Havěť v NB

Zpráva

Black Prince · #1 Příspěvek od **Black Prince** » 06 srp 2014 12:27

Teď se mi do NB dostala nějáká havěť. Začali se instalovat různé programy na "zrychlení" a měnit nastavení prohlížečů. AVG a Malwarebytes Antimalware něco našel a odstranil. Dávám sem logy z AVG a antimalware a RSIT.

AVG

"";"Nalezen MalSign.Generic.8F3, C:\Documents and Settings\Tomáš\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\FCX8JT6T\NetTockSetup[1].exe";"Zabezpečeno"
"";"Nalezen MalSign.Generic.8F3, C:\Documents and Settings\Tomáš\AppData\Local\Temp\NexFC0E\NetTockSetup.exe";"Zabezpečeno"
"";"Může jít o adware BrowseFox, C:\Documents and Settings\Tomáš\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\1BX8I05S\Setup[1].exe";"Zabezpečeno"

-----------------------------------------------------

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Scan Date: 6. 8. 2014
Scan Time: 12:46:24
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.06.02
Rootkit Database: v2014.08.04.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: TomÃ¡Å¡

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 377011
Time Elapsed: 9 min, 11 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 4
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\PluginService.exe, 4356, Delete-on-Reboot, [f961b80b0477d1657e6a9035a959d42c]
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\HpUI.exe, 2892, Delete-on-Reboot, [b3a7edd61467ee48d3b066688f7334cc]
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\Loader32.exe, 3236, Delete-on-Reboot, [b3a7edd61467ee48d3b066688f7334cc]
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\Loader64.exe, 4804, Delete-on-Reboot, [b3a7edd61467ee48d3b066688f7334cc]

Modules: 11
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, Delete-on-Reboot, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, Delete-on-Reboot, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, Delete-on-Reboot, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, Delete-on-Reboot, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, Delete-on-Reboot, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, Delete-on-Reboot, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, Delete-on-Reboot, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, Delete-on-Reboot, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, Delete-on-Reboot, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, Delete-on-Reboot, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, Delete-on-Reboot, [b3a7edd61467ee48d3b066688f7334cc],

Registry Keys: 13
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [ea70952ea2d9f343825bfb6c47bbfc04],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, Quarantined, [ea70952ea2d9f343825bfb6c47bbfc04],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, Quarantined, [ea70952ea2d9f343825bfb6c47bbfc04],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, Quarantined, [ea70952ea2d9f343825bfb6c47bbfc04],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, Quarantined, [ea70952ea2d9f343825bfb6c47bbfc04],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [ea70952ea2d9f343825bfb6c47bbfc04],
PUP.Optional.SupTab.A, HKU\S-1-5-21-3093248523-1288836358-212681410-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [ea70952ea2d9f343825bfb6c47bbfc04],
PUP.Optional.SupTab.A, HKU\S-1-5-21-3093248523-1288836358-212681410-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [ea70952ea2d9f343825bfb6c47bbfc04],
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [0e4cbf04d6a5dd59dc72bf626c9851af],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, Quarantined, [a1b9d0f389f243f34c83d3626f952fd1],
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [a0ba6162c1bae254bc92978a41c36b95],
PUP.Optional.Qone8, HKU\S-1-5-21-3093248523-1288836358-212681410-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [401a80433c3fc4723518829f15efe917],
PUP.Optional.IePluginServices.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, Quarantined, [f961b80b0477d1657e6a9035a959d42c],

Registry Values: 0
(No malicious items detected)

Registry Data: 12
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... YFVK8YFVK8, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... YFVK8YFVK8),Replaced,[6af0ae154b30d165cd3f93258e7611ef]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.istartsurf.com/web/?type=ds& ... earchTerms}, Good: (http://www.google.com), Bad: (http://www.istartsurf.com/web/?type=ds& ... earchTerms}),Replaced,[471305bea4d74aec758dfdbb3aca26da]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istartsurf.com/?type=hp&ts=1 ... YFVK8YFVK8, Good: (http://www.google.com), Bad: (http://www.istartsurf.com/?type=hp&ts=1 ... YFVK8YFVK8),Replaced,[dc7e5e65dc9f9f9746ba87319a6ac23e]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.istartsurf.com/?type=hp&ts=1 ... YFVK8YFVK8, Good: (http://www.google.com), Bad: (http://www.istartsurf.com/?type=hp&ts=1 ... YFVK8YFVK8),Replaced,[d387dce78feceb4b9f65bdfb14f0d32d]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[ec6eb50ed8a3ef47849e0eb51aea25db]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... YFVK8YFVK8, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... YFVK8YFVK8),Replaced,[18429c27ea91989ec448397f15ef60a0]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.istartsurf.com/web/?type=ds& ... earchTerms}, Good: (http://www.google.com), Bad: (http://www.istartsurf.com/web/?type=ds& ... earchTerms}),Replaced,[5efc15ae69124fe7768cd5e3f80c9b65]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istartsurf.com/?type=hp&ts=1 ... YFVK8YFVK8, Good: (http://www.google.com), Bad: (http://www.istartsurf.com/?type=hp&ts=1 ... YFVK8YFVK8),Replaced,[4515853e215add594cb4d7e1fd076d93]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.istartsurf.com/?type=hp&ts=1 ... YFVK8YFVK8, Good: (http://www.google.com), Bad: (http://www.istartsurf.com/?type=hp&ts=1 ... YFVK8YFVK8),Replaced,[acae8340e59683b359ab03b59371be42]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[42180eb542396bcb37eb645fb351e719]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3093248523-1288836358-212681410-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.istartsurf.com/?type=hp&ts=1 ... YFVK8YFVK8, Good: (http://www.google.com), Bad: (http://www.istartsurf.com/?type=hp&ts=1 ... YFVK8YFVK8),Replaced,[1743ad160e6d092d3acb9e1a4db77e82]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3093248523-1288836358-212681410-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istartsurf.com/?type=hp&ts=1 ... YFVK8YFVK8, Good: (http://www.google.com), Bad: (http://www.istartsurf.com/?type=hp&ts=1 ... YFVK8YFVK8),Replaced,[b0aa6261c3b8b581a35ec9ef9d67867a]

Folders: 32
PUP.Optional.WeatherAlerts, C:\Users\TomÃ¡Å¡\AppData\Local\WeatherAlerts, Quarantined, [61f920a31962f0466fcf258da35f9868],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, Quarantined, [f961b80b0477d1657e6a9035a959d42c],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, Quarantined, [f961b80b0477d1657e6a9035a959d42c],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Quarantined, [93c7972cd6a5cd6948142e9ab74b738d],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log, Quarantined, [93c7972cd6a5cd6948142e9ab74b738d],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, Quarantined, [93c7972cd6a5cd6948142e9ab74b738d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, Delete-on-Reboot, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],

Files: 74
PUP.Optional.Verti, C:\Users\TomÃ¡Å¡\AppData\Local\Temp\34121234.exe, Delete-on-Reboot, [9cbe566ddd9e80b6e408f5c2af55867a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, Quarantined, [ea70952ea2d9f343825bfb6c47bbfc04],
PUP.Optional.Amonetize, C:\Users\TomÃ¡Å¡\AppData\Local\Temp\awhB6F6.tmp, Quarantined, [91c9d8eb106bf93da54fbfe14cb520e0],
Adware.Bundle, C:\Users\TomÃ¡Å¡\AppData\Local\Temp\svhosts.exe, Quarantined, [be9c12b1cbb05ed807230323fe0307f9],
PUP.Optional.WeatherAlerts.A, C:\Users\TomÃ¡Å¡\AppData\Local\Temp\Nex4775\DesktopWeatherAlertsSetup.exe, Quarantined, [5dfd675ccfac95a148206c81bc48ad53],
PUP.Optional.WeatherAlerts.A, C:\Users\TomÃ¡Å¡\AppData\Local\Temp\NexBE86\DesktopWeatherAlertsSetup.exe, Quarantined, [25359231364548ee8ade4ba2e81c19e7],
PUP.Optional.IStartSurf.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\istartsurf.xml, Quarantined, [95c59e250576a88e9dc31cb659a9c33d],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\PluginService.exe, Quarantined, [f961b80b0477d1657e6a9035a959d42c],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, Quarantined, [f961b80b0477d1657e6a9035a959d42c],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-08-06[12-14-07-613].log, Quarantined, [93c7972cd6a5cd6948142e9ab74b738d],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-08-06[12-14-09-471].log, Quarantined, [93c7972cd6a5cd6948142e9ab74b738d],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, Quarantined, [93c7972cd6a5cd6948142e9ab74b738d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterface64.dll, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\HpUI.exe, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\ient.json, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\install.data, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\Loader32.exe, Delete-on-Reboot, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\Loader64.exe, Delete-on-Reboot, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcp110.dll, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcr110.dll, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\RSHP.exe, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SearchProtect32.dll, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SearchProtect64.dll, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\uninstall.exe, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, Delete-on-Reboot, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Delete-on-Reboot, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\bk_shadow.png, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\btn.png, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\close.png, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\main.xml, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\main.xml.bak, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\ck_box.png, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\ck_check.png, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\radio_bk.png, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\radio_check.png, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\data.html, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE.html, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE8.html, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\main.css, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\ver.txt, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\google_trends.png, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon128.png, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon16.png, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon48.png, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\loading.gif, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\logo32.ico, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\common.js, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ga.js, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\js.js, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\library.js, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit.js, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt\messages.json, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json, Quarantined, [b3a7edd61467ee48d3b066688f7334cc],

Physical Sectors: 0
(No malicious items detected)

(end)

--------------------------------------------------------------------------

Logfile of random's system information tool 1.10 (written by random/random)
Run by Tomáš at 2014-08-06 13:17:41
Microsoft Windows 8.1
System drive C: has 48 GB (43%) free of 114 GB
Total RAM: 8072 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:17:48, on 6. 8. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Gaming Keyboard\OSD.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Tomáš.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKLM\..\Run: [VICTORY Gaming Keyboard] "C:\Program Files (x86)\Gaming Keyboard\Monitor.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\RunOnce: [SeznamInstall-uninstall:973afe06a00dfbf884a1d18f279f3084] "C:\Users\TOM~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe" -c "C:\Users\Tomáš\AppData\Roaming\Seznam.cz"
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: DirMngr - Unknown owner - C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InterBase XE3 Guardian gds_db (IBG_gds_db) - Embarcadero Technologies, Inc. - C:\Program Files (x86)\Embarcadero\Studio\14.0\InterBaseXE3\bin\ibguard.exe
O23 - Service: InterBase XE3 Server gds_db (IBS_gds_db) - Embarcadero Technologies, Inc. - C:\Program Files (x86)\Embarcadero\Studio\14.0\InterBaseXE3\bin\ibserver.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11049 bytes

