc 1.0 (HKLM-x32\...\PlagueInc 1.0) (Version: 1.0 - Cat-A-Cat)
Portal 2 (HKLM-x32\...\Postal 2_is1) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.42 - Piriform)
Resident Evil 6 version 1 (HKLM-x32\...\UmVzaWRlbnQgRXZpbCA2_is1) (Version: 1 - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Room Arranger (HKLM-x32\...\Room Arranger) (Version: 7.2.4 - Jan Adamec)
R-Studio 7.0 (HKLM-x32\...\R-Studio 7.0NSIS) (Version: 7.0.154111 - R-Tools Technology Inc.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
Sapphire TRIXX (HKLM-x32\...\Sapphire TRIXX) (Version: - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Smart Tests (HKLM-x32\...\Smart Tests) (Version: 1.0.160.0 - Vitware)
SmartPhone Recovery Pro (HKLM\...\{41E1F3E2-6928-48C5-B71F-225DE3F1112B}) (Version: 2.3 - Enigma Recovery)
Sniper Elite 3 (HKLM-x32\...\Sniper Elite 3_is1) (Version: - Rebellion)
Sniper Elite V2 (HKLM-x32\...\Sniper Elite V2_is1) (Version: - )
SolveigMM AVI Trimmer version 2.1.1407.1 (HKLM-x32\...\SolveigMM AVI Trimmer_is1) (Version: 2.1.1407.1 - Solveig Multimedia)
Sony刷机驱动安装程序 version 1.2 (HKLM-x32\...\{DCF4A01A-4ED7-4E60-8D4B-4B3F59CF3DE0}_is1) (Version: 1.2 - 北京众晶锐驰科技有限公司)
Sp5 (x32 Version: 5.1.4324.0 - Microsoft) Hidden
Sp5Intl (x32 Version: 5.1.4324.0 - Microsoft) Hidden
Sp5TTInt (x32 Version: 5.1.4324.0 - Microsoft) Hidden
SpCommon (x32 Version: 5.1.4324.0 - Microsoft) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
SpPhones (x32 Version: 6.0.3122.0 - Microsoft) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stencyl (HKLM-x32\...\Stencyl) (Version: 1.1.1 - Stencyl, LLC)
Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{906B34E5-573C-445A-A5D3-40B6BF0A2EC4}) (Version: 6.0.21.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Terraria version 1.2.4.1 (HKLM-x32\...\{1520E069-19A9-4B01-BA5D-87B67D56F55D}_is1) (Version: 1.2.4.1 - )
The Settlers II - 10th Anniversary (HKLM-x32\...\S2TNG) (Version: - )
Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
Titan Quest Immortal Throne (HKLM-x32\...\{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}) (Version: 1.00.0000 - Iron Lore)
Tombraider (HKLM-x32\...\Tombraider_is1) (Version: - )
Torchlight (HKLM-x32\...\Runic Games Torchlight) (Version: 0.0.66.192 - )
Torchlight (HKLM-x32\...\Steam App 41500) (Version: - Runic Games, Inc.)
Torchlight 2 Rapid Respec (HKLM-x32\...\Torchlight 2 Rapid Respec) (Version: 2.04 - Chthon)
Torchlight Editor (HKLM-x32\...\Steam App 41520) (Version: - Runic Games, Inc.)
Torchlight II GUTS (HKLM-x32\...\Steam App 223070) (Version: - )
Torntv V9.0 (HKLM-x32\...\Torntv V9.0) (Version: 1.34.6.10 - installdaddy) <==== ATTENTION
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-1555331033-2767668753-408418418-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinX Free AVI to WMV Converter 4.0.6 (HKLM-x32\...\WinX Free AVI to WMV Converter_is1) (Version: - Digiarty Software,Inc.)
WinX Free WMV to MP4 Converter 2.0.1 (HKLM-x32\...\WinX Free WMV to MP4 Converter_is1) (Version: - Digiarty Software,Inc.)
Wireshark 1.7.0 (HKLM-x32\...\Wireshark) (Version: 1.7.0 - The Wireshark developer community, http://www.wireshark.org)
Wondershare Dr.Fone for Android(Build 3.0.0.30) (HKLM-x32\...\{1DB91A95-C548-4BA5-9D4C-18C7DEAAC39F}_is1) (Version: 3.0.0.30 - Wondershare Software Co.,Ltd.)
Xfire (remove only) (HKLM-x32\...\Xfire) (Version: - )
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1555331033-2767668753-408418418-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1555331033-2767668753-408418418-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1555331033-2767668753-408418418-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1555331033-2767668753-408418418-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

15-01-2015 01:38:54 Windows Update
20-01-2015 14:18:15 Windows Update
24-01-2015 14:38:08 ComboFix created restore point
24-01-2015 23:25:50 Windows Update
25-01-2015 16:34:46 Removed Apple Application Support
25-01-2015 16:36:24 Intel Extreme Tuning Utility

