Adware Generic5.AKJO

[Libas]

Našel test AVG a uklidil.- C:\Users\Klárka\AppData\Local\Temp
PC se ale zatím pouze u tohoto uživatele vyvádí pěkný kusy. Např. v IE při spuštění otvírá stránku Qone8 (pěkný hajzl, jak jsem se dočetl na fórech) přestože je domovská nastavena na seznam.cz. Spolu sním zřejmě generuje další a další havěť, přibývá reklamních banerů při surfování, písmena ěščř apod. na horní části klávesnice neposlouchají (buďto nejdou napsat, nebo zadají nečekaný příkaz - např. zavřou aplikaci IE) Zatím jen u tohoto uživatele. Trošku se bojím, že se PC časem úplně vysype, nedávno jsem podobné problémy měl a došlo to tak daleko, že ti šmejdi přenastavovali tiskárny, aplikace, office apod. až jsem musel přeinstalovat win. Prosím o pomoc, pokud najdete chvilku. Díky

[Rudy]

Zdravím!
Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .

[Libas]

Zdravím zase po čase Plzeň, děláte nám radost kluci sportovci
Co s tím krámem mám dělat? Tady to je

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2013 01
Ran by Libor (administrator) on TOSHIBA on 28-12-2013 18:23:41
Running from C:\Users\Libor\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Společnost TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [566184 2010-09-28] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10134560 2010-03-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [896032 2010-03-22] (Realtek Semiconductor)
HKLM\...\Run: [Zune Launcher] - C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [Toshiba TEMPRO] - C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [TosWaitSrv] - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [2991856 2013-02-21] (Logitech, Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TWebCamera] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-02-24] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2013-11-20] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [599328 2010-03-24] (Sony Corporation)
HKLM-x32\...\Run: [IJNetworkScanUtility] - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [206240 2010-08-24] (CANON INC.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1637528 2012-10-09] (CANON INC.)
HKLM-x32\...\Run: [HWSetup] - C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
HKCU\...\Run: [] - [x]
HKU\Klárka\...\Run: [Handy Updater] - "C:\Program Files (x86)\HandyUpdater\HUpdater.exe"

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/?clid=2
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://seznam.cz/?clid=2
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.qone8.com/?type=hp&ts=1382 ... X52VEP0JOT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.qone8.com/?type=hp&ts=1382 ... X52VEP0JOT
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1382 ... X52VEP0JOT
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts= ... earchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts= ... earchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts= ... earchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts= ... earchTerms}
SearchScopes: HKCU - DefaultScope {7CC7B046-0BFA-438D-83DA-0C776146CCFF} URL = http://search.seznam.cz/?q={searchTerms ... arch_12902
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - {7CC7B046-0BFA-438D-83DA-0C776146CCFF} URL = http://search.seznam.cz/?q={searchTerms ... arch_12902
SearchScopes: HKCU - {D0A196DB-39AB-4733-A087-D5B3D681205C} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12902
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Webexp Enhanced - {04724dd3-3640-40ad-86de-591e4929b256} - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ie\WebexpEnhancedV1alpha280.dll ()
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

Chrome:
=======
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Extension: (BetterSurf Plus V1) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajadlheagenmmedmhaoafgkdenfilcme\1.1_0
CHR Extension: (Docs) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (BetterSurf) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap\1.0_0
CHR Extension: (LemurLeap) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof\1.0.0_0
CHR Extension: (Skype Click to Call) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0
CHR Extension: (Google Wallet) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR Extension: (BetterSrf) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco\1.1_0
CHR HKLM-x32\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files (x86)\BetterSurf\ch\Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [jfmdaolnolkfdaaahjbgjeknmcdaalog] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ch\WebexpEnhancedV1alpha280.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files (x86)\Better-Surf\ch\Chrome.crx

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025408 2013-10-18] (Enigma Software Group USA, LLC.)
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [2324216 2013-12-03] (PS Media s.r.o.)
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)

