VIRY.CZ

Ahoj,

bohužel mám stejný problém. Tedy, nelze psát interpukční znaménka pomocí kombinace. Týká se obecně všech "čekajících znaků" nebo jak bych to nazval (háček, čárka, kroužek, přehláska) a také kombinace AltGR+ěščřžýáíé, kupodivu AltGr+F, AltGr+G a ostatní AltGr+ kombinacefungují bez problémů.

Po restartu PC vše funguje normálně. Po nějaké době vždy zjistím "že už to zase nefunguje." Nevím kdy přesně se objevil, ale pravděpodobně po instalaci doplnků pro chrome PushBullet a DeezerControll. Oba jsou již pryč, ale problém to nevyřešilo. (Nemusí to mít spojitost, uvádím pro jistotu)

Používám Esset Smart Security (scan nic neobjevil) a integrovaný firewall na routeru Turriss (modifikované OpenWrt).
Bohužel nemohu využít radu pro použití ComboFixu, jelikož používám Windows 8.1 pod kterými zatím nefunguje.

Zde přikládám log z rkill:

Rkill 2.6.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/04/2014 11:54:16 PM in x64 mode.
Windows Version: Windows 8.1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Advanced Explorer Setting Removed: HideIcons [HKCU]

Backup Registry file created at:
C:\Users\Josef\Desktop\rkill\rkill-08-04-2014-11-54-19.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* MsKeyboardFilter [Missing Service]
* CSC [Missing Service]
* E1G60 [Missing Service]
* kbldfltr [Missing Service]
* storvsp [Missing Service]
* Vid [Missing Service]
* vmbusr [Missing Service]
* vpcivsp [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 fineshop2.loc
127.0.0.1 adminer.loc
127.0.0.1 vavi.loc
127.0.0.1 redot.loc
127.0.0.1 mooson.loc
127.0.0.1 mooson2.loc
127.0.0.1 bastard.loc
127.0.0.1 rudi.loc
127.0.0.1 jeden-svet.loc
127.0.0.1 slagr.loc
127.0.0.1 avt.loc
127.0.0.1 avt-shop.loc
127.0.0.1 eywa.loc
127.0.0.1 digitalus.loc
192.168.2.10 ubi.loc
127.0.0.1 trc.loc
127.0.0.1 tasker.loc
172.0.0.1 en.loc
127.0.0.1 sf.loc
127.0.0.1 o2.loc

20 out of 34 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 08/04/2014 11:54:25 PM
Execution time: 0 hours(s), 0 minute(s), and 9 seconds(s)



a zde Hijackthis
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:59:30, on 4. 8. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
W:\_serv\MySQL55\MySQL Notifier 1.1.5\MySQLNotifier.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
W:\_serv\Apache2\bin\ApacheMonitor.exe
C:\Users\Josef\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\pushbullet_app.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
C:\Program Files (x86)\Evernote\Evernote\Evernote.exe
C:\Program Files (x86)\Trillian\trillian.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Josef\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://speedial.com/?f=1&a=spd_frg01_14 ... 180028&ir=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://speedial.com/?f=1&a=spd_frg01_14 ... 180028&ir=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 172.0.0.1 en.loc
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [MySQL Notifier] W:\_serv\MySQL55\MySQL Notifier 1.1.5\MySqlNotifier.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Josef\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Pushbullet] "C:\Program Files (x86)\Pushbullet\pushbullet_app.exe"
O4 - Startup: Dropbox.lnk = Josef\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: EvernoteTray.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
O4 - Startup: Trillian.lnk = C:\Program Files (x86)\Trillian\trillian.exe
O4 - Global Startup: Apache Web Server Monitor.lnk = W:\_serv\Apache2\bin\ApacheMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Odeslat do Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O8 - Extra context menu item: Oříznout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Vystřihnout obrázek - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Vystřihnout URL - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Výběr oříznutí - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra button: Odeslat do Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Odeslat do Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{C5DDF18D-A3D9-4A6D-8939-BDA51C8FCF28}: Domain = hosting-centre.cz
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = hosting-centre.cz,none,lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = hosting-centre.cz,none,lan
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apache2.2-Zend - Apache Software Foundation - W:\_serv\Apache2\bin\httpd.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: BitRaider Mini-Support Service (BRSptSvc) - BitRaider, LLC - C:\ProgramData\BitRaider\BRSptSvc.exe
O23 - Service: @C:\Program Files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_core.dll,-101 (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_host.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MySQL56 - Unknown owner - W:\_serv\MySQL55\MySQL.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Zend Deployment (ZendDeployment) - Zend Technologies Ltd. - W:\_serv\ZendServer\bin\zdd.exe
O23 - Service: Zend Job Queue (ZendJobQueue) - Zend Technologies Ltd - W:\_serv\ZendServer\bin\jqd.exe
O23 - Service: Zend Monitor (ZendMonitor) - Zend Technologies Ltd. - W:\_serv\ZendServer\bin\MonitorNode.exe
O23 - Service: Zend Server Daemon (ZendServerDaemon) - Zend Technologies Ltd. - W:\_serv\ZendServer\bin\zsd.exe
O23 - Service: Zend Session Clustering (ZendSessionClustering) - Zend Technologies Ltd - W:\_serv\ZendServer\bin\scd.exe