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-01-25 17:50 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {49BCDCD3-AA01-4682-81B4-C152383E8F9C} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {6B1AF2F2-3C53-4CD5-B303-83CF6845CC54} - System32\Tasks\Origin => C:\ProgramData\Origin\update.vbe [2015-01-23] () <==== ATTENTION
Task: {708D72F9-FA97-440A-B9B1-B398DE34DD8C} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-26] (ASUSTeK Computer Inc.)
Task: {73D0BF27-2B9F-4B27-A888-51888E6DFCEC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-23] (Adobe Systems Incorporated)
Task: {7B933511-789F-41A2-B6CB-624FAF5842CF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {7E5DE627-5C43-41E3-B1A6-E30233BA0F4B} - \SidebarExecute No Task File <==== ATTENTION
Task: {9C69DA4A-D760-43FF-BCF3-0C7D78C30CF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {A03D48D2-D556-43DF-869C-9C1E4BFCE369} - System32\Tasks\{425C50A1-4BA0-4269-83E3-513891D60EDA} => pcalua.exe -a "C:\program files (x86)\cracked steam\steamapps\common\Bioshock\Builds\Release\Bioshock_CZ.exe" -d "C:\program files (x86)\cracked steam\steamapps\common\Bioshock\Builds\Release"
Task: {AFFBDDBA-B66A-4160-BF61-FE8C72B3342A} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-16] ()
Task: {CF468113-4C9A-42E3-AF4D-D52C61C4D3E7} - System32\Tasks\{A41684E9-BF30-4C8B-8790-CF9CD5ECA110} => pcalua.exe -a C:\PROGRA~2\AVIWMV~1\UNWISE.EXE -c C:\PROGRA~2\AVIWMV~1\INSTALL.LOG
Task: {DEBE541C-517B-4362-9FE5-E08F7E3896AD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-11-05 12:25 - 2011-10-29 09:59 - 00918448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
2014-11-05 12:25 - 2010-10-21 17:52 - 00586880 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2011-11-23 14:49 - 2013-10-31 15:54 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-08-08 12:54 - 2010-02-09 13:36 - 00384000 _____ () C:\Program Files (x86)\Epos\epos-2.4.85\src\epos.exe
2015-01-25 17:51 - 2015-01-25 17:51 - 01659904 _____ () C:\Windows\temp\lsass.exe
2015-01-25 17:51 - 2015-01-25 17:51 - 01605120 _____ () C:\Windows\temp\svchost.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-11-05 12:25 - 2015-01-25 17:50 - 00024576 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.18\PEbiosinterface32.dll
2014-11-05 12:25 - 2010-06-29 10:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.18\ATKEX.dll
2014-11-05 12:26 - 2011-07-12 19:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2014-11-05 12:26 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2014-11-05 12:26 - 2011-09-20 18:11 - 00985600 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2014-11-05 12:26 - 2012-03-01 14:20 - 01296384 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2014-11-05 12:26 - 2011-09-29 15:12 - 00881664 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2014-11-05 12:26 - 2011-09-26 18:37 - 01616384 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2014-11-05 12:26 - 2011-09-19 20:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2014-11-05 12:26 - 2011-07-21 09:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2014-11-05 12:26 - 2011-10-14 20:03 - 00885248 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2014-11-05 12:25 - 2010-08-23 10:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.16\aaHMLib.dll
2014-11-05 12:26 - 2010-10-05 08:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2014-11-05 12:26 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2015-01-10 12:10 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2015-01-10 12:10 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2015-01-10 12:10 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2015-01-10 12:10 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Petr\Downloads\re-_dopis.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => C:\Windows\pss\Facebook Messenger.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk => C:\Windows\pss\Xfire.lnk.Startup
MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: Guard.Mail.ru.gui => "C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
MSCONFIG\startupreg: Hoolapp Android => "C:\Users\Petr\AppData\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: ICQ => ~"C:\Program Files (x86)\ICQ7.7\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: seznam-listicka-distribuce => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
MSCONFIG\startupreg: SpeedUpMyComputer => C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as
MSCONFIG\startupreg: vmware-tray => "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
MSCONFIG\startupreg: Wondershare Helper Compact.exe => "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelperSetup.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-1555331033-2767668753-408418418-500 - Administrator - Disabled)
Guest (S-1-5-21-1555331033-2767668753-408418418-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-1555331033-2767668753-408418418-1009 - Limited - Enabled)
mamka (S-1-5-21-1555331033-2767668753-408418418-1010 - Limited - Enabled) => C:\Users\mamka
Petr (S-1-5-21-1555331033-2767668753-408418418-1000 - Administrator - Enabled) => C:\Users\Petr

==================== Faulty Device Manager Devices =============

Name: VMware Bridge Protocol
Description: VMware Bridge Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VMnetBridge
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/25/2015 05:51:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2015 04:35:40 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: Petr-PC)
Description: Aplikaci nebo službu Apple Mobile Device nelze restartovat.

Error: (01/25/2015 04:09:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2015 02:55:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2015 00:25:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/24/2015 08:06:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 6.1.7601.17567, časové razítko: 0x4d672ee4
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc000041d
Posun chyby: 0x0000000004b8a250
ID chybujícího procesu: 0x1080
Čas spuštění chybující aplikace: 0xexplorer.exe0
Cesta k chybující aplikaci: explorer.exe1
Cesta k chybujícímu modulu: explorer.exe2
ID zprávy: explorer.exe3

Error: (01/24/2015 08:06:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 6.1.7601.17567, časové razítko: 0x4d672ee4
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000004b8a250
ID chybujícího procesu: 0x1080
Čas spuštění chybující aplikace: 0xexplorer.exe0
Cesta k chybující aplikaci: explorer.exe1
Cesta k chybujícímu modulu: explorer.exe2
ID zprávy: explorer.exe3

Error: (01/24/2015 02:50:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/24/2015 01:58:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2015 11:41:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (01/25/2015 05:50:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Apple Mobile Device neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (01/25/2015 05:50:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Apple Mobile Device bylo dosaženo časového limitu (30000 ms).

Error: (01/25/2015 05:50:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba VMware Bridge Protocol neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (01/25/2015 05:49:18 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (01/25/2015 05:49:00 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (01/25/2015 05:49:00 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (01/25/2015 05:47:10 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (01/25/2015 05:41:40 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (01/25/2015 05:41:40 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (01/25/2015 05:41:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Text-to-Speech system Epos byla neočekávaně ukončena. Tento stav nastal již 1krát.

Microsoft Office Sessions:
=========================
Error: (01/25/2015 05:51:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2015 04:35:40 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: Petr-PC)
Description: 0AppleMobileDeviceService.exeApple Mobile Device03026217816040

Error: (01/25/2015 04:09:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2015 02:55:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2015 00:25:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/24/2015 08:06:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4unknown0.0.0.000000000c000041d0000000004b8a250108001d03808a21d2012C:\Windows\explorer.exeunknown0f4210dc-a3fc-11e4-95f5-f46d0453586b

Error: (01/24/2015 08:06:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4unknown0.0.0.000000000c00000050000000004b8a250108001d03808a21d2012C:\Windows\explorer.exeunknown0cfab061-a3fc-11e4-95f5-f46d0453586b

Error: (01/24/2015 02:50:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/24/2015 01:58:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2015 11:41:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

CodeIntegrity Errors:
===================================
Date: 2015-01-25 18:10:19.543
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-25 17:50:17.614
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-25 17:50:06.756
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\ATITool64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-25 17:50:06.694
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\ATITool64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-25 17:49:19.578
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-25 17:49:00.920
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-25 17:49:00.873
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-25 17:49:00.826
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-25 17:49:00.764
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-25 17:41:40.531
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 28%
Total physical RAM: 8159.14 MB
Available physical RAM: 5873.34 MB
Total Pagefile: 16316.46 MB
Available Pagefile: 12250.96 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (vse mozne) (Fixed) (Total:931.51 GB) (Free:177.04 GB) NTFS
Drive d: (zaloha) (Fixed) (Total:229.83 GB) (Free:200.56 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: B569B569)
Partition 1: (Active) - (Size=3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=229.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 159811F4)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Tolik warezu a cracku... autorsky zakon nic, ze?