==================== Drivers (Whitelisted) ====================

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-28 18:23 - 2013-12-28 18:24 - 00016993 _____ C:\Users\Libor\Desktop\FRST.txt
2013-12-28 18:17 - 2013-12-28 18:17 - 00000000 _____ C:\Users\Libor\Desktop\FRSTLauncher.exe
2013-12-28 18:16 - 2013-12-28 18:16 - 00000000 ____D C:\FRST
2013-12-28 18:15 - 2013-12-28 18:16 - 01931176 _____ (Farbar) C:\Users\Libor\Desktop\FRST64.exe
2013-12-28 13:08 - 2013-12-28 13:08 - 00002263 _____ C:\Users\Klárka\Desktop\SpyHunter.lnk
2013-12-28 13:08 - 2013-12-28 13:08 - 00000000 ____D C:\Users\Klárka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2013-12-28 13:08 - 2013-12-28 13:08 - 00000000 ____D C:\sh4ldr
2013-12-28 13:08 - 2013-12-28 13:08 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-12-28 13:08 - 2013-12-28 13:08 - 00000000 _____ C:\autoexec.bat
2013-12-28 13:08 - 2012-06-22 11:01 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2013-12-28 13:07 - 2013-12-28 13:08 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2013-12-28 11:56 - 2013-12-28 11:56 - 00001808 _____ C:\Users\Klárka\Desktop\iTunes.lnk
2013-12-28 11:55 - 2013-12-28 11:55 - 00000000 ____D C:\Users\Klárka\AppData\Roaming\WinRAR
2013-12-23 19:11 - 2013-12-23 19:11 - 00000000 ____D C:\Program Files (x86)\WebexpEnhancedV1
2013-12-21 20:30 - 2013-12-21 20:30 - 00002086 _____ C:\Users\Public\Desktop\The Sims™ 3.lnk
2013-12-21 20:30 - 2013-12-21 20:30 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE
2013-12-21 20:30 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2013-12-21 20:30 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2013-12-21 20:11 - 2013-12-21 20:11 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-12-18 10:58 - 2013-12-18 10:58 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
2013-12-17 11:36 - 2013-12-17 11:36 - 00000000 ____D C:\Users\Libor\AppData\Roaming\Nokia Suite
2013-12-17 11:18 - 2013-12-17 11:18 - 00000000 ____D C:\Users\Libor\AppData\Local\NokiaAccount
2013-12-17 11:16 - 2013-12-17 11:18 - 00000000 ____D C:\Users\Libor\AppData\Local\Nokia
2013-12-17 11:16 - 2013-12-17 11:16 - 00002096 _____ C:\Users\Public\Desktop\Nokia Suite.lnk
2013-12-17 11:16 - 2013-12-17 11:16 - 00000000 ____D C:\ProgramData\Nokia
2013-12-17 11:15 - 2013-12-17 11:15 - 00000000 ____D C:\Program Files (x86)\PC Connectivity Solution
2013-12-17 11:15 - 2012-10-17 14:53 - 00026112 _____ (Nokia) C:\Windows\system32\Drivers\pccsmcfdx64.sys
2013-12-17 11:14 - 2013-12-17 11:16 - 00000000 ____D C:\Program Files (x86)\Nokia
2013-12-17 11:14 - 2013-12-17 11:14 - 00000000 ____D C:\ProgramData\NokiaInstallerCache
2013-12-17 11:05 - 2013-12-17 11:14 - 106320416 _____ C:\Users\Libor\Downloads\Nokia_Suite_webinstaller_ALL.exe
2013-12-17 09:24 - 2013-12-17 09:24 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2013-12-17 09:00 - 2013-12-17 13:51 - 00000000 ____D C:\Users\Libor\AppData\Roaming\Nokia
2013-12-17 09:00 - 2013-12-17 09:24 - 00000000 ____D C:\Users\Libor\AppData\Roaming\PC Suite
2013-12-17 09:00 - 2013-12-17 09:23 - 00000000 ____D C:\ProgramData\PC Suite
2013-12-17 08:58 - 2013-12-17 08:58 - 00000000 ____D C:\Program Files\DIFX
2013-12-17 08:57 - 2013-01-23 10:31 - 00057856 _____ (Nokia) C:\Windows\system32\nmwcdclsX64.dll
2013-12-17 08:55 - 2013-12-17 08:55 - 00000000 ____D C:\ProgramData\Installations
2013-12-17 07:37 - 2013-07-03 08:22 - 00001808 _____ C:\Users\Libor\Desktop\iTunes.lnk
2013-12-16 19:31 - 2013-12-16 19:31 - 00052773 _____ C:\Users\Klárka\Downloads\text
2013-12-16 15:22 - 2013-12-16 15:22 - 00000000 ____D C:\Users\Libor\AppData\Local\Apple
2013-12-16 15:21 - 2013-12-16 15:21 - 00000000 ____D C:\Users\Libor\AppData\Local\Apple Computer
2013-12-16 15:21 - 2013-12-16 15:21 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-16 14:53 - 2013-12-16 14:53 - 00000000 ____D C:\Users\Lucka\AppData\Roaming\Macromedia
2013-12-16 14:53 - 2013-12-16 14:53 - 00000000 ____D C:\Users\Lucka\AppData\Roaming\Google
2013-12-16 14:52 - 2013-12-16 14:53 - 00000000 ____D C:\Users\Lucka\AppData\Local\Google
2013-12-16 14:50 - 2013-12-16 14:50 - 00000000 ____D C:\Users\Lucka\AppData\Roaming\dvdcss
2013-12-16 14:49 - 2013-12-16 14:49 - 00000000 ____D C:\Users\Lucka\AppData\Roaming\WinRAR
2013-12-16 14:38 - 2013-12-16 14:38 - 00000000 ____D C:\Users\Klárka\AppData\Roaming\dvdcss
2013-12-16 14:32 - 2013-12-16 14:33 - 00000000 ____D C:\Users\Libor\AppData\Roaming\vlc
2013-12-16 14:27 - 2013-12-16 14:27 - 00001001 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-16 14:17 - 2013-12-16 14:17 - 00000000 ____D C:\Users\Libor\AppData\Roaming\WinRAR
2013-12-16 14:16 - 2013-12-16 14:16 - 00000000 ____D C:\Program Files (x86)\WinRAR
2013-12-14 09:02 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-14 09:02 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-14 09:02 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-14 09:02 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-14 09:01 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-14 09:01 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-14 09:01 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-14 09:00 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-14 09:00 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-14 09:00 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-14 09:00 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-14 09:00 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-14 09:00 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-14 09:00 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-14 09:00 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-14 09:00 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-14 09:00 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-14 09:00 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-14 09:00 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-14 09:00 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-14 09:00 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-14 09:00 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-14 09:00 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-14 09:00 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-14 09:00 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-14 09:00 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-14 09:00 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-14 09:00 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-14 09:00 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-14 09:00 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-14 09:00 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-14 09:00 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-14 09:00 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-14 09:00 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-14 09:00 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-13 17:59 - 2013-12-23 19:11 - 00000163 _____ C:\extensions.ini
2013-12-13 17:59 - 2013-12-13 17:59 - 00000000 _____ C:\extensions.sqlite
2013-12-12 09:58 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 09:58 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-12 09:57 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 09:57 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 09:57 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 09:57 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-12 09:57 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 09:57 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 09:57 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 09:57 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 09:57 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 09:57 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-12 09:57 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 09:57 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 09:57 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 09:57 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-12 09:57 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-12 09:57 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 09:57 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-09 18:35 - 2013-12-09 18:36 - 100400976 _____ (Apple Inc.) C:\Users\Klárka\Downloads\iTunes64Setup.exe
2013-12-09 17:33 - 2013-12-09 17:33 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-12-06 12:45 - 2013-12-06 12:46 - 00000000 ____D C:\Users\Libor\Documents\Telefony
2013-12-05 12:03 - 2013-12-05 12:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-05 12:03 - 2013-12-05 12:03 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-05 12:03 - 2013-12-05 12:03 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-05 12:03 - 2013-12-05 12:03 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-05 12:03 - 2013-12-05 12:03 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-05 12:03 - 2013-12-05 12:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-05 12:02 - 2013-12-05 12:02 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-05 12:02 - 2013-12-05 12:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-05 12:02 - 2013-12-05 12:02 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-05 12:02 - 2013-12-05 12:02 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-05 12:02 - 2013-12-05 12:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-05 12:02 - 2013-12-05 12:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-05 12:02 - 2013-12-05 12:02 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-05 12:02 - 2013-12-05 12:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-05 12:02 - 2013-12-05 12:02 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-05 12:02 - 2013-12-05 12:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-05 12:02 - 2013-12-05 12:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-05 12:02 - 2013-12-05 12:02 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-05 12:02 - 2013-12-05 12:02 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-05 12:02 - 2013-12-05 12:02 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-05 12:02 - 2013-12-05 12:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-05 12:02 - 2013-12-05 12:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-05 12:02 - 2013-12-05 12:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-05 12:02 - 2013-12-05 12:02 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-05 12:01 - 2013-12-05 12:06 - 00011357 _____ C:\Windows\IE11_main.log
2013-12-05 11:55 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-12-05 11:55 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-12-05 11:55 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-12-05 11:55 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-12-05 11:55 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-12-05 11:55 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-12-05 11:55 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-12-05 11:55 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-12-05 11:55 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-12-05 11:55 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-12-05 11:55 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-12-05 11:55 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-12-05 11:55 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-12-05 11:55 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-12-05 11:55 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-12-05 11:55 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-12-05 11:55 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-12-05 11:55 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-12-05 11:55 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-12-05 11:55 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-12-05 11:55 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-12-05 11:55 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-12-05 11:55 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-12-05 11:55 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-12-05 11:55 - 2013-08-05 03:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-12-05 11:55 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-12-05 11:55 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-12-05 11:55 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-12-05 11:55 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-12-05 11:55 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-12-05 11:54 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-12-03 17:14 - 2013-12-16 14:58 - 00000000 ____D C:\Users\Mamka\AppData\Roaming\vlc
2013-12-03 17:12 - 2013-12-16 14:51 - 00000000 ____D C:\Users\Lucka\AppData\Roaming\vlc
2013-12-03 17:11 - 2013-12-16 14:52 - 00002262 _____ C:\Users\Lucka\Desktop\Google Chrome.lnk
2013-12-03 17:11 - 2013-12-03 17:11 - 00000000 ____D C:\Users\Lucka\AppData\Local\VirtualStore
2013-12-03 17:09 - 2013-12-16 14:42 - 00000000 ____D C:\Users\Klárka\AppData\Roaming\vlc
2013-12-03 14:50 - 2013-12-15 08:41 - 00000000 ____D C:\Users\Libor\AppData\Roaming\dvdcss
2013-12-03 14:01 - 2013-12-16 14:26 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-12-03 13:59 - 2013-12-28 17:37 - 00000000 _____ C:\Windows\SysWOW64\sinstall.log
2013-12-03 13:59 - 2013-12-03 13:59 - 02324216 _____ (PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
2013-12-03 13:59 - 2013-12-03 13:59 - 00000079 _____ C:\Windows\SysWOW64\ssinstall-uninstall.bat
2013-12-03 13:57 - 2013-12-03 13:57 - 00000017 _____ C:\Users\Libor\AppData\Local\resmon.resmoncfg
2013-12-02 20:28 - 2013-12-02 20:28 - 00416368 _____ C:\Users\Klárka\Downloads\destilace.pptx
2013-11-29 08:36 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-11-29 08:36 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-11-29 08:36 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-11-29 08:36 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-11-29 08:36 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-11-29 08:36 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-11-29 08:36 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

==================== One Month Modified Files and Folders =======

2013-12-28 18:24 - 2013-12-28 18:23 - 00016993 _____ C:\Users\Libor\Desktop\FRST.txt
2013-12-28 18:17 - 2013-12-28 18:17 - 00000000 _____ C:\Users\Libor\Desktop\FRSTLauncher.exe
2013-12-28 18:17 - 2013-07-03 08:05 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-28 18:16 - 2013-12-28 18:16 - 00000000 ____D C:\FRST
2013-12-28 18:16 - 2013-12-28 18:15 - 01931176 _____ (Farbar) C:\Users\Libor\Desktop\FRST64.exe
2013-12-28 18:06 - 2013-07-03 08:05 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-276332642-1909207443-117345979-1000UA.job
2013-12-28 18:05 - 2011-04-12 09:34 - 00672370 _____ C:\Windows\system32\perfh005.dat
2013-12-28 18:05 - 2011-04-12 09:34 - 00142934 _____ C:\Windows\system32\perfc005.dat
2013-12-28 18:05 - 2009-07-14 06:13 - 01593142 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-28 18:05 - 2009-07-14 05:45 - 00030064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-28 18:05 - 2009-07-14 05:45 - 00030064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-28 18:03 - 2013-10-18 16:27 - 00000360 _____ C:\Windows\Tasks\AmiUpdXp.job
2013-12-28 18:03 - 2013-07-22 18:27 - 00000946 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-28 18:03 - 2013-07-02 21:59 - 01567114 _____ C:\Windows\WindowsUpdate.log
2013-12-28 17:37 - 2013-12-03 13:59 - 00000000 _____ C:\Windows\SysWOW64\sinstall.log
2013-12-28 17:37 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-28 17:37 - 2009-07-14 05:51 - 00069881 _____ C:\Windows\setupact.log
2013-12-28 16:35 - 2013-07-22 18:27 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-28 16:35 - 2013-07-03 08:41 - 00000000 ____D C:\ProgramData\MFAData
2013-12-28 13:08 - 2013-12-28 13:08 - 00002263 _____ C:\Users\Klárka\Desktop\SpyHunter.lnk
2013-12-28 13:08 - 2013-12-28 13:08 - 00000000 ____D C:\Users\Klárka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2013-12-28 13:08 - 2013-12-28 13:08 - 00000000 ____D C:\sh4ldr
2013-12-28 13:08 - 2013-12-28 13:08 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-12-28 13:08 - 2013-12-28 13:08 - 00000000 _____ C:\autoexec.bat
2013-12-28 13:08 - 2013-12-28 13:07 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2013-12-28 11:56 - 2013-12-28 11:56 - 00001808 _____ C:\Users\Klárka\Desktop\iTunes.lnk
2013-12-28 11:55 - 2013-12-28 11:55 - 00000000 ____D C:\Users\Klárka\AppData\Roaming\WinRAR
2013-12-26 08:15 - 2013-07-03 08:05 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-276332642-1909207443-117345979-1000Core.job
2013-12-23 20:37 - 2013-07-09 16:58 - 00000000 ____D C:\Users\Klárka\AppData\Roaming\Skype
2013-12-23 20:33 - 2013-10-26 18:53 - 00000000 ____D C:\Users\Klárka\Documents\blbinky
2013-12-23 19:11 - 2013-12-23 19:11 - 00000000 ____D C:\Program Files (x86)\WebexpEnhancedV1
2013-12-23 19:11 - 2013-12-13 17:59 - 00000163 _____ C:\extensions.ini
2013-12-22 18:41 - 2009-07-14 06:08 - 00032578 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-21 20:30 - 2013-12-21 20:30 - 00002086 _____ C:\Users\Public\Desktop\The Sims™ 3.lnk
2013-12-21 20:30 - 2013-12-21 20:30 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE
2013-12-21 20:30 - 2013-07-08 20:15 - 00000592 _____ C:\Windows\DirectX.log
2013-12-21 20:11 - 2013-12-21 20:11 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-12-21 20:11 - 2013-07-03 05:57 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-18 11:45 - 2013-10-21 19:42 - 00000000 ____D C:\Users\Libor\Documents\Nokia Suite
2013-12-18 10:58 - 2013-12-18 10:58 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
2013-12-18 10:10 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-12-17 13:51 - 2013-12-17 09:00 - 00000000 ____D C:\Users\Libor\AppData\Roaming\Nokia
2013-12-17 12:04 - 2010-11-21 04:47 - 00189888 _____ C:\Windows\PFRO.log
2013-12-17 11:36 - 2013-12-17 11:36 - 00000000 ____D C:\Users\Libor\AppData\Roaming\Nokia Suite
2013-12-17 11:18 - 2013-12-17 11:18 - 00000000 ____D C:\Users\Libor\AppData\Local\NokiaAccount
2013-12-17 11:18 - 2013-12-17 11:16 - 00000000 ____D C:\Users\Libor\AppData\Local\Nokia
2013-12-17 11:16 - 2013-12-17 11:16 - 00002096 _____ C:\Users\Public\Desktop\Nokia Suite.lnk
2013-12-17 11:16 - 2013-12-17 11:16 - 00000000 ____D C:\ProgramData\Nokia
2013-12-17 11:16 - 2013-12-17 11:14 - 00000000 ____D C:\Program Files (x86)\Nokia
2013-12-17 11:15 - 2013-12-17 11:15 - 00000000 ____D C:\Program Files (x86)\PC Connectivity Solution
2013-12-17 11:15 - 2013-07-03 06:00 - 00059788 _____ C:\Windows\DPINST.LOG
2013-12-17 11:14 - 2013-12-17 11:14 - 00000000 ____D C:\ProgramData\NokiaInstallerCache
2013-12-17 11:14 - 2013-12-17 11:05 - 106320416 _____ C:\Users\Libor\Downloads\Nokia_Suite_webinstaller_ALL.exe
2013-12-17 09:24 - 2013-12-17 09:24 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2013-12-17 09:24 - 2013-12-17 09:00 - 00000000 ____D C:\Users\Libor\AppData\Roaming\PC Suite
2013-12-17 09:23 - 2013-12-17 09:00 - 00000000 ____D C:\ProgramData\PC Suite
2013-12-17 08:58 - 2013-12-17 08:58 - 00000000 ____D C:\Program Files\DIFX
2013-12-17 08:55 - 2013-12-17 08:55 - 00000000 ____D C:\ProgramData\Installations
2013-12-17 07:52 - 2013-10-21 19:58 - 00000000 ____D C:\Users\Libor
2013-12-17 07:42 - 2013-10-21 19:58 - 00000000 ____D C:\Users\Libor\AppData\Roaming\Apple Computer
2013-12-17 07:10 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-16 19:31 - 2013-12-16 19:31 - 00052773 _____ C:\Users\Klárka\Downloads\text
2013-12-16 19:25 - 2012-10-23 17:13 - 00000000 ____D C:\Users\Klárka\Documents\Škola
2013-12-16 15:22 - 2013-12-16 15:22 - 00000000 ____D C:\Users\Libor\AppData\Local\Apple
2013-12-16 15:21 - 2013-12-16 15:21 - 00000000 ____D C:\Users\Libor\AppData\Local\Apple Computer
2013-12-16 15:21 - 2013-12-16 15:21 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-16 14:58 - 2013-12-03 17:14 - 00000000 ____D C:\Users\Mamka\AppData\Roaming\vlc
2013-12-16 14:53 - 2013-12-16 14:53 - 00000000 ____D C:\Users\Lucka\AppData\Roaming\Macromedia
2013-12-16 14:53 - 2013-12-16 14:53 - 00000000 ____D C:\Users\Lucka\AppData\Roaming\Google
2013-12-16 14:53 - 2013-12-16 14:52 - 00000000 ____D C:\Users\Lucka\AppData\Local\Google
2013-12-16 14:52 - 2013-12-03 17:11 - 00002262 _____ C:\Users\Lucka\Desktop\Google Chrome.lnk
2013-12-16 14:51 - 2013-12-03 17:12 - 00000000 ____D C:\Users\Lucka\AppData\Roaming\vlc
2013-12-16 14:50 - 2013-12-16 14:50 - 00000000 ____D C:\Users\Lucka\AppData\Roaming\dvdcss
2013-12-16 14:49 - 2013-12-16 14:49 - 00000000 ____D C:\Users\Lucka\AppData\Roaming\WinRAR
2013-12-16 14:42 - 2013-12-03 17:09 - 00000000 ____D C:\Users\Klárka\AppData\Roaming\vlc
2013-12-16 14:42 - 2013-07-03 10:34 - 00001400 _____ C:\Users\Lucka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-16 14:38 - 2013-12-16 14:38 - 00000000 ____D C:\Users\Klárka\AppData\Roaming\dvdcss
2013-12-16 14:33 - 2013-12-16 14:32 - 00000000 ____D C:\Users\Libor\AppData\Roaming\vlc
2013-12-16 14:32 - 2013-10-21 19:58 - 00000000 ____D C:\Users\Libor\AppData\Roaming\Seznam.cz
2013-12-16 14:32 - 2013-10-18 16:28 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2013-12-16 14:27 - 2013-12-16 14:27 - 00001001 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-16 14:26 - 2013-12-03 14:01 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-12-16 14:17 - 2013-12-16 14:17 - 00000000 ____D C:\Users\Libor\AppData\Roaming\WinRAR
2013-12-16 14:16 - 2013-12-16 14:16 - 00000000 ____D C:\Program Files (x86)\WinRAR
2013-12-16 07:40 - 2013-08-17 07:26 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-12-16 07:40 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-12-16 06:09 - 2013-07-29 13:07 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 20:10 - 2013-07-04 13:17 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-15 12:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-15 08:41 - 2013-12-03 14:50 - 00000000 ____D C:\Users\Libor\AppData\Roaming\dvdcss
2013-12-14 09:11 - 2009-07-14 05:45 - 00304928 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-14 09:02 - 2013-07-03 08:24 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-13 19:24 - 2013-07-03 08:17 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-13 19:24 - 2013-07-03 08:16 - 00000000 ____D C:\ProgramData\Skype
2013-12-13 17:59 - 2013-12-13 17:59 - 00000000 _____ C:\extensions.sqlite
2013-12-12 10:18 - 2013-07-03 08:05 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-12 10:18 - 2013-07-03 08:05 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-12 10:18 - 2013-07-03 08:05 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 08:17 - 2013-10-21 20:08 - 00000000 ____D C:\Users\Libor\AppData\Local\GHISLER
2013-12-09 18:36 - 2013-12-09 18:35 - 100400976 _____ (Apple Inc.) C:\Users\Klárka\Downloads\iTunes64Setup.exe
2013-12-09 17:33 - 2013-12-09 17:33 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-12-09 17:31 - 2013-07-03 10:21 - 00001596 _____ C:\Users\Klárka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-07 17:50 - 2013-07-03 10:32 - 00001400 _____ C:\Users\Mamka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-06 12:46 - 2013-12-06 12:45 - 00000000 ____D C:\Users\Libor\Documents\Telefony
2013-12-05 12:19 - 2013-10-21 19:58 - 00001400 _____ C:\Users\Libor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-05 12:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-05 12:10 - 2013-07-03 08:01 - 01568792 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-05 12:06 - 2013-12-05 12:01 - 00011357 _____ C:\Windows\IE11_main.log
2013-12-05 12:03 - 2013-12-05 12:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-05 12:03 - 2013-12-05 12:03 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-05 12:03 - 2013-12-05 12:03 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-05 12:03 - 2013-12-05 12:03 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-05 12:03 - 2013-12-05 12:03 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-05 12:03 - 2013-12-05 12:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-05 12:02 - 2013-12-05 12:02 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-05 12:02 - 2013-12-05 12:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-05 12:02 - 2013-12-05 12:02 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-05 12:02 - 2013-12-05 12:02 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-05 12:02 - 2013-12-05 12:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-05 12:02 - 2013-12-05 12:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-05 12:02 - 2013-12-05 12:02 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-05 12:02 - 2013-12-05 12:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-05 12:02 - 2013-12-05 12:02 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-05 12:02 - 2013-12-05 12:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-05 12:02 - 2013-12-05 12:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-05 12:02 - 2013-12-05 12:02 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-05 12:02 - 2013-12-05 12:02 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-05 12:02 - 2013-12-05 12:02 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-05 12:02 - 2013-12-05 12:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-05 12:02 - 2013-12-05 12:02 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-05 12:02 - 2013-12-05 12:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-05 12:02 - 2013-12-05 12:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-05 12:02 - 2013-12-05 12:02 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-03 17:11 - 2013-12-03 17:11 - 00000000 ____D C:\Users\Lucka\AppData\Local\VirtualStore
2013-12-03 13:59 - 2013-12-03 13:59 - 02324216 _____ (PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
2013-12-03 13:59 - 2013-12-03 13:59 - 00000079 _____ C:\Windows\SysWOW64\ssinstall-uninstall.bat
2013-12-03 13:57 - 2013-12-03 13:57 - 00000017 _____ C:\Users\Libor\AppData\Local\resmon.resmoncfg
2013-12-03 10:30 - 2013-07-22 18:27 - 00003946 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-03 10:30 - 2013-07-22 18:27 - 00003694 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-02 20:28 - 2013-12-02 20:28 - 00416368 _____ C:\Users\Klárka\Downloads\destilace.pptx

Some content of TEMP:
====================
C:\Users\Klárka\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Klárka\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Klárka\AppData\Local\Temp\Setup.exe
C:\Users\Klárka\AppData\Local\Temp\SHSetup.exe
C:\Users\Klárka\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
C:\Users\Libor\AppData\Local\Temp\KMP_3.7.0.113.exe
C:\Users\Libor\AppData\Local\Temp\listicka-partner-12902-1.1.13-offline.exe
C:\Users\Libor\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Libor\AppData\Local\Temp\ssins.exe
C:\Users\Libor\AppData\Local\Temp\vlc-2.0.7-win32.exe
C:\Users\Libor\AppData\Local\Temp\vlc-2.1.1-win32.exe
C:\Users\Libor\AppData\Local\Temp\vlc-2.1.2-win32.exe
C:\Users\Libor\AppData\Local\Temp\wrar420cz.exe
C:\Users\Libor\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
C:\Users\Mamka\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-11 11:24

==================== End Of Log ============================

[Libas]

....zapomněl jsem soubor.

[Rudy]

Díky za pozdrav. Otevřte poznámkový blok a zkopírujte do něj:

Start
HKCU\...\Run: [] - [x]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.qone8.com/?type=hp&ts=1382 ... X52VEP0JOT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.qone8.com/?type=hp&ts=1382 ... X52VEP0JOT
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1382 ... X52VEP0JOT
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts= ... VEP0JOT&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts= ... VEP0JOT&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts= ... VEP0JOT&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts= ... VEP0JOT&q={searchTerms}
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
c:\Program Files (x86)\Google\Google Toolbar
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
C:\Users\Klárka\AppData\Local\Temp
C:\Users\Libor\AppData\Local\Temp
C:\Users\Mamka\AppData\Local\Temp
Task: {C34B64B9-58A9-4337-8403-3E7D31F231BA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-22] (Google Inc.)
Task: {C5D2A8EF-8163-4B0C-A368-0FA0497475CC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-276332642-1909207443-117345979-1000Core => C:\Users\Libor\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-276332642-1909207443-117345979-1000Core.job => C:\Users\Libor\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-276332642-1909207443-117345979-1000UA.job => C:\Users\Libor\AppData\Local\Google\Update\GoogleUpdate.exe
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Libas]

Posílám fixlog, do přílohy jsem zabalil texťák, který se mi objevil na ploše společně s fixlog. Nevím zda je to ok.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-12-2013 01
Ran by Libor at 2013-12-28 21:23:38 Run:1
Running from C:\Users\Libor\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKCU\...\Run: [] - [x]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.qone8.com/?type=hp&ts=1382 ... X52VEP0JOT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.qone8.com/?type=hp&ts=1382 ... X52VEP0JOT
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1382 ... X52VEP0JOT
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts= ... VEP0JOT&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts= ... VEP0JOT&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts= ... VEP0JOT&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts= ... VEP0JOT&q={searchTerms}
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
c:\Program Files (x86)\Google\Google Toolbar
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
C:\Users\Klárka\AppData\Local\Temp
C:\Users\Libor\AppData\Local\Temp
C:\Users\Mamka\AppData\Local\Temp
Task: {C34B64B9-58A9-4337-8403-3E7D31F231BA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-22] (Google Inc.)
Task: {C5D2A8EF-8163-4B0C-A368-0FA0497475CC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-276332642-1909207443-117345979-1000Core => C:\Users\Libor\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-276332642-1909207443-117345979-1000Core.job => C:\Users\Libor\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-276332642-1909207443-117345979-1000UA.job => C:\Users\Libor\AppData\Local\Google\Update\GoogleUpdate.exe
End
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully.
HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
c:\Program Files (x86)\Google\Google Toolbar => Moved successfully.
C:\Program Files (x86)\Skype\Toolbars => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} => Value deleted successfully.
HKCR\CLSID\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key deleted successfully.
HKCR\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Handler\skype-ie-addon-data => Key not found.
HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Key deleted successfully.
"C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx" => File/Directory not found.
C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP => Moved successfully.
C:\Users\Klárka\AppData\Local\Temp => Moved successfully.