--
End of file - 18449 bytes




A log s RSIT
Logfile of random's system information tool 1.10 (written by random/random)
Run by Josef at 2014-08-05 00:14:55
Microsoft Windows 8.1
System drive C: has 63 GB (28%) free of 229 GB
Total RAM: 16244 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:14:59, on 5. 8. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
W:\_serv\MySQL55\MySQL Notifier 1.1.5\MySQLNotifier.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
W:\_serv\Apache2\bin\ApacheMonitor.exe
C:\Users\Josef\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\pushbullet_app.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
C:\Program Files (x86)\Evernote\Evernote\Evernote.exe
C:\Program Files (x86)\Trillian\trillian.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Josef\Desktop\hijackthis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Josef.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://speedial.com/?f=1&a=spd_frg01_14 ... 180028&ir=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://speedial.com/?f=1&a=spd_frg01_14 ... 180028&ir=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 172.0.0.1 en.loc
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [MySQL Notifier] W:\_serv\MySQL55\MySQL Notifier 1.1.5\MySqlNotifier.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Josef\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Pushbullet] "C:\Program Files (x86)\Pushbullet\pushbullet_app.exe"
O4 - Startup: Dropbox.lnk = Josef\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: EvernoteTray.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
O4 - Startup: Trillian.lnk = C:\Program Files (x86)\Trillian\trillian.exe
O4 - Global Startup: Apache Web Server Monitor.lnk = W:\_serv\Apache2\bin\ApacheMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Odeslat do Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O8 - Extra context menu item: Oříznout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Vystřihnout obrázek - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Vystřihnout URL - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Výběr oříznutí - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra button: Odeslat do Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Odeslat do Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{C5DDF18D-A3D9-4A6D-8939-BDA51C8FCF28}: Domain = hosting-centre.cz
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = hosting-centre.cz,none,lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = hosting-centre.cz,none,lan
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apache2.2-Zend - Apache Software Foundation - W:\_serv\Apache2\bin\httpd.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: BitRaider Mini-Support Service (BRSptSvc) - BitRaider, LLC - C:\ProgramData\BitRaider\BRSptSvc.exe
O23 - Service: @C:\Program Files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_core.dll,-101 (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_host.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MySQL56 - Unknown owner - W:\_serv\MySQL55\MySQL.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Zend Deployment (ZendDeployment) - Zend Technologies Ltd. - W:\_serv\ZendServer\bin\zdd.exe
O23 - Service: Zend Job Queue (ZendJobQueue) - Zend Technologies Ltd - W:\_serv\ZendServer\bin\jqd.exe
O23 - Service: Zend Monitor (ZendMonitor) - Zend Technologies Ltd. - W:\_serv\ZendServer\bin\MonitorNode.exe
O23 - Service: Zend Server Daemon (ZendServerDaemon) - Zend Technologies Ltd. - W:\_serv\ZendServer\bin\zsd.exe
O23 - Service: Zend Session Clustering (ZendSessionClustering) - Zend Technologies Ltd - W:\_serv\ZendServer\bin\scd.exe