Nainstalujte nejaky plnohodnotny antivir - Windows Defender na sedmickach plni jen funkci antispywaru. Vypnete trvale Windows Defender - http://windows.microsoft.com/cs-cz/wind ... =windows-7
btw tim nainstalujte nemyslim cracknete...

Odinstalujte stare verza javy Java 7 Update 51, Java 7 Update 60 a Java SE Development Kit 7 Update 51. Pokud javu potrebujete, nainstalujte pak novou z java.com (pozor na adwary - ask toolbar). Z hlediska exploitu je bezpecnejsi javu nemit.

Velikost plochy by nemela presahovat 200 MB. Zpomaluje se pak start i samotny chod celeho PC.

Za tu havet si muzete warezem.... vite, co presne udela napr. tento exe soubor? C:\Users\Petr\Downloads\Download Breaking Bad Season 1 Complete 720p.BRrip.Sujaidr Torrent - KickassTorrents.exe

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
c:\program files (x86)\uuniisoales
c:\programdata\ihmngagjendklnocgmbglilknjjakmmb
c:\users\Petr\AppData\Roaming\ComplitlyEngine
c:\program files (x86)\SmartTweak
c:\program files (x86)\globalUpdate
c:\program files (x86)\SweetIM
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-1555331033-2767668753-408418418-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1555331033-2767668753-408418418-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1555331033-2767668753-408418418-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
URLSearchHook: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll No File
URLSearchHook: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll No File
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 -> {6C568E25-C27E-4e95-8DE9-44DEE0B134B7} URL = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
SearchScopes: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 -> {9E3FA814-5018-40A9-AF94-8234DAEA302D} URL = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
Toolbar: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.118.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 VMnetBridge; system32\DRIVERS\vmnetbridge.sys [X]

2015-01-25 14:58 - 2015-01-25 14:58 - 00000000 ____D () C:\Program Files\trend micro
2015-01-25 14:57 - 2015-01-25 14:57 - 01222144 _____ () C:\Users\Petr\Downloads\RSITx64.exe
2015-01-25 14:48 - 2015-01-25 16:07 - 00000000 ____D () C:\AdwCleaner
2015-01-25 14:48 - 2015-01-25 14:48 - 02194432 _____ () C:\Users\Petr\Downloads\adwcleaner_4.109.exe
2015-01-25 14:26 - 2015-01-25 14:25 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
2015-01-25 14:25 - 2015-01-25 14:25 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Downloads\FRSTLauncher.exe
2015-01-09 11:30 - 2015-01-23 12:45 - 00061653 _____ () C:\Windows\temp023423.vbe
2014-12-20 11:24 - 2013-03-19 20:14 - 0000084 _____ () C:\Program Files (x86)\update-Skyrim.bat
C:\Users\Petr\AppData\Roaming\Origin\update.vbe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyComputer" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk" /f

CustomCLSID: HKU\S-1-5-21-1555331033-2767668753-408418418-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1555331033-2767668753-408418418-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1555331033-2767668753-408418418-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1555331033-2767668753-408418418-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
Task: {6B1AF2F2-3C53-4CD5-B303-83CF6845CC54} - System32\Tasks\Origin => C:\ProgramData\Origin\update.vbe [2015-01-23] () <==== ATTENTION
Task: {7E5DE627-5C43-41E3-B1A6-E30233BA0F4B} - \SidebarExecute No Task File <==== ATTENTION
Task: {A03D48D2-D556-43DF-869C-9C1E4BFCE369} - System32\Tasks\{425C50A1-4BA0-4269-83E3-513891D60EDA} => pcalua.exe -a "C:\program files (x86)\cracked steam\steamapps\common\Bioshock\Builds\Release\Bioshock_CZ.exe" -d "C:\program files (x86)\cracked steam\steamapps\common\Bioshock\Builds\Release"
2015-01-25 17:51 - 2015-01-25 17:51 - 01659904 _____ () C:\Windows\temp\lsass.exe
2015-01-25 17:51 - 2015-01-25 17:51 - 01605120 _____ () C:\Windows\temp\svchost.exe
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir %localappdata%
CMD: dir %appdata%
Hosts:
EmptyTemp:
End

Tak ruku na srdce kdo si občas něco nestáhne? A já to dělám tak, že si vždy něco nejdřív stáhnu a když mě to uchvátí, tak si to pak koupím dodatečně. Nehodlám platit za předražné hry/programy, které mě pak zklamou. A já nikde soubory nesdílím.
Jinak udělal jsem vše. Smazal jsem javu. Jen tu plochu budu muset nějak promazat.
Tady je ten fixlog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-01-2015 01
Ran by Petr at 2015-01-25 18:51:24 Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available profiles: Petr & mamka & Guest)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
c:\program files (x86)\uuniisoales
c:\programdata\ihmngagjendklnocgmbglilknjjakmmb
c:\users\Petr\AppData\Roaming\ComplitlyEngine
c:\program files (x86)\SmartTweak
c:\program files (x86)\globalUpdate
c:\program files (x86)\SweetIM
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-1555331033-2767668753-408418418-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1555331033-2767668753-408418418-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1555331033-2767668753-408418418-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
URLSearchHook: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll No File
URLSearchHook: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll No File
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 -> {6C568E25-C27E-4e95-8DE9-44DEE0B134B7} URL = http://uk.search.yahoo.com/search?p={se ... &type=EGMB
SearchScopes: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 -> {9E3FA814-5018-40A9-AF94-8234DAEA302D} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
Toolbar: HKU\S-1-5-21-1555331033-2767668753-408418418-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.118.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 VMnetBridge; system32\DRIVERS\vmnetbridge.sys [X]

2015-01-25 14:58 - 2015-01-25 14:58 - 00000000 ____D () C:\Program Files\trend micro
2015-01-25 14:57 - 2015-01-25 14:57 - 01222144 _____ () C:\Users\Petr\Downloads\RSITx64.exe
2015-01-25 14:48 - 2015-01-25 16:07 - 00000000 ____D () C:\AdwCleaner
2015-01-25 14:48 - 2015-01-25 14:48 - 02194432 _____ () C:\Users\Petr\Downloads\adwcleaner_4.109.exe
2015-01-25 14:26 - 2015-01-25 14:25 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
2015-01-25 14:25 - 2015-01-25 14:25 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Downloads\FRSTLauncher.exe
2015-01-09 11:30 - 2015-01-23 12:45 - 00061653 _____ () C:\Windows\temp023423.vbe
2014-12-20 11:24 - 2013-03-19 20:14 - 0000084 _____ () C:\Program Files (x86)\update-Skyrim.bat
C:\Users\Petr\AppData\Roaming\Origin\update.vbe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyComputer" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk" /f

CustomCLSID: HKU\S-1-5-21-1555331033-2767668753-408418418-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1555331033-2767668753-408418418-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1555331033-2767668753-408418418-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1555331033-2767668753-408418418-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
Task: {6B1AF2F2-3C53-4CD5-B303-83CF6845CC54} - System32\Tasks\Origin => C:\ProgramData\Origin\update.vbe [2015-01-23] () <==== ATTENTION
Task: {7E5DE627-5C43-41E3-B1A6-E30233BA0F4B} - \SidebarExecute No Task File <==== ATTENTION
Task: {A03D48D2-D556-43DF-869C-9C1E4BFCE369} - System32\Tasks\{425C50A1-4BA0-4269-83E3-513891D60EDA} => pcalua.exe -a "C:\program files (x86)\cracked steam\steamapps\common\Bioshock\Builds\Release\Bioshock_CZ.exe" -d "C:\program files (x86)\cracked steam\steamapps\common\Bioshock\Builds\Release"
2015-01-25 17:51 - 2015-01-25 17:51 - 01659904 _____ () C:\Windows\temp\lsass.exe
2015-01-25 17:51 - 2015-01-25 17:51 - 01605120 _____ () C:\Windows\temp\svchost.exe
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir %localappdata%
CMD: dir %appdata%
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
"c:\program files (x86)\uuniisoales" => File/Directory not found.
"c:\programdata\ihmngagjendklnocgmbglilknjjakmmb" => File/Directory not found.
"c:\users\Petr\AppData\Roaming\ComplitlyEngine" => File/Directory not found.
"c:\program files (x86)\SmartTweak" => File/Directory not found.
"c:\program files (x86)\globalUpdate" => File/Directory not found.
"c:\program files (x86)\SweetIM" => File/Directory not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetTaskbar => value deleted successfully.
HKU\S-1-5-21-1555331033-2767668753-408418418-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\LogonHoursAction => value deleted successfully.
HKU\S-1-5-21-1555331033-2767668753-408418418-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DontDisplayLogonHoursWarnings => value deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1555331033-2767668753-408418418-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\S-1-5-21-1555331033-2767668753-408418418-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} => value deleted successfully.
"HKCR\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}" => Key deleted successfully.
HKU\S-1-5-21-1555331033-2767668753-408418418-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} => Value not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-1555331033-2767668753-408418418-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6C568E25-C27E-4e95-8DE9-44DEE0B134B7}" => Key deleted successfully.
HKCR\CLSID\{6C568E25-C27E-4e95-8DE9-44DEE0B134B7} => Key not found.
"HKU\S-1-5-21-1555331033-2767668753-408418418-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9E3FA814-5018-40A9-AF94-8234DAEA302D}" => Key deleted successfully.
HKCR\CLSID\{9E3FA814-5018-40A9-AF94-8234DAEA302D} => Key not found.
HKU\S-1-5-21-1555331033-2767668753-408418418-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.104.0" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.118.0" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value deleted successfully.
AthBTPort => Service deleted successfully.
BTATH_A2DP => Service deleted successfully.
BTATH_HCRP => Service deleted successfully.
BTATH_LWFLT => Service deleted successfully.
BTATH_RCP => Service deleted successfully.
BtFilter => Service deleted successfully.
catchme => Service deleted successfully.
VMnetBridge => Service deleted successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\Petr\Downloads\RSITx64.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Petr\Downloads\adwcleaner_4.109.exe => Moved successfully.
C:\Users\Petr\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\Petr\Downloads\FRSTLauncher.exe => Moved successfully.
C:\Windows\temp023423.vbe => Moved successfully.
C:\Program Files (x86)\update-Skyrim.bat => Moved successfully.
C:\Users\Petr\AppData\Roaming\Origin\update.vbe => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyComputer" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

"HKU\S-1-5-21-1555331033-2767668753-408418418-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => Key deleted successfully.
"HKU\S-1-5-21-1555331033-2767668753-408418418-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => Key deleted successfully.
"HKU\S-1-5-21-1555331033-2767668753-408418418-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => Key deleted successfully.
"HKU\S-1-5-21-1555331033-2767668753-408418418-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6B1AF2F2-3C53-4CD5-B303-83CF6845CC54}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B1AF2F2-3C53-4CD5-B303-83CF6845CC54}" => Key deleted successfully.
C:\Windows\System32\Tasks\Origin => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Origin" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E5DE627-5C43-41E3-B1A6-E30233BA0F4B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E5DE627-5C43-41E3-B1A6-E30233BA0F4B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SidebarExecute" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A03D48D2-D556-43DF-869C-9C1E4BFCE369}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A03D48D2-D556-43DF-869C-9C1E4BFCE369}" => Key deleted successfully.
C:\Windows\System32\Tasks\{425C50A1-4BA0-4269-83E3-513891D60EDA} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{425C50A1-4BA0-4269-83E3-513891D60EDA}" => Key deleted successfully.
C:\Windows\temp\lsass.exe => Moved successfully.
C:\Windows\temp\svchost.exe => Moved successfully.

========= dir "C:\PROGRA~1" =========

Svazek v jednotce C je vse mozne.
S�riov� ��slo svazku je 3AB3-0D76.

V�pis adres��e C:\PROGRA~1

25.01.2015 18:51 <DIR> .
25.01.2015 18:51 <DIR> ..
08.11.2013 20:06 <DIR> Adobe
26.06.2012 19:17 <DIR> Alan Wake
26.12.2014 10:35 <DIR> AMD
26.06.2012 19:17 <DIR> Atari
16.06.2014 18:25 <DIR> ATI
17.10.2014 11:29 <DIR> ATI Technologies
31.03.2013 11:42 <DIR> BioShock
13.06.2014 14:09 <DIR> BurnInTest
26.06.2012 19:17 <DIR> CCleaner
08.11.2013 20:02 <DIR> Common Files
09.06.2014 15:47 <DIR> Construct 2
26.06.2012 19:17 <DIR> Core Temp
05.11.2014 13:01 <DIR> CPUID
28.06.2012 14:02 <DIR> Defraggler
12.04.2011 09:45 <DIR> DVD Maker
13.06.2014 16:38 <DIR> Futuremark
08.11.2013 17:59 <DIR> GIMP 2
26.06.2012 19:17 <DIR> Houdini 2 Chess
12.12.2014 10:36 <DIR> Internet Explorer
26.06.2012 19:17 <DIR> iPod
26.06.2012 19:17 <DIR> iTunes
25.01.2015 18:45 <DIR> Java
12.04.2011 09:45 <DIR> Microsoft Games
25.10.2014 15:58 <DIR> Microsoft Office
25.07.2014 10:01 <DIR> Microsoft Silverlight
13.06.2014 13:43 <DIR> Microsoft SQL Server Compact Edition
13.06.2014 13:43 <DIR> Microsoft Synchronization Services
14.07.2009 06:32 <DIR> MSBuild
05.06.2014 13:55 <DIR> paint.net
26.06.2012 19:11 <DIR> Realtek
26.06.2012 19:17 <DIR> Recuva
14.07.2009 06:32 <DIR> Reference Assemblies
14.12.2013 12:06 <DIR> SAMSUNG
11.08.2014 21:39 <DIR> TrueCrypt
29.05.2014 23:01 <DIR> Ubisoft
12.07.2013 13:21 <DIR> Windows Defender
11.07.2014 12:29 <DIR> Windows Journal
12.04.2011 09:34 <DIR> Windows Mail
12.12.2013 08:02 <DIR> Windows Media Player
26.06.2012 20:05 <DIR> Windows NT
12.04.2011 09:34 <DIR> Windows Photo Viewer
21.11.2010 04:31 <DIR> Windows Portable Devices
12.04.2011 09:34 <DIR> Windows Sidebar
Soubor�: 0, Bajt�: 0
Adres��: 45, Voln�ch bajt�: 190�157�561�856

========= End of CMD: =========

========= dir "C:\PROGRA~2" =========

Svazek v jednotce C je vse mozne.
S�riov� ��slo svazku je 3AB3-0D76.

V�pis adres��e C:\PROGRA~2

25.01.2015 18:51 <DIR> .
25.01.2015 18:51 <DIR> ..
28.02.2013 17:33 <DIR> 2K Games
26.06.2012 19:17 <DIR> AB-Tools.com
24.09.2014 14:19 <DIR> Adobe
09.02.2013 12:08 <DIR> Alcohol Soft
26.12.2014 10:37 <DIR> AMD
26.12.2014 10:38 <DIR> AMD AVT
31.07.2012 12:19 <DIR> Amnesia - The Dark Descent
10.02.2014 22:52 <DIR> Android
26.06.2012 19:17 <DIR> Apple Software Update
26.06.2012 19:17 <DIR> ASM104xUSB3
05.11.2014 12:25 <DIR> ASUS
26.06.2012 19:17 <DIR> Atari
16.06.2014 18:26 <DIR> ATI Technologies
07.03.2013 18:02 <DIR> ATITool
26.06.2012 19:18 <DIR> AVG
26.06.2012 19:18 <DIR> AVI WMV MPEG Converter
16.09.2014 19:30 <DIR> Avi2Dvd
30.12.2013 00:13 <DIR> Avidemux 2.6
16.09.2014 19:30 <DIR> AviSynth 2.5
12.06.2014 13:49 <DIR> Battlelog Web Plugins
14.10.2012 16:53 <DIR> Bethesda Softworks
07.06.2014 15:20 <DIR> BioShock Infinite
26.06.2012 19:18 <DIR> BitComet
27.07.2012 14:48 <DIR> Black_Box
25.07.2012 12:48 <DIR> Blocks That Matter
24.09.2014 14:20 <DIR> Cambridge
19.09.2013 20:41 <DIR> CamStudio 2.7
12.12.2013 16:43 <DIR> Cheat Engine 6.3
26.06.2012 19:19 <DIR> ChessBase
25.01.2015 18:45 <DIR> Common Files
29.01.2012 14:48 <DIR> Complitly Setup
16.11.2014 21:38 <DIR> Convert Audio Free
26.06.2012 19:19 <DIR> Convert AVI to MP4
02.04.2013 10:40 <DIR> Cracked Steam
28.02.2013 17:19 <DIR> DAEMON Tools Lite
05.11.2014 20:31 <DIR> Digiarty
08.11.2012 15:52 <DIR> EA Games
26.06.2012 19:19 <DIR> EA Sports
12.10.2013 15:10 <DIR> Easy MIDI Cutter
27.07.2012 15:07 <DIR> Eidos
16.10.2013 17:46 <DIR> Enigma Recovery
08.08.2012 12:54 <DIR> Epos
26.06.2012 19:19 <DIR> Free mp3 Wma Converter
12.06.2014 13:50 <DIR> Friendly-Strike3
07.08.2012 10:20 <DIR> Frozenbyte
13.06.2014 16:38 <DIR> Futuremark
16.09.2014 18:35 <DIR> Gabest
28.07.2014 20:14 <DIR> Game Maker 8.1
11.08.2012 17:01 <DIR> Games
26.06.2012 19:19 <DIR> Game_Maker8
13.06.2014 14:30 <DIR> Geeks3D
10.01.2015 12:10 <DIR> Google
13.06.2014 17:57 <DIR> GPU-Z
05.06.2014 14:22 <DIR> GraphicsGale FreeEdition
31.10.2013 11:05 <DIR> GRID 2
27.07.2012 15:38 <DIR> Grinding Gear Games
26.06.2012 19:19 <DIR> Haali
26.06.2012 19:19 <DIR> ICQ7.7
18.07.2014 19:05 <DIR> Inkscape
25.01.2015 16:36 <DIR> Intel
12.12.2014 10:36 <DIR> Internet Explorer
05.06.2014 17:14 <DIR> IrfanView
26.06.2012 19:19 <DIR> iTunes
30.12.2013 14:38 <DIR> IVONA
12.06.2014 18:41 <DIR> Java
12.12.2013 19:25 <DIR> Kingo Android ROOT
15.08.2013 13:46 <DIR> Lavalys
27.06.2012 12:14 <DIR> LEGO Company
09.02.2013 13:06 <DIR> LicenseCrawler
17.10.2013 17:13 <DIR> LIMBO
24.01.2015 14:28 <DIR> Malwarebytes Anti-Malware
26.06.2012 19:19 <DIR> Marvell
06.05.2013 18:29 <DIR> MediaCoder
25.10.2014 15:57 <DIR> Microsoft Analysis Services
21.11.2013 19:00 <DIR> Microsoft Games
26.07.2012 18:37 <DIR> Microsoft Games for Windows - LIVE
25.10.2014 15:59 <DIR> Microsoft Office
25.07.2014 10:01 <DIR> Microsoft Silverlight
13.06.2014 13:43 <DIR> Microsoft SQL Server Compact Edition
25.10.2014 15:59 <DIR> Microsoft Sync Framework
13.06.2014 13:43 <DIR> Microsoft Synchronization Services
25.10.2014 15:58 <DIR> Microsoft Visual Studio 8
10.07.2012 09:25 <DIR> Microsoft XNA
25.10.2014 15:59 <DIR> Microsoft.NET
06.08.2012 20:32 <DIR> MKVTOAVI
25.12.2014 21:02 <DIR> MKVToolNix
11.06.2014 16:41 <DIR> Movie Maker 2.6
17.01.2015 14:55 <DIR> Mozilla Firefox
18.01.2015 10:58 <DIR> Mozilla Maintenance Service
25.10.2014 15:59 <DIR> MSBuild
23.11.2013 11:57 <DIR> MSXML 4.0
19.01.2014 11:53 <DIR> Next Car Game
26.06.2012 19:19 <DIR> Nov� slo�ka
26.06.2012 19:19 <DIR> Nov� slo�ka (2)
14.10.2012 16:57 <DIR> NVIDIA Corporation
25.07.2012 12:48 <DIR> OpenAL
17.09.2014 15:16 <DIR> OpenOffice 4
26.06.2012 19:19 <DIR> OpenOffice.org 2.3
17.09.2014 15:13 <DIR> OpenOffice.org 3
26.06.2012 19:20 <DIR> Opera
10.09.2014 11:50 <DIR> Origin
07.09.2014 15:54 <DIR> Origin Games
27.05.2014 15:20 <DIR> Outlast
18.05.2014 15:07 <DIR> Outlast Whistleblower
10.07.2012 08:30 <DIR> Pando Networks
24.02.2014 19:32 <DIR> PhotoFiltre 7
05.11.2014 19:39 <DIR> Prime95
01.12.2014 12:50 <DIR> QuickTime
26.06.2014 10:28 <DIR> R-Studio
26.12.2014 10:39 <DIR> Raptr
26.06.2012 19:20 <DIR> Realtek
26.06.2012 19:20 <DIR> Rebellion
14.07.2009 06:32 <DIR> Reference Assemblies
26.06.2012 19:20 <DIR> Remedy Entertainment
24.01.2015 14:36 <DIR> Resident Evil 6
21.11.2013 19:30 <DIR> Rockstar Games
25.05.2013 12:47 <DIR> Room Arranger
26.06.2012 19:21 <DIR> Rovio
29.06.2012 10:32 <DIR> Runic Games
13.06.2014 14:05 <DIR> Sapphire TRIXX
08.08.2014 15:08 <DIR> Screaming Bee
25.01.2015 17:38 <DIR> Seznam.cz
28.06.2014 18:28 <DIR> Sniper Elite 3
16.09.2014 19:24 <DIR> Solveig Multimedia
24.02.2013 19:05 <DIR> SpeedFan
17.03.2013 14:35 <DIR> Square Enix
24.10.2014 17:23 <DIR> Steam
09.06.2014 15:39 <DIR> Stencyl
11.06.2014 16:30 <DIR> SystemRequirementsLab
10.07.2014 15:57 <DIR> Terraria
26.10.2012 15:33 <DIR> The Binding of Isaac
19.03.2013 20:14 <DIR> The Elder Scrolls V Skyrim
16.06.2013 16:49 <DIR> The Incredible Adventures of Van Helsing
11.06.2014 19:17 <DIR> The Mighty Quest For Epic Loot
26.10.2012 13:35 <DIR> THQ
05.11.2013 20:18 <DIR> Torchlight 2 Rapid Respec
21.11.2014 12:33 <DIR> Ubisoft
24.11.2012 21:33 <DIR> URUSoft
26.06.2012 19:26 <DIR> Valve
26.06.2012 19:26 <DIR> VideoLAN
30.06.2012 11:13 3�153 visit-nosteam.ro.html
21.08.2014 19:08 <DIR> Vitware
25.08.2013 18:57 <DIR> Wild Tangent
12.07.2013 13:21 <DIR> Windows Defender
12.04.2011 09:34 <DIR> Windows Mail
12.12.2013 08:02 <DIR> Windows Media Player
14.07.2009 06:32 <DIR> Windows NT
12.04.2011 09:34 <DIR> Windows Photo Viewer
21.11.2010 04:31 <DIR> Windows Portable Devices
12.04.2011 09:34 <DIR> Windows Sidebar
26.06.2012 19:26 <DIR> WinRAR
26.06.2012 19:26 <DIR> Wireshark
17.10.2013 18:12 <DIR> Wondershare
16.09.2014 19:24 <DIR> Xvid
Soubor�: 1, Bajt�: 3�153
Adres��: 155, Voln�ch bajt�: 190�157�553�664

========= End of CMD: =========

========= dir "C:\PROGRA~3" =========

Svazek v jednotce C je vse mozne.
S�riov� ��slo svazku je 3AB3-0D76.

V�pis adres��e C:\PROGRA~3

25.01.2015 16:36 <DIR> .
25.01.2015 16:36 <DIR> ..
24.09.2014 14:19 <DIR> Adobe
21.11.2013 19:06 <DIR> Age of Empires 3
26.12.2014 10:38 <DIR> AMD
26.06.2012 19:26 <DIR> Apple
26.06.2012 19:26 <DIR> Apple Computer
14.06.2014 15:34 <DIR> ASUS
26.12.2014 10:39 <DIR> ATI
18.01.2013 17:43 <DIR> AVG January 2013 Campaign
26.06.2012 19:26 <DIR> Battle.net
21.11.2013 19:03 <DIR> Blizzard Entertainment
26.06.2012 19:26 <DIR> ChessBase
16.06.2013 16:52 <DIR> Codemasters
26.06.2012 19:26 <DIR> DAEMON Tools Lite
26.06.2012 19:26 <DIR> EA Core
26.06.2012 19:26 <DIR> EA Logs
26.06.2012 19:26 <DIR> Electronic Arts
10.03.2012 19:54 <DIR> firebird
10.02.2014 21:10 <DIR> gamemaker_studio
18.04.2014 17:05 <DIR> Google
26.06.2012 19:26 <DIR> Hunter
25.01.2015 14:50 <DIR> ICQ
11.06.2014 19:17 <DIR> InstallMate
13.06.2014 13:44 <DIR> Intel
24.01.2015 14:28 <DIR> Malwarebytes
09.07.2012 13:15 <DIR> McAfee
17.06.2014 14:52 <DIR> MFAData
12.12.2014 00:14 <DIR> Microsoft Help
10.04.2013 14:35 <DIR> Mozilla
02.08.2014 18:49 <DIR> Norton
26.06.2012 19:27 <DIR> NortonInstaller
12.06.2014 18:41 <DIR> Oracle
30.05.2014 13:09 <DIR> Orbit
15.01.2015 12:42 <DIR> Origin
25.01.2015 16:36 <DIR> Package Cache
13.06.2014 14:09 <DIR> PassMark
31.12.2012 17:24 <DIR> PMB Files
08.11.2013 20:06 <DIR> regid.1986-12.com.adobe
20.10.2012 12:09 <DIR> RELOADED
25.05.2013 12:47 <DIR> Room Arranger
14.12.2013 12:06 <DIR> Samsung
08.08.2014 15:11 <DIR> Screaming Bee
20.10.2012 14:15 <DIR> SearchOnline
20.12.2014 11:51 <DIR> Steam
31.08.2013 13:11 <DIR> SummerSoft
26.06.2012 19:27 <DIR> Sun
11.06.2014 16:30 <DIR> SystemRequirementsLab
03.02.2013 19:44 <DIR> TuneUp Software
26.06.2012 20:27 <DIR> VMware
30.12.2013 14:37 <DIR> WildTangent
26.06.2012 19:27 <DIR> {93E26451-CD9A-43A5-A2FA-C42392EA4001}
Soubor�: 0, Bajt�: 0
Adres��: 52, Voln�ch bajt�: 190�157�545�472

========= End of CMD: =========

========= dir %localappdata% =========

Svazek v jednotce C je vse mozne.
S�riov� ��slo svazku je 3AB3-0D76.

V�pis adres��e C:\Users\Petr\AppData\Local

25.01.2015 18:50 <DIR> .
25.01.2015 18:50 <DIR> ..
26.06.2012 19:32 <DIR> 28050
28.02.2013 18:34 <DIR> 2K Games
15.05.2013 18:17 <DIR> 4A Games
24.09.2014 14:19 <DIR> Adobe
10.02.2014 21:34 <DIR> Android
16.10.2013 17:46 <DIR> Android_TrialVersionUsing
26.06.2012 19:32 <DIR> Apple
26.06.2012 19:32 <DIR> Apple Computer
26.06.2012 19:32 <DIR> Apps
26.06.2012 19:32 <DIR> ATI
26.06.2012 19:32 <DIR> BMExplorer
26.06.2012 19:32 <DIR> ChessBase
26.06.2012 19:32 <DIR> Chromium
27.06.2012 12:16 <DIR> CrashDumps
26.10.2012 13:49 <DIR> Darksiders2
25.12.2014 15:28 33�280 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
27.10.2014 11:44 <DIR> Diagnostics
10.02.2014 21:09 <DIR> Downloaded Installations
12.03.2013 16:50 26�900 dt.dat
26.06.2012 19:32 <DIR> dxhr
09.02.2013 12:21 <DIR> EA Games
20.10.2014 09:55 <DIR> ElevatedDiagnostics
31.10.2013 15:59 <DIR> ESN
06.03.2014 16:53 <DIR> Facebook
01.09.2012 15:45 <DIR> FLT
13.04.2013 10:50 <DIR> Flvto Youtube Downloader
13.04.2013 10:51 <DIR> FlvtoYoutubeDownloader
08.11.2013 19:24 <DIR> fontconfig
26.06.2012 19:32 <DIR> Futuremark_Corporation
28.07.2014 20:11 <DIR> GameMaker8.1
10.02.2014 22:33 <DIR> gamemaker_studio
28.07.2014 20:12 <DIR> GayMaker 8.1
14.11.2014 11:49 130�272 GDIPFONTCACHEV1.DAT
08.11.2013 19:24 <DIR> gegl-0.2
10.01.2015 12:09 <DIR> Google
04.06.2014 21:10 <DIR> Grafx2
09.12.2014 17:22 <DIR> gtk-2.0
31.07.2014 11:57 <DIR> hra8testbonusu
05.06.2014 14:22 <DIR> Humanbalance
26.06.2012 19:33 <DIR> IsolatedStorage
08.08.2012 13:08 <DIR> IVONA_INST
26.06.2012 19:33 <DIR> Kosata6
10.04.2013 15:03 <DIR> Macromedia
16.11.2014 21:41 <DIR> MajorSilence
28.07.2014 20:11 <DIR> Microsoft
26.06.2012 19:33 <DIR> Microsoft Games
04.01.2015 19:41 <DIR> Microsoft Help
17.10.2013 18:20 <DIR> Mozilla
25.01.2015 18:50 29�696 MSGBOX.EXE
26.06.2012 19:33 <DIR> Opera
31.10.2013 10:46 <DIR> Origin
05.06.2014 13:56 <DIR> paint.net
26.06.2012 19:33 <DIR> PAYDAY
31.12.2012 17:24 <DIR> PMB Files
18.11.2012 11:44 <DIR> Programs
14.06.2014 15:11 <DIR> Project4
11.02.2014 11:52 <DIR> Project5
01.11.2013 13:12 <DIR> PunkBuster
14.12.2014 18:35 10�359 recently-used.xbel
11.08.2012 17:01 <DIR> Robot Entertainment
26.06.2012 19:33 <DIR> Rockstar Games
05.06.2013 16:31 <DIR> Room Arranger
22.02.2013 11:42 <DIR> S2
19.01.2014 11:53 <DIR> SKIDROW
16.11.2014 21:39 <DIR> SkinSoft
26.06.2012 19:33 <DIR> Skyrim
28.06.2014 19:10 <DIR> Sniper3
26.06.2012 19:33 <DIR> SniperV2
25.01.2015 18:51 <DIR> Temp
26.06.2012 19:33 <DIR> theHunter
03.02.2013 19:29 <DIR> Ubisoft Game Launcher
20.05.2014 12:20 <DIR> Unity
26.06.2012 19:33 <DIR> VirtualStore
26.06.2012 19:33 <DIR> VMware
11.06.2014 17:09 <DIR> WMTools Downloaded Files
26.06.2012 19:33 <DIR> Wondershare
26.06.2012 19:33 <DIR> Xenocode
12.12.2013 19:25 <DIR> ZJMedia
Soubor�: 5, Bajt�: 230�507
Adres��: 75, Voln�ch bajt�: 190�157�545�472

========= End of CMD: =========

========= dir %appdata% =========

Svazek v jednotce C je vse mozne.
S�riov� ��slo svazku je 3AB3-0D76.

V�pis adres��e C:\Users\Petr\AppData\Roaming

25.01.2015 14:50 <DIR> .
25.01.2015 14:50 <DIR> ..
21.07.2014 16:30 <DIR> .minecraft
24.09.2014 14:19 <DIR> Adobe
26.06.2012 19:33 <DIR> Apple Computer
26.06.2012 19:33 <DIR> Ashampoo
26.06.2012 19:33 <DIR> ATI
30.12.2013 00:15 <DIR> avidemux
23.11.2013 13:13 <DIR> Bioshock
12.12.2013 19:14 <DIR> Bioshock2
24.01.2015 20:05 <DIR> BitComet
06.05.2013 18:29 <DIR> Broad Intelligence
24.09.2014 14:20 <DIR> Cambridge
19.09.2013 20:52 46 Camdata.ini
19.09.2013 20:52 408 CamLayout.ini
19.09.2013 20:52 408 CamShapes.ini
19.09.2013 20:52 4�510 CamStudio.cfg
26.06.2012 19:33 <DIR> ChessBase
09.06.2014 15:49 <DIR> Construct2
16.11.2014 21:37 <DIR> Convert Audio Free
28.06.2014 18:11 <DIR> DAEMON Tools Lite
26.09.2014 16:35 <DIR> EnglishGrammarinUseExtra
13.04.2013 19:11 <DIR> FlvtoConverter
26.06.2012 19:33 <DIR> FreeAudioPack
28.07.2014 20:16 <DIR> GameMaker
11.02.2014 11:50 <DIR> GameMaker-Studio
17.10.2013 17:20 <DIR> GetRightToGo
05.06.2014 14:21 <DIR> GrafX2
05.01.2014 12:53 <DIR> Guild Wars 2
25.07.2012 12:49 <DIR> Hive Cluster
26.06.2012 19:33 <DIR> ICQ
26.06.2012 19:33 <DIR> Identities
18.07.2014 19:05 <DIR> inkscape
26.06.2012 19:33 <DIR> InstallShield
16.09.2014 19:24 <DIR> IrfanView
08.08.2012 13:08 <DIR> IVONA ControlCenter
26.06.2012 19:33 <DIR> Leadertech
26.06.2012 19:33 <DIR> LEGO Company
31.10.2013 19:48 <DIR> library_dir
10.07.2012 11:12 <DIR> LolClient
26.06.2012 19:33 <DIR> Macromedia
24.01.2015 14:28 <DIR> Malwarebytes
12.04.2011 09:45 <DIR> Media Center Programs
25.12.2014 21:02 <DIR> mkvtoolnix
10.04.2013 14:35 <DIR> Mozilla
15.09.2014 17:00 <DIR> OpenOffice
26.06.2012 19:33 <DIR> OpenOffice.org
26.06.2012 19:33 <DIR> OpenOffice.org2
26.06.2012 19:33 <DIR> Opera
08.11.2013 20:14 <DIR> PDAppFlex
24.02.2014 19:36 <DIR> PhotoFiltre 7
04.06.2014 20:59 <DIR> PyxelEdit
26.06.2014 10:28 <DIR> R-TT
25.01.2015 16:09 <DIR> Raptr
26.06.2012 19:33 <DIR> Rovio
29.06.2012 10:35 <DIR> runic games
08.08.2014 15:11 <DIR> Screaming Bee
16.11.2014 21:39 95 settings.xml
25.01.2015 17:38 <DIR> Seznam.cz
09.06.2014 15:39 <DIR> Stencyl
05.06.2014 15:12 <DIR> Subversion
28.04.2013 13:12 <DIR> SysSoubory
30.04.2012 09:05 46 TheHunterSettings_live.cfg
07.08.2012 10:21 <DIR> Trine2
11.08.2014 21:47 <DIR> TrueCrypt
11.06.2014 19:04 <DIR> TuneUp Software
26.06.2012 19:33 <DIR> Ubisoft
15.06.2014 11:33 <DIR> Unity
25.01.2015 17:32 <DIR> vlc
26.06.2012 20:26 <DIR> VMware
05.12.2012 15:03 <DIR> vPacs
26.06.2012 19:33 <DIR> wargaming.net
02.03.2014 12:05 77 WB.CFG
26.06.2012 19:33 <DIR> WinRAR
26.06.2012 19:33 <DIR> Wireshark
17.10.2013 18:12 <DIR> Wondershare
26.06.2012 19:33 <DIR> Wondershare Video Converter Ultimate
10.07.2012 14:16 <DIR> Xfire
12.12.2013 19:25 <DIR> ZJMedia
Soubor�: 7, Bajt�: 5�590
Adres��: 72, Voln�ch bajt�: 190�157�537�280

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1.1 GB temporary data.

The system needed a reboot.

==== End of Fixlog 18:51:57 ====

ok, jak se pocitac chova ted? BC minery, ktere byly ze vsech logu videt, jsou ted pryc

VIRY.CZ

Zavirovaný počítač - procesor jede v klidu na 80-100%

Zavirovaný počítač - procesor jede v klidu na 80-100%

Re: Zavirovaný počítač - procesor jede v klidu na 80-100%

Re: Zavirovaný počítač - procesor jede v klidu na 80-100%

Re: Zavirovaný počítač - procesor jede v klidu na 80-100%

Re: Zavirovaný počítač - procesor jede v klidu na 80-100%

Re: Zavirovaný počítač - procesor jede v klidu na 80-100%

Re: Zavirovaný počítač - procesor jede v klidu na 80-100%

Re: Zavirovaný počítač - procesor jede v klidu na 80-100%

Re: Zavirovaný počítač - procesor jede v klidu na 80-100%

Re: Zavirovaný počítač - procesor jede v klidu na 80-100%

Re: Zavirovaný počítač - procesor jede v klidu na 80-100%

Re: Zavirovaný počítač - procesor jede v klidu na 80-100%

Re: Zavirovaný počítač - procesor jede v klidu na 80-100%

Re: Zavirovaný počítač - procesor jede v klidu na 80-100%

Re: Zavirovaný počítač - procesor jede v klidu na 80-100%