"C:\Users\Libor\AppData\Local\Temp" directory move:

C:\Users\Libor\AppData\Local\Temp\.Sony_PMBrowser3000_BrowserDiskCache => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\.Sony_PMBrowser3000_BrowserDiskCache.idx => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\1026642.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\1046454.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\107874.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\1081492.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\1214046.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\1238679.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\127577.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\131290.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\1331546.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\142850.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\1454054.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\14590040.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\15186681.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\1522164.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\1545283.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\1562599.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\1588870.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\1621443.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\169370.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\185344.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\190789.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\1930512.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\1F04CECB-818C-40D1-A556-C201CD652C42.Repair.1.etl => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\1F04CECB-818C-40D1-A556-C201CD652C42.Verify.2.etl => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\208167.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\2143750.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\2342963.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\2396612.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\2415737.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\2426018.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\2615933.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\270926.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\2810888.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\3532533.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\360721.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\3670375.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\455819.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\4564480.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\48F51D3A-DCC3-4B57-BF62-8D5089AB8FC1.Diagnose.3.etl => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\5015307.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\5560608.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\5782457.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\6180806.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\631180.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\713F7145-9E8B-43FB-BD61-AF8E258B7D92.Verify.2.etl => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\7281440.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\743282.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\786744.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\826914.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\8287209.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\82E3AE86-5619-4847-8A64-23BA6CD1543F.Diagnose.0.etl => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\82E3AE86-5619-4847-8A64-23BA6CD1543F.Repair.1.etl => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\82E3AE86-5619-4847-8A64-23BA6CD1543F.Verify.2.etl => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\846040.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\8514924.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\85F3BC9C-718D-4E45-8D76-32E7F0C02288.Diagnose.0.etl => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\8681752.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\870469.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\8880575.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\9034579.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\913573.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\9584030.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\96346.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\987096.od => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\addonscheck.xml => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\AdobeARM.log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\aminsis.txt => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\au-descriptor-1.7.0_45-b18.xml => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\B3CCEEDF-75F0-482E-BF0C-660F7EA43124.Diagnose.3.etl => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CalendarViewLog.txt => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\chrome_installer.log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\ClientInfo.xml => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR138.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR167.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR1B20.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR2210.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR2D27.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR2DC3.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR2FE6.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR39F4.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR3BB9.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR3D6F.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR3E86.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR463.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR4826.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR4E.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR4FC6.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR515A.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR5762.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR73E9.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR7510.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR781B.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR781C.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR7918.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR8055.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR8094.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR81BF.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR865E.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR870B.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR91C4.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR9443.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR955B.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR955C.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVR9E22.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVRA029.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVRA18C.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVRA43A.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVRA600.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVRAA52.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVRB606.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVRBAF9.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVRBDC3.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVRC033.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVRD3C2.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVRD7E7.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVRD920.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVRDB43.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVRDC79.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVRE3F8.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVRE697.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVRE6F5.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVRE8D8.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVRE906.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVREA7D.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVRED6C.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVRF076.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVRF0B4.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVRF46C.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVRF7B6.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\CVRFD8.tmp.cvr => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\d3dxMemUsage.csv => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\DalMeasurementFile2.log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\dd_vcredistMSI381F.txt => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\dd_vcredistUI381F.txt => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\F043.tmp => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\F083.tmp => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\F0B2.tmp => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\F0E2.tmp => Moved successfully.
Could not move "C:\Users\Libor\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Libor\AppData\Local\Temp\FXSTIFFDebugLogFile.txt => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\install_flashplayer11x32axau_chra_awa_aih.bat => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\IpAdrSet.log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\JavaDeployReg.log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\jawshtml.html => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\jusched.log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\KMP_3.7.0.113.exe => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Libor.bmp => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\listicka-partner-12902-1.1.13-offline.exe => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\LuUpdater.log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\MMCULog2.txt => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\MSI36cb6.LOG => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\NclRegPermissions(1).log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\NclRegPermissions(2).log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\NclRegPermissions(3).log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\NclRegPermissions(4).log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\NclRegPermissions(5).log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\NclRegPermissions(6).log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\NclRegPermissions(7).log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\NGLALog.txt => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\NOSEventMessages.dll => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\pcsuitecheck_new.xml => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\qtsingleapp-NokiaO-b889-1-lockfile => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\qtsingleapp-NokiaO-b889-2-lockfile => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\qtsingleapp-NokiaS-a4b0-1-lockfile => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\qtsingleapp-NokiaS-a4b0-2-lockfile => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\runservice03122013135930.bat => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\ssins.exe => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\StructuredQuery.log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\TWAIN.LOG => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Twain001.Mtx => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Twunk001.MTX => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Twunk002.MTX => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\users00 => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\vlc-2.0.7-win32.exe => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\vlc-2.1.1-win32.exe => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\vlc-2.1.2-win32.exe => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\wmplog00.sqm => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\wmplog01.sqm => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\wmplog02.sqm => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\wmplog03.sqm => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\wmplog04.sqm => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\wmsetup.log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\wrar420cz.exe => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\ZuneLog00.sqm => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\~DF012AF8C6B6C7BB99.TMP => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\~DF4925EEF0512F8A33.TMP => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\~DF5CB9E91ABF617787.TMP => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\~DF9C983A9BD347984F.TMP => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\~DFD15DA399EF665E02.TMP => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\{D5878294-C113-43c5-A24F-FC333C52015A}\D5878294-C113-43c5-A24F-FC333C52015A.xml => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Přihlašování do aplikace Outlook\bastlliboriolcz-Incoming-10_23_2013-20_32_18_891.log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Přihlašování do aplikace Outlook\bastlliboriolcz-Incoming-10_23_2013-20_37_49_126.log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Přihlašování do aplikace Outlook\bastlliboriolcz-Incoming-10_23_2013-20_39_23_589.log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Přihlašování do aplikace Outlook\bastlliboriolcz-Outgoing-10_23_2013-20_32_22_172.log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Přihlašování do aplikace Outlook\bastlliboriolcz-Outgoing-10_23_2013-20_37_49_382.log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Přihlašování do aplikace Outlook\bastlliboriolcz-Outgoing-10_23_2013-20_39_23_858.log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Přihlašování do aplikace Outlook\liborbastlo2activecz-Incoming-10_23_2013-20_29_08_143.log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Přihlašování do aplikace Outlook\liborbastlo2activecz-Incoming-10_23_2013-20_38_10_968.log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Přihlašování do aplikace Outlook\liborbastlo2activecz-Incoming-10_23_2013-20_39_52_344.log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Přihlašování do aplikace Outlook\liborbastlo2activecz-Outgoing-10_23_2013-20_29_08_351.log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Přihlašování do aplikace Outlook\liborbastlo2activecz-Outgoing-10_23_2013-20_38_11_194.log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Přihlašování do aplikace Outlook\liborbastlo2activecz-Outgoing-10_23_2013-20_39_52_569.log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\outlook logging\firstrun.log => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\NOSPoster\{2a7b19e9-d346-454c-9c7d-5a3343c3106f}.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\NOSPoster\{32a02774-6c04-4d7a-8529-8a5cc25f6ebf}.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\NOSPoster\{37acda53-7d93-4f81-8e46-2a029169399c}.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\NOSPoster\{4cca4db6-09c6-4bd4-9f45-f0fcac5b1b98}.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\NOSPoster\{6f10af26-612b-44bc-bdc1-9ae63f7a2392}.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\NOSPoster\{752c1991-4ff0-498a-8696-0b90bf997ca5}.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\NOSPoster\{9e980110-1ee5-45b8-a45b-ccd356518a74}.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\NOSPoster\{a9fcdbc3-024e-46ae-9a6b-2927d47bcc15}.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\NOSPoster\{b2f328d5-be1d-489b-8e22-73cdea7dbf1c}.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\NOSPoster\{d323ec9f-eb6b-4762-aa08-7b86888215ff}.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\NOSPoster\{e6e9e12c-1fbc-4871-8d32-317bb6bc0b20}.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa3605900e3c.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa3605a53385.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa361135931e.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa361619384f.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa3616b80dce.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa361b3223ee.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa362145d8df.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa3636e95914.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa363c4a622f.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa364ad22476.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa365435184e.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa3654cab57c.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa365812cb2e.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa3664aefc82.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa3668505b1f.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa3669b3c8a9.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa3676bc8fac.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa367cad909f.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa367ce25b20.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa367d494ba8.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa36817dfda9.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa3683a3b645.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa3687797e99.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa368c671590.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa36907837d0.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa3694c798a7.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa369c614773.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa36ae052d7f.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa36b0b21a9c.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa36b3a7cda0.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa36b53bc5dc.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa36b5fd8c68.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa36bb12a3d2.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa36c6d70d31.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa36ce01af1d.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa36d0017ef1.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa36d17da1fa.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa36d4c57e1f.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa36d5cbfc75.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa36dc13dc33.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa36e1a5b8e0.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa36e3b696c7.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Nokia Suite Thumbnail Cache\3cf4153609000000d46baa36e58dbaf6.jpg => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\NGLATempNokia\Nokia Sans Wide Bold v3.1.ttf => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\NGLATempNokia\Nokia Sans Wide BolIta v3.1.ttf => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\NGLATempNokia\Nokia Sans Wide Italic v3.1.ttf => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\NGLATempNokia\Nokia Sans Wide v3.1.ttf => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\nCommsTempNokia\Nokia Sans Wide Bold v3.1.ttf => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\nCommsTempNokia\Nokia Sans Wide BolIta v3.1.ttf => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\nCommsTempNokia\Nokia Sans Wide Italic v3.1.ttf => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\nCommsTempNokia\Nokia Sans Wide v3.1.ttf => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\nCommsTempNokia\Nokia Standard Multi Bold v2.1.ttf => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\nCommsTempNokia\Nokia Standard Multi v2.1.ttf => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\NccTemp\ncc0000.tmp => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\NccTemp\ncc0001.tmp => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\msohtmlclip1\01\clip_colorschememapping.xml => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\msohtmlclip1\01\clip_themedata.thmx => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\lu\1_spp_setpointp.exe => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\lu\1_spp_setpointp.exe.sig => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\lu\1_spp_setpointp.exe.sig.part => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\lu\2_spp_1000080.exe => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\lu\2_spp_1000080.exe.sig => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\lu\2_spp_1000080.exe.sig.part => Moved successfully.
C:\Users\Libor\AppData\Local\Temp\Low\JavaDeployReg.log => Moved successfully.
Could not move "C:\Users\Libor\AppData\Local\Temp" directory. => Scheduled to move on reboot.

C:\Users\Mamka\AppData\Local\Temp => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C34B64B9-58A9-4337-8403-3E7D31F231BA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C34B64B9-58A9-4337-8403-3E7D31F231BA} => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5D2A8EF-8163-4B0C-A368-0FA0497475CC} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5D2A8EF-8163-4B0C-A368-0FA0497475CC} => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-276332642-1909207443-117345979-1000Core => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-276332642-1909207443-117345979-1000Core => Key deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-276332642-1909207443-117345979-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-276332642-1909207443-117345979-1000UA.job => Moved successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2013-12-28 21:25:42)<=

"C:\Users\Libor\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => File could not move.
"C:\Users\Libor\AppData\Local\Temp" => Directory could not move.

==== End of Fixlog ====

[Rudy]

Smazáno. Nastala nějaká změna?

[Libas]

Bohužel, z profilu Klára při zpuštění IE naběhne adresa Start.qone8.com.

[Rudy]

Zkuste nejprve ADWCleaner:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

a pak Junkware removal tool:

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

[Libas]

# AdwCleaner v3.016 - Report created 28/12/2013 at 23:07:24
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Libor - TOSHIBA
# Running from : C:\Users\Libor\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\Users\Klárka\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap
[!] Folder Deleted : C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Folder Deleted : C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof
[!] Folder Deleted : C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof
Folder Deleted : C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
[!] Folder Deleted : C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
File Deleted : C:\Windows\Tasks\AmiUpdXp.job
File Deleted : C:\Windows\System32\Tasks\AmiUpdXp

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0113A098-06EA-4776-A011-D75590778F1E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BEAA0C04-ED15-4C17-800B-28716025A4E4}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\Driver-Soft
Key Deleted : HKLM\Software\qone8Software
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WsysControl

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Klárka\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [4411 octets] - [28/12/2013 23:06:47]
AdwCleaner[S0].txt - [4257 octets] - [28/12/2013 23:07:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4317 octets] ##########


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Libor on so 28.12.2013 at 23:13:58,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\KMPAskPIPCount_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\KMPAskPIPCount_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\KMPAskPIPCount_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\KMPAskPIPCount_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{7CC7B046-0BFA-438D-83DA-0C776146CCFF}



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 28.12.2013 at 23:20:12,15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Rudy]

Nastala nějaká změna?

[Libas]

Bohužel ne, profil Klára zlobí, ostatní účty jsou ok.

[Rudy]

Dejte nový log RSIT.

[Libas]