--
End of file - 18427 bytes

======Listing Processes======





wininit.exe


C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
winlogon.exe
"C:\WINDOWS\system32\nvvsvc.exe"
"dwm.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"W:\_serv\Apache2\bin\httpd.exe" -k runservice
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"W:\_serv\MySQL55\MySQL Server 5.6\bin\mysqld" --defaults-file="W:\_serv\MySQL55\data\my.ini" MySQL56
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
dashost.exe {782e67e3-df57-4574-980194378261eee4}
C:\WINDOWS\system32\svchost.exe -k imgsvc
"W:\_serv\ZendServer\bin\zdd.exe" "W:\_serv\ZendServer\etc\zdd.ini"
"W:\_serv\ZendServer\bin\MonitorNode.exe" "W:\_serv\ZendServer\etc\monitor_node.ini"
"W:\_serv\ZendServer\bin\zsd.exe" "W:\_serv\ZendServer\etc\zsd.ini"
W:\_serv\Apache2\bin\httpd.exe -d W:/_serv/Apache2
"W:\_serv\ZendServer\bin\scd.exe" -p "W:\_serv\ZendServer\etc\scd.ini"
"W:\_serv\ZendServer\bin\php-cgi.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
taskhostex.exe
C:\WINDOWS\Explorer.EXE
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"W:\_serv\ZendServer\bin\php-cgi.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"W:\_serv\ZendServer\bin\php-cgi.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 3216d612-6ea2-4553-9e16-7d4d3c905383 1
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\System32\igfxtray.exe"
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\DellTPad\Apoint.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files\DellTPad\HidFind.exe"
"Apntex.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\Dell\QuickSet\quickset.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

"W:\_serv\MySQL55\MySQL Notifier 1.1.5\MySQLNotifier.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"W:\_serv\Apache2\bin\ApacheMonitor.exe"
"C:\Users\Josef\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe" "-launchedbyvulcan"
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\pushbullet_app.exe
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe"
"C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe"
"C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe"
"C:\Program Files (x86)\Evernote\Evernote\Evernote.exe" /Hide
"C:\Program Files (x86)\Trillian\trillian.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe" --type=renderer --no-sandbox --lang=en-US --lang=en-US --locales-dir-path="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\locales" --log-severity=disable --channel="3492.0.398029853\1021158500" /prefetch:3
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"

"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\TortoiseSVN\bin\TSVNCache.exe"
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE" "C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE" -Embedding
"C:\Program Files\TortoiseGit\bin\TGitCache.exe"
"D:\z_InstaledPrograms\Wolfenstein The New Order\WolfNewOrder_x64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7756.0.811270305\1403278221" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,16 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3412 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Hivemind_A1_Stable_R7/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="7756.2.1325797380\1343169092" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Hivemind_A1_Stable_R7/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="7756.4.43556977\1162346207" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Hivemind_A1_Stable_R7/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="7756.5.1498288459\1575212190" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Hivemind_A1_Stable_R7/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="7756.6.1855593409\1514174556" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Hivemind_A1_Stable_R7/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="7756.7.163191816\1885793122" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Hivemind_A1_Stable_R7/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="7756.8.68583571\584948903" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Hivemind_A1_Stable_R7/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="7756.9.1930590698\589948906" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="7756.12.2111274190\1160983366" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Hivemind_A1_Stable_R7/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="7756.192.1800000157\1865959325" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Hivemind_A1_Stable_R7/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="7756.281.663976805\2011553533" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Hivemind_A1_Stable_R7/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="7756.282.394918309\381764192" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Hivemind_A1_Stable_R7/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="7756.310.2048457862\2123047446" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Hivemind_A1_Stable_R7/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="7756.415.614275789\2078215291" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Hivemind_A1_Stable_R7/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="7756.433.1215801271\98387978" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Hivemind_A1_Stable_R7/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="7756.440.1429942424\1920248417" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Hivemind_A1_Stable_R7/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --instant-process --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="7756.460.99145214\117794419" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Hivemind_A1_Stable_R7/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="7756.469.502996985\969476683" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Hivemind_A1_Stable_R7/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="7756.473.1200130670\755081724" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Hivemind_A1_Stable_R7/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="7756.475.1208899650\316179383" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Hivemind_A1_Stable_R7/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="7756.476.1883936986\305117305" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Hivemind_A1_Stable_R7/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="7756.479.854277309\81350958" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Hivemind_A1_Stable_R7/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="7756.480.1490566603\243025619" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Hivemind_A1_Stable_R7/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="7756.481.595870515\53995402" /prefetch:673131151
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Hivemind_A1_Stable_R7/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="7756.491.1110472372\188109555" /prefetch:673131151
"C:\Program Files\Notepad2\Notepad2.exe" /z Notepad.exe C:\Users\Josef\Desktop\Rkill.txt
taskeng.exe {13AD60AB-C49D-4E3C-AA1B-19478EEB23EB}
"C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe"
"C:\Users\Josef\Desktop\hijackthis.exe"
"C:\Program Files\Notepad2\Notepad2.exe" /z "C:\WINDOWS\system32\NOTEPAD.EXE" C:\Users\Josef\Desktop\hijackthis.log
taskeng.exe {549AE99E-3F52-4932-BCA4-BB16EE167081}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Hivemind_A1_Stable_R7/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="7756.507.172595460\232545846" /prefetch:673131151
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe390_ Global\UsGthrCtrlFltPipeMssGthrPipe390 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 568 572 580 65536 576
"C:\Users\Josef\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe


Díky za pomoc

Zdravim

Prispevek jsem Vam oddelil do samostatneho tematu - do cizich se nevstupuje

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Díky, a omlouvám se za chyby v žádosti o pomoc.

zde jsou logy:

>> ADW
# AdwCleaner v3.302 - Report created 05/08/2014 at 09:29:50
# Updated 30/07/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Josef - KLADIVO
# Running from : C:\Users\Josef\Desktop\adwcleaner_3.302.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\jyqg2kpb.default\searchplugins\Speedial.xml

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://speedial.com/?f=1&a=spd_frg01_14_24_ch&cd=2XzuyEtN2Y1L1QzuyCzztCyBtBzyzzyCzy0DyEyE0DyD0DzytN0D0Tzu0SzzzyyBtN1L2XzutBtFtBtCtFyEtFtDtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2SyEyD0D0EtB0EyDtCtG0EyBzyzytGyE0DtDtDtGzzyBzz0BtGtB0EyDtB0C0B0BzzyByE0Dzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtA0BzyyB0BtDyBtG0DyEzyyDtGyBzzzy0FtG0DtDyDtAtGtDyB0CtCtBtCzy0DyC0AtD0D2QtN1B1L1H1Ezu1O2U1M1B&cr=800180028&ir=
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://speedial.com/?f=1&a=spd_frg01_14_24_ch&cd=2XzuyEtN2Y1L1QzuyCzztCyBtBzyzzyCzy0DyEyE0DyD0DzytN0D0Tzu0SzzzyyBtN1L2XzutBtFtBtCtFyEtFtDtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2SyEyD0D0EtB0EyDtCtG0EyBzyzytGyE0DtDtDtGzzyBzz0BtGtB0EyDtB0C0B0BzzyByE0Dzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtA0BzyyB0BtDyBtG0DyEzyyDtGyBzzzy0FtG0DtDyDtAtGtDyB0CtCtBtCzy0DyC0AtD0D2QtN1B1L1H1Ezu1O2U1M1B&cr=800180028&ir=
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://speedial.com/?f=1&a=spd_frg01_14_24_ch&cd=2XzuyEtN2Y1L1QzuyCzztCyBtBzyzzyCzy0DyEyE0DyD0DzytN0D0Tzu0SzzzyyBtN1L2XzutBtFtBtCtFyEtFtDtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2SyEyD0D0EtB0EyDtCtG0EyBzyzytGyE0DtDtDtGzzyBzz0BtGtB0EyDtB0C0B0BzzyByE0Dzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtA0BzyyB0BtDyBtG0DyEzyyDtGyBzzzy0FtG0DtDyDtAