VIRY.CZ

Zdravím, "začátečnickou" chybou došlo k instalaci bordelu na notebook, zatím to vypadá, že útoky zachytil Avast, ale nejde se toho zbavit. Prosím o pomoc.

Programy:

Log z RSIT:

Kód: Vybrat vše

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenka at 2015-06-17 11:34:52
Microsoft Windows 7 Home Premium  
System drive C: has 15 GB (7%) free of 200 GB
Total RAM: 3828 MB (24% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:34:57, on 17.6.2015
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe
C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe
C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe
C:\Program Files (x86)\Olacarita\Olacarita\olacarita.exe
C:\Program Files (x86)\Olacarita\Olacarita\olacarita.exe
C:\Users\Lenka\AppData\Local\mpck_es_017010004\upmpck_es_017010004.exe
C:\Program Files (x86)\mpck_es_017010004\mpck_es_017010004.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe
C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe
C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe
C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Lenka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10099_swoc_campaign_150524__yaie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [RemoveNetSoftware] "C:\Program Files\NetSoftware\\rmNetSoftware.exe" /hst=logs.panelcz.gemius.com:80 /uid=1997490 /tck=542734400 /rea=6 /ist=0
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Olacarita] C:\Program Files (x86)\Olacarita\Olacarita\olacarita.exe
O4 - HKLM\..\Run: [mpck_es_017010004] "C:\Program Files (x86)\mpck_es_017010004\mpck_es_017010004.exe"
O4 - HKLM\..\RunOnce: [upmpck_es_017010004.exe] C:\Users\Lenka\AppData\Local\mpck_es_017010004\upmpck_es_017010004.exe -runonce
O4 - HKCU\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
O4 - HKCU\..\Run: [WindApp] "C:\Users\Lenka\AppData\Roaming\Store\WindApp\WindApp.exe" /winstartup
O4 - HKCU\..\Run: [BoBrowser] "C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe" --no-proxy-server
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2274969629-4033836620-2924378098-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2274969629-4033836620-2924378098-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: ClaraUpdater - ClaraLabs - C:\Program Files (x86)\Common Files\ClaraUpdater\ClaraUpdater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Data Security Service - Unknown owner - C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe (file missing)
O23 - Service: EgisTec Service - Unknown owner - C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LavasoftTcpService - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Služba Olacarita Update (Olacarita_update) (Olacarita_update) - The Olacarita Group - C:\Program Files (x86)\Olacarita\Update\OlacaritaUpdate.exe
O23 - Service: Služba Olacarita Update (Olacarita_update_m) (Olacarita_update_m) - The Olacarita Group - C:\Program Files (x86)\Olacarita\Update\OlacaritaUpdate.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RtLedService Installer (RtLedService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtLED\RtLEDService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: IE Search Set (SearchProtectionService) - Unknown owner - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13882 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x254
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"taskhost.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Realtek\RtLED\RtLEDService.exe"
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe"
"C:\Program Files\Realtek\RtLED\RtLED.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
WLIDSvcM.exe 3068
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe" 
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Elantech\ETDCtrl.exe" 
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe" 
"C:\Program Files\Elantech\ETDCtrlHelper.exe" 
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe" 
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\rundll32.exe" xrWCbgnd.dll,LaunchBgTask 1
"C:\Windows\System32\igfxtray.exe" 
"C:\Windows\System32\hkcmd.exe" 
"C:\Windows\System32\igfxpers.exe" 
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" --minimize
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe" 
"C:\Program Files\Winamp\winampa.exe" 
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe" -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" 
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" 
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3896.0.1105776807\4475541" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,9,21,44 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0046 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2622 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Unused_A4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_02/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3896 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="3896.3.1386947228\583816561" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Unused_A4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_02/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3896 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="3896.5.30446399\2034094597" /prefetch:673131151
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Unused_A4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_02/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3896 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="3896.9.1186155833\521931181" /prefetch:673131151
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Unused_A4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_02/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3896 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="3896.15.2122857190\792633746" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Unused_A4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_02/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3896 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="3896.18.874945302\728860026" /prefetch:673131151
"C:\Program Files (x86)\Common Files\ClaraUpdater\ClaraUpdater.exe"
taskeng.exe {8EA0AAF3-B2F5-43B7-8F54-07EA41AC5108}
C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe --no-startup-window
"C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe" --type=gpu-process --channel="7156.0.551304740\1428692508" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,16 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0046 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2622 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe" --type=renderer --lang=cs --force-fieldtrials=UMA-Uniformity-Trial-100-Percent/group_01/ --extension-process --enable-offline-auto-reload --enable-offline-load-stale-cache --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="7156.1.960209628\97433059" /prefetch:673131151
"C:\Program Files (x86)\Olacarita\Olacarita\olacarita.exe" 
--sentinel
"C:\Users\Lenka\AppData\Local\mpck_es_017010004\upmpck_es_017010004.exe" -runhelper
"C:\Program Files (x86)\mpck_es_017010004\mpck_es_017010004.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/*CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Unused_A4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_02/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3896 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="3896.26.403222723\363199208" /prefetch:673131151
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="4384.2.1904414372\895071717" "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4384 "\\.\pipe\gecko-crash-server-pipe.4384" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe" --proxy-stub-channel=Flash3804.60C665C0.30468 --host-broker-channel=Flash3804.60C665C0.2706 --host-pid=3804 --host-npapi-version=28 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe" --channel=6480.0022F118.1777837423 --proxy-stub-channel=Flash3804.60C665C0.30468 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll" --host-npapi-version=28 --type=renderer
"C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe" --type=renderer --lang=cs --force-fieldtrials=UMA-Uniformity-Trial-100-Percent/group_01/ --extension-process --enable-offline-auto-reload --enable-offline-load-stale-cache --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="7156.17.947440417\1239635270" /prefetch:673131151
C:\Windows\system32\msiexec.exe /V
"C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe" --type=renderer --lang=cs --force-fieldtrials=UMA-Uniformity-Trial-100-Percent/group_01/ --extension-process --enable-offline-auto-reload --enable-offline-load-stale-cache --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="7156.25.381107170\1481705476" /prefetch:673131151
"C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe" --type=renderer --lang=cs --force-fieldtrials=UMA-Uniformity-Trial-100-Percent/group_01/ --extension-process --enable-offline-auto-reload --enable-offline-load-stale-cache --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="7156.26.1877968133\485984032" /prefetch:673131151
"C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe" --type=renderer --lang=cs --force-fieldtrials=UMA-Uniformity-Trial-100-Percent/group_01/ --extension-process --enable-offline-auto-reload --enable-offline-load-stale-cache --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="7156.27.115717823\1273711018" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/*CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Unused_A4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_02/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3896 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="3896.30.519615013\1843504316" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524 
"C:\Users\Lenka\Desktop\RSITx64.exe" 

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c 
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 
C:\Windows\tasks\OlacaritaUpdateTaskMachineCore.job - C:\Program Files (x86)\Olacarita\Update\OlacaritaUpdate.exe  /c 
C:\Windows\tasks\OlacaritaUpdateTaskMachineUA.job - C:\Program Files (x86)\Olacarita\Update\OlacaritaUpdate.exe  /ua /installsource scheduler 

=========Mozilla firefox=========

ProfilePath - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\gkygo401.default

prefs.js - "browser.search.useDBForOrder" -  true
prefs.js - "browser.startup.homepage" -  "https://www.google.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.Olacarita.com/Olacarita Update;version=3]
"Description"=Olacarita Update
"Path"=C:\Program Files (x86)\Olacarita\Update\1.3.25.0\npOlacaritaUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.Olacarita.com/Olacarita Update;version=9]
"Description"=Olacarita Update
"Path"=C:\Program Files (x86)\Olacarita\Update\1.3.25.0\npOlacaritaUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
npwachk.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\gkygo401.default\searchplugins\
google-default.xml
yahoo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-12 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-12 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-06-02 10821224]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-03-29 2598280]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [2010-04-12 4462496]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2010-03-18 7056800]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-13 222504]
"XeroxEndeavorBackgroundTask"=xrWCbgnd.dll,LaunchBgTask 1 []
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-01-10 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-01-10 392984]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-01-10 417560]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Web Companion"=C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [2015-06-08 1381648]
"WindApp"=C:\Users\Lenka\AppData\Roaming\Store\WindApp\WindApp.exe /winstartup []
"BoBrowser"=C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe [2015-05-25 642728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-04-17 31280256]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2009-09-30 111640]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-13 222504]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2011-12-09 74752]
"RemoveNetSoftware"=C:\Program Files\NetSoftware\\rmNetSoftware.exe [2012-11-14 1069880]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-11 5515496]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
"Olacarita"=C:\Program Files (x86)\Olacarita\Olacarita\olacarita.exe [2014-08-02 1645128]
"mpck_es_017010004"=C:\Program Files (x86)\mpck_es_017010004\mpck_es_017010004.exe [2015-06-16 3983528]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"upmpck_es_017010004.exe"=C:\Users\Lenka\AppData\Local\mpck_es_017010004\upmpck_es_017010004.exe [2015-06-16 3286184]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-01-10 390656]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
EgisPwdFilter
EgisDSPwdFilter

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-06-17 11:34:52 ----D---- C:\rsit
2015-06-17 11:19:18 ----D---- C:\Program Files (x86)\mpck_es_017010004
2015-06-17 11:16:55 ----D---- C:\Program Files (x86)\Olacarita
2015-06-17 11:15:48 ----A---- C:\claraInstaller.txt
2015-06-16 22:51:49 ----D---- C:\Users\Lenka\AppData\Roaming\Store
2015-06-16 22:16:25 ----D---- C:\Users\Lenka\AppData\Roaming\Nosibay
2015-06-10 19:20:40 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2015-06-03 16:04:33 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-05-24 13:38:49 ----A---- C:\Windows\SYSWOW64\LavasoftTcpServiceOff.ini
2015-05-24 13:38:49 ----A---- C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-05-24 13:38:47 ----A---- C:\Windows\system32\LavasoftTcpService64.dll
2015-05-24 13:38:46 ----A---- C:\Windows\SYSWOW64\LavasoftTcpService.dll
2015-05-24 13:38:03 ----D---- C:\Program Files (x86)\Lavasoft
2015-05-24 13:36:23 ----D---- C:\Users\Lenka\AppData\Roaming\Lavasoft
2015-05-24 13:36:23 ----D---- C:\ProgramData\Lavasoft
2015-05-24 13:36:07 ----D---- C:\Users\Lenka\AppData\Roaming\OpenCandy

======List of files/folders modified in the last 1 month======

2015-06-17 11:34:56 ----D---- C:\Windows\Temp
2015-06-17 11:34:55 ----D---- C:\Program Files\trend micro
2015-06-17 11:29:47 ----SHD---- C:\Windows\Installer
2015-06-17 11:29:46 ----RD---- C:\Program Files (x86)
2015-06-17 11:17:02 ----D---- C:\Windows\Tasks
2015-06-17 11:17:02 ----D---- C:\Windows\system32\Tasks
2015-06-17 11:16:42 ----D---- C:\Program Files (x86)\Common Files
2015-06-17 11:12:23 ----D---- C:\Windows\system32\config
2015-06-17 11:07:40 ----D---- C:\Windows\SysWOW64
2015-06-17 11:00:40 ----SHD---- C:\System Volume Information
2015-06-17 10:59:40 ----D---- C:\Windows\System32
2015-06-17 10:59:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-06-17 10:54:51 ----D---- C:\Windows\system32\catroot2
2015-06-17 10:53:29 ----A---- C:\Windows\SYSWOW64\log.txt
2015-06-17 10:53:09 ----D---- C:\ProgramData\NVIDIA
2015-06-16 23:23:23 ----D---- C:\Users\Lenka\AppData\Roaming\uTorrent
2015-06-16 22:16:26 ----SD---- C:\Users\Lenka\AppData\Roaming\Microsoft
2015-06-16 21:40:58 ----SD---- C:\ProgramData\Microsoft
2015-06-11 10:13:08 ----D---- C:\Windows\Prefetch
2015-06-11 08:56:52 ----D---- C:\ProgramData\Microsoft Help
2015-06-11 08:56:11 ----D---- C:\Windows\system32\MRT
2015-06-11 08:48:17 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-06-10 19:48:58 ----A---- C:\Windows\system32\MRT.exe
2015-06-09 16:45:32 ----D---- C:\Windows\rescache
2015-06-06 13:19:42 ----RD---- C:\Lenitschka
2015-06-05 10:11:44 ----D---- C:\Bordel z plochy
2015-06-05 09:27:38 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-31 23:24:56 ----D---- C:\Users\Lenka\AppData\Roaming\Skype
2015-05-31 15:02:26 ----D---- C:\ProgramData\Skype
2015-05-25 15:44:24 ----D---- C:\Windows\system32\catroot
2015-05-25 15:41:33 ----HD---- C:\ProgramData
2015-05-25 15:40:28 ----D---- C:\Program Files (x86)\NCH Software
2015-05-25 15:36:03 ----D---- C:\Program Files (x86)\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-04-25 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-04-25 272248]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 LHDmgr;LHDmgr; C:\Windows\System32\DRIVERS\LhdX64.sys [2010-01-15 39008]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-09-05 30496]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-04-25 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-04-25 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-04-25 442264]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2012-02-20 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2012-02-20 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-02-20 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-04-25 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-04-25 89944]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-04-25 137288]
R2 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys); C:\Windows\System32\Drivers\FPSensor.sys [2012-02-20 35888]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2009-10-19 28176]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-03-02 1594368]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2010-04-08 54824]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-01-15 98344]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2010-01-15 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-01-15 21288]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-03-26 162304]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-01-10 12311904]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-25 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-06-02 2392296]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-02 271872]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-02-22 75304]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552448]
S3 cpuz134;cpuz134; \??\C:\Users\Lenka\AppData\Local\Temp\cpuz134\cpuz134_x64.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-03-24 243744]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
S3 wsvd;wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-05-01 81088]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-04-25 343336]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2010-04-20 903456]
R2 ClaraUpdater;ClaraUpdater; C:\Program Files (x86)\Common Files\ClaraUpdater\ClaraUpdater.exe [2015-06-17 935536]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 LavasoftTcpService;LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2015-06-08 2751792]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-09-30 268824]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-08-30 920864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-09-05 1364256]
R2 RtLedService;RtLedService Installer; C:\Program Files\Realtek\RtLED\RtLEDService.exe [2010-02-05 311296]
R2 SearchProtectionService;IE Search Set; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [2015-06-08 19816]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-08-29 414496]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2320920]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 EgisTec Data Security Service;EgisTec Data Security Service; C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe []
S2 EgisTec Service;EgisTec Service; C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19 107912]
S2 Olacarita_update;Služba Olacarita Update (Olacarita_update); C:\Program Files (x86)\Olacarita\Update\OlacaritaUpdate.exe [2015-06-17 108544]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-11 268464]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19 107912]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe []
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-06-03 148080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Olacarita_update_m;Služba Olacarita Update (Olacarita_update_m); C:\Program Files (x86)\Olacarita\Update\OlacaritaUpdate.exe [2015-06-17 108544]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-27 1255736]

-----------------EOF-----------------

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Lenka (administrator) on LENKA-PC on 17-06-2015 12:20:22
Running from C:\Users\Lenka\Desktop
Loaded Profiles: Lenka & UpdatusUser (Available Profiles: Lenka & UpdatusUser)
Platform: Windows 7 Home Premium (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser path: "C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtLED\RtLEDService.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtLED\RtLED.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ClaraLabs) C:\Program Files (x86)\Common Files\ClaraUpdater\ClaraUpdater.exe
(The BoBrowser Authors) C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe
(The BoBrowser Authors) C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe
(The BoBrowser Authors) C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe
(Olacarita OU) C:\Program Files (x86)\Olacarita\Olacarita\olacarita.exe
(Olacarita OU) C:\Program Files (x86)\Olacarita\Olacarita\olacarita.exe
() C:\Users\Lenka\AppData\Local\mpck_es_017010004\upmpck_es_017010004.exe
() C:\Program Files (x86)\mpck_es_017010004\mpck_es_017010004.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(The BoBrowser Authors) C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe
(The BoBrowser Authors) C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe
(The BoBrowser Authors) C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe
(The BoBrowser Authors) C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winamp.exe
(Last.fm) C:\Program Files\Last.fm\CrashReporter.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10821224 2010-06-02] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [2598280 2010-03-29] (ELAN Microelectronics Corp.)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4462496 2010-04-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [7056800 2010-03-18] (Lenovo (Beijing) Limited)
HKLM\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [XeroxEndeavorBackgroundTask] => rundll32.exe xrWCbgnd.dll,LaunchBgTask 1
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111640 2009-09-30] ()
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)
HKLM-x32\...\Run: [RemoveNetSoftware] => C:\Program Files\NetSoftware\\rmNetSoftware.exe [1069880 2012-11-14] (Gemius)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Olacarita] => C:\Program Files (x86)\Olacarita\Olacarita\olacarita.exe [1645128 2014-08-02] (Olacarita OU)
HKLM-x32\...\Run: [mpck_es_017010004] => C:\Program Files (x86)\mpck_es_017010004\mpck_es_017010004.exe [3983528 2015-06-16] ()
HKLM-x32\...\RunOnce: [upmpck_es_017010004.exe] => C:\Users\Lenka\AppData\Local\mpck_es_017010004\upmpck_es_017010004.exe [3286184 2015-06-16] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2274969629-4033836620-2924378098-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1381648 2015-06-08] (Lavasoft)
HKU\S-1-5-21-2274969629-4033836620-2924378098-1000\...\Run: [WindApp] => "C:\Users\Lenka\AppData\Roaming\Store\WindApp\WindApp.exe" /winstartup
HKU\S-1-5-21-2274969629-4033836620-2924378098-1000\...\Run: [BoBrowser] => C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe [642728 2015-05-25] (The BoBrowser Authors)
HKU\S-1-5-21-2274969629-4033836620-2924378098-1000\...\MountPoints2: {2936a2b5-ea10-11e1-80a0-9cb70d064c74} - G:\iStudio.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012-02-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-25] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll [2015-06-16] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2274969629-4033836620-2924378098-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
HKU\S-1-5-21-2274969629-4033836620-2924378098-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/?fr=vmn&type=vmn_ ... 0524__yaie
HKU\S-1-5-21-2274969629-4033836620-2924378098-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\S-1-5-21-2274969629-4033836620-2924378098-1000 -> DefaultScope {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = https://search.yahoo.com/search?fr=vmn& ... earchTerms}
SearchScopes: HKU\S-1-5-21-2274969629-4033836620-2924378098-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... b70d064c74
SearchScopes: HKU\S-1-5-21-2274969629-4033836620-2924378098-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = https://search.yahoo.com/search?fr=vmn& ... earchTerms}
SearchScopes: HKU\S-1-5-21-2274969629-4033836620-2924378098-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-12] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-12] (Avast Software s.r.o.)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [348488 2015-05-24] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [348488 2015-05-24] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [348488 2015-05-24] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [348488 2015-05-24] (Lavasoft Limited)
Winsock: Catalog9 16 C:\Windows\SysWOW64\LavasoftTcpService.dll [348488 2015-05-24] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [428880 2015-05-24] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [428880 2015-05-24] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [428880 2015-05-24] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [428880 2015-05-24] (Lavasoft Limited)
Winsock: Catalog9-x64 16 C:\Windows\system32\LavasoftTcpService64.dll [428880 2015-05-24] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\gkygo401.default
FF NewTab: https://www.yahoo.com/?fr=vmn&type=vmn_ ... 0524__yaff
FF DefaultSearchEngine: Google Default
FF SelectedSearchEngine: Yahoo
FF Homepage: https://www.google.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-11] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.Olacarita.com/Olacarita Update;version=3 -> C:\Program Files (x86)\Olacarita\Update\1.3.25.0\npOlacaritaUpdate3.dll [2015-06-17] (The Olacarita Group)
FF Plugin-x32: @tools.Olacarita.com/Olacarita Update;version=9 -> C:\Program Files (x86)\Olacarita\Update\1.3.25.0\npOlacaritaUpdate3.dll [2015-06-17] (The Olacarita Group)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2011-12-09] (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\gkygo401.default\searchplugins\google-default.xml [2015-05-25]
FF Extension: Video DownloadHelper - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\gkygo401.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-14]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-02-20]
FF HKU\S-1-5-21-2274969629-4033836620-2924378098-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\all-gemius.js [2015-06-03]

Chrome:
=======
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-05-03]
CHR Extension: (McAfee Security Scan+) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-27]
CHR Extension: (Google Search) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-05-03]
CHR Extension: (Avast Online Security) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-20]
CHR Extension: (Google Wallet) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-26]
CHR Extension: (Gmail) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-05-03]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-25] (Avast Software s.r.o.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [903456 2010-04-20] (Broadcom Corporation.)
R2 ClaraUpdater; C:\Program Files (x86)\Common Files\ClaraUpdater\ClaraUpdater.exe [935536 2015-06-17] (ClaraLabs) [File not signed]
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751792 2015-06-08] (Lavasoft Limited)
S2 Olacarita_update; C:\Program Files (x86)\Olacarita\Update\OlacaritaUpdate.exe [108544 2015-06-17] (The Olacarita Group) [File not signed]
S3 Olacarita_update_m; C:\Program Files (x86)\Olacarita\Update\OlacaritaUpdate.exe [108544 2015-06-17] (The Olacarita Group) [File not signed]
R2 RtLedService; C:\Program Files\Realtek\RtLED\RtLEDService.exe [311296 2010-02-05] (Realtek Semiconductor Corp.) [File not signed]
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [19816 2015-06-08] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S2 EgisTec Data Security Service; "C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe" [X]
S2 EgisTec Service; "C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe" [X]
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-25] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-25] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-25] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-25] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-25] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-25] ()
S3 cpuz134; \??\C:\Users\Lenka\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-17 12:20 - 2015-06-17 12:21 - 00021553 _____ C:\Users\Lenka\Desktop\FRST.txt
2015-06-17 12:19 - 2015-06-17 12:20 - 00000000 ____D C:\FRST
2015-06-17 11:49 - 2015-06-17 11:49 - 02109952 _____ (Farbar) C:\Users\Lenka\Desktop\FRST64.exe
2015-06-17 11:34 - 2015-06-17 11:35 - 00000000 ____D C:\rsit
2015-06-17 11:34 - 2015-06-17 11:34 - 01222144 _____ C:\Users\Lenka\Desktop\RSITx64.exe
2015-06-17 11:29 - 2015-06-17 11:29 - 00002212 _____ C:\Users\Lenka\Desktop\Facebook.lnk
2015-06-17 11:19 - 2015-06-17 11:22 - 00000000 ____D C:\Users\Lenka\AppData\Local\mpck_es_017010004
2015-06-17 11:19 - 2015-06-17 11:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBILEPCSTARTERKIT
2015-06-17 11:19 - 2015-06-17 11:19 - 00000000 ____D C:\Program Files (x86)\mpck_es_017010004
2015-06-17 11:17 - 2015-06-17 11:22 - 00000926 _____ C:\Windows\Tasks\OlacaritaUpdateTaskMachineUA.job
2015-06-17 11:17 - 2015-06-17 11:22 - 00000922 _____ C:\Windows\Tasks\OlacaritaUpdateTaskMachineCore.job
2015-06-17 11:17 - 2015-06-17 11:17 - 00003922 _____ C:\Windows\System32\Tasks\OlacaritaUpdateTaskMachineUA
2015-06-17 11:17 - 2015-06-17 11:17 - 00003670 _____ C:\Windows\System32\Tasks\OlacaritaUpdateTaskMachineCore
2015-06-17 11:16 - 2015-06-17 11:18 - 00000000 ____D C:\Program Files (x86)\Olacarita
2015-06-17 11:16 - 2015-06-17 11:17 - 00000000 ____D C:\Users\Lenka\AppData\Local\BoBrowser
2015-06-17 11:16 - 2015-06-17 11:16 - 00004056 _____ C:\Windows\System32\Tasks\PostPoneInstall
2015-06-17 11:16 - 2015-06-17 11:16 - 00003152 _____ C:\Windows\System32\Tasks\Run_Bobby_Browser
2015-06-17 11:16 - 2015-06-17 11:16 - 00000000 ____D C:\Users\Lenka\AppData\Local\Olacarita
2015-06-17 11:15 - 2015-06-17 11:16 - 00007822 _____ C:\claraInstaller.txt
2015-06-17 11:07 - 2015-06-17 11:19 - 00000903 _____ C:\Windows\SysWOW64\${LOGFILE}
2015-06-16 22:51 - 2015-06-16 22:51 - 00003710 _____ C:\Windows\System32\Tasks\WindApp Update
2015-06-16 22:51 - 2015-06-16 22:51 - 00000078 _____ C:\Users\Lenka\AppData\Roaming\WindApp.installation.log
2015-06-16 22:51 - 2015-06-16 22:51 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\Store
2015-06-16 22:16 - 2015-06-17 11:19 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\Nosibay
2015-06-16 22:16 - 2015-06-16 22:37 - 00005712 _____ C:\Users\Lenka\AppData\Roaming\Bubble Dock.installation.log
2015-06-16 22:16 - 2015-06-16 22:16 - 00000097 _____ C:\Users\Lenka\AppData\Roaming\WindApp.boostrap.log
2015-06-16 22:15 - 2015-06-16 23:06 - 00001281 _____ C:\Users\Lenka\AppData\Roaming\Bubble Dock.boostrap.log
2015-06-10 19:20 - 2015-06-11 01:49 - 18169520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-06-03 16:04 - 2015-06-04 10:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-05-30 20:46 - 2015-06-15 20:20 - 00000000 ____D C:\Users\Lenka\Desktop\Kakamila
2015-05-28 08:29 - 2015-05-28 08:29 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
2015-05-24 13:39 - 2015-05-24 13:39 - 00000000 ____D C:\Users\Lenka\AppData\Local\Lavasoft
2015-05-24 13:38 - 2015-06-08 14:13 - 00428880 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-05-24 13:38 - 2015-06-08 14:13 - 00348488 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-05-24 13:38 - 2015-05-25 15:15 - 00002928 _____ C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-05-24 13:38 - 2015-05-25 15:15 - 00002928 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-05-24 13:38 - 2015-05-24 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-05-24 13:38 - 2015-05-24 13:38 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-05-24 13:36 - 2015-05-24 13:36 - 00000026 _____ C:\Users\Lenka\AppData\Local\isoworkshop.ini
2015-05-24 13:36 - 2015-05-24 13:36 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\OpenCandy
2015-05-24 13:36 - 2015-05-24 13:36 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\Lavasoft
2015-05-24 13:36 - 2015-05-24 13:36 - 00000000 ____D C:\ProgramData\Lavasoft

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-17 12:18 - 2012-02-20 13:05 - 01917694 _____ C:\Windows\WindowsUpdate.log
2015-06-17 12:16 - 2009-07-14 06:51 - 00133601 _____ C:\Windows\setupact.log
2015-06-17 12:05 - 2012-06-20 06:41 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-17 11:54 - 2015-05-17 17:49 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-17 11:53 - 2009-07-14 06:45 - 00015472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-17 11:53 - 2009-07-14 06:45 - 00015472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-17 11:34 - 2015-04-25 21:16 - 00000000 ____D C:\Program Files\trend micro
2015-06-17 10:59 - 2009-07-14 17:18 - 11972290 _____ C:\Windows\system32\perfh005.dat
2015-06-17 10:59 - 2009-07-14 17:18 - 04116910 _____ C:\Windows\system32\perfc005.dat
2015-06-17 10:59 - 2009-07-14 07:13 - 00004572 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-17 10:53 - 2015-05-17 17:48 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-17 10:53 - 2012-02-20 14:01 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-17 10:53 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-16 23:23 - 2012-02-24 19:37 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\uTorrent
2015-06-16 12:03 - 2012-04-15 15:17 - 00000000 ____D C:\Users\Lenka\Documents\Queermag
2015-06-11 09:13 - 2012-02-20 14:14 - 00208308 _____ C:\Windows\PFRO.log
2015-06-11 08:56 - 2013-12-27 14:28 - 00000000 ____D C:\Windows\system32\MRT
2015-06-11 08:56 - 2012-02-25 13:17 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-11 08:48 - 2012-06-20 06:41 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-11 08:48 - 2012-06-20 06:41 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-11 08:48 - 2012-02-20 14:26 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-10 19:48 - 2012-05-03 07:15 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-09 16:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-06 13:19 - 2012-02-17 21:24 - 00000000 ___RD C:\Lenitschka
2015-06-06 12:54 - 2012-08-08 07:31 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-05 10:11 - 2012-11-14 20:27 - 00000000 ____D C:\Bordel z plochy
2015-06-05 09:27 - 2015-01-30 21:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-03 14:50 - 2014-11-21 22:50 - 00001968 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-06-01 15:33 - 2015-03-22 13:16 - 00000000 ____D C:\Users\Lenka\czech golden treasure TOP100FILMS en sub
2015-05-31 23:24 - 2012-08-01 07:48 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\Skype
2015-05-31 15:02 - 2012-08-01 07:47 - 00000000 ____D C:\ProgramData\Skype
2015-05-25 21:39 - 2012-02-20 13:54 - 00000000 ____D C:\Users\Lenka
2015-05-25 15:44 - 2012-02-20 14:11 - 00002243 _____ C:\Users\Lenka\Desktop\OneKey Recovery.lnk
2015-05-25 15:40 - 2013-07-04 22:17 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2015-05-25 15:40 - 2013-07-04 22:17 - 00000000 ____D C:\Program Files (x86)\NCH Software
2015-05-24 13:31 - 2015-01-30 21:37 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

==================== Files in the root of some directories =======

2013-02-20 22:41 - 2013-02-10 19:04 - 0119888 _____ () C:\Users\Lenka\AppData\Roaming\BabMaint.exe
2015-06-16 22:15 - 2015-06-16 23:06 - 0001281 _____ () C:\Users\Lenka\AppData\Roaming\Bubble Dock.boostrap.log
2015-06-16 22:16 - 2015-06-16 22:37 - 0005712 _____ () C:\Users\Lenka\AppData\Roaming\Bubble Dock.installation.log
2015-06-16 22:16 - 2015-06-16 22:16 - 0000097 _____ () C:\Users\Lenka\AppData\Roaming\WindApp.boostrap.log
2015-06-16 22:51 - 2015-06-16 22:51 - 0000078 _____ () C:\Users\Lenka\AppData\Roaming\WindApp.installation.log
2015-05-24 13:36 - 2015-05-24 13:36 - 0000026 _____ () C:\Users\Lenka\AppData\Local\isoworkshop.ini

Some files in TEMP:
====================
C:\Users\Lenka\AppData\Local\Temp\bitool.dll
C:\Users\Lenka\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe
C:\Users\Lenka\AppData\Local\Temp\Install_BubbleDock_new.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-06-16 10:53

==================== End of log ============================

# AdwCleaner v4.206 - Log vytvořen 17/06/2015 v 12:42:09
# Aktualizováno 01/06/2015 by Xplode
# Databáze : 2015-06-17.1 [Server]
# Operační system : Windows 7 Home Premium (x64)
# Uživatelské jméno : Lenka - LENKA-PC
# Spuštěno z : C:\Users\Lenka\Desktop\adwcleaner_4.206.exe
# Nastavení : Čištění

***** [ Služby ] *****

Služba Smazáno : ClaraUpdater

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\Babylon
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\YourFileDownloader
Složka Smazáno : C:\Program Files (x86)\YourFileDownloader
Složka Smazáno : C:\Program Files (x86)\mpck_es_017010004
Složka Smazáno : C:\Program Files (x86)\Common Files\ClaraUpdater
[#] Složka Smazáno : C:\Users\Lenka\AppData\Local\BoBrowser
Složka Smazáno : C:\Users\Lenka\AppData\Local\mpck_es_017010004
Složka Smazáno : C:\Users\Lenka\AppData\Roaming\BabSolution
Složka Smazáno : C:\Users\Lenka\AppData\Roaming\Babylon
Složka Smazáno : C:\Users\Lenka\AppData\Roaming\BabylonToolbar
Složka Smazáno : C:\Users\Lenka\AppData\Roaming\Nosibay
Složka Smazáno : C:\Users\Lenka\AppData\Roaming\OpenCandy
Složka Smazáno : C:\Users\Lenka\AppData\Roaming\Store
Složka Smazáno : C:\Users\Lenka\AppData\Roaming\YourFileDownloader
Složka Smazáno : C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Soubor Smazáno : C:\claraInstaller.txt
Soubor Smazáno : C:\Windows\Reimage.ini
Soubor Smazáno : C:\Users\Lenka\AppData\Roaming\BabMaint.exe
Soubor Smazáno : C:\Users\Lenka\AppData\Roaming\Bubble Dock.boostrap.log
Soubor Smazáno : C:\Users\Lenka\AppData\Roaming\Bubble Dock.installation.log
Soubor Smazáno : C:\Users\Lenka\AppData\Roaming\WindApp.boostrap.log
Soubor Smazáno : C:\Users\Lenka\AppData\Roaming\WindApp.installation.log
Soubor Smazáno : C:\Users\Lenka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BoBrowser.lnk
Soubor Smazáno : C:\Users\Lenka\Desktop\Facebook.lnk
Soubor Smazáno : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\all-gemius.js

***** [ Naplánované úlohy ] *****

Úloha Smazáno : PostPoneInstall
Úloha Smazáno : Run_Bobby_Browser
Úloha Smazáno : WindApp Update

***** [ Zástupci ] *****

***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Hodnota Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WindApp]
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Klíč Smazáno : HKLM\SOFTWARE\Classes\b
Klíč Smazáno : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Klíč Smazáno : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Klíč Smazáno : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Klíč Smazáno : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\escort.escortIEPane
Klíč Smazáno : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Klíč Smazáno : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\Prod.cap
Hodnota Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [bobrowser]
Klíč Smazáno : HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\bobrowser.exe
Klíč Smazáno : HKLM\SOFTWARE\MICROSOFT\MEDIAPLAYER\SHIMINCLUSIONLIST\bobrowser.exe
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mpck_es_017010004]
Klíč Smazáno : HKLM\SOFTWARE\Clients\StartMenuInternet\BoBrowser.CEIR4ZHLN46G52L3OBZZJLTCE4
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{08230486-CBAF-4000-8036-447C3852D034}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{13809C03-DE3B-47E5-96A3-2D8F83693A50}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3D976BD4-0B6A-4757-9D2B-65AA20F4B4EA}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{413002E0-930D-4EF9-9803-FC4B3EA4181E}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{76894207-241A-473B-B111-FAA75608F1D9}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{7A7C8DA9-8660-460D-849F-01619B91C03F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{B6CD3C31-ABF4-4C7A-8CB7-29960BC7017C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F9A8326E-9C90-4BF2-ACC7-D0883D16AA82}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D976BD4-0B6A-4757-9D2B-65AA20F4B4EA}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíč Smazáno : HKCU\Software\BabylonToolbar
Klíč Smazáno : HKCU\Software\Conduit
Klíč Smazáno : HKCU\Software\Microsoft\Babylon
Klíč Smazáno : HKCU\Software\Nosibay
Klíč Smazáno : HKCU\Software\Store
Klíč Smazáno : HKCU\Software\Tutorials
Klíč Smazáno : HKCU\Software\TutoTag
Klíč Smazáno : HKCU\Software\YourFileDownloader
Klíč Smazáno : HKCU\Software\Reimage
Klíč Smazáno : HKCU\Software\BoBrowser
Klíč Smazáno : HKLM\SOFTWARE\Babylon
Klíč Smazáno : HKLM\SOFTWARE\BabylonToolbar
Klíč Smazáno : HKLM\SOFTWARE\Conduit
Klíč Smazáno : HKLM\SOFTWARE\Tutorials
Klíč Smazáno : HKLM\SOFTWARE\YourFileDownloader
Klíč Smazáno : HKLM\SOFTWARE\Clara
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\windapp
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\YourFileDownloader
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\BoBrowser
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mpck_es_017010004_is1
Klíč Smazáno : [x64] HKLM\SOFTWARE\Reimage
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0124B064795BB484FA494FC7CF204C0C
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\01F8E7504D2D2644AB1185234D2AD5AC
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\04CDEDFDD6EF25443B78A49D1FE5B4F2
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\058911EBC07BAAE42B102E3F4B0D070D
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\05CE306CC244D284D8D8090E404CD7D3
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\089527E77AD22E345B0066D226E44F46
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0BD0B15D6F0C2BF428B339B2D2D732C9
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0C1AAA506D92B2D44BD6FEF6CDFB71E1
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CAEC9AFF1716FF4DBACEED82F88C702
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0DD4444CBC682774C8E573CC73C5BC46
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0F68250201451D64EA71E91BA19832DC
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\126FFC99A0F214F41AE2D6C7A0FC09BF
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12F72EF2521177A4BB467FF35A881382
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14873772FE3926F4195C9280D52D3486
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14CF11D787D40BF458A3B5CB123733CE
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\163A5460E4FB18343B4C0B781B27E813
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1705977FCB2F22F4D8A9AB847C3FB9CE
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\19F133B6A0BA9B14493CE47703DF4CF3
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C735C7A54F53574CA5AEA93D0D1F01E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1CE2260B068265A488410CA171D93778
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DF1DD2609A2135479C19D72E41B64AA
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F72D9058D0863E4F8EB9FE6E980C385
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2217D47FAFB0AC547820199B3A026CFB
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22C5FD2815F5C7C4DB5F34F504BF9D96
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26CF57FC035624845B9005289DFA1448
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2719056FB4CDD294887140382819FFF7
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2956CB28F45AAF746998774B3C9FF012
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2AD5E582EBA9ED54989A134D9250922B
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BB672F8D2CA64146B6688371E75C986
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2EA450B923F9C4D4BBEB203648FBFFDC
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2ECA942EFDBD22B4EBB7FE3AB9EDDBDD
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F055C41FDCA50A43BE42A96D243AD47
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F4EE319A22490145BC4AEBC53B616CA
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\31E430E345D85D54CA33BC88AEFDB9D8
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\358096DA35E67B5479C2E880DF0C10C1
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\37345F678B330594E9E4AC16908F78CF
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38641BF101151094F86DD62B534BDEC4
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38762340C83E6764B87807B67154F5A4
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3984BAF27BDA0DC4D8AED19FCB64BD7D
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3D82200490995CE42AB754DCD90AC44D
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3E9F0E4315A35D741873885200C6A454
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3F261C3E5AD56E54598E24B106813C7E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\40D753328E77EE842A82631EED62CEC5
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\40FDEFB25883CF140B9B5F89CB7E2871
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\412179CD2126BB34CAE51691856A3D68
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43218F63264345445A73071C174FEEE8
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\439E8A02B7736CA488EECE28D7EE961A
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\456D8CED0106E1649AE5CBD8082AC705
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\459277E8A0EE8894F9D7F807DF90506A
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\463372A470C576443AE8802B1AC61D89
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\48F13E425ECD5F243A8A82AA2B65336D
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B6F3AD0EE690D2478C7D0528AADF8C4
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4BB9D431259E08A499469636383B9935
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4D3B0714BC82B2340AB18C031262573D
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4D5809867D6C1D14180511D3AAD03F79
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4DB13DED48DC4494C90DE800D31B086C
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\52C608FC2A61CCE479768A9719CABF7B
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\56861F0CE995D0E45835F5D31E105D54
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\58E44D082625757499995F9516313A9C
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5A52F724764B00747A637F14FBBBB830
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5B19839CB98BB914BA43E863BBE11B4E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\613DCE6E373581A40B6C88D4F7C09096
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6292C097F9759424BAFA3E32CD3DD562
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\62C171206461ED34885A4AE095F4A7AC
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\63E9F48D88AA940498502E29E3747471
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\64747EAAAE2BA5141AEBCF4F6651A144
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6494B0B34076D6248B6E5F42E3252AD0
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6495111F730311440BBC3AAAF3B8C7AC
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65273BD75ADFA9146A0950469941299A
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6543EA2E8E729CF4789BCD7361D58C03
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\658DABBCADB609E429A6769C46FAADD0
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\67A614CC45D7C5845BE2184211CC8F9C
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B6581D2CF6BB444D8ACBF79E3AF425B
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C0DB201BFD71284CB8CA279446863E8
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6EA4E994723ECC940AE01A2507673199
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F2331E07AF9B414DB15E2E7BAB7F880
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F3E6739E6CECC64D9B7E5D24CF60746
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73268B3F6C2206C4BAF14E3C5B4BC494
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73D229597C7281E409FDEB3079E30E5A
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75A49DF39158638428A0F7797D4CD1E6
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D223AE12684124794DD7D3FB067886
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76937F723CDCAB547A9791D60867A5B5
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\78AD011E92C0B7D4A86E41451EC7A0F0
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\79080E81959ECB54E9E7B3C67AE5781A
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7A8B37070412F4D47895AA40EFC2E39A
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7F84DAA817EC0AB409DFE802184D5B09
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\82F14F44AA63A5945A2E960EF018794E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\831071FAC16E2DA4682F55E0B0DE6979
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\83D0F8F1641145A42B26F71D534E9A34
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\84072C174C7F25148BFB33ADE8C704E1
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\872C7B3D2887D4E4EBF645D7AB9374D1
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C00987A23C36B145AB60EE274936EB3
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D736B12592E2E94094267BC5B7AA7EB
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8F3E0221A8351144BB04AEF5266143CB
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90E77522D1656DA4DABC673942243B44
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\920219BD6C542544893D7ECFCB5E2B6B
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\939840D09446FFF459FA6CB4F03C38BE
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9459BDD3A7C686345A9B7A1AD1CC6BE4
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\95AC1A94BAFFE3D41B23B2097BA8B190
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\983EBB458AA802846BBC74D26C3209C8
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98A0180804723E24AAA941C0B046363D
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\990A25796B2949842BACA56514B7316A
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\999D63C685BF046489CA3126029FE837
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9AC4C1465926D52478BEC6D3DB946DD7
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9CF7625ADC5FCFE43AD003DCC16B49CB
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A2D54AC8D24E8F94ABBB993A69EF13EC
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A357C02D064283D41978AFEEE1A48E0F
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A4022CA9531268145AD6F8FD7F4F01DC
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5CDCC279604D6746A7DA9ED701BF41F
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6F4FE9AC6F165A4EAA8F90CE891C0DA
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A960AC53CA238044A820A3B63D4536CA
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AA3077BB9E4617440AF467D91146A8C4
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD7957C966A13904EA466152B29EA9AF
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B13C910C1D6376A4BB2BDB9585253923
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1B5689BAD89AFD448923B5051E5BB50
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B2CE0F97DFABDE446811F33E7273BFE2
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B445461D74829AF4C8EF6C00B2861EF0
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4D011D14FD2DB74A9090EA633C0B98E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B551BEBCA0334AA40978C2137FD21AB2
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B877893A942DC524580C7B45547FCBC8
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC651C0803618C44DA6F1DDD51AF35BF
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BDE5B9F2A520B674BBB1BEAE5F5D51B8
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEE85C3D8F4816D4A9E5F4EAA4D80A2A
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BFD48F71CCCEC97489147D4E852D3F6F
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C05694CDCD2DD724F90F13A20E67EC7C
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C42065D3060DD4648A38882BEA92941E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C5F606FB1152E344981B09071C472211
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C77B53875F388AA4AA076F6F9D099011
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C85EA06E73FF0A240B4C287EE0D9521D
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA30DE5A0DE293D4AA3BF5E13322823A
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA9ADF25A98C8074FA4CBBA3ED29FEFA
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCE886225BDEB6C43868B0AEDB036B02
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CDD11BF4B1CAA584695EFBC611438213
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE1CCF5CABA1395409D54586592B319E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE7392F9B9A81FA4EA952625BD5534FE
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D12B7976E5CA7C34D932C1A8A1BF61C8
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D91D500D43BD91A44B02BDBE41E0523F
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DA2710A9158C6584C9677EB954F3AC97
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DCF07B57C9DC38E419CF122EA180585E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD2E1A561C7F1294BB3996EE77F6BBEE
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF14E9E130504B745A2AC47EF6145D24
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF7A4CDE9ED9CD7479FF74F35FA4149E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE39849AF921D045B613CD5852C76A6
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E03EC5B80A22A7D4C92AB528A3D323E8
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1B9E95AA2730744AB926911484F8AD5
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E3436415FB2833843B9EE970079A87C0
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E3BBB86ACE9686A4281227D5F7EE95AE
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E6B40E8EBBC3CD445BD2FC7D8FDCCFEC
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E77C3F952C1F0354FAFADB6B080ACCF7
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E84382A588F214C4C89C3DB758EA6AD6
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E89B10C102BBEF941A920EE2269747C0
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E9D73D5153C19FD48B6E10CB7E8572CE
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EBAFF392ACA75ED4CA30BF821C1AE267
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ECFC746582988774684DB5D8D95F674D
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EECC799BFA63E6146A81EAAA53540EDE
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1547261AA1C98C48B0ECDBC767C76CE
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1BDB464DE2D33547BB31C1B35D9C337
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F29CFDBF9B20AB8448A1BD73A3FE863F
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F5F8D8368E8CAE84188DE44DAF8C10F9
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FAB510A06C6F4B24AAD055CE6EEA27CD
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193

***** [ Prohlížeče ] *****

-\\ Internet Explorer v9.0.8112.16476

-\\ Mozilla Firefox v38.0.5 (x86 cs)

[gkygo401.default\prefs.js] - Řádek Smazáno : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
[gkygo401.default\prefs.js] - Řádek Smazáno : user_pref("extensions.BabylonToolbar_i.babExt", "");
[gkygo401.default\prefs.js] - Řádek Smazáno : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112555&tt=060612_6_");
[gkygo401.default\prefs.js] - Řádek Smazáno : user_pref("extensions.BabylonToolbar_i.hardId", "e09ba4640000000000009cb70d064c74");
[gkygo401.default\prefs.js] - Řádek Smazáno : user_pref("extensions.BabylonToolbar_i.id", "e09ba4640000000000009cb70d064c74");
[gkygo401.default\prefs.js] - Řádek Smazáno : user_pref("extensions.BabylonToolbar_i.instlDay", "15508");
[gkygo401.default\prefs.js] - Řádek Smazáno : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
[gkygo401.default\prefs.js] - Řádek Smazáno : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
[gkygo401.default\prefs.js] - Řádek Smazáno : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
[gkygo401.default\prefs.js] - Řádek Smazáno : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
[gkygo401.default\prefs.js] - Řádek Smazáno : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
[gkygo401.default\prefs.js] - Řádek Smazáno : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
[gkygo401.default\prefs.js] - Řádek Smazáno : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
[gkygo401.default\prefs.js] - Řádek Smazáno : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1722:18:37");
[gkygo401.default\prefs.js] - Řádek Smazáno : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");

-\\ Google Chrome v43.0.2357.124

[C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_crm
[C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Homepage] : hxxp://search.babylon.com/?affID=112555&tt=060612_6_&babsrc=HP_ss&mntrId=e09ba4640000000000009cb70d064c74

*************************

AdwCleaner[R0].txt - [13399 bytů] - [26/04/2015 10:48:20]
AdwCleaner[R1].txt - [37983 bytů] - [17/06/2015 12:39:47]
AdwCleaner[S0].txt - [36062 bytů] - [17/06/2015 12:42:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [36121 bytů] ##########

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Lenka (administrator) on LENKA-PC on 17-06-2015 12:46:04
Running from C:\Users\Lenka\Desktop
Loaded Profiles: Lenka (Available Profiles: Lenka & UpdatusUser)
Platform: Windows 7 Home Premium (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser path: "C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtLED\RtLEDService.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtLED\RtLED.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Olacarita OU) C:\Program Files (x86)\Olacarita\Olacarita\olacarita.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
(Olacarita OU) C:\Program Files (x86)\Olacarita\Olacarita\olacarita.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10821224 2010-06-02] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [2598280 2010-03-29] (ELAN Microelectronics Corp.)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4462496 2010-04-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [7056800 2010-03-18] (Lenovo (Beijing) Limited)
HKLM\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [XeroxEndeavorBackgroundTask] => rundll32.exe xrWCbgnd.dll,LaunchBgTask 1
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111640 2009-09-30] ()
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)
HKLM-x32\...\Run: [RemoveNetSoftware] => C:\Program Files\NetSoftware\\rmNetSoftware.exe [1069880 2012-11-14] (Gemius)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Olacarita] => C:\Program Files (x86)\Olacarita\Olacarita\olacarita.exe [1645128 2014-08-02] (Olacarita OU)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2274969629-4033836620-2924378098-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1381648 2015-06-08] (Lavasoft)
HKU\S-1-5-21-2274969629-4033836620-2924378098-1000\...\MountPoints2: {2936a2b5-ea10-11e1-80a0-9cb70d064c74} - G:\iStudio.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012-02-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-25] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll [2015-06-16] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2274969629-4033836620-2924378098-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
HKU\S-1-5-21-2274969629-4033836620-2924378098-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/?fr=vmn&type=vmn_ ... 0524__yaie
HKU\S-1-5-21-2274969629-4033836620-2924378098-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2274969629-4033836620-2924378098-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = https://search.yahoo.com/search?fr=vmn& ... earchTerms}
SearchScopes: HKU\S-1-5-21-2274969629-4033836620-2924378098-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-12] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-12] (Avast Software s.r.o.)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\gkygo401.default
FF NewTab: https://www.yahoo.com/?fr=vmn&type=vmn_ ... 0524__yaff
FF DefaultSearchEngine: Google Default
FF SelectedSearchEngine: Yahoo
FF Homepage: https://www.google.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-11] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.Olacarita.com/Olacarita Update;version=3 -> C:\Program Files (x86)\Olacarita\Update\1.3.25.0\npOlacaritaUpdate3.dll [2015-06-17] (The Olacarita Group)
FF Plugin-x32: @tools.Olacarita.com/Olacarita Update;version=9 -> C:\Program Files (x86)\Olacarita\Update\1.3.25.0\npOlacaritaUpdate3.dll [2015-06-17] (The Olacarita Group)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2011-12-09] (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\gkygo401.default\searchplugins\google-default.xml [2015-05-25]
FF Extension: Olacarita - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\gkygo401.default\Extensions\{421BB241-35BE-4D36-84B8-391EA2E2D319}.xpi [2015-06-17]
FF Extension: Video DownloadHelper - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\gkygo401.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-14]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-02-20]
FF HKU\S-1-5-21-2274969629-4033836620-2924378098-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi

Chrome:
=======
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-05-03]
CHR Extension: (Google Search) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-05-03]
CHR Extension: (Avast Online Security) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-20]
CHR Extension: (Olacarita) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlfhchmcddgednidbagholiagdkoiejh [2015-06-17]
CHR Extension: (Google Wallet) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-26]
CHR Extension: (Gmail) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-05-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-25] (Avast Software s.r.o.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [903456 2010-04-20] (Broadcom Corporation.)
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751792 2015-06-08] (Lavasoft Limited)
S2 Olacarita_update; C:\Program Files (x86)\Olacarita\Update\OlacaritaUpdate.exe [108544 2015-06-17] (The Olacarita Group) [File not signed]
S3 Olacarita_update_m; C:\Program Files (x86)\Olacarita\Update\OlacaritaUpdate.exe [108544 2015-06-17] (The Olacarita Group) [File not signed]
R2 RtLedService; C:\Program Files\Realtek\RtLED\RtLEDService.exe [311296 2010-02-05] (Realtek Semiconductor Corp.) [File not signed]
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [19816 2015-06-08] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S2 EgisTec Data Security Service; "C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe" [X]
S2 EgisTec Service; "C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe" [X]
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-25] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-25] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-25] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-25] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-25] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-25] ()
S3 cpuz134; \??\C:\Users\Lenka\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-17 12:46 - 2015-06-17 12:46 - 00017322 _____ C:\Users\Lenka\Desktop\FRST.txt
2015-06-17 12:37 - 2015-06-17 12:37 - 02231296 _____ C:\Users\Lenka\Desktop\adwcleaner_4.206.exe
2015-06-17 12:19 - 2015-06-17 12:46 - 00000000 ____D C:\FRST
2015-06-17 11:49 - 2015-06-17 11:49 - 02109952 _____ (Farbar) C:\Users\Lenka\Desktop\FRST64.exe
2015-06-17 11:34 - 2015-06-17 11:35 - 00000000 ____D C:\rsit
2015-06-17 11:34 - 2015-06-17 11:34 - 01222144 _____ C:\Users\Lenka\Desktop\RSITx64.exe
2015-06-17 11:19 - 2015-06-17 11:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBILEPCSTARTERKIT
2015-06-17 11:17 - 2015-06-17 12:43 - 00000922 _____ C:\Windows\Tasks\OlacaritaUpdateTaskMachineCore.job
2015-06-17 11:17 - 2015-06-17 12:22 - 00000926 _____ C:\Windows\Tasks\OlacaritaUpdateTaskMachineUA.job
2015-06-17 11:17 - 2015-06-17 11:17 - 00003922 _____ C:\Windows\System32\Tasks\OlacaritaUpdateTaskMachineUA
2015-06-17 11:17 - 2015-06-17 11:17 - 00003670 _____ C:\Windows\System32\Tasks\OlacaritaUpdateTaskMachineCore
2015-06-17 11:16 - 2015-06-17 11:18 - 00000000 ____D C:\Program Files (x86)\Olacarita
2015-06-17 11:16 - 2015-06-17 11:16 - 00000000 ____D C:\Users\Lenka\AppData\Local\Olacarita
2015-06-17 11:07 - 2015-06-17 11:19 - 00000903 _____ C:\Windows\SysWOW64\${LOGFILE}
2015-06-10 19:20 - 2015-06-11 01:49 - 18169520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-06-03 16:04 - 2015-06-04 10:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-05-30 20:46 - 2015-06-15 20:20 - 00000000 ____D C:\Users\Lenka\Desktop\Kakamila
2015-05-28 08:29 - 2015-05-28 08:29 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
2015-05-24 13:39 - 2015-05-24 13:39 - 00000000 ____D C:\Users\Lenka\AppData\Local\Lavasoft
2015-05-24 13:38 - 2015-06-08 14:13 - 00428880 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-05-24 13:38 - 2015-06-08 14:13 - 00348488 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-05-24 13:38 - 2015-05-25 15:15 - 00002928 _____ C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-05-24 13:38 - 2015-05-25 15:15 - 00002928 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-05-24 13:38 - 2015-05-24 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-05-24 13:38 - 2015-05-24 13:38 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-05-24 13:36 - 2015-05-24 13:36 - 00000026 _____ C:\Users\Lenka\AppData\Local\isoworkshop.ini
2015-05-24 13:36 - 2015-05-24 13:36 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\Lavasoft
2015-05-24 13:36 - 2015-05-24 13:36 - 00000000 ____D C:\ProgramData\Lavasoft

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-17 12:45 - 2012-02-20 13:55 - 00001353 _____ C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-06-17 12:45 - 2012-02-20 13:54 - 00001427 _____ C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-17 12:44 - 2015-05-17 17:48 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-17 12:44 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-17 12:43 - 2012-02-20 14:14 - 00208632 _____ C:\Windows\PFRO.log
2015-06-17 12:43 - 2012-02-20 14:01 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-17 12:43 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-17 12:43 - 2009-07-14 06:51 - 00133657 _____ C:\Windows\setupact.log
2015-06-17 12:42 - 2015-04-26 10:48 - 00000000 ____D C:\AdwCleaner
2015-06-17 12:42 - 2012-02-20 13:05 - 01920521 _____ C:\Windows\WindowsUpdate.log
2015-06-17 12:42 - 2009-07-14 06:45 - 00015472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-17 12:42 - 2009-07-14 06:45 - 00015472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-17 12:05 - 2012-06-20 06:41 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-17 11:54 - 2015-05-17 17:49 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-17 11:34 - 2015-04-25 21:16 - 00000000 ____D C:\Program Files\trend micro
2015-06-17 10:59 - 2009-07-14 17:18 - 11972290 _____ C:\Windows\system32\perfh005.dat
2015-06-17 10:59 - 2009-07-14 17:18 - 04116910 _____ C:\Windows\system32\perfc005.dat
2015-06-17 10:59 - 2009-07-14 07:13 - 00004572 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-16 23:23 - 2012-02-24 19:37 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\uTorrent
2015-06-16 12:03 - 2012-04-15 15:17 - 00000000 ____D C:\Users\Lenka\Documents\Queermag
2015-06-11 08:56 - 2013-12-27 14:28 - 00000000 ____D C:\Windows\system32\MRT
2015-06-11 08:56 - 2012-02-25 13:17 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-11 08:48 - 2012-06-20 06:41 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-11 08:48 - 2012-06-20 06:41 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-11 08:48 - 2012-02-20 14:26 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-10 19:48 - 2012-05-03 07:15 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-09 16:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-06 13:19 - 2012-02-17 21:24 - 00000000 ___RD C:\Lenitschka
2015-06-06 12:54 - 2012-08-08 07:31 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-05 10:11 - 2012-11-14 20:27 - 00000000 ____D C:\Bordel z plochy
2015-06-05 09:27 - 2015-01-30 21:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-03 14:50 - 2014-11-21 22:50 - 00001968 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-06-01 15:33 - 2015-03-22 13:16 - 00000000 ____D C:\Users\Lenka\czech golden treasure TOP100FILMS en sub
2015-05-31 23:24 - 2012-08-01 07:48 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\Skype
2015-05-31 15:02 - 2012-08-01 07:47 - 00000000 ____D C:\ProgramData\Skype
2015-05-25 21:39 - 2012-02-20 13:54 - 00000000 ____D C:\Users\Lenka
2015-05-25 15:44 - 2012-02-20 14:11 - 00002243 _____ C:\Users\Lenka\Desktop\OneKey Recovery.lnk
2015-05-25 15:40 - 2013-07-04 22:17 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2015-05-25 15:40 - 2013-07-04 22:17 - 00000000 ____D C:\Program Files (x86)\NCH Software
2015-05-24 13:31 - 2015-01-30 21:37 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

==================== Files in the root of some directories =======

2015-05-24 13:36 - 2015-05-24 13:36 - 0000026 _____ () C:\Users\Lenka\AppData\Local\isoworkshop.ini

Some files in TEMP:
====================
C:\Users\Lenka\AppData\Local\Temp\bitool.dll
C:\Users\Lenka\AppData\Local\Temp\Install_BubbleDock_new.exe
C:\Users\Lenka\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-06-16 10:53

==================== End of log ============================

Neříká a koukám, že je to něco uleženýho od roku 2013.

Joo, to můžem hodit pryč.

Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Lenka at 2015-06-17 13:50:28 Run:1
Running from C:\Users\Lenka\Desktop
Loaded Profiles: Lenka & UpdatusUser (Available Profiles: Lenka & UpdatusUser)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [RemoveNetSoftware] => C:\Program Files\NetSoftware\\rmNetSoftware.exe [1069880 2012-11-14] (Gemius)
HKLM-x32\...\Run: [Olacarita] => C:\Program Files (x86)\Olacarita\Olacarita\olacarita.exe [1645128 2014-08-02] (Olacarita OU)

S2 Olacarita_update; C:\Program Files (x86)\Olacarita\Update\OlacaritaUpdate.exe [108544 2015-06-17] (The Olacarita Group) [File not signed]
S3 Olacarita_update_m; C:\Program Files (x86)\Olacarita\Update\OlacaritaUpdate.exe [108544 2015-06-17] (The Olacarita Group) [File not signed]

2015-06-17 11:16 - 2015-06-17 11:18 - 00000000 ____D C:\Program Files (x86)\Olacarita
2015-06-17 11:16 - 2015-06-17 11:16 - 00000000 ____D C:\Users\Lenka\AppData\Local\Olacarita
2015-06-17 11:17 - 2015-06-17 12:43 - 00000922 _____ C:\Windows\Tasks\OlacaritaUpdateTaskMachineCore.job
2015-06-17 11:17 - 2015-06-17 12:22 - 00000926 _____ C:\Windows\Tasks\OlacaritaUpdateTaskMachineUA.job
2015-06-17 11:17 - 2015-06-17 11:17 - 00003922 _____ C:\Windows\System32\Tasks\OlacaritaUpdateTaskMachineUA
2015-06-17 11:17 - 2015-06-17 11:17 - 00003670 _____ C:\Windows\System32\Tasks\OlacaritaUpdateTaskMachineCore
C:\Program Files\NetSoftware\

CHR Extension: (Olacarita) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlfhchmcddgednidbagholiagdkoiejh [2015-06-17]
FF SearchPlugin: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\gkygo401.default\searchplugins\google-default.xml [2015-05-25]
FF Extension: Olacarita - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\gkygo401.default\Extensions\{421BB241-35BE-4D36-84B8-391EA2E2D319}.xpi

[2015-06-17]
FF Plugin-x32: @tools.Olacarita.com/Olacarita Update;version=3 -> C:\Program Files (x86)\Olacarita\Update\1.3.25.0\npOlacaritaUpdate3.dll [2015-06-17] (The

Olacarita Group)
FF Plugin-x32: @tools.Olacarita.com/Olacarita Update;version=9 -> C:\Program Files (x86)\Olacarita\Update\1.3.25.0\npOlacaritaUpdate3.dll [2015-06-17] (The

Olacarita Group)
Olacarita (HKLM-x32\...\{050CAA39-1802-4A99-B292-F261A442292B}) (Version: 1.0.0.0 - Olacatala OU)
Task: {3B890AFA-A10E-4315-8810-C1D84593D7CE} - System32\Tasks\OlacaritaUpdateTaskMachineUA => C:\Program Files (x86)\Olacarita\Update\OlacaritaUpdate.exe

[2015-06-17] (The Olacarita Group)
Task: {59BEF1DB-E468-4753-A68E-95B75A6F6776} - System32\Tasks\OlacaritaUpdateTaskMachineCore => C:\Program Files (x86)\Olacarita\Update\OlacaritaUpdate.exe

[2015-06-17] (The Olacarita Group)
Task: C:\Windows\Tasks\OlacaritaUpdateTaskMachineCore.job => C:\Program Files (x86)\Olacarita\Update\OlacaritaUpdate.exe
Task: C:\Windows\Tasks\OlacaritaUpdateTaskMachineUA.job => C:\Program Files (x86)\Olacarita\Update\OlacaritaUpdate.exe
FirewallRules: [{1F2020DF-AEA6-4AB2-9927-3CA9E42CFF40}] => (Allow) C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe

EmptyTemp:
End
*****************

Processes closed successfully.
Error: (0) Failed to create a restore point.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\RemoveNetSoftware => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Olacarita => value removed successfully
Olacarita_update => Service removed successfully
Olacarita_update_m => Service removed successfully
C:\Program Files (x86)\Olacarita => moved successfully.
C:\Users\Lenka\AppData\Local\Olacarita => moved successfully.
C:\Windows\Tasks\OlacaritaUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\OlacaritaUpdateTaskMachineUA.job => moved successfully.
C:\Windows\System32\Tasks\OlacaritaUpdateTaskMachineUA => moved successfully.
C:\Windows\System32\Tasks\OlacaritaUpdateTaskMachineCore => moved successfully.
C:\Program Files\NetSoftware => moved successfully.
C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlfhchmcddgednidbagholiagdkoiejh folder not found
C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\gkygo401.default\searchplugins\google-default.xml => moved successfully.
FF Extension: Olacarita - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\gkygo401.default\Extensions\{421BB241-35BE-4D36-84B8-391EA2E2D319}.xpi not found.
[2015-06-17] => Error: No automatic fix found for this entry.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.Olacarita.com/Olacarita Update;version=3" => key removed successfully
C:\Program Files (x86)\Olacarita\Update\1.3.25.0\npOlacaritaUpdate3.dll not found.
Olacarita Group) => Error: No automatic fix found for this entry.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.Olacarita.com/Olacarita Update;version=9" => key removed successfully
C:\Program Files (x86)\Olacarita\Update\1.3.25.0\npOlacaritaUpdate3.dll not found.
Olacarita Group) => Error: No automatic fix found for this entry.
Olacarita (HKLM-x32\...\{050CAA39-1802-4A99-B292-F261A442292B}) (Version: 1.0.0.0 - Olacatala OU) => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B890AFA-A10E-4315-8810-C1D84593D7CE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B890AFA-A10E-4315-8810-C1D84593D7CE}" => key removed successfully
C:\Windows\System32\Tasks\OlacaritaUpdateTaskMachineUA not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OlacaritaUpdateTaskMachineUA" => key removed successfully
[2015-06-17] (The Olacarita Group) => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{59BEF1DB-E468-4753-A68E-95B75A6F6776}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59BEF1DB-E468-4753-A68E-95B75A6F6776}" => key removed successfully
C:\Windows\System32\Tasks\OlacaritaUpdateTaskMachineCore not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OlacaritaUpdateTaskMachineCore" => key removed successfully
[2015-06-17] (The Olacarita Group) => Error: No automatic fix found for this entry.
C:\Windows\Tasks\OlacaritaUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\OlacaritaUpdateTaskMachineUA.job not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1F2020DF-AEA6-4AB2-9927-3CA9E42CFF40} => value removed successfully
EmptyTemp: => 929.5 MB temporary data Removed.

The system needed a reboot..

==== End of Fixlog 13:52:34 ====

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Lenka (administrator) on LENKA-PC on 17-06-2015 13:57:55
Running from C:\Users\Lenka\Desktop
Loaded Profiles: Lenka & UpdatusUser (Available Profiles: Lenka & UpdatusUser)
Platform: Windows 7 Home Premium (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser path: "C:\Users\Lenka\AppData\Local\BoBrowser\Application\bobrowser.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtLED\RtLEDService.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtLED\RtLED.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
() C:\Users\Lenka\AppData\Roaming\ChromeUpdate\ChromeUpdate.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10821224 2010-06-02] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [2598280 2010-03-29] (ELAN Microelectronics Corp.)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4462496 2010-04-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [7056800 2010-03-18] (Lenovo (Beijing) Limited)
HKLM\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [XeroxEndeavorBackgroundTask] => rundll32.exe xrWCbgnd.dll,LaunchBgTask 1
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111640 2009-09-30] ()
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ATTENTION
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <===== ATTENTION
HKU\S-1-5-21-2274969629-4033836620-2924378098-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1381648 2015-06-08] (Lavasoft)
HKU\S-1-5-21-2274969629-4033836620-2924378098-1000\...\Run: [ChromeUpdate] => C:\Users\Lenka\AppData\Roaming\ChromeUpdate\ChromeUpdate.exe [283136 2015-06-17] ()
HKU\S-1-5-21-2274969629-4033836620-2924378098-1000\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-21-2274969629-4033836620-2924378098-1000\...\MountPoints2: {2936a2b5-ea10-11e1-80a0-9cb70d064c74} - G:\iStudio.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012-02-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-25] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll [2015-06-16] ()
BootExecute: autocheck autochk * aswBoot.exe /M:127e72e3 /wow /dir:"C:\Program Files\AVAST Software\Avast"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2274969629-4033836620-2924378098-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
HKU\S-1-5-21-2274969629-4033836620-2924378098-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/?fr=vmn&type=vmn_ ... 0524__yaie
HKU\S-1-5-21-2274969629-4033836620-2924378098-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2274969629-4033836620-2924378098-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = https://search.yahoo.com/search?fr=vmn& ... earchTerms}
SearchScopes: HKU\S-1-5-21-2274969629-4033836620-2924378098-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-12] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-12] (Avast Software s.r.o.)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\gkygo401.default
FF NewTab: https://www.yahoo.com/?fr=vmn&type=vmn_ ... 0524__yaff
FF DefaultSearchEngine: Google Default
FF SelectedSearchEngine: Yahoo
FF Homepage: https://www.google.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-11] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2011-12-09] (Nullsoft, Inc.)
FF Extension: Olacarita - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\gkygo401.default\Extensions\{421BB241-35BE-4D36-84B8-391EA2E2D319}.xpi [2015-06-17]
FF Extension: Video DownloadHelper - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\gkygo401.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-14]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-02-20]
FF HKU\S-1-5-21-2274969629-4033836620-2924378098-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi

Chrome:
=======
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-05-03]
CHR Extension: (Google Search) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-05-03]
CHR Extension: (Avast Online Security) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-20]
CHR Extension: (Google Wallet) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-26]
CHR Extension: (Gmail) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-05-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-25] (Avast Software s.r.o.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [903456 2010-04-20] (Broadcom Corporation.)
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751792 2015-06-08] (Lavasoft Limited)
R2 RtLedService; C:\Program Files\Realtek\RtLED\RtLEDService.exe [311296 2010-02-05] (Realtek Semiconductor Corp.) [File not signed]
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [19816 2015-06-08] ()
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S2 EgisTec Data Security Service; "C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe" [X]
S2 EgisTec Service; "C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe" [X]
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-25] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-25] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-25] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-25] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-25] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-25] ()
S3 cpuz134; \??\C:\Users\Lenka\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-17 13:57 - 2015-06-17 13:58 - 00018256 _____ C:\Users\Lenka\Desktop\FRST.txt
2015-06-17 13:50 - 2015-06-17 13:50 - 00000000 ____D C:\Program Files (x86)\EgisTec BioExcess
2015-06-17 13:49 - 2015-06-17 13:56 - 00000352 ____H C:\ProgramData\@system3.att
2015-06-17 13:49 - 2015-06-17 13:49 - 00002259 _____ C:\Users\Lenka\Desktop\Google Chrome.lnk
2015-06-17 13:48 - 2015-06-17 13:56 - 00000616 ____H C:\ProgramData\@system.temp
2015-06-17 13:46 - 2015-06-17 13:46 - 00000480 ____H C:\Users\Lenka\AppData\Roaming\麽鎒駓覜
2015-06-17 13:46 - 2015-06-17 13:46 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\ChromeUpdate
2015-06-17 12:37 - 2015-06-17 12:37 - 02231296 _____ C:\Users\Lenka\Desktop\adwcleaner_4.206.exe
2015-06-17 12:19 - 2015-06-17 13:58 - 00000000 ____D C:\FRST
2015-06-17 11:49 - 2015-06-17 11:49 - 02109952 _____ (Farbar) C:\Users\Lenka\Desktop\FRST64.exe
2015-06-17 11:34 - 2015-06-17 11:35 - 00000000 ____D C:\rsit
2015-06-17 11:34 - 2015-06-17 11:34 - 01222144 _____ C:\Users\Lenka\Desktop\RSITx64.exe
2015-06-17 11:19 - 2015-06-17 11:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBILEPCSTARTERKIT
2015-06-17 11:07 - 2015-06-17 11:19 - 00000903 _____ C:\Windows\SysWOW64\${LOGFILE}
2015-06-10 19:20 - 2015-06-11 01:49 - 18169520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-06-03 16:04 - 2015-06-04 10:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-05-30 20:46 - 2015-06-15 20:20 - 00000000 ____D C:\Users\Lenka\Desktop\Kakamila
2015-05-28 08:29 - 2015-05-28 08:29 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
2015-05-24 13:39 - 2015-05-24 13:39 - 00000000 ____D C:\Users\Lenka\AppData\Local\Lavasoft
2015-05-24 13:38 - 2015-06-08 14:13 - 00428880 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-05-24 13:38 - 2015-06-08 14:13 - 00348488 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-05-24 13:38 - 2015-05-25 15:15 - 00002928 _____ C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-05-24 13:38 - 2015-05-25 15:15 - 00002928 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-05-24 13:38 - 2015-05-24 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-05-24 13:38 - 2015-05-24 13:38 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-05-24 13:36 - 2015-05-24 13:36 - 00000026 _____ C:\Users\Lenka\AppData\Local\isoworkshop.ini
2015-05-24 13:36 - 2015-05-24 13:36 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\Lavasoft
2015-05-24 13:36 - 2015-05-24 13:36 - 00000000 ____D C:\ProgramData\Lavasoft

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-17 13:54 - 2015-05-17 17:49 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-17 13:54 - 2015-05-17 17:48 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-17 13:53 - 2012-02-20 14:01 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-17 13:53 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-17 13:53 - 2009-07-14 06:51 - 00133713 _____ C:\Windows\setupact.log
2015-06-17 13:52 - 2009-07-14 06:45 - 00015472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-17 13:52 - 2009-07-14 06:45 - 00015472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-17 13:48 - 2012-02-20 13:05 - 01928504 _____ C:\Windows\WindowsUpdate.log
2015-06-17 13:05 - 2012-06-20 06:41 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-17 12:49 - 2009-07-14 17:18 - 11985080 _____ C:\Windows\system32\perfh005.dat
2015-06-17 12:49 - 2009-07-14 17:18 - 04121486 _____ C:\Windows\system32\perfc005.dat
2015-06-17 12:49 - 2009-07-14 07:13 - 00004572 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-17 12:45 - 2012-02-20 13:55 - 00001353 _____ C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-06-17 12:45 - 2012-02-20 13:54 - 00001427 _____ C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-17 12:44 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-17 12:43 - 2012-02-20 14:14 - 00208632 _____ C:\Windows\PFRO.log
2015-06-17 12:42 - 2015-04-26 10:48 - 00000000 ____D C:\AdwCleaner
2015-06-17 11:34 - 2015-04-25 21:16 - 00000000 ____D C:\Program Files\trend micro
2015-06-16 23:23 - 2012-02-24 19:37 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\uTorrent
2015-06-16 12:03 - 2012-04-15 15:17 - 00000000 ____D C:\Users\Lenka\Documents\Queermag
2015-06-11 08:56 - 2013-12-27 14:28 - 00000000 ____D C:\Windows\system32\MRT
2015-06-11 08:56 - 2012-02-25 13:17 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-11 08:48 - 2012-06-20 06:41 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-11 08:48 - 2012-06-20 06:41 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-11 08:48 - 2012-02-20 14:26 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-10 19:48 - 2012-05-03 07:15 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-09 16:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-06 13:19 - 2012-02-17 21:24 - 00000000 ___RD C:\Lenitschka
2015-06-06 12:54 - 2012-08-08 07:31 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-05 10:11 - 2012-11-14 20:27 - 00000000 ____D C:\Bordel z plochy
2015-06-05 09:27 - 2015-01-30 21:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-03 14:50 - 2014-11-21 22:50 - 00001968 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-06-01 15:33 - 2015-03-22 13:16 - 00000000 ____D C:\Users\Lenka\czech golden treasure TOP100FILMS en sub
2015-05-31 23:24 - 2012-08-01 07:48 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\Skype
2015-05-31 15:02 - 2012-08-01 07:47 - 00000000 ____D C:\ProgramData\Skype
2015-05-25 21:39 - 2012-02-20 13:54 - 00000000 ____D C:\Users\Lenka
2015-05-25 15:44 - 2012-02-20 14:11 - 00002243 _____ C:\Users\Lenka\Desktop\OneKey Recovery.lnk
2015-05-25 15:40 - 2013-07-04 22:17 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2015-05-25 15:40 - 2013-07-04 22:17 - 00000000 ____D C:\Program Files (x86)\NCH Software
2015-05-24 13:31 - 2015-01-30 21:37 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

==================== Files in the root of some directories =======

2015-06-17 13:46 - 2015-06-17 13:46 - 0000480 ____H () C:\Users\Lenka\AppData\Roaming\麽鎒駓覜
2015-05-24 13:36 - 2015-05-24 13:36 - 0000026 _____ () C:\Users\Lenka\AppData\Local\isoworkshop.ini
2015-06-17 13:48 - 2015-06-17 13:56 - 0000616 ____H () C:\ProgramData\@system.temp
2015-06-17 13:49 - 2015-06-17 13:56 - 0000352 ____H () C:\ProgramData\@system3.att

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-06-16 10:53

==================== End of log ============================

Compl se zatím chová normálně, nicméně program s názvem Olacarita, který byl původcem toho všeho, zůstává nainstalovaný.

Naughty píše:Pokud ho nalezas jen v seznamu nainstalovanych programech, tak se nic nedeje

Heh, ano, tam.
Paráda, prohlížeče zatím vypadají v pořádku, kdyby něco, vím, na koho se obrátit.

Děkuji!

VIRY.CZ

zavirovaný NTB

zavirovaný NTB

Re: zavirovaný NTB

Re: zavirovaný NTB

Re: zavirovaný NTB

Re: zavirovaný NTB

Re: zavirovaný NTB

Re: zavirovaný NTB

Re: zavirovaný NTB

Re: zavirovaný NTB

Re: zavirovaný NTB