VIRY.CZ

opet spomalil comp, instaloval se adware a my start search,

a navíc mi uplne zrusilo chrome, nejde spustit, prosim o pomoc

log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by on a nat at 2015-02-19 11:59:10
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 257 GB (78%) free of 328 GB
Total RAM: 4030 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:59:13, on 19.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\ProgramData\{0003e695-3643-d4fe-0003-3e6953649a54}\Universal Book Reader v3.0.537 FULL APK Cracked.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\on a nat.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... S_5WS308T2
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... S_5WS308T2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... S_5WS308T2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... S_5WS308T2
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Universal Book Reader v3.0.537 FULL APK Cracked.lnk = C:\ProgramData\{0003e695-3643-d4fe-0003-3e6953649a54}\Universal Book Reader v3.0.537 FULL APK Cracked.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: Clean Master Core Service (cmcore) - Kingsoft Corporation - c:\program files (x86)\cmcm\Clean Master\cmcore.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Torntv Downloader (trntv) - Cool Mirage - C:\Users\on a nat\AppData\Roaming\TornTV.com\TornTVSvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13662 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-d0bb-8b0115fb554a /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
atieclxx
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"c:\program files (x86)\cmcm\Clean Master\cmcore.exe" /service cmcore
"C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
taskeng.exe {1038CFFB-7A20-4EF8-BE93-2D31027AB03A}
"taskhost.exe"
"C:\Program Files\DigitalPersona\Bin\DpHostW.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\ReactorTurbo\ReactorTurbo.dll",serv
"C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\ReactorTurbo\ReactorTurbo.dll",serv
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe"
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" /background
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"C:\Users\on a nat\AppData\Roaming\TornTV.com\TornTVSvc.exe"
"C:\Program Files\DigitalPersona\Bin\DPAgent.exe"
"C:\ProgramData\{0003e695-3643-d4fe-0003-3e6953649a54}\Universal Book Reader v3.0.537 FULL APK Cracked.exe" --startup=1
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
ctfmon.exe
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Motorola\Bluetooth\obexsrv.exe"
WLIDSvcM.exe 1352
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3a18d5f9-00a3-4b90-b808-7293c79beca7 -SystemEventPortName:HostProcess-d7054c1b-138a-485d-9f11-c83132c761f6 -IoCancelEventPortName:HostProcess-591a4512-1daa-4c65-9e4f-b7a582dca615 -NonStateChangingEventPortName:HostProcess-9657439e-ef6f-4001-be5e-f91e496d6d5e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a281ca60-d241-4bcb-a44c-81c51aa5e7d7 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\svchost.exe -k WbioSvcGroup
taskeng.exe {001C4B9C-5C06-4EE9-8579-867FE361D9D3}
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe"
"C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6932 CREDAT:267521 /prefetch:2
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6932 CREDAT:857362 /prefetch:2
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6932 CREDAT:2168073 /prefetch:2
"C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\on a nat\Downloads\RSITx64.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><Title>HP Wireless Assistant</Title><Text>Combo: On</Text><IconPath>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WA_tray_32_on.ico</IconPath><ID>618546790</ID><Path>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe</Path><Parameters></Parameters></Toast></hpNotification>"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-01-21 6723984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-01-16 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-27 43520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-01-16 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]
"SmartMenu"=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2010-01-20 611896]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-06-18 8192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2010-01-16 717696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-01-21 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTMTrayAgent]
C:\Program Files\Motorola\Bluetooth\btmshell.dll [2010-06-10 24783624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2013-09-03 659456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-06-16 2736128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray64.exe [2010-06-18 487424]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-06-21 98304]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2010-06-29 602168]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-12-18 3667472]

C:\Users\on a nat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Universal Book Reader v3.0.537 FULL APK Cracked.lnk - C:\ProgramData\{0003e695-3643-d4fe-0003-3e6953649a54}\Universal Book Reader v3.0.537 FULL APK Cracked.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-01-21 6723984]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DpHost]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.inf - open -
.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-02-19 11:49:13 ----D---- C:\rsit
2015-02-19 11:49:13 ----D---- C:\Program Files\trend micro
2015-02-19 11:38:01 ----D---- C:\Users\on a nat\AppData\Roaming\EZDownloader
2015-02-19 11:35:18 ----D---- C:\Program Files (x86)\ReactorTurbo
2015-02-19 11:34:58 ----D---- C:\Program Files (x86)\Pocket formerly Read It Later
2015-02-19 11:34:37 ----D---- C:\Program Files (x86)\youtubeadblocker
2015-02-19 11:34:17 ----D---- C:\Program Files (x86)\UniDeals
2015-02-19 11:34:01 ----D---- C:\ProgramData\4907777443387318387
2015-02-19 11:34:01 ----D---- C:\Program Files (x86)\UniDealsi
2015-02-19 11:33:42 ----D---- C:\ProgramData\aopgpfjggncfkgbmeiifedjnohkmmpnn
2015-02-19 11:31:24 ----D---- C:\ProgramData\{0003e695-3643-d4fe-0003-3e6953649a54}
2015-02-12 10:35:49 ----A---- C:\Windows\SYSWOW64\log.txt
2015-02-12 10:32:58 ----A---- C:\Windows\system32\FNTCACHE.DAT
2015-02-12 08:53:35 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-02-12 08:53:35 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-02-12 08:53:35 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-02-12 08:53:35 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-02-12 08:53:35 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-02-12 08:53:34 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-12 08:53:34 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-12 08:53:34 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-12 08:53:34 ----A---- C:\Windows\system32\iernonce.dll
2015-02-12 08:53:34 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-12 08:53:33 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-02-12 08:53:33 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-02-12 08:53:33 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-12 08:53:32 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-12 08:53:32 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-12 08:53:31 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-02-12 08:53:31 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-02-12 08:53:31 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-02-12 08:53:31 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-02-12 08:53:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-12 08:53:31 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-12 08:53:31 ----A---- C:\Windows\system32\urlmon.dll
2015-02-12 08:53:31 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-02-12 08:53:31 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-12 08:53:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-02-12 08:53:30 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-12 08:53:30 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-12 08:53:30 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-12 08:53:30 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-12 08:53:30 ----A---- C:\Windows\system32\dxtrans.dll
2015-02-12 08:53:29 ----A---- C:\Windows\system32\iesetup.dll
2015-02-12 08:53:29 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-12 08:53:28 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-02-12 08:53:28 ----A---- C:\Windows\system32\iertutil.dll
2015-02-12 08:53:27 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-12 08:53:27 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-12 08:53:27 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-02-12 08:53:27 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-12 08:53:27 ----A---- C:\Windows\system32\jsproxy.dll
2015-02-12 08:53:27 ----A---- C:\Windows\system32\ieUnatt.exe
2015-02-12 08:53:25 ----A---- C:\Windows\system32\ieui.dll
2015-02-12 08:53:25 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-12 08:53:24 ----A---- C:\Windows\system32\ieframe.dll
2015-02-12 08:53:23 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-02-12 08:53:23 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-12 08:53:23 ----A---- C:\Windows\system32\jscript9diag.dll
2015-02-12 08:53:23 ----A---- C:\Windows\system32\jscript9.dll
2015-02-12 08:53:22 ----A---- C:\Windows\system32\wininet.dll
2015-02-12 08:53:22 ----A---- C:\Windows\system32\vbscript.dll
2015-02-12 08:53:22 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-12 08:53:21 ----A---- C:\Windows\system32\msrating.dll
2015-02-12 08:53:21 ----A---- C:\Windows\system32\mshtml.dll
2015-02-12 08:52:49 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-12 08:52:49 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-12 08:52:47 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-02-12 08:52:47 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-02-12 08:52:47 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-02-12 08:52:47 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-02-12 08:52:47 ----A---- C:\Windows\system32\sspisrv.dll
2015-02-12 08:52:47 ----A---- C:\Windows\system32\sspicli.dll
2015-02-12 08:52:47 ----A---- C:\Windows\system32\secur32.dll
2015-02-12 08:52:47 ----A---- C:\Windows\system32\lsass.exe
2015-02-12 08:52:47 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-12 08:52:47 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-02-12 08:52:47 ----A---- C:\Windows\system32\auditpol.exe
2015-02-12 08:52:47 ----A---- C:\Windows\system32\adtschema.dll
2015-02-12 08:52:46 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-02-12 08:52:46 ----A---- C:\Windows\system32\msobjs.dll
2015-02-12 08:52:46 ----A---- C:\Windows\system32\msaudite.dll
2015-02-12 08:52:43 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-02-12 08:51:30 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-12 08:51:30 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-12 08:51:22 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-12 08:51:22 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-12 08:51:05 ----A---- C:\Windows\system32\crypt32.dll
2015-02-12 08:51:04 ----A---- C:\Windows\system32\wintrust.dll
2015-02-12 08:51:04 ----A---- C:\Windows\system32\cryptsvc.dll
2015-02-12 08:51:03 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-02-12 08:51:02 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-02-12 08:51:02 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-02-12 08:50:50 ----A---- C:\Windows\system32\schannel.dll
2015-02-12 08:50:49 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-02-12 08:50:49 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-02-12 08:50:49 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-12 08:50:49 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-02-12 08:50:49 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-02-12 08:50:49 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-02-12 08:50:49 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-02-12 08:50:49 ----A---- C:\Windows\system32\wdigest.dll
2015-02-12 08:50:49 ----A---- C:\Windows\system32\TSpkg.dll
2015-02-12 08:50:49 ----A---- C:\Windows\system32\ncrypt.dll
2015-02-12 08:50:49 ----A---- C:\Windows\system32\msv1_0.dll
2015-02-12 08:50:49 ----A---- C:\Windows\system32\kerberos.dll
2015-02-12 08:50:49 ----A---- C:\Windows\system32\credssp.dll
2015-02-12 08:50:01 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-02-12 08:50:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-12 08:50:00 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-02-12 08:50:00 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-02-12 08:50:00 ----A---- C:\Windows\system32\srcore.dll
2015-02-12 08:50:00 ----A---- C:\Windows\system32\srclient.dll
2015-02-12 08:50:00 ----A---- C:\Windows\system32\rstrui.exe
2015-02-12 08:49:45 ----A---- C:\Windows\system32\scesrv.dll
2015-02-12 08:49:43 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-12 08:44:23 ----A---- C:\Windows\system32\win32k.sys
2015-02-10 18:59:28 ----D---- C:\Users\on a nat\AppData\Roaming\TornTV.com
2015-02-03 22:30:38 ----D---- C:\ProgramData\APN
2015-02-03 22:29:22 ----D---- C:\Users\on a nat\AppData\Roaming\BitTorrent
2015-02-03 00:10:22 ----A---- C:\DelFix.txt
2015-02-02 20:01:04 ----D---- C:\Users\on a nat\AppData\Roaming\hpqLog
2015-02-02 20:01:01 ----SHD---- C:\$RECYCLE.BIN
2015-02-02 19:58:06 ----D---- C:\Windows\Temp
2015-02-01 20:01:38 ----A---- C:\autoexec.bat
2015-01-30 14:21:20 ----D---- C:\ProgramData\Kingsoft
2015-01-30 14:21:20 ----D---- C:\ProgramData\cmcm
2015-01-30 14:21:16 ----D---- C:\Program Files (x86)\cmcm
2015-01-30 14:21:16 ----A---- C:\Windows\system32\drivers\ksapi64.sys
2015-01-30 14:21:16 ----A---- C:\Windows\system32\drivers\ksapi.sys
2015-01-25 08:33:18 ----A---- C:\Windows\system32\drivers\rockusb.sys

======List of files/folders modified in the last 1 month======

2015-02-19 11:57:23 ----D---- C:\Windows\system32\config
2015-02-19 11:57:21 ----D---- C:\Users\on a nat\AppData\Roaming\Wise Care 365
2015-02-19 11:49:13 ----RD---- C:\Program Files
2015-02-19 11:38:53 ----RD---- C:\Program Files (x86)
2015-02-19 11:38:53 ----D---- C:\Windows\SysWOW64
2015-02-19 11:38:50 ----D---- C:\Users\on a nat\AppData\Roaming\Wise Uninstaller
2015-02-19 11:34:01 ----HD---- C:\ProgramData
2015-02-19 10:04:13 ----D---- C:\Windows\System32
2015-02-19 10:04:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-19 10:04:12 ----D---- C:\Windows\inf
2015-02-19 09:44:08 ----D---- C:\ProgramData\MFAData
2015-02-19 08:49:28 ----D---- C:\Users\on a nat\AppData\Roaming\Skype
2015-02-17 16:09:07 ----D---- C:\Users\on a nat\AppData\Roaming\vlc
2015-02-17 14:38:22 ----D---- C:\Windows\Prefetch
2015-02-12 21:43:43 ----D---- C:\Windows\system32\catroot2
2015-02-12 11:48:57 ----SHD---- C:\Windows\Installer
2015-02-12 11:41:32 ----D---- C:\Windows\rescache
2015-02-12 10:39:34 ----D---- C:\Windows\Microsoft.NET
2015-02-12 10:36:40 ----D---- C:\Windows\SoftwareDistribution
2015-02-12 10:35:50 ----D---- C:\Windows
2015-02-12 10:33:10 ----D---- C:\Windows\debug
2015-02-12 10:04:01 ----RSD---- C:\Windows\assembly
2015-02-12 09:37:46 ----D---- C:\Windows\winsxs
2015-02-12 09:33:20 ----D---- C:\Windows\system32\cs-CZ
2015-02-12 09:33:19 ----D---- C:\Windows\SYSWOW64\en-US
2015-02-12 09:33:19 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-02-12 09:33:19 ----D---- C:\Program Files\Internet Explorer
2015-02-12 09:33:18 ----D---- C:\Windows\system32\en-US
2015-02-12 09:33:16 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-12 09:33:14 ----D---- C:\Windows\system32\drivers
2015-02-12 09:10:34 ----D---- C:\ProgramData\Microsoft Help
2015-02-12 09:07:14 ----D---- C:\Windows\system32\MRT
2015-02-12 08:56:51 ----A---- C:\Windows\system32\MRT.exe
2015-02-12 08:55:14 ----SHD---- C:\System Volume Information
2015-02-12 08:49:22 ----D---- C:\Windows\system32\catroot
2015-02-04 21:12:09 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-02-04 20:36:07 ----D---- C:\Windows\Tasks
2015-02-02 21:21:15 ----D---- C:\Windows\system32\drivers\etc
2015-02-02 19:54:58 ----D---- C:\Windows\system32\Tasks
2015-02-02 19:54:19 ----HD---- C:\Windows\system32\GroupPolicy
2015-02-02 19:54:19 ----D---- C:\Windows\SYSWOW64\GroupPolicy
2015-02-02 19:54:18 ----D---- C:\Program Files (x86)\Wise
2015-02-02 17:02:16 ----D---- C:\Program Files (x86)\Common Files
2015-02-02 16:37:01 ----A---- C:\Windows\win.ini
2015-02-01 19:31:21 ----D---- C:\Program Files (x86)\Adobe
2015-02-01 19:30:21 ----D---- C:\Program Files\Common Files\System
2015-02-01 19:22:55 ----D---- C:\ProgramData\AVG2015
2015-02-01 17:33:13 ----A---- C:\Users\on a nat\AppData\Roaming\bitlord_log.txt
2015-02-01 15:56:30 ----D---- C:\Program Files (x86)\SpeedFan
2015-01-30 14:23:28 ----D---- C:\Users\on a nat\AppData\Roaming\uTorrent
2015-01-30 14:23:28 ----D---- C:\Users\on a nat\AppData\Roaming\DAEMON Tools Lite
2015-01-30 14:23:25 ----D---- C:\Windows\Panther
2015-01-30 14:23:24 ----D---- C:\SwSetup
2015-01-29 01:12:12 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-01-27 14:36:52 ----SD---- C:\Users\on a nat\AppData\Roaming\Microsoft
2015-01-26 20:15:33 ----D---- C:\ProgramData\Oracle
2015-01-26 20:09:56 ----D---- C:\Program Files (x86)\Java
2015-01-26 20:08:24 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2015-01-26 20:08:24 ----A---- C:\Windows\SYSWOW64\javaws.exe
2015-01-26 20:08:24 ----A---- C:\Windows\SYSWOW64\javaw.exe
2015-01-26 20:08:24 ----A---- C:\Windows\SYSWOW64\java.exe
2015-01-25 08:39:29 ----D---- C:\Windows\system32\DriverStore
2015-01-20 09:51:29 ----RHD---- C:\MSOCache
2015-01-20 09:51:28 ----D---- C:\Windows\Minidump

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-11-18 203544]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-04-13 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-12-08 260888]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-10-10 274200]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-08-31 50976]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-10-05 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-06-22 6856704]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-06-22 264192]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-06 125456]
R3 clwvd;HP Webcam Splitter; C:\Windows\system32\DRIVERS\clwvd.sys [2010-06-24 32880]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-05-01 56344]
R3 ksapi64;ksapi64; \??\C:\Windows\system32\drivers\ksapi64.sys [2015-01-30 56680]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2012-12-06 2350176]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-06-18 515584]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2009-11-13 36256]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btmaudio;Motorola Bluetooth Audio Service; C:\Windows\system32\drivers\btmaud.sys [2010-05-20 42496]
S3 BTMCOM;Bluetooth Serial Port; C:\Windows\System32\Drivers\btmcom.sys [2010-04-09 52736]
S3 BTMUSB;Motorola Bluetooth Radio Service; C:\Windows\System32\Drivers\btmusb.sys [2010-06-29 3232768]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-13 36256]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2012-12-07 36928]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pneteth;PdaNet Broadband; C:\Windows\system32\DRIVERS\pneteth.sys [2011-11-25 15360]
S3 pnetmdm;PdaNet Modem; C:\Windows\system32\DRIVERS\pnetmdm64.sys [2007-03-07 17920]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 Rockusb;Driver for Rockusb Device; C:\Windows\system32\DRIVERS\rockusb.sys [2014-01-31 67024]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-01-11 232992]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-05 346144]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-06-22 203264]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-12-18 3432976]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-12-18 298080]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2010-05-20 677128]
R2 cmcore;Clean Master Core Service; c:\program files (x86)\cmcm\Clean Master\cmcore.exe [2015-01-30 315240]
R2 DpHost;@C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2010-04-23 445192]
R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-06-30 121344]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-06-25 92216]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-06-29 27192]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-06-16 73728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-05-01 325656]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2010-06-18 258048]
R2 trntv;Torntv Downloader; C:\Users\on a nat\AppData\Roaming\TornTV.com\TornTVSvc.exe [2015-01-22 23552]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-01 2533400]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2010-02-23 2192176]
R3 Bluetooth Device Manager;Bluetooth Device Manager; C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2010-06-29 4181256]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-01-21 1028096]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2010-06-25 665656]
S2 0c3f53c6;ReactorTurbo; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-02 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 267440]
S3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2010-05-20 1096968]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-01-21 647680]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-04-04 246520]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-02 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-02-26 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

Zdravim

Jste tu podruhe behem ani ne mesice, takze Vam doporucuji projit http://forum.viry.cz/viewtopic.php?f=24 ... 2#p1374442 . Takove mnozstvi adwaru se do pocitace sama nedostane - je to chyba uzivatele, proto si odkaz projdete.

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan, pote na Cleaning
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

Bohuzel uz po druhé, vim to a omlouvam se, s novzm tabletem clovek hleda věci, a to nejsem uplna lama, ale nedal sem bacha. ještě jednou se omlouvam.

tady je log z adwcleaneru

# AdwCleaner v4.111 - Logfile created 19/02/2015 at 12:32:43
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : on a nat - HP_PAVILION_DV7
# Running from : C:\Users\on a nat\Desktop\adwcleaner_4.111.exe
# Option : Cleaning

***** [ Services ] *****

Service Deleted : trntv

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\4907777443387318387
Folder Deleted : C:\Program Files (x86)\UniDeals
Folder Deleted : C:\Program Files (x86)\UniDealsi
Folder Deleted : C:\Program Files (x86)\youtubeadblocker
Folder Deleted : C:\Users\on a nat\AppData\Roaming\EZDownloader
Folder Deleted : C:\Users\on a nat\AppData\Roaming\TornTV.com
Folder Deleted : C:\Users\on a nat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Deleted : C:\Users\on a nat\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
Folder Deleted : C:\ProgramData\aopgpfjggncfkgbmeiifedjnohkmmpnn

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{c3f53c6}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{57B0DCF0-8B40-4449-8AA4-E297D6E779D4}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\HomeTab
Key Deleted : HKCU\Software\simplytech
Key Deleted : HKCU\Software\WajIntEnhance
Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\SearchProtect
Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Deleted : HKLM\SOFTWARE\WajIntEnhance
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Key Deleted : [x64] HKLM\SOFTWARE\TornTv Downloader
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mystartsearch.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.mystartsearch.com

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17631

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v40.0.2214.111


*************************

AdwCleaner[R0].txt - [5595 bytes] - [19/02/2015 12:28:28]
AdwCleaner[S0].txt - [4279 bytes] - [19/02/2015 12:32:43]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4338 bytes] ##########

Mne se omlouvat nemusite... az si do PC natahnete neco hezkyho, ja litovat nebudu Kdyz cokoliv instalujete, tak si pred kazdym klikem na Next zkontrolujte s cim vlastne souhlasite (viz odkaz vyse). A omezit warez.

Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

ja to asi zkopiroval odpoledne do jiného retezce nebo co, pardon.
tady je RSIT ještě jednou.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01
Ran by on a nat (administrator) on HP_PAVILION_DV7 on 19-02-2015 19:19:22
Running from C:\Users\on a nat\Desktop
Loaded Profiles: on a nat (Available profiles: on a nat)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Kingsoft Corporation) C:\Program Files (x86)\cmcm\Clean Master\cmcore.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
() C:\ProgramData\{0003e695-3643-d4fe-0003-3e6953649a54}\Universal Book Reader v3.0.537 FULL APK Cracked.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] ()
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-06-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [602168 2010-06-29] (Hewlett-Packard Company)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
HKU\S-1-5-21-4079492530-175248744-790326412-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [717696 2010-01-16] (Microsoft Corporation)
HKU\S-1-5-21-4079492530-175248744-790326412-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\on a nat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Universal Book Reader v3.0.537 FULL APK Cracked.lnk
ShortcutTarget: Universal Book Reader v3.0.537 FULL APK Cracked.lnk -> C:\ProgramData\{0003e695-3643-d4fe-0003-3e6953649a54}\Universal Book Reader v3.0.537 FULL APK Cracked.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
SearchScopes: HKLM -> {04D99726-6EDC-46B8-9AC5-7C1337B14C85} URL = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}
SearchScopes: HKLM -> {B713938B-C7A5-46E5-92A2-10BEB25FE21E} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {04D99726-6EDC-46B8-9AC5-7C1337B14C85} URL = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4079492530-175248744-790326412-1001 -> URL http://www.trovigo.com/Results.aspx?gd= ... rms}&SSPV=
SearchScopes: HKU\S-1-5-21-4079492530-175248744-790326412-1001 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSugg ... earchTerms}
SearchScopes: HKU\S-1-5-21-4079492530-175248744-790326412-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4079492530-175248744-790326412-1001 -> {04D99726-6EDC-46B8-9AC5-7C1337B14C85} URL = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}
SearchScopes: HKU\S-1-5-21-4079492530-175248744-790326412-1001 -> {6B1BFED4-E256-4547-B843-AAD5650A981A} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4079492530-175248744-790326412-1001 -> {B713938B-C7A5-46E5-92A2-10BEB25FE21E} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.15.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2012-01-21]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "https://www.google.cz/?gfe_rd=ctrl&ei=o ... &gws_rd=cr"
CHR DefaultSearchKeyword: Default -> google.cz_
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\on a nat\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\on a nat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-02]
CHR Extension: (Google Docs) - C:\Users\on a nat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-02]
CHR Extension: (Google Drive) - C:\Users\on a nat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-02]
CHR Extension: (YouTube) - C:\Users\on a nat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-02]
CHR Extension: (Adblock Plus) - C:\Users\on a nat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-11-15]
CHR Extension: (Google Search) - C:\Users\on a nat\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-02]
CHR Extension: (Google Sheets) - C:\Users\on a nat\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-02]
CHR Extension: (No Name) - C:\Users\on a nat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02]
CHR Extension: (Gmail) - C:\Users\on a nat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 0c3f53c6; c:\Program Files (x86)\ReactorTurbo\ReactorTurbo.dll [1662976 2015-02-19] () [File not signed]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 cmcore; c:\program files (x86)\cmcm\Clean Master\cmcore.exe [315240 2015-01-30] (Kingsoft Corporation)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2012-01-21] (Macrovision Europe Ltd.) [File not signed]
R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2012-01-21] (Macrovision Europe Ltd.) [File not signed]
R2 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [121344 2010-06-30] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-06-29] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-06-16] (Hewlett-Packard Company) [File not signed]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2014-10-28] (WiseCleaner.com)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [36256 2009-11-13] (Google Inc) [File not signed]
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-31] (AVG Technologies)
S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [42496 2010-05-20] (Motorola, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-10-05] (Disc Soft Ltd)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [36256 2009-11-13] (Google Inc) [File not signed]
R3 ksapi64; C:\Windows\system32\drivers\ksapi64.sys [56680 2015-01-30] (Kingsoft Corporation)
S3 Rockusb; C:\Windows\System32\DRIVERS\rockusb.sys [67024 2014-01-31] (Fuzhou Rockchip Electronics Co,Ltd.)
S3 WiseHDInfo; C:\Program Files (x86)\Wise\Wise Care 365\WiseHDInfo64.dll [11304 2014-06-04] (wisecleaner.com)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-19 13:28 - 2015-02-19 19:20 - 00019294 _____ () C:\Users\on a nat\Desktop\FRST.txt
2015-02-19 13:28 - 2015-02-19 19:19 - 00000000 ____D () C:\FRST
2015-02-19 13:25 - 2015-02-19 13:25 - 02086912 _____ (Farbar) C:\Users\on a nat\Desktop\FRST64.exe
2015-02-19 12:28 - 2015-02-19 12:32 - 00000000 ____D () C:\AdwCleaner
2015-02-19 12:27 - 2015-02-19 12:27 - 02126848 _____ () C:\Users\on a nat\Desktop\adwcleaner_4.111.exe
2015-02-19 11:58 - 2015-02-19 11:59 - 01222144 _____ () C:\Users\on a nat\Downloads\RSITx64.exe
2015-02-19 11:49 - 2015-02-19 11:59 - 00000000 ____D () C:\Program Files\trend micro
2015-02-19 11:49 - 2015-02-19 11:49 - 00000000 ____D () C:\rsit
2015-02-19 11:35 - 2015-02-19 11:35 - 00000000 ____D () C:\Program Files (x86)\ReactorTurbo
2015-02-19 11:34 - 2015-02-19 11:37 - 00000000 ____D () C:\Program Files (x86)\Pocket formerly Read It Later
2015-02-19 11:31 - 2015-02-19 11:44 - 00000000 ____D () C:\ProgramData\{0003e695-3643-d4fe-0003-3e6953649a54}
2015-02-19 09:46 - 2015-02-19 09:46 - 01222144 _____ () C:\Users\on a nat\Desktop\RSITx64.exe
2015-02-19 08:12 - 2015-02-19 08:13 - 00000000 ____D () C:\Users\on a nat\Desktop\rawy z plochy
2015-02-16 11:22 - 2015-02-16 11:22 - 02859044 _____ () C:\Users\on a nat\Desktop\Index.zip
2015-02-16 11:22 - 2015-02-16 11:22 - 01486695 _____ () C:\Users\on a nat\Desktop\Logbook.zip
2015-02-16 11:19 - 2015-02-16 11:19 - 04344877 _____ () C:\Users\on a nat\Desktop\On.zip
2015-02-12 10:35 - 2015-02-19 14:28 - 00304966 _____ () C:\Windows\WindowsUpdate.log
2015-02-12 10:35 - 2015-02-12 10:35 - 00126688 _____ () C:\Users\on a nat\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-12 10:33 - 2015-02-19 14:24 - 00003656 _____ () C:\Windows\setupact.log
2015-02-12 10:33 - 2015-02-12 10:33 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-12 10:32 - 2015-02-19 11:43 - 00001260 _____ () C:\Windows\PFRO.log
2015-02-12 10:32 - 2015-02-12 10:33 - 00446720 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 08:53 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-12 08:53 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-12 08:53 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-12 08:53 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-12 08:53 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-12 08:53 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-12 08:53 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-12 08:53 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-12 08:53 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-12 08:53 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-12 08:53 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-12 08:53 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-12 08:53 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-12 08:53 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-12 08:53 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-12 08:53 - 2015-01-12 03:33 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 08:53 - 2015-01-12 03:32 - 06041088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 08:53 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-12 08:53 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-12 08:53 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-12 08:53 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-12 08:53 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-12 08:53 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-12 08:53 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-12 08:53 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-12 08:53 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-12 08:53 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-12 08:53 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-12 08:53 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-12 08:53 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-12 08:53 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-12 08:53 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-12 08:53 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-12 08:53 - 2015-01-12 02:55 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 08:53 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-12 08:53 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-12 08:53 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-12 08:53 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-12 08:53 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-12 08:53 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-12 08:53 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-12 08:53 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-12 08:53 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-12 08:53 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-12 08:53 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-12 08:53 - 2015-01-12 02:29 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-12 08:53 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-12 08:53 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-12 08:53 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-12 08:53 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-12 08:53 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-12 08:53 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-12 08:53 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-12 08:53 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-12 08:53 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-12 08:53 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-12 08:52 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-12 08:52 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-12 08:52 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-12 08:52 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-12 08:52 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-12 08:52 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-12 08:52 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-12 08:52 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-12 08:52 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-12 08:52 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-12 08:52 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-12 08:52 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-12 08:52 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-12 08:52 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-12 08:52 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-12 08:52 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-12 08:52 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-12 08:52 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-12 08:51 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-12 08:51 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-12 08:51 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-12 08:51 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-12 08:51 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-12 08:51 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-12 08:51 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-12 08:51 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-12 08:51 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-12 08:51 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-12 08:50 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-12 08:50 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-12 08:50 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-12 08:50 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-12 08:50 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-12 08:50 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-12 08:50 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-12 08:50 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-12 08:50 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-12 08:50 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-12 08:50 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-12 08:50 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-12 08:50 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-12 08:50 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-12 08:50 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-12 08:50 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-12 08:50 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-12 08:50 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-12 08:50 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-12 08:50 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-12 08:50 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-12 08:49 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-12 08:49 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-12 08:44 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-05 18:54 - 2015-02-05 18:54 - 00000000 ____D () C:\Users\on a nat\Desktop\GPS Navigace Sygic Aura V11.2.6 Android CZ plná verze
2015-02-05 18:39 - 2015-02-05 18:39 - 00000000 ____D () C:\Users\on a nat\Desktop\Nová složka
2015-02-05 18:24 - 2015-02-05 18:24 - 00000000 ____D () C:\Users\on a nat\Desktop\Bittorent stiahnute
2015-02-04 20:36 - 2015-02-19 19:12 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-04 08:14 - 2015-02-19 19:19 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-04 08:14 - 2015-02-19 14:24 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-03 22:33 - 2015-02-03 22:33 - 00000889 _____ () C:\Users\on a nat\Desktop\BitTorrent.lnk
2015-02-03 22:33 - 2015-02-03 22:33 - 00000869 _____ () C:\Users\on a nat\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2015-02-03 22:29 - 2015-02-19 09:47 - 00000000 ____D () C:\Users\on a nat\AppData\Roaming\BitTorrent
2015-02-03 00:10 - 2015-02-03 00:10 - 00000520 _____ () C:\DelFix.txt
2015-02-02 20:01 - 2015-02-02 20:01 - 00000000 ____D () C:\Users\on a nat\AppData\Roaming\hpqLog
2015-02-02 19:27 - 2015-02-19 10:18 - 00000000 ____D () C:\Users\on a nat\Downloads\APK
2015-02-01 23:22 - 2015-02-02 19:59 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-02-01 20:01 - 2015-02-01 20:01 - 00000000 _____ () C:\autoexec.bat
2015-01-30 14:36 - 2015-01-30 14:36 - 00000218 _____ () C:\Users\on a nat\AppData\Local\recently-used.xbel
2015-01-30 14:21 - 2015-01-30 14:21 - 00081768 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi.sys
2015-01-30 14:21 - 2015-01-30 14:21 - 00056680 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi64.sys
2015-01-30 14:21 - 2015-01-30 14:21 - 00001072 _____ () C:\Users\Public\Desktop\Clean Master.lnk
2015-01-30 14:21 - 2015-01-30 14:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clean Master
2015-01-30 14:21 - 2015-01-30 14:21 - 00000000 ____D () C:\ProgramData\Kingsoft
2015-01-30 14:21 - 2015-01-30 14:21 - 00000000 ____D () C:\ProgramData\cmcm
2015-01-30 14:21 - 2015-01-30 14:21 - 00000000 ____D () C:\Program Files (x86)\cmcm
2015-01-27 11:25 - 2015-01-27 11:25 - 00000000 __SHD () C:\Users\on a nat\AppData\Local\EmieBrowserModeList
2015-01-25 08:33 - 2014-01-31 09:22 - 00067024 _____ (Fuzhou Rockchip Electronics Co,Ltd.) C:\Windows\system32\Drivers\rockusb.sys
2015-01-25 08:27 - 2015-01-25 08:32 - 401575604 _____ () C:\Users\on a nat\Downloads\PMP5297C_20131204_v1.0.7.zip
2015-01-21 22:27 - 2015-01-21 22:27 - 00017293 _____ () C:\Users\on a nat\Downloads\rady-a-informace
2015-01-21 22:24 - 2015-01-21 22:24 - 00009660 _____ () C:\Users\on a nat\Downloads\atestace
2015-01-20 10:17 - 2015-01-20 10:17 - 00071168 _____ () C:\Users\on a nat\Downloads\Kurzy konané na v ech LF.xls

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-19 19:19 - 2014-02-25 00:10 - 00000000 ____D () C:\Users\on a nat\AppData\Roaming\Skype
2015-02-19 14:32 - 2014-05-02 13:42 - 00002261 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-19 14:31 - 2009-07-14 05:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-19 14:31 - 2009-07-14 05:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-19 14:24 - 2014-03-08 23:37 - 00000000 ____D () C:\Users\on a nat\AppData\Roaming\Wise Care 365
2015-02-19 14:24 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-19 13:43 - 2010-07-27 13:47 - 00668792 _____ () C:\Windows\system32\perfh005.dat
2015-02-19 13:43 - 2010-07-27 13:47 - 00141420 _____ () C:\Windows\system32\perfc005.dat
2015-02-19 13:43 - 2009-07-14 06:13 - 01583226 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-19 09:44 - 2014-03-06 23:13 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-17 16:09 - 2014-08-30 10:11 - 00000000 ____D () C:\Users\on a nat\AppData\Roaming\vlc
2015-02-15 09:52 - 2009-07-14 06:08 - 00032552 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-12 11:48 - 2014-03-18 20:57 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-02-12 11:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-12 09:42 - 2014-05-13 21:35 - 00002060 _____ () C:\Users\Public\Desktop\Wise Care 365.lnk
2015-02-12 09:42 - 2014-03-08 23:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2015-02-12 09:10 - 2014-10-01 23:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-12 09:07 - 2014-02-26 01:25 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 08:56 - 2014-02-26 01:25 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-04 21:12 - 2014-04-14 20:48 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-04 21:12 - 2014-03-06 23:32 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-04 21:12 - 2014-03-06 23:32 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-04 08:14 - 2014-05-02 13:41 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 08:14 - 2014-05-02 13:41 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-03 00:11 - 2014-03-08 23:32 - 00000000 ____D () C:\Users\on a nat\Desktop\Správa počítača
2015-02-02 19:54 - 2014-03-08 22:47 - 00000000 ____D () C:\Program Files (x86)\Wise
2015-02-02 19:54 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-02-02 19:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-02-02 17:02 - 2014-05-02 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-02 17:02 - 2014-02-24 22:57 - 00000981 _____ () C:\Users\on a nat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-02 16:37 - 2009-07-14 03:34 - 00000580 _____ () C:\Windows\win.ini
2015-02-01 20:01 - 2014-02-24 22:45 - 00000000 ____D () C:\Users\on a nat
2015-02-01 19:31 - 2014-02-24 22:47 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-02-01 19:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-02-01 19:22 - 2014-11-02 18:50 - 00000000 ____D () C:\ProgramData\AVG2015
2015-02-01 15:56 - 2014-02-25 23:06 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2015-01-30 14:23 - 2014-10-05 20:55 - 00000000 ____D () C:\Users\on a nat\AppData\Roaming\DAEMON Tools Lite
2015-01-30 14:23 - 2014-03-06 21:39 - 00000000 ____D () C:\Users\on a nat\AppData\Roaming\uTorrent
2015-01-30 14:23 - 2009-09-07 02:57 - 00000000 ____D () C:\Windows\Panther
2015-01-30 14:23 - 2009-09-07 01:40 - 00000000 ____D () C:\SwSetup
2015-01-30 14:13 - 2013-01-25 16:20 - 00000000 ____D () C:\Users\on a nat\Desktop\Mapy
2015-01-29 01:12 - 2014-03-01 07:00 - 01558876 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-28 10:04 - 2014-11-02 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-01-27 14:36 - 2014-10-01 23:23 - 00000000 ____D () C:\Users\on a nat\AppData\Local\Microsoft Help
2015-01-26 20:15 - 2014-09-09 18:39 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-26 20:09 - 2010-07-27 06:42 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-26 20:08 - 2014-10-29 21:28 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-01-26 20:08 - 2014-10-29 21:27 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-26 20:08 - 2014-09-09 18:29 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-01-26 20:08 - 2014-09-09 18:29 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-01-20 10:03 - 2014-02-26 17:59 - 00003636 _____ () C:\Windows\System32\Tasks\Launch HTC Sync Loader
2015-01-20 09:51 - 2014-10-01 23:22 - 00000000 __RHD () C:\MSOCache
2015-01-20 09:51 - 2014-03-29 10:53 - 00000000 ____D () C:\Windows\Minidump

==================== Files in the root of some directories =======

2014-03-06 23:18 - 2015-02-01 17:33 - 0000000 _____ () C:\Users\on a nat\AppData\Roaming\bitlord_log.txt
2014-12-15 16:37 - 2014-12-15 16:37 - 0003584 _____ () C:\Users\on a nat\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-30 14:36 - 2015-01-30 14:36 - 0000218 _____ () C:\Users\on a nat\AppData\Local\recently-used.xbel
2014-09-07 22:04 - 2014-09-07 22:04 - 0007608 _____ () C:\Users\on a nat\AppData\Local\Resmon.ResmonCfg
2012-01-21 06:40 - 2012-01-21 06:40 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2010-07-27 06:10 - 2010-07-27 06:10 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-01-21 06:40 - 2012-01-21 06:40 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2010-07-27 06:05 - 2010-07-27 06:06 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-01-21 06:39 - 2012-01-21 06:39 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2012-01-21 06:40 - 2012-01-21 06:40 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2010-07-27 06:04 - 2010-07-27 06:05 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-07-27 06:06 - 2010-07-27 06:10 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2012-01-21 06:40 - 2012-01-21 06:41 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

Some content of TEMP:
====================
C:\Users\on a nat\AppData\Local\Temp\75F0.exe
C:\Users\on a nat\AppData\Local\Temp\Quarantine.exe
C:\Users\on a nat\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-13 00:33

==================== End Of Log ============================

A adition.txt:



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2015 01
Ran by on a nat at 2015-02-19 19:20:27
Running from C:\Users\on a nat\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95 - WildTangent) Hidden
ALZip 8.51 (HKLM-x32\...\ALZip_is1) (Version: v8.51 - ESTsoft Corp.)
AMR to MP3 Converter 1.4 (HKLM-x32\...\{C615B4A6-DDE8-4325-BCF8-E53E913D95E9}_is1) (Version: - amrtomp3converter.com)
ATI Catalyst Install Manager (HKLM\...\{34DA4817-68E1-CC8B-A9A5-392095FA28C9}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Audio Record Wizard (HKLM-x32\...\Audio Record Wizard) (Version: 6.92 - NowSmart)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5645 - AVG Technologies CZ, s.r.o.)
AVG 2015 (Version: 15.0.4284 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2015 (Version: 15.0.5645 - AVG Technologies CZ, s.r.o.) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
BitTorrent (HKU\S-1-5-21-4079492530-175248744-790326412-1001\...\BitTorrent) (Version: 7.9.2.38657 - BitTorrent Inc.)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.66.1075 - AB Team, d.o.o.)
ccc-core-static (x32 Version: 2010.0621.2137.36973 - Název společnosti:) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4643 - CDBurnerXP)
Clean Master (HKLM-x32\...\Clean Master) (Version: 1.0 - Cheetah Mobile)
Contents (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Corel PaintShop Photo Pro X3 (HKLM-x32\...\_{D1AEB5DB-04FA-489D-94EF-8600898B93EE}) (Version: 1.6.1.116 - Corel Corporation)
Corel PaintShop Photo Pro X3 (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Corel VideoStudio Pro X3 (HKLM-x32\...\_{F072CA07-A781-45E4-9975-C033A73019CF}) (Version: 1.6.0.286 - Corel Corporation)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3003 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DeviceIO (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4121 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4121 - Hewlett-Packard) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Heroes of Might and Magic V - Collectors Edition (HKLM-x32\...\Heroes of Might and Magic V - Collectors Edition3.1) (Version: 3.1 - Ubisoft)
HP 3D DriveGuard (HKLM\...\{34777F28-E52C-4664-A6D1-91872CA95655}) (Version: 4.0.5.1 - Hewlett-Packard Company)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Documentation (HKLM-x32\...\{7D4318AC-9560-46F0-910F-0B38D6CDC009}) (Version: 1.1.2.0 - Hewlett-Packard)
HP DVB-T TV Tuner 8.0.64.43 (HKLM-x32\...\HP DVB-T TV Tuner) (Version: 8.0.64.43 - )
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.1.4229 - Hewlett-Packard)
HP MediaSmart Movies and TV (HKLM\...\{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}) (Version: 1.0.0.10 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.1.4215 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.1.4211 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}) (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.1.4214 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3024 - Hewlett-Packard)
HP Power Manager (HKLM-x32\...\{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}) (Version: 1.0.3 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{E342D296-DB9D-4FC7-ACB0-39926C0BFA16}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP SimplePass Identity Protection (HKLM\...\{1F6B7CB0-66D8-4B31-BF1F-D2318E58080E}) (Version: 5.10.175 - DigitalPersona, Inc.)
HP Software Framework (HKLM-x32\...\{E2E791E1-C111-40DC-9A30-CCFCBD813FB6}) (Version: 4.0.39.1 - Hewlett-Packard Company)
HP Wireless Assistant (HKLM\...\{1E990336-E620-4B14-A7B4-4DA369330355}) (Version: 4.0.9.0 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.5.0.001 - HTC Corporation)
HTC Sync (HKLM-x32\...\{CBDAE89D-8ABD-4DC5-9309-C2C58696B371}) (Version: 3.3.63 - HTC Corporation)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
ICA (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
ICA (x32 Version: 1.6.1.116 - Corel Corporation) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6289.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
IPM_PSP_Pro (x32 Version: 1.00.0000 - Corel Corporation) Hidden
IPM_VS_Pro (x32 Version: 13.0 - Corel Corporation) Hidden
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
ISCOM (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
ISCOM (x32 Version: 1.6.1.116 - Corel Corporation) Hidden
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java(TM) 6 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Java(TM) 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Jewel Quest - Heritage (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2907 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2907 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{07E49BC1-24FF-4D7A-AC74-727BE95801AF}) (Version: 1.18.16.1 - LightScribe)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4204 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4204 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.) Hidden
PSPPContent (x32 Version: 1.00.0000 - Corel Corporation) Hidden
PSPPRO_DCRAW (x32 Version: 13.0.0 - Corel Corporation) Hidden
PureHD (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Ralink Motorola BC4 Bluetooth 3.0+HS Adapter (HKLM\...\Ralink Motorola BC4 Bluetooth 3.0+HS Adapter_is1) (Version: 3.0.41.258 - Motorola, Inc.)
Ralink RT3090 802.11b/g/n WiFi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.27 - Ralink)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden
Room Arranger (64-bit) (HKLM-x32\...\Room Arranger x64) (Version: 7.5.4 - Jan Adamec)
Setup (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Setup (x32 Version: 1.6.1.116 - Corel Corporation) Hidden
Share (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Share64 (Version: 1.6.0.286 - Corel Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Validity Sensors DDK (HKLM\...\{426FAE9F-7373-496E-A215-9DB7EF4398CF}) (Version: 4.1.139.0 - Validity Sensors, Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VIO (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VSClassic (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
VSPro (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{1407B87C-36E3-4FC1-9051-D08B21E1096F}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
Wise Auto Shutdown 1.39 (HKLM-x32\...\Wise Auto Shutdown_is1) (Version: 1.39 - WiseCleaner.com, Inc.)
Wise Care 365 3.45 (HKLM-x32\...\Wise Care 365_is1) (Version: 3.45 - WiseCleaner.com, Inc.)
Wise Disk Cleaner 8.04 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 8.04 - WiseCleaner.com, Inc.)
Wise PC 1stAid 1.35 (HKLM-x32\...\Wise PC 1stAid_is1) (Version: 1.35 - WiseCleaner.com, Inc.)
Wise Plugin Manager 1.01 (HKLM-x32\...\Wise Plugin Manager_is1) (Version: 1.01 - WiseCleaner.com, Inc.)
Wise Program Uninstaller 1.65 (HKLM-x32\...\Wise Program Uninstaller_is1) (Version: 1.65 - WiseCleaner.com, Inc.)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: 16.0.1.7 - ZONER software)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

05-02-2015 16:39:14 Naplánovaný kontrolní bod
12-02-2015 08:54:49 Windows Update
19-02-2015 15:13:23 Naplánovaný kontrolní bod

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-02-02 21:21 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {3138FC57-60A1-420B-B01E-87C1991198C5} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {320190EC-EF95-492C-8CFE-F179254DFC51} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-02] (Google Inc.)
Task: {3A4BF148-3B8D-46F8-B483-2B6D6E3D69D8} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-06-24] (CyberLink)
Task: {470E5E83-FB28-4574-8DAB-C5EC47DE3222} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-02] (Google Inc.)
Task: {5788BCF4-1A70-43AB-82BD-7D40E1DA678C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-06-30] (Hewlett-Packard Company)
Task: {648B503B-E94C-43DF-93DD-5F9424C25B8A} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-23] ()
Task: {97BD2016-3D2B-4400-ABCB-77B537EA71AA} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2013-09-03] ()
Task: {CB52FD32-AF5D-4900-83E2-C384A7291193} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {DF7A8992-9D31-4CB9-B033-59820DA9A4A4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-06-30] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2010-01-09 19:17 - 2010-01-09 19:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 00:40 - 2010-01-21 00:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-06-29 18:00 - 2010-06-29 18:00 - 00027192 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
2014-02-26 17:54 - 2012-12-07 17:26 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2010-01-20 16:20 - 2010-01-20 16:20 - 00611896 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2014-02-19 11:31 - 2014-02-19 11:31 - 01076736 _____ () C:\ProgramData\{0003e695-3643-d4fe-0003-3e6953649a54}\Universal Book Reader v3.0.537 FULL APK Cracked.exe
2010-06-10 17:12 - 2010-06-10 17:12 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-06-21 21:36 - 2010-06-21 21:36 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-06-18 15:26 - 2010-06-18 15:26 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-06-18 15:26 - 2010-06-18 15:26 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2010-06-18 15:26 - 2010-06-18 15:26 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2010-01-09 19:18 - 2010-01-09 19:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 00:34 - 2010-01-21 00:34 - 08793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DpHost => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4079492530-175248744-790326412-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\on a nat\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.15.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe

==================== Accounts: =============================

Administrator (S-1-5-21-4079492530-175248744-790326412-500 - Administrator - Disabled)
Guest (S-1-5-21-4079492530-175248744-790326412-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4079492530-175248744-790326412-1002 - Limited - Enabled)
on a nat (S-1-5-21-4079492530-175248744-790326412-1001 - Administrator - Enabled) => C:\Users\on a nat

==================== Faulty Device Manager Devices =============

Name: Ralink Motorola BC4 Bluetooth 3.0+HS Adapter
Description: Ralink Motorola BC4 Bluetooth 3.0+HS Adapter
Class Guid: {a173b237-6a34-4bb5-aa63-2561160fa200}
Manufacturer: Motorola, Inc.
Service: BTMUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/19/2015 11:45:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: devmgrsrv.exe, verze: 3.0.1.168, časové razítko: 0x4c29a471
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247, časové razítko: 0x521eaf24
Kód výjimky: 0xc00000fd
Posun chyby: 0x00000000000195c3
ID chybujícího procesu: 0xb9c
Čas spuštění chybující aplikace: 0xdevmgrsrv.exe0
Cesta k chybující aplikaci: devmgrsrv.exe1
Cesta k chybujícímu modulu: devmgrsrv.exe2
ID zprávy: devmgrsrv.exe3

Error: (02/17/2015 09:10:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: hpqwmiex.exe, verze: 4.0.39.1, časové razítko: 0x4c24f856
Název chybujícího modulu: OLEAUT32.dll, verze: 6.1.7601.18679, časové razítko: 0x54754919
Kód výjimky: 0xc0000005
Posun chyby: 0x00004660
ID chybujícího procesu: 0x12b0
Čas spuštění chybující aplikace: 0xhpqwmiex.exe0
Cesta k chybující aplikaci: hpqwmiex.exe1
Cesta k chybujícímu modulu: hpqwmiex.exe2
ID zprávy: hpqwmiex.exe3

Error: (02/16/2015 08:33:43 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Zálohování nebylo dokončeno, protože došlo k chybě při zápisu do umístění zálohy F:\. Chyba: Umístění zálohy nebylo nalezeno nebo není platné. Zkontrolujte nastavení zálohování a umístění zálohy. (0x81000006).

Error: (02/16/2015 08:23:50 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Zálohování nebylo dokončeno, protože došlo k chybě při zápisu do umístění zálohy F:\. Chyba: Umístění zálohy nebylo nalezeno nebo není platné. Zkontrolujte nastavení zálohování a umístění zálohy. (0x81000006).

Error: (02/14/2015 09:32:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: hpqwmiex.exe, verze: 4.0.39.1, časové razítko: 0x4c24f856
Název chybujícího modulu: OLEAUT32.dll, verze: 6.1.7601.18679, časové razítko: 0x54754919
Kód výjimky: 0xc0000005
Posun chyby: 0x00004660
ID chybujícího procesu: 0x15bc
Čas spuštění chybující aplikace: 0xhpqwmiex.exe0
Cesta k chybující aplikaci: hpqwmiex.exe1
Cesta k chybujícímu modulu: hpqwmiex.exe2
ID zprávy: hpqwmiex.exe3

Error: (02/12/2015 09:41:00 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (4648) WebCacheLocal: Při otevírání souboru protokolu C:\Users\on a nat\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1811 (0xfffff8ed).

Error: (02/10/2015 01:54:11 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (2272) WebCacheLocal: Při otevírání souboru protokolu C:\Users\on a nat\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1811 (0xfffff8ed).

Error: (02/08/2015 07:00:01 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Zálohování nebylo dokončeno, protože došlo k chybě při zápisu do umístění zálohy F:\. Chyba: Umístění zálohy nebylo nalezeno nebo není platné. Zkontrolujte nastavení zálohování a umístění zálohy. (0x81000006).

Error: (02/04/2015 08:35:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: hpqwmiex.exe, verze: 4.0.39.1, časové razítko: 0x4c24f856
Název chybujícího modulu: OLEAUT32.dll, verze: 6.1.7601.18640, časové razítko: 0x5441c30c
Kód výjimky: 0xc0000005
Posun chyby: 0x00004660
ID chybujícího procesu: 0x14f8
Čas spuštění chybující aplikace: 0xhpqwmiex.exe0
Cesta k chybující aplikaci: hpqwmiex.exe1
Cesta k chybujícímu modulu: hpqwmiex.exe2
ID zprávy: hpqwmiex.exe3

Error: (02/03/2015 10:31:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program BitTorrent.exe verze 7.9.2.38430 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 8ac

Čas spuštění: 01d03ff87cd8efe1

Čas ukončení: 6

Cesta k aplikaci: C:\Users\on a nat\Downloads\BitTorrent.exe

ID hlášení: 0e327192-abec-11e4-a1e6-ec46d7e6d4b0


System errors:
=============
Error: (02/19/2015 01:33:01 PM) (Source: DCOM) (EventID: 10016) (User: HP_Pavilion_dv7)
Description: specifické pro aplikaciMístníAktivace{D3DCB472-7261-43CE-924B-0704BD730D5F}{D3DCB472-7261-43CE-924B-0704BD730D5F}HP_Pavilion_dv7on a natS-1-5-21-4079492530-175248744-790326412-1001LocalHost (pomocí LRPC)

Error: (02/19/2015 01:33:01 PM) (Source: DCOM) (EventID: 10016) (User: HP_Pavilion_dv7)
Description: specifické pro aplikaciMístníAktivace{145B4335-FE2A-4927-A040-7C35AD3180EF}{145B4335-FE2A-4927-A040-7C35AD3180EF}HP_Pavilion_dv7on a natS-1-5-21-4079492530-175248744-790326412-1001LocalHost (pomocí LRPC)

Error: (02/19/2015 00:32:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management & Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/19/2015 00:32:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP Wireless Assistant Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/19/2015 00:32:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Health Check Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (02/19/2015 00:32:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (02/19/2015 00:32:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP Software Framework Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/19/2015 00:32:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (02/19/2015 00:32:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba FLEXnet Licensing Service 64 byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/19/2015 00:32:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bluetooth OBEX Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Microsoft Office Sessions:
=========================
Error: (02/19/2015 11:45:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: devmgrsrv.exe3.0.1.1684c29a471ntdll.dll6.1.7601.18247521eaf24c00000fd00000000000195c3b9c01d04c310ba8064dC:\Program Files\Motorola\Bluetooth\devmgrsrv.exeC:\Windows\SYSTEM32\ntdll.dll5b5a96b4-b824-11e4-b36b-e235a9e34faf

Error: (02/17/2015 09:10:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: hpqwmiex.exe4.0.39.14c24f856OLEAUT32.dll6.1.7601.1867954754919c00000050000466012b001d04a056b3de822C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exeC:\Windows\syswow64\OLEAUT32.dll050be5b0-b6e1-11e4-b46b-f36a4aa7d1a6

Error: (02/16/2015 08:33:43 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: F:\Umístění zálohy nebylo nalezeno nebo není platné. Zkontrolujte nastavení zálohování a umístění zálohy. (0x81000006)

Error: (02/16/2015 08:23:50 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: F:\Umístění zálohy nebylo nalezeno nebo není platné. Zkontrolujte nastavení zálohování a umístění zálohy. (0x81000006)

Error: (02/14/2015 09:32:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: hpqwmiex.exe4.0.39.14c24f856OLEAUT32.dll6.1.7601.1867954754919c00000050000466015bc01d047a48aa58adfC:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exeC:\Windows\syswow64\OLEAUT32.dllf8f78cc0-b423-11e4-be53-95ba93e89cbe

Error: (02/12/2015 09:41:00 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost4648WebCacheLocal: C:\Users\on a nat\AppData\Local\Microsoft\Windows\WebCache\V01.log-1811 (0xfffff8ed)

Error: (02/10/2015 01:54:11 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost2272WebCacheLocal: C:\Users\on a nat\AppData\Local\Microsoft\Windows\WebCache\V01.log-1811 (0xfffff8ed)

Error: (02/08/2015 07:00:01 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: F:\Umístění zálohy nebylo nalezeno nebo není platné. Zkontrolujte nastavení zálohování a umístění zálohy. (0x81000006)

Error: (02/04/2015 08:35:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: hpqwmiex.exe4.0.39.14c24f856OLEAUT32.dll6.1.7601.186405441c30cc00000050000466014f801d0404a12f3bcbaC:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exeC:\Windows\syswow64\OLEAUT32.dll0242633e-aca5-11e4-a493-c84a26c3faa6

Error: (02/03/2015 10:31:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: BitTorrent.exe7.9.2.384308ac01d03ff87cd8efe16C:\Users\on a nat\Downloads\BitTorrent.exe0e327192-abec-11e4-a1e6-ec46d7e6d4b0


CodeIntegrity Errors:
===================================
Date: 2015-02-01 19:22:12.004
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aticfx64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-01 19:22:11.839
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aticfx64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-01 19:10:35.901
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aticfx64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-02-01 19:10:35.697
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aticfx64.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-11-03 08:46:19.201
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG2015\avghooka.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-11-03 08:34:33.738
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG2015\avghooka.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-26 22:36:54.876
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aticfx64.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-26 22:36:54.750
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aticfx64.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-26 22:22:27.100
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aticfx64.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-05-26 22:22:26.990
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aticfx64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Percentage of memory in use: 46%
Total physical RAM: 4029.86 MB
Available physical RAM: 2146.84 MB
Total Pagefile: 8057.91 MB
Available Pagefile: 5858.7 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive b: (Data) (Fixed) (Total:253.61 GB) (Free:155.25 GB) NTFS
Drive c: (System) (Fixed) (Total:320.31 GB) (Free:258.12 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:21.95 GB) (Free:3.2 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 1A705E68)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=199 MB) - (Type=42)
Partition 3: (Not Active) - (Size=320.3 GB) - (Type=42)
Partition 4: (Not Active) - (Size=275.7 GB) - (Type=42)

==================== End Of Log ============================

Odinstalujte stare a zranitelne verze javy Java(TM) 6 Update 20 (64-bit) a Java(TM) 6 Update 20 - ponechte jen tu aktualni - Java 8 Update 31. Z hlediska bezpecnosti (exploity) je lepsi ji nemit.

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CloseProcesses:
  HKU\S-1-5-21-4079492530-175248744-790326412-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
  Startup: C:\Users\on a nat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Universal Book Reader v3.0.537 FULL APK Cracked.lnk
  
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-21-4079492530-175248744-790326412-1001 -> URL http://www.trovigo.com/Results.aspx?gd= ... 51E21D1&q={searchTerms}&SSPV=
  SearchScopes: HKU\S-1-5-21-4079492530-175248744-790326412-1001 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSugg ... hx?prefix={searchTerms}
  SearchScopes: HKU\S-1-5-21-4079492530-175248744-790326412-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
  SearchScopes: HKU\S-1-5-21-4079492530-175248744-790326412-1001 -> {04D99726-6EDC-46B8-9AC5-7C1337B14C85} URL = http://cs.wikipedia.org/wiki/Special:Search?search={searchTerms}
  SearchScopes: HKU\S-1-5-21-4079492530-175248744-790326412-1001 -> {6B1BFED4-E256-4547-B843-AAD5650A981A} URL = https://www.google.com/search?q={searchTerms}
  SearchScopes: HKU\S-1-5-21-4079492530-175248744-790326412-1001 -> {B713938B-C7A5-46E5-92A2-10BEB25FE21E} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
  FF Plugin: @microsoft.com/GENUINE -> disabled No File
  FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
  CHR StartupUrls: Default -> "https://www.google.cz/?gfe_rd=ctrl&ei=o-0YU7-NMsik8wf344GADQ&gws_rd=cr"
  CHR DefaultSearchKeyword: Default -> google.cz_
  
  S2 0c3f53c6; c:\Program Files (x86)\ReactorTurbo\ReactorTurbo.dll [1662976 2015-02-19] () [File not signed]
  c:\Program Files (x86)\ReactorTurbo
  2015-02-19 12:28 - 2015-02-19 12:32 - 00000000 ____D () C:\AdwCleaner
  2015-02-19 12:27 - 2015-02-19 12:27 - 02126848 _____ () C:\Users\on a nat\Desktop\adwcleaner_4.111.exe
  2015-02-19 11:58 - 2015-02-19 11:59 - 01222144 _____ () C:\Users\on a nat\Downloads\RSITx64.exe
  2015-02-19 11:49 - 2015-02-19 11:59 - 00000000 ____D () C:\Program Files\trend micro
  2015-02-19 11:49 - 2015-02-19 11:49 - 00000000 ____D () C:\rsit
  2015-02-19 11:35 - 2015-02-19 11:35 - 00000000 ____D () C:\Program Files (x86)\ReactorTurbo
  2015-02-19 11:34 - 2015-02-19 11:37 - 00000000 ____D () C:\Program Files (x86)\Pocket formerly Read It Later
  2015-02-19 11:31 - 2015-02-19 11:44 - 00000000 ____D () C:\ProgramData\{0003e695-3643-d4fe-0003-3e6953649a54}
  2015-02-19 09:46 - 2015-02-19 09:46 - 01222144 _____ () C:\Users\on a nat\Desktop\RSITx64.exe
  
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Hosts:
  EmptyTemp:
  End
  

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-02-2015 01
Ran by on a nat at 2015-02-20 09:02:49 Run:1
Running from C:\Users\on a nat\Desktop
Loaded Profiles: on a nat (Available profiles: on a nat)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-4079492530-175248744-790326412-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\Users\on a nat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Universal Book Reader v3.0.537 FULL APK Cracked.lnk

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4079492530-175248744-790326412-1001 -> URL http://www.trovigo.com/Results.aspx?gd= ... 51E21D1&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-4079492530-175248744-790326412-1001 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSugg ... hx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-4079492530-175248744-790326412-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4079492530-175248744-790326412-1001 -> {04D99726-6EDC-46B8-9AC5-7C1337B14C85} URL = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}
SearchScopes: HKU\S-1-5-21-4079492530-175248744-790326412-1001 -> {6B1BFED4-E256-4547-B843-AAD5650A981A} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4079492530-175248744-790326412-1001 -> {B713938B-C7A5-46E5-92A2-10BEB25FE21E} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR StartupUrls: Default -> "https://www.google.cz/?gfe_rd=ctrl&ei=o ... &gws_rd=cr"
CHR DefaultSearchKeyword: Default -> google.cz_

S2 0c3f53c6; c:\Program Files (x86)\ReactorTurbo\ReactorTurbo.dll [1662976 2015-02-19] () [File not signed]
c:\Program Files (x86)\ReactorTurbo
2015-02-19 12:28 - 2015-02-19 12:32 - 00000000 ____D () C:\AdwCleaner
2015-02-19 12:27 - 2015-02-19 12:27 - 02126848 _____ () C:\Users\on a nat\Desktop\adwcleaner_4.111.exe
2015-02-19 11:58 - 2015-02-19 11:59 - 01222144 _____ () C:\Users\on a nat\Downloads\RSITx64.exe
2015-02-19 11:49 - 2015-02-19 11:59 - 00000000 ____D () C:\Program Files\trend micro
2015-02-19 11:49 - 2015-02-19 11:49 - 00000000 ____D () C:\rsit
2015-02-19 11:35 - 2015-02-19 11:35 - 00000000 ____D () C:\Program Files (x86)\ReactorTurbo
2015-02-19 11:34 - 2015-02-19 11:37 - 00000000 ____D () C:\Program Files (x86)\Pocket formerly Read It Later
2015-02-19 11:31 - 2015-02-19 11:44 - 00000000 ____D () C:\ProgramData\{0003e695-3643-d4fe-0003-3e6953649a54}
2015-02-19 09:46 - 2015-02-19 09:46 - 01222144 _____ () C:\Users\on a nat\Desktop\RSITx64.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End

*****************

Processes closed successfully.
HKU\S-1-5-21-4079492530-175248744-790326412-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks => value deleted successfully.
C:\Users\on a nat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Universal Book Reader v3.0.537 FULL APK Cracked.lnk => Moved successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-4079492530-175248744-790326412-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\URL http://www.trovigo.com/Results.aspx?gd= ... => Value not found.
HKU\S-1-5-21-4079492530-175248744-790326412-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SuggestionsURL_JSON http://suggest.search.conduit.com/CSugg ... => Value not found.
"HKU\S-1-5-21-4079492530-175248744-790326412-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => Key deleted successfully.
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => Key not found.
"HKU\S-1-5-21-4079492530-175248744-790326412-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{04D99726-6EDC-46B8-9AC5-7C1337B14C85}" => Key deleted successfully.
HKCR\CLSID\{04D99726-6EDC-46B8-9AC5-7C1337B14C85} => Key not found.
"HKU\S-1-5-21-4079492530-175248744-790326412-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6B1BFED4-E256-4547-B843-AAD5650A981A}" => Key deleted successfully.
HKCR\CLSID\{6B1BFED4-E256-4547-B843-AAD5650A981A} => Key not found.
"HKU\S-1-5-21-4079492530-175248744-790326412-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B713938B-C7A5-46E5-92A2-10BEB25FE21E}" => Key deleted successfully.
HKCR\CLSID\{B713938B-C7A5-46E5-92A2-10BEB25FE21E} => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
Chrome StartupUrls deleted successfully.
Chrome DefaultSearchKeyword deleted successfully.
0c3f53c6 => Service deleted successfully.
c:\Program Files (x86)\ReactorTurbo => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\on a nat\Desktop\adwcleaner_4.111.exe => Moved successfully.
C:\Users\on a nat\Downloads\RSITx64.exe => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\rsit => Moved successfully.
"C:\Program Files (x86)\ReactorTurbo" => File/Directory not found.
C:\Program Files (x86)\Pocket formerly Read It Later => Moved successfully.
C:\ProgramData\{0003e695-3643-d4fe-0003-3e6953649a54} => Moved successfully.
C:\Users\on a nat\Desktop\RSITx64.exe => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 543.1 MB temporary data.


The system needed a reboot.

==== End of Fixlog 09:03:17 ====

Takze jeste uklidime.

• Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
• Oznacte jen moznost "Remove disinfection tools"
• kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

Mockrat vam dekuji za vas cas a rady. Ste frajeri.
At se vam dari.

Ono je dobre leceni predchazet a ukazat Vam, jakym zpusobem jste si do PC tuto havet natahal

Nemate zac, rad jsem pomohl


Mejte se krasne a treba zase nekdy