======Listing Processes======

c:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=bf354463-e59f-4a45-8ff4-d25595583776 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\55e2d126-2660-4a3d-a533-7537d8105230-244-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" /logPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\log\"

wininit.exe

winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
taskhostex.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"
"C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe" --service
dashost.exe {62111b7a-9ad2-4bd8-a24fb1e573b547d9}
"C:\Program Files (x86)\Embarcadero\Studio\14.0\InterBaseXE3\bin\ibguard.exe" -i "C:\Program Files (x86)\Embarcadero\Studio\14.0\InterBaseXE3" -p gds_db
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
C:\Windows\SysWOW64\vmnat.exe
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe"
C:\Windows\SysWOW64\vmnetdhcp.exe
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe" -u "C:\ProgramData\VMware\hostd\config.xml"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Embarcadero\Studio\14.0\InterBaseXE3\bin\ibserver.exe" -i "C:\Program Files (x86)\Embarcadero\Studio\14.0\InterBaseXE3" -p gds_db
"C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgemca.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-660a52c4-38a7-4faa-a920-69a58013190e -SystemEventPortName:HostProcess-f3ea26cc-a2c7-49a1-bb2e-014760cbbd82 -IoCancelEventPortName:HostProcess-bcebeeaa-d073-447f-96f8-c7a081f6079a -NonStateChangingEventPortName:HostProcess-05017c38-cd2b-4cd2-81fa-faa986793c72 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:23ce432e-9bf6-4d9e-ac3f-90fc59bfd7a0 -DeviceGroupId:WudfDefaultDevicePool
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Program Files\Acer\Acer Launch Manager\LMTray.exe"
ClassicStartMenu.exe -startup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Elantech\ETDTouch.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Dolby PCEE4\pcee4.exe" -autostart
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
"C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE"
"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
ctfmon.exe

"C:\Program Files (x86)\Gaming Keyboard\OSD.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" -iocredfromrecent "E:\Documents\KP databáze.kdbx"
"C:\Program Files\totalcmd\TOTALCMD64.EXE"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=5460.f884570.1492165422 "C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 5460 "\\.\pipe\gecko-crash-server-pipe.5460" plugin
"C:\WINDOWS\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe" --proxy-stub-channel=Flash4776.69E60D80.24289 --host-broker-channel=Flash4776.69E60D80.5401 --host-pid=4776 --host-npapi-version=27 --plugin-path="C:\WINDOWS\SYSTEM32\Macromed\Flash\NPSWF32_14_0_0_145.dll"
"C:\WINDOWS\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe" --channel=3628.00A0F560.1035371019 --proxy-stub-channel=Flash4776.69E60D80.24289 --plugin-path="C:\WINDOWS\SYSTEM32\Macromed\Flash\NPSWF32_14_0_0_145.dll" --host-npapi-version=27 --type=renderer
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe"
"C:\Users\Tomáš\Desktop\RSITx64.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=5460.154e9b70.984448080 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 5460 "\\.\pipe\gecko-crash-server-pipe.5460" tab

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\9vnsfgro.Tomas

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\9vnsfgro.Tomas\extensions\
https-everywhere@eff.org
keefox@chris.tomlinson
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-02 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-01-25 66688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-02 211368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-05-02 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-05-02 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2013-05-22 2890056]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-03-18 13427784]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-03-08 1278024]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-01-18 161984]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-02-05 2234144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-25 131712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2014-02-03 963984]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SeznamInstall-uninstall:973afe06a00dfbf884a1d18f279f3084"=C:\Users\TOM~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [2014-08-06 534528]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"KeePass 2 PreLoad"=C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2014-02-03 2092032]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"vmware-tray"=C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [2012-04-30 103536]
"VICTORY Gaming Keyboard"=C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [2013-11-11 270336]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-07-10 5187088]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-25 131712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll, C:\WINDOWS\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-08-06 13:17:41 ----D---- C:\rsit
2014-08-06 13:17:41 ----D---- C:\Program Files\trend micro
2014-08-06 12:43:23 ----D---- C:\Users\Tomáš\AppData\Roaming\QuickScan
2014-08-06 12:43:12 ----D---- C:\Program Files (x86)\Seznam.cz
2014-08-06 12:42:53 ----D---- C:\Users\Tomáš\AppData\Roaming\Seznam.cz
2014-08-06 12:22:16 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-08-06 12:22:07 ----D---- C:\ProgramData\Malwarebytes
2014-08-06 12:22:07 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-06 12:22:07 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-08-06 12:22:07 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-08-06 12:22:07 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-08-06 12:18:54 ----D---- C:\Users\Tomáš\AppData\Roaming\AVG2014
2014-08-06 12:18:31 ----D---- C:\Users\Tomáš\AppData\Roaming\TuneUp Software
2014-08-06 12:18:28 ----HD---- C:\$AVG
2014-08-06 12:18:28 ----D---- C:\ProgramData\AVG2014
2014-08-06 12:18:24 ----D---- C:\Program Files (x86)\AVG
2014-08-06 12:17:36 ----HD---- C:\ProgramData\Common Files
2014-08-06 12:17:36 ----D---- C:\ProgramData\MFAData
2014-08-06 11:55:56 ----D---- C:\Users\Tomáš\AppData\Roaming\Command & Conquer 3 Tiberium Wars
2014-08-06 11:44:50 ----D---- C:\Program Files\DVDFab Virtual Drive
2014-08-05 18:01:33 ----D---- C:\Program Files (x86)\Western Digital Corporation
2014-07-29 14:30:17 ----D---- C:\Program Files (x86)\UltraUXThemePatcher
2014-07-28 11:15:39 ----D---- C:\Users\Tomáš\AppData\Roaming\GullySoft
2014-07-28 11:15:33 ----D---- C:\Program Files (x86)\Umíme to s Delphi
2014-07-28 11:07:32 ----D---- C:\Users\Tomáš\AppData\Roaming\Subversion
2014-07-28 11:04:10 ----D---- C:\ProgramData\Raize
2014-07-28 11:04:09 ----D---- C:\Program Files (x86)\Raize
2014-07-28 11:00:52 ----HDC---- C:\ProgramData\{FDB4ECE9-151E-4C2C-B20B-2316AFA29D8F}
2014-07-28 11:00:01 ----D---- C:\Program Files (x86)\CollabNet
2014-07-28 10:59:55 ----A---- C:\Windows\SYSWOW64\ibxml.dll
2014-07-28 10:59:55 ----A---- C:\Windows\SYSWOW64\gds32.dll
2014-07-28 10:59:55 ----A---- C:\Windows\system32\ibxml64.dll
2014-07-28 10:59:55 ----A---- C:\Windows\system32\ibclient64.dll
2014-07-28 10:57:28 ----D---- C:\Users\Tomáš\AppData\Roaming\Embarcadero
2014-07-28 10:57:28 ----D---- C:\ProgramData\Embarcadero
2014-07-28 10:55:38 ----D---- C:\Program Files (x86)\Embarcadero
2014-07-28 10:28:58 ----HD---- C:\ProgramData\{A2C8EB76-CB1E-47B5-96A7-4FD682404E92}
2014-07-28 09:54:08 ----HD---- C:\ProgramData\{4C1A27DF-1043-4893-9757-DE2CE28C3D82}
2014-07-27 17:03:04 ----D---- C:\Program Files (x86)\Steema Software
2014-07-27 12:04:06 ----D---- C:\Program Files (x86)\Borland
2014-07-19 14:29:21 ----D---- C:\Program Files (x86)\Starship Weapons Calculator
2014-07-17 17:54:10 ----A---- C:\out.txt
2014-07-17 17:50:34 ----D---- C:\Users\Tomáš\AppData\Roaming\Ulozto File Manager
2014-07-17 17:50:32 ----D---- C:\Program Files (x86)\Ulozto File Manager
2014-07-15 17:37:16 ----D---- C:\Hry
2014-07-15 12:37:51 ----D---- C:\Program Files (x86)\Gaming Keyboard
2014-07-15 12:37:44 ----D---- C:\Users\Tomáš\AppData\Roaming\InstallShield
2014-07-15 11:59:11 ----D---- C:\Program Files (x86)\Simpli Software
2014-07-15 10:37:27 ----A---- C:\Windows\script.txt
2014-07-15 09:03:31 ----A---- C:\Windows\SYSWOW64\ampa.sys
2014-07-15 09:03:31 ----A---- C:\Windows\system32\ampa.sys
2014-07-15 09:03:31 ----A---- C:\Windows\ampa.exe
2014-07-15 09:03:29 ----D---- C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 5.5
2014-07-09 13:59:19 ----A---- C:\Windows\system32\termsrv.dll
2014-07-09 13:57:32 ----D---- C:\Program Files\Microsoft Silverlight
2014-07-09 13:57:32 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-07-09 08:01:52 ----A---- C:\Windows\system32\win32k.sys
2014-07-09 08:01:52 ----A---- C:\Windows\system32\osk.exe
2014-07-09 08:01:51 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-07-09 08:01:50 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-09 08:01:48 ----A---- C:\Windows\SYSWOW64\certcli.dll
2014-07-09 08:01:48 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-07-09 08:01:48 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-09 08:01:48 ----A---- C:\Windows\system32\drivers\cng.sys
2014-07-09 08:01:48 ----A---- C:\Windows\system32\certcli.dll
2014-07-09 08:01:48 ----A---- C:\Windows\system32\adtschema.dll
2014-07-09 08:01:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-07-09 08:01:46 ----A---- C:\Windows\system32\mshtml.dll
2014-07-09 08:01:46 ----A---- C:\Windows\system32\iedkcs32.dll
2014-07-09 08:01:45 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-07-09 08:01:41 ----A---- C:\Windows\system32\jscript9.dll
2014-07-09 08:01:40 ----A---- C:\Windows\system32\ieframe.dll
2014-07-09 08:01:39 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-07-09 08:01:39 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-07-09 08:01:38 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-07-09 08:01:38 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-07-09 08:01:38 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-09 08:01:38 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-07-09 08:01:38 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-07-09 08:01:38 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-07-09 08:01:38 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-07-09 08:01:38 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-07-09 08:01:38 ----A---- C:\Windows\system32\wininet.dll
2014-07-09 08:01:38 ----A---- C:\Windows\system32\urlmon.dll
2014-07-09 08:01:38 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-09 08:01:38 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-09 08:01:38 ----A---- C:\Windows\system32\iertutil.dll
2014-07-09 08:01:38 ----A---- C:\Windows\system32\ieapfltr.dll
2014-07-09 08:01:38 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-09 08:01:38 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-09 08:01:38 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-09 08:01:16 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-07-09 08:01:16 ----A---- C:\Windows\system32\qedit.dll
2014-07-09 08:01:12 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2014-07-09 08:01:12 ----A---- C:\Windows\system32\WSShared.dll
2014-07-09 08:01:12 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 08:01:12 ----A---- C:\Windows\system32\twinui.dll
2014-07-09 08:01:11 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-07-09 08:01:11 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-07-09 08:01:11 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 08:01:11 ----A---- C:\Windows\SYSWOW64\twinui.dll
2014-07-09 08:01:11 ----A---- C:\Windows\SYSWOW64\twinui.appcore.dll
2014-07-09 08:01:11 ----A---- C:\Windows\system32\wudriver.dll
2014-07-09 08:01:11 ----A---- C:\Windows\system32\wuaueng.dll
2014-07-09 08:01:11 ----A---- C:\Windows\system32\wuauclt.exe
2014-07-09 08:01:11 ----A---- C:\Windows\system32\wuapi.dll
2014-07-09 08:01:11 ----A---- C:\Windows\system32\twinui.appcore.dll
2014-07-09 08:01:11 ----A---- C:\Windows\system32\twinapi.appcore.dll
2014-07-09 07:59:03 ----A---- C:\Windows\system32\WSReset.exe
2014-07-08 11:52:02 ----D---- C:\ProgramData\NuGet
2014-07-08 11:52:02 ----D---- C:\Program Files (x86)\NuGet
2014-07-08 11:44:43 ----D---- C:\Program Files (x86)\Microsoft Web Tools
2014-07-08 11:43:57 ----D---- C:\Program Files\IIS
2014-07-08 11:43:56 ----D---- C:\Program Files (x86)\IIS
2014-07-08 11:08:52 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2014-07-08 11:08:51 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-07-08 11:08:38 ----D---- C:\Program Files\Application Verifier
2014-07-08 11:08:38 ----D---- C:\Program Files (x86)\Application Verifier
2014-07-08 11:08:36 ----D---- C:\ProgramData\Windows App Certification Kit
2014-07-08 11:08:12 ----D---- C:\ProgramData\PreEmptive Solutions
2014-07-08 11:07:11 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2014-07-08 11:06:50 ----D---- C:\Program Files\Microsoft
2014-07-08 11:06:39 ----D---- C:\Program Files\IIS Express
2014-07-08 11:06:39 ----D---- C:\Program Files (x86)\IIS Express
2014-07-08 11:05:53 ----D---- C:\Program Files (x86)\Microsoft WCF Data Services
2014-07-08 11:05:24 ----D---- C:\Program Files (x86)\Windows Kits
2014-07-08 11:03:45 ----D---- C:\Program Files (x86)\HTML Help Workshop
2014-07-08 11:03:36 ----D---- C:\Program Files (x86)\Microsoft Help Viewer
2014-07-08 11:03:20 ----D---- C:\Windows\SYSWOW64\1033
2014-07-08 11:03:11 ----D---- C:\Program Files\Microsoft SQL Server
2014-07-08 11:03:11 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2014-07-08 11:00:54 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 11.0
2014-07-08 11:00:52 ----D---- C:\Windows\system32\1033
2014-07-08 10:59:49 ----D---- C:\Windows\symbols
2014-07-08 10:59:49 ----D---- C:\Program Files\Microsoft Visual Studio 11.0
2014-07-08 10:59:49 ----D---- C:\Program Files (x86)\Microsoft SDKs

======List of files/folders modified in the last 1 month======

2014-08-06 13:17:41 ----RD---- C:\Program Files
2014-08-06 13:17:26 ----D---- C:\Users\Tomáš\AppData\Roaming\uTorrent
2014-08-06 13:17:18 ----D---- C:\Windows\Prefetch
2014-08-06 13:17:01 ----D---- C:\Windows\Temp
2014-08-06 13:16:19 ----D---- C:\Users\Tomáš\AppData\Roaming\ClassicShell
2014-08-06 13:08:14 ----D---- C:\Windows\system32\drivers
2014-08-06 13:05:09 ----RD---- C:\Windows\System32
2014-08-06 13:05:09 ----D---- C:\Windows\Inf
2014-08-06 13:05:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-06 13:04:59 ----D---- C:\Windows\SoftwareDistribution
2014-08-06 13:04:59 ----D---- C:\Windows
2014-08-06 13:04:11 ----D---- C:\Windows\Minidump
2014-08-06 13:04:11 ----D---- C:\Windows\Logs
2014-08-06 13:04:11 ----D---- C:\Windows\debug
2014-08-06 13:03:27 ----D---- C:\Program Files\CCleaner
2014-08-06 13:00:00 ----D---- C:\Windows\system32\sru
2014-08-06 12:58:35 ----RD---- C:\Program Files (x86)
2014-08-06 12:58:32 ----D---- C:\Windows\Tasks
2014-08-06 12:58:32 ----D---- C:\Windows\system32\Tasks
2014-08-06 12:57:01 ----D---- C:\ProgramData\VMware
2014-08-06 12:56:43 ----RSD---- C:\Windows\Media
2014-08-06 12:56:15 ----HD---- C:\ProgramData
2014-08-06 12:39:15 ----D---- C:\Windows\system32\config
2014-08-06 12:37:15 ----SHD---- C:\Windows\Installer
2014-08-06 12:18:30 ----HD---- C:\Windows\ELAMBKUP
2014-08-06 11:50:56 ----D---- C:\Windows\WinSxS
2014-08-06 11:44:54 ----D---- C:\Windows\system32\DriverStore
2014-08-06 11:04:30 ----D---- C:\Windows\Microsoft.NET
2014-08-05 21:26:07 ----D---- C:\Users\Tomáš\AppData\Roaming\Skype
2014-08-05 20:11:50 ----D---- C:\Users\Tomáš\AppData\Roaming\VMware
2014-08-05 12:34:09 ----HD---- C:\Program Files\WindowsApps
2014-08-05 12:34:09 ----D---- C:\Windows\AppReadiness
2014-08-01 22:52:42 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-07-31 22:07:57 ----D---- C:\Users\Tomáš\AppData\Roaming\KeePass
2014-07-31 12:54:29 ----D---- C:\Windows\system32\NDF
2014-07-31 11:11:55 ----D---- C:\Users\Tomáš\AppData\Roaming\vlc
2014-07-30 16:07:54 ----D---- C:\Windows\LiveKernelReports
2014-07-29 20:55:32 ----D---- C:\Windows\SysWOW64
2014-07-29 20:53:19 ----D---- C:\Program Files\AeroGlass
2014-07-29 16:47:24 ----RSD---- C:\Windows\assembly
2014-07-29 14:30:42 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-29 14:30:17 ----A---- C:\Windows\system32\uxtheme.dll
2014-07-29 14:30:17 ----A---- C:\Windows\system32\uxinit.dll
2014-07-29 14:30:17 ----A---- C:\Windows\system32\themeui.dll
2014-07-29 14:03:49 ----D---- C:\Windows\system32\FxsTmp
2014-07-28 11:15:33 ----RSD---- C:\Windows\Fonts
2014-07-28 11:04:08 ----D---- C:\ProgramData\Microsoft Help
2014-07-28 11:04:04 ----D---- C:\Temp
2014-07-28 11:01:08 ----SD---- C:\Users\Tomáš\AppData\Roaming\Microsoft
2014-07-28 11:01:08 ----SD---- C:\ProgramData\Microsoft
2014-07-28 10:59:58 ----D---- C:\Windows\system32\drivers\etc
2014-07-28 10:59:45 ----D---- C:\Program Files\Java
2014-07-28 10:58:40 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-07-28 10:57:29 ----D---- C:\Program Files (x86)\Common Files
2014-07-25 15:23:15 ----D---- C:\Users\Tomáš\AppData\Roaming\Winamp
2014-07-16 21:53:41 ----D---- C:\Program Files\SUPERAntiSpyware
2014-07-15 12:06:36 ----SHD---- C:\System Volume Information
2014-07-13 18:07:18 ----D---- C:\Windows\SYSWOW64\directx
2014-07-12 21:35:50 ----D---- C:\Windows\rescache
2014-07-12 14:05:35 ----RD---- C:\Windows\ToastData
2014-07-12 14:05:35 ----D---- C:\Windows\WinStore
2014-07-12 14:05:35 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-07-12 14:05:35 ----D---- C:\Windows\system32\cs-CZ
2014-07-12 14:05:35 ----D---- C:\Program Files\Internet Explorer
2014-07-12 14:05:35 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-12 12:22:31 ----D---- C:\Program Files\Common Files\microsoft shared
2014-07-09 14:00:54 ----D---- C:\Windows\CbsTemp
2014-07-09 14:00:49 ----D---- C:\Windows\system32\MRT
2014-07-09 13:59:40 ----A---- C:\Windows\system32\MRT.exe
2014-07-09 13:58:55 ----D---- C:\Program Files\Windows Journal
2014-07-09 13:55:54 ----D---- C:\ProgramData\Package Cache
2014-07-09 08:00:37 ----D---- C:\Windows\system32\catroot2
2014-07-08 11:08:05 ----D---- C:\Program Files\MSBuild
2014-07-08 11:03:36 ----D---- C:\Program Files (x86)\MSBuild
2014-07-08 11:00:45 ----D---- C:\Windows\system32\drivers\UMDF
2014-07-08 10:59:33 ----D---- C:\ProgramData\regid.1991-06.com.microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-17 190744]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-06-17 328984]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-06-17 123672]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-17 31512]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-02-01 652784]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2014-03-04 33736]
R0 vmci;@oem38.inf,%vmci.Service.DispName%;VMware VMCI Bus Driver; C:\Windows\System32\drivers\vmci.sys [2011-08-08 116336]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-30 152344]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-06-17 242968]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-06-17 235800]
R1 Avgwfpa;AVG Firewall Driver; C:\Windows\system32\DRIVERS\avgwfpa.sys [2014-06-30 270104]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2013-03-04 40344]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2014-02-03 231376]
R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\drivers\hcmon.sys [2011-08-30 39024]
R2 VMnetBridge;@oem40.inf,%VMware_Desc%;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2012-04-30 45680]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\WINDOWS\system32\drivers\vmnetuserif.sys [2012-04-30 30320]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
R3 BTATH_HCRP;@oem14.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2013-01-25 179432]
R3 BTATH_RCP;@oem18.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2013-01-25 136424]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2014-04-28 599240]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2013-08-22 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2013-08-22 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-01-31 81920]
R3 ETD;@oem5.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2013-05-22 377160]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-03-07 3729920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-03-19 3363016]
R3 iwdbus;@oem33.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-03-01 27032]
R3 LMDriver;@oem25.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\Windows\System32\drivers\LMDriver.sys [2013-01-10 21360]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-08-06 122584]
R3 MEIx64;@oem4.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2013-01-23 64624]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-03-04 12708128]
R3 RadioShim;@oem25.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\Windows\System32\drivers\RadioShim.sys [2013-01-10 15704]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2014-01-27 167424]
R3 SensorsSimulatorDriver;@oem34.inf,%WudfSensorsSimulatorDriverDisplayName%;UMDF Reflector service for SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [2013-08-22 230912]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 VClone;VClone; C:\Windows\System32\drivers\VClone.sys [2013-07-24 34816]
R3 vmkbd;VMware kbd; \??\C:\WINDOWS\system32\drivers\VMkbd.sys [2012-04-30 32880]
R3 VMnetAdapter;@oem41.inf,%VMnetAdapter.Service.DispName%;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2012-04-30 20080]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\Windows\system32\DRIVERS\avgboota.sys [2013-09-04 20496]
S3 ampa;ampa; \??\C:\WINDOWS\system32\ampa.sys [2013-11-29 17008]
S3 AthBTPort;@oem11.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2013-01-25 89168]
S3 BTATH_A2DP;@oem10.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2013-01-25 346192]
S3 btath_avdt;@oem10.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2013-01-25 115280]
S3 BTATH_LWFLT;@oem22.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2013-01-25 77464]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-04-11 1200128]
S3 ccSet_NARA;NARA Settings Manager; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [2012-05-26 168608]
S3 GPUZ;GPUZ; \??\C:\WINDOWS\TEMP\GPUZ.sys []
S3 hamachi;LogMeIn Hamachi Virtual Miniport); C:\Windows\system32\DRIVERS\Hamdrv.sys [2014-02-04 46136]
S3 intaud_WaveExtensible;@oem30.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-03-01 38296]
S3 IntcDAud;@oem27.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-03-27 442368]
S3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2013-06-18 425984]
S3 RSPCIESTOR;@oem3.inf,%Rts5208%;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2013-03-14 353864]
S3 tap0901;@oem37.inf,%DeviceDescription%;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2011-04-26 31232]
S3 vdrive;vdrive; C:\Windows\system32\DRIVERS\vdrive.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2013-10-11 144152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-01-25 227456]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-07-10 3244048]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-07-10 289328]
R2 DirMngr;DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [2013-10-07 218112]
R2 IBG_gds_db;InterBase XE3 Guardian gds_db; C:\Program Files (x86)\Embarcadero\Studio\14.0\InterBaseXE3\bin\ibguard.exe [2014-03-24 636744]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-03-12 282096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-01-30 167736]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-01-30 364856]
R2 LMSvc;Launch Manager Service; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [2013-06-18 431656]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-02-05 1593632]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-03-04 922968]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-02-11 129624]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-07-02 5037888]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [2012-04-30 79872]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2012-04-30 354416]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-08-30 846448]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2012-04-30 433264]
R2 VMwareHostd;VMware Workstation Server; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2012-04-30 11839488]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
R3 IBS_gds_db;InterBase XE3 Server gds_db; C:\Program Files (x86)\Embarcadero\Studio\14.0\InterBaseXE3\bin\ibserver.exe [2014-03-24 5487944]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08 262320]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-08-10 50784]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-03-12 279024]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2013-05-01 470056]
S3 fussvc;Windows App Certification Kit Fast User Switching Utility Service; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [2012-07-25 139776]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-28 119408]
S3 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2013-01-28 4230016]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-07-16 542912]
S3 Te.Service;Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-07-25 126976]
S4 NAUpdate;Nero Update; c:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-14 769432]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 06 srp 2014 14:24

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Black Prince · #3 Příspěvek od **Black Prince** » 06 srp 2014 15:13

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Tom ç on st 06. 08. 2014 at 15:47:41,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"

~~~ FireFox

Successfully deleted: [File] C:\Users\Tom ç\AppData\Roaming\mozilla\firefox\profiles\n9icsrvj.default\user.js
Successfully deleted: [File] C:\Users\Tom ç\AppData\Roaming\mozilla\firefox\profiles\9vnsfgro.Tomas\user.js
Emptied folder: C:\Users\Tom ç\AppData\Roaming\mozilla\firefox\profiles\9vnsfgro.Tomas\minidumps [46 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 06. 08. 2014 at 15:52:11,90
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

---------------------------------------------------------------------

# AdwCleaner v3.302 - Report created 06/08/2014 at 16:00:50
# Updated 30/07/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Tomáš - TOMAS-NB
# Running from : C:\Users\Tomáš\Desktop\adwcleaner_3.302.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Users\Tomáš\AppData\Local\PackageAware

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKLM\Software\SupDp
Key Deleted : HKLM\Software\SupTab

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v31.0 (x86 cs)

[ File : C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\9vnsfgro.Tomas\prefs.js ]

[ File : C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\n9icsrvj.default\prefs.js ]

*************************

AdwCleaner[R0].txt - [1757 octets] - [06/08/2014 15:53:05]
AdwCleaner[S0].txt - [1397 octets] - [06/08/2014 16:00:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1457 octets] ##########

#4 Příspěvek od **vyosek** » 06 srp 2014 16:26

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Black Prince · #5 Příspěvek od **Black Prince** » 06 srp 2014 17:44

Zoek.exe v5.0.0.0 Updated 04-August-2014
Tool run by Tom ç on st 06. 08. 2014 at 18:24:48,56.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TOM~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

6. 8. 2014 18:26:11 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_CLASSES_ROOT\CLSID\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\TOM~1\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\bf3daur4.default\prefs.js:

Added to C:\Users\TOM~1\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\bf3daur4.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\TOM~1\AppData\Roaming\Mozilla\Firefox\Profiles\9vnsfgro.Tomas\prefs.js:

Added to C:\Users\TOM~1\AppData\Roaming\Mozilla\Firefox\Profiles\9vnsfgro.Tomas\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\TOM~1\AppData\Roaming\Mozilla\Firefox\Profiles\n9icsrvj.default\prefs.js:

Added to C:\Users\TOM~1\AppData\Roaming\Mozilla\Firefox\Profiles\n9icsrvj.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\TOM~1\AppData\Roaming\Thunderbird\Profiles\rgato40a.default\prefs.js:

Added to C:\Users\TOM~1\AppData\Roaming\Thunderbird\Profiles\rgato40a.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\TOM~1\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\bf3daur4.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_201406.08._1836_.backup

ProfilePath: C:\Users\TOM~1\AppData\Roaming\Mozilla\Firefox\Profiles\9vnsfgro.Tomas

user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 3);
---- FireFox user.js and prefs.js backups ----

prefs_201406.08._1836_.backup

ProfilePath: C:\Users\TOM~1\AppData\Roaming\Mozilla\Firefox\Profiles\n9icsrvj.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_201406.08._1836_.backup

ProfilePath: C:\Users\TOM~1\AppData\Roaming\Thunderbird\Profiles\rgato40a.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_201406.08._1836_.backup

==== Deleting Files \ Folders ======================

C:\Users\Tomáš\.android not found
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\pref.js deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Default\AppData\Local\Pokki deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\TOM~1\Searches deleted
C:\Users\TOM~1\AppData\Roaming\Mozilla\Firefox\Profiles\9vnsfgro.Tomas\extensions\firefox@ghostery.com.xpi deleted
C:\Users\TOM~1\AppData\Roaming\Mozilla\Firefox\Profiles\9vnsfgro.Tomas\jetpack deleted
C:\Users\TOM~1\AppData\Roaming\Mozilla\Firefox\Profiles\n9icsrvj.default\extensions\firefox@ghostery.com.xpi deleted
C:\Users\TOM~1\AppData\Roaming\Mozilla\Firefox\Profiles\n9icsrvj.default\jetpack deleted
C:\Users\TOM~1\AppData\Roaming\Thunderbird\Profiles\rgato40a.default\extensions\trash\{847b3a00-7ab1-11d4-8f02-006008948af5} deleted
"C:\windows\Installer\12063.msi" deleted
"C:\Users\TOM~1\AppData\Local\LumaEmu" deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\TOM~1\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\bf3daur4.default
- Czech CZ Language Pack - %ProfilePath%\extensions\langpack-cs@palemoon.org.xpi

ProfilePath: C:\Users\TOM~1\AppData\Roaming\Mozilla\Firefox\Profiles\9vnsfgro.Tomas
- Undetermined - C:\Users\TomĂˇĹˇ\AppData\Roaming\Mozilla\Firefox\Profiles\9vnsfgro.Tomas\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
- Undetermined - C:\Users\TomĂˇĹˇ\AppData\Roaming\Mozilla\Firefox\Profiles\9vnsfgro.Tomas\extensions\keefox@chris.tomlinson
- Undetermined - C:\Users\TomĂˇĹˇ\AppData\Roaming\Mozilla\Firefox\Profiles\9vnsfgro.Tomas\extensions\https-everywhere@eff.org
- HTTPS-Everywhere - %ProfilePath%\extensions\https-everywhere@eff.org
- KeeFox - %ProfilePath%\extensions\keefox@chris.tomlinson
- DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
- Classic Theme Restorer Customize Australis - %ProfilePath%\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi
- Element Hiding Helper for Adblock Plus - %ProfilePath%\extensions\elemhidehelper@adblockplus.org.xpi
- Flagfox - %ProfilePath%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\TOM~1\AppData\Roaming\Mozilla\Firefox\Profiles\n9icsrvj.default
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\TOM~1\AppData\Roaming\Thunderbird\Profiles\rgato40a.default
- Undetermined - C:\Users\TomĂˇĹˇ\AppData\Roaming\Thunderbird\Profiles\rgato40a.default\extensions\mintrayr@tn123.ath.cx
- Undetermined - C:\Users\TomĂˇĹˇ\AppData\Roaming\Thunderbird\Profiles\rgato40a.default\extensions\{847b3a00-7ab1-11d4-8f02-006008948af5}
- MinimizeToTray revived MinTrayR - %ProfilePath%\extensions\mintrayr@tn123.ath.cx
- Undetermined - %ProfilePath%\extensions\trash
- Enigmail - %ProfilePath%\extensions\{847b3a00-7ab1-11d4-8f02-006008948af5}
- TT DeepDark - %ProfilePath%\extensions\{9ed238c0-af95-11e0-9f1c-0800200c9a66}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE11SR"
{3FF21451-FEE8-44CC-83EB-1B3EB4324AFA} Unknown Url="Not_Found"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3093248523-1288836358-212681410-1002\Software\Microsoft\Internet Explorer\SearchScopes\{3FF21451-FEE8-44CC-83EB-1B3EB4324AFA} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\203E62EEA6789D84098513925E9B9999 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE26E302-876A-48D9-9058-3129E5B99999} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\203E62EEA6789D84098513925E9B9999 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1431 folders=615 2436556847 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Tomáš\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\TOM~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on st 06. 08. 2014 at 18:42:43,31 ======================

#6 Příspěvek od **vyosek** » 06 srp 2014 17:45

Jak se chova PC???

Black Prince · #7 Příspěvek od **Black Prince** » 06 srp 2014 18:58

nic viditelného nepozoruju

#8 Příspěvek od **vyosek** » 06 srp 2014 19:40

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Black Prince · #9 Příspěvek od **Black Prince** » 06 srp 2014 20:17

Vše provedeno a vypadá to ok
Děkuju za pomoc

#10 Příspěvek od **vyosek** » 06 srp 2014 20:34

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

Havěť v NB

Havěť v NB

Re: Havěť v NB

Re: Havěť v NB

Re: Havěť v NB

Re: Havěť v NB

Re: Havěť v NB

Re: Havěť v NB

Re: Havěť v NB

Re: Havěť v NB

Re: Havěť v NB