Logfile of random's system information tool 1.08 (written by random/random)
Run by Libor at 2013-12-29 18:42:46
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 366 GB (60%) free of 610 GB
Total RAM: 3955 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:42:52, on 29.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Libor.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://seznam.cz/?clid=2
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/?clid=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: WebexpEnhancedV1alpha280 - {04724dd3-3640-40ad-86de-591e4929b256} - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ie\WebexpEnhancedV1alpha280.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth Monitor.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11702 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=981b1a6b-2429-4411-8da7-b01156bcc95f /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\871b996c-b90a-4d5f-9314-7229e4df4d11-1b0-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 32036096
\??\C:\Windows\system32\conhost.exe "-1289158350133509543-533937680107163201-147819764316159922861296938417-1704453652
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\SysWOW64\ssins.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgemca.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=6fe3ff59-70c0-4f55-849a-f35d1e5d253a /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\0cac0f61-eda3-4477-b22d-d24c42e4035b-a90-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
"taskhost.exe"
taskeng.exe {C36168CA-CD0F-4F65-BD4E-8D64E74922A3}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files\Zune\ZuneLauncher.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe"
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
KHALMNPR.EXE /API
"C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" /logon
"C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe"
taskeng.exe {97AC97AC-D7BD-414D-9538-E4E9BFCC5128}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\splwow64.exe 8192
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5724 CREDAT:267521 /prefetch:2
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-276332642-1909207443-117345979-10076_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-276332642-1909207443-117345979-10076 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Users\Libor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O7LJ7SSI\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-03 551840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31 433944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-03 209824]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{04724dd3-3640-40ad-86de-591e4929b256}]
Webexp Enhanced - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ie\WebexpEnhancedV1alpha280.dll [2013-12-19 87552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14 175776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31 364824]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14 4372120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-02-05 709976]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2010-09-28 566184]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-05-10 915320]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-22 10134560]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-03-22 896032]
"Zune Launcher"=C:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 163552]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2011-02-10 1546720]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2010-02-23 705368]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-03-03 35672]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2013-02-21 2991856]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-24 2726728]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-03-28 642656]
"TWebCamera"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-02-24 2454840]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-02-20 152392]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2013-11-20 4411952]
"PMBVolumeWatcher"=C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [2010-03-24 599328]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2010-03-04 423936]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"IJNetworkScanUtility"=C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [2010-08-24 206240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Monitor.lnk - C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2013-06-13 66328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-12-29 18:42:46 ----D---- C:\rsit
2013-12-29 18:42:46 ----D---- C:\Program Files\trend micro
2013-12-29 18:25:03 ----D---- C:\Users\Libor\AppData\Roaming\CD-LabelPrint
2013-12-29 18:24:51 ----HD---- C:\ProgramData\CanonIJEPPEX
2013-12-29 18:19:33 ----A---- C:\Windows\SYSWOW64\CNHMCA.dll
2013-12-29 18:19:33 ----A---- C:\Windows\SYSWOW64\CNC6100U.dll
2013-12-29 18:19:33 ----A---- C:\Windows\SYSWOW64\CNC6100L.dll
2013-12-29 18:18:50 ----HD---- C:\ProgramData\CanonBJ
2013-12-29 18:18:23 ----A---- C:\Windows\system32\CNMLMAG.DLL
2013-12-29 18:12:23 ----HD---- C:\ProgramData\CanonIJMyPrinter
2013-12-29 18:09:34 ----A---- C:\Windows\system32\CNMXLMAG.DLL
2013-12-29 18:05:12 ----D---- C:\Program Files\Canon
2013-12-29 17:46:42 ----D---- C:\ProgramData\CanonIJ
2013-12-29 17:39:38 ----D---- C:\ProgramData\CanonIJPLM
2013-12-29 17:39:33 ----D---- C:\ProgramData\Canon IJ Network Tool
2013-12-29 17:30:04 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2013-12-29 17:29:35 ----A---- C:\Windows\system32\CNMIUAG.DLL
2013-12-29 17:29:25 ----HD---- C:\Program Files\CanonBJ
2013-12-29 17:08:59 ----HD---- C:\ProgramData\CanonIJEGV
2013-12-29 17:04:57 ----D---- C:\ProgramData\CanonIJMSetup
2013-12-29 16:17:54 ----HD---- C:\ProgramData\CanonIJQuickMenu
2013-12-28 23:13:55 ----D---- C:\Windows\ERUNT
2013-12-28 23:06:35 ----D---- C:\AdwCleaner
2013-12-28 18:16:33 ----D---- C:\FRST
2013-12-28 13:08:43 ----A---- C:\autoexec.bat
2013-12-28 13:08:25 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2013-12-28 13:08:20 ----D---- C:\sh4ldr
2013-12-28 13:08:20 ----D---- C:\Program Files\Enigma Software Group
2013-12-23 19:11:46 ----D---- C:\Program Files (x86)\WebexpEnhancedV1
2013-12-21 20:30:54 ----D---- C:\Program Files (x86)\Microsoft WSE
2013-12-21 20:30:35 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2013-12-21 20:30:35 ----A---- C:\Windows\system32\d3dx9_31.dll
2013-12-21 20:11:28 ----D---- C:\Program Files (x86)\Electronic Arts
2013-12-17 11:36:53 ----D---- C:\Users\Libor\AppData\Roaming\Nokia Suite
2013-12-17 11:16:03 ----D---- C:\ProgramData\Nokia
2013-12-17 11:15:44 ----A---- C:\Windows\system32\drivers\pccsmcfdx64.sys
2013-12-17 11:15:38 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2013-12-17 11:14:31 ----D---- C:\ProgramData\NokiaInstallerCache
2013-12-17 11:14:31 ----D---- C:\Program Files (x86)\Nokia
2013-12-17 09:00:29 ----D---- C:\Users\Libor\AppData\Roaming\PC Suite
2013-12-17 09:00:29 ----D---- C:\Users\Libor\AppData\Roaming\Nokia
2013-12-17 09:00:29 ----D---- C:\ProgramData\PC Suite
2013-12-17 08:58:19 ----D---- C:\Program Files\DIFX
2013-12-17 08:57:49 ----A---- C:\Windows\system32\nmwcdclsX64.dll
2013-12-17 08:55:48 ----D---- C:\ProgramData\Installations
2013-12-16 15:21:55 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-16 14:32:35 ----D---- C:\Users\Libor\AppData\Roaming\vlc
2013-12-16 14:17:34 ----D---- C:\Users\Libor\AppData\Roaming\WinRAR
2013-12-16 14:16:20 ----D---- C:\Program Files (x86)\WinRAR
2013-12-14 09:02:33 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-14 09:02:32 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-14 09:02:32 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-14 09:02:31 ----A---- C:\Windows\system32\wmp.dll
2013-12-14 09:01:00 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-14 09:00:59 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-14 09:00:59 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-14 09:00:59 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-14 09:00:59 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-14 09:00:59 ----A---- C:\Windows\system32\ieui.dll
2013-12-14 09:00:59 ----A---- C:\Windows\system32\iesetup.dll
2013-12-14 09:00:59 ----A---- C:\Windows\system32\iernonce.dll
2013-12-14 09:00:59 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-14 09:00:58 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-12-14 09:00:58 ----A---- C:\Windows\system32\mshtml.dll
2013-12-14 09:00:58 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-14 09:00:58 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-14 09:00:58 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-14 09:00:58 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-14 09:00:57 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-14 09:00:57 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-14 09:00:57 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-12-14 09:00:57 ----A---- C:\Windows\system32\iertutil.dll
2013-12-14 09:00:56 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-14 09:00:56 ----A---- C:\Windows\system32\wininet.dll
2013-12-14 09:00:56 ----A---- C:\Windows\system32\urlmon.dll
2013-12-14 09:00:56 ----A---- C:\Windows\system32\ieframe.dll
2013-12-14 09:00:55 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-14 09:00:54 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-14 09:00:54 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-14 09:00:54 ----A---- C:\Windows\system32\jscript9.dll
2013-12-13 17:59:16 ----A---- C:\extensions.ini
2013-12-12 09:58:05 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-12 09:58:05 ----A---- C:\Windows\system32\msieftp.dll
2013-12-12 09:57:43 ----A---- C:\Windows\system32\win32k.sys
2013-12-12 09:57:42 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-12 09:57:42 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-12 09:57:37 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-12 09:57:37 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-12 09:57:35 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-12 09:57:35 ----A---- C:\Windows\system32\tzres.dll
2013-12-12 09:57:30 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-12 09:57:30 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-12 09:57:25 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-12 09:57:25 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-12 09:57:25 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-12 09:57:25 ----A---- C:\Windows\system32\wscript.exe
2013-12-12 09:57:25 ----A---- C:\Windows\system32\scrrun.dll
2013-12-12 09:57:25 ----A---- C:\Windows\system32\cscript.exe
2013-12-05 12:07:54 ----D---- C:\Windows\Migration
2013-12-05 12:03:06 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-12-05 12:03:06 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-05 12:03:02 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2013-12-05 12:03:02 ----A---- C:\Windows\system32\elshyph.dll
2013-12-05 12:03:00 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-12-05 12:03:00 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-12-05 12:02:59 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-12-05 12:02:57 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-12-05 12:02:57 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-12-05 12:02:56 ----A---- C:\Windows\SYSWOW64\url.dll
2013-12-05 12:02:56 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-12-05 12:02:56 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-12-05 12:02:56 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-12-05 12:02:56 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-12-05 12:02:56 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-12-05 12:02:56 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-12-05 12:02:56 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-12-05 12:02:55 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-12-05 12:02:55 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-12-05 12:02:55 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-12-05 12:02:55 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-12-05 12:02:54 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-12-05 12:02:54 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-12-05 12:02:54 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-12-05 12:02:52 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-12-05 12:02:51 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-12-05 12:02:51 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2013-12-05 12:02:51 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-12-05 12:02:51 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-12-05 12:02:51 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-12-05 12:02:51 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2013-12-05 12:02:50 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-12-05 12:02:50 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-12-05 12:02:50 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-12-05 12:02:50 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-12-05 12:02:50 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-12-05 12:02:50 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-12-05 12:02:49 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-12-05 12:02:48 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-12-05 12:02:47 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-05 12:02:47 ----A---- C:\Windows\system32\jsIntl.dll
2013-12-05 12:02:46 ----A---- C:\Windows\system32\msrating.dll
2013-12-05 12:02:46 ----A---- C:\Windows\system32\msls31.dll
2013-12-05 12:02:46 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-12-05 12:02:45 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-12-05 12:02:45 ----A---- C:\Windows\system32\msfeedssync.exe
2013-12-05 12:02:45 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-12-05 12:02:44 ----A---- C:\Windows\system32\mshtmler.dll
2013-12-05 12:02:44 ----A---- C:\Windows\system32\iesysprep.dll
2013-12-05 12:02:43 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-05 12:02:42 ----A---- C:\Windows\system32\icardie.dll
2013-12-05 12:02:42 ----A---- C:\Windows\system32\dxtrans.dll
2013-12-05 12:02:42 ----A---- C:\Windows\system32\dxtmsft.dll
2013-12-05 12:02:41 ----A---- C:\Windows\system32\url.dll
2013-12-05 12:02:41 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-12-05 12:02:41 ----A---- C:\Windows\system32\iedkcs32.dll
2013-12-05 12:02:40 ----A---- C:\Windows\system32\webcheck.dll
2013-12-05 12:02:40 ----A---- C:\Windows\system32\mshtmled.dll
2013-12-05 12:02:40 ----A---- C:\Windows\system32\licmgr10.dll
2013-12-05 12:02:40 ----A---- C:\Windows\system32\inseng.dll
2013-12-05 12:02:39 ----A---- C:\Windows\system32\wextract.exe
2013-12-05 12:02:39 ----A---- C:\Windows\system32\msfeeds.dll
2013-12-05 12:02:39 ----A---- C:\Windows\system32\iexpress.exe
2013-12-05 12:02:38 ----A---- C:\Windows\system32\vbscript.dll
2013-12-05 12:02:35 ----A---- C:\Windows\system32\pngfilt.dll
2013-12-05 12:02:35 ----A---- C:\Windows\system32\occache.dll
2013-12-05 12:02:35 ----A---- C:\Windows\system32\MshtmlDac.dll
2013-12-05 12:02:35 ----A---- C:\Windows\system32\mshta.exe
2013-12-05 12:02:35 ----A---- C:\Windows\system32\jscript.dll
2013-12-05 12:02:35 ----A---- C:\Windows\system32\imgutil.dll
2013-12-05 12:02:35 ----A---- C:\Windows\system32\iepeers.dll
2013-12-05 11:55:36 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-12-05 11:55:36 ----A---- C:\Windows\system32\mswsock.dll
2013-12-05 11:55:36 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-12-05 11:55:33 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-12-05 11:55:31 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-12-05 11:55:31 ----A---- C:\Windows\system32\WebClnt.dll
2013-12-05 11:55:31 ----A---- C:\Windows\system32\davclnt.dll
2013-12-05 11:55:30 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-12-05 11:55:30 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-12-05 11:55:27 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-12-05 11:55:26 ----A---- C:\Windows\system32\advapi32.dll
2013-12-05 11:55:25 ----A---- C:\Windows\SYSWOW64\tdh.dll
2013-12-05 11:55:25 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-12-05 11:55:25 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-12-05 11:55:25 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-12-05 11:55:25 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-12-05 11:55:25 ----A---- C:\Windows\system32\wow64.dll
2013-12-05 11:55:25 ----A---- C:\Windows\system32\tdh.dll
2013-12-05 11:55:25 ----A---- C:\Windows\system32\ntdll.dll
2013-12-05 11:55:24 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-12-05 11:55:24 ----A---- C:\Windows\SYSWOW64\user.exe
2013-12-05 11:55:24 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-12-05 11:55:24 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-12-05 11:55:24 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-12-05 11:55:09 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-12-05 11:55:09 ----A---- C:\Windows\SYSWOW64\credui.dll
2013-12-05 11:55:09 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-12-05 11:55:09 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2013-12-05 11:55:09 ----A---- C:\Windows\system32\credui.dll
2013-12-05 11:55:09 ----A---- C:\Windows\system32\authui.dll
2013-12-05 11:54:43 ----A---- C:\Windows\system32\scavengeui.dll
2013-12-03 14:50:55 ----D---- C:\Users\Libor\AppData\Roaming\dvdcss
2013-12-03 14:01:13 ----D---- C:\Program Files (x86)\VideoLAN
2013-12-03 13:59:31 ----A---- C:\Windows\SYSWOW64\ssinstall-uninstall.bat
2013-12-03 13:59:31 ----A---- C:\Windows\SYSWOW64\ssins.exe

======List of files/folders modified in the last 1 months======

2013-12-29 18:42:49 ----D---- C:\Windows\Temp
2013-12-29 18:42:46 ----RD---- C:\Program Files
2013-12-29 18:34:45 ----D---- C:\Windows\system32\config
2013-12-29 18:24:51 ----HD---- C:\ProgramData
2013-12-29 18:21:17 ----A---- C:\Windows\SYSWOW64\log.txt
2013-12-29 18:21:04 ----D---- C:\Windows\System32
2013-12-29 18:19:40 ----D---- C:\Windows\SysWOW64
2013-12-29 18:19:37 ----D---- C:\Program Files (x86)\Canon
2013-12-29 18:19:33 ----RSD---- C:\Windows\Media
2013-12-29 18:19:32 ----D---- C:\Windows\twain_32
2013-12-29 18:18:42 ----D---- C:\Windows\system32\DriverStore
2013-12-29 18:18:42 ----D---- C:\Windows\system32\catroot
2013-12-29 18:18:42 ----D---- C:\Windows\inf
2013-12-29 18:18:35 ----D---- C:\Windows\system32\catroot2
2013-12-29 17:43:33 ----D---- C:\Windows\system32\FxsTmp
2013-12-29 17:37:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-29 17:27:29 ----SHD---- C:\System Volume Information
2013-12-29 16:40:40 ----D---- C:\Users\Libor\AppData\Roaming\Canon
2013-12-29 16:20:48 ----D---- C:\ProgramData\CanonIJWSpt
2013-12-29 16:07:11 ----D---- C:\ProgramData\MFAData
2013-12-28 23:13:55 ----D---- C:\Windows
2013-12-28 23:07:25 ----D---- C:\Windows\Tasks
2013-12-28 23:07:25 ----D---- C:\Windows\system32\Tasks
2013-12-28 22:03:12 ----D---- C:\Windows\Prefetch
2013-12-28 21:23:38 ----RD---- C:\Program Files (x86)\Skype
2013-12-28 21:23:38 ----D---- C:\Program Files (x86)\Google
2013-12-28 13:08:30 ----D---- C:\Windows\system32\drivers
2013-12-28 13:08:28 ----SHD---- C:\Windows\Installer
2013-12-23 19:24:37 ----D---- C:\Windows\winsxs
2013-12-23 19:11:46 ----RD---- C:\Program Files (x86)
2013-12-21 20:30:56 ----RSD---- C:\Windows\assembly
2013-12-21 20:11:24 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-12-18 10:10:36 ----D---- C:\Windows\system32\NDF
2013-12-17 11:16:03 ----D---- C:\Program Files (x86)\Common Files
2013-12-17 11:15:44 ----DC---- C:\Windows\system32\DRVSTORE
2013-12-17 10:50:48 ----D---- C:\Windows\ModemLogs
2013-12-17 09:24:00 ----D---- C:\Windows\system32\drivers\UMDF
2013-12-17 07:42:51 ----D---- C:\Users\Libor\AppData\Roaming\Apple Computer
2013-12-16 14:32:09 ----D---- C:\Users\Libor\AppData\Roaming\Seznam.cz
2013-12-16 14:32:05 ----D---- C:\Program Files (x86)\Seznam.cz
2013-12-16 14:15:08 ----SD---- C:\Users\Libor\AppData\Roaming\Microsoft
2013-12-16 06:09:51 ----D---- C:\Windows\system32\MRT
2013-12-15 20:10:53 ----A---- C:\Windows\system32\MRT.exe
2013-12-15 12:56:03 ----D---- C:\Windows\rescache
2013-12-14 09:09:00 ----D---- C:\Program Files\Windows Media Player
2013-12-14 09:09:00 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-14 09:08:58 ----D---- C:\Program Files\Internet Explorer
2013-12-14 09:08:58 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-14 09:08:54 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-12-14 09:08:54 ----D---- C:\Windows\system32\cs-CZ
2013-12-14 09:02:17 ----D---- C:\ProgramData\Microsoft Help
2013-12-13 19:24:15 ----D---- C:\ProgramData\Skype
2013-12-12 10:18:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-12-05 13:56:48 ----D---- C:\Windows\Microsoft.NET
2013-12-05 12:14:16 ----D---- C:\Windows\SYSWOW64\migration
2013-12-05 12:14:16 ----D---- C:\Windows\SYSWOW64\en-US
2013-12-05 12:14:13 ----D---- C:\Windows\PolicyDefinitions
2013-12-05 12:14:12 ----D---- C:\Windows\system32\migration
2013-12-05 12:14:12 ----D---- C:\Windows\system32\en-US
2013-12-05 12:14:09 ----D---- C:\Windows\AppPatch
2013-12-05 12:14:08 ----D---- C:\Windows\SYSWOW64\drivers
2013-12-05 12:10:05 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-12-05 12:07:54 ----SD---- C:\ProgramData\Microsoft
2013-12-05 12:06:41 ----D---- C:\Windows\Logs
2013-12-03 17:11:38 ----SHD---- C:\$RECYCLE.BIN

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-07-20 71480]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-07-20 311608]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-07-01 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-10-23 45880]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-01-15 538136]
R0 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2009-07-30 44912]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-11-25 246072]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-07-20 206648]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-03-21 240952]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-03-29 11658752]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-03-29 581120]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2013-07-02 3058168]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-03-22 2298400]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2013-05-23 76568]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2013-05-23 59160]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-12-02 213280]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-01-12 325152]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2009-07-13 19824]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-02-14 96768]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-03-02 13088]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2012-06-22 22704]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-01-07 232992]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 winusb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\winusb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-03-29 241152]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-07-04 4939312]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-11-20 283136]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-03 268824]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 SpyHunter 4 Service;SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2013-10-18 1025408]
R2 ssinstall;SInstalátor; C:\Windows\SysWOW64\ssins.exe [2013-12-03 2324216]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2010-09-28 489384]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 641352]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-22 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-12 257416]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-22 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-07-22 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2013-06-13 357144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-07-04 1255736]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service; C:\Program Files\Zune\WMZuneComm.exe [2011-08-05 306400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[Rudy]

Nic tam nevidím. Zkusíme hloubkový sken. Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

Před tím znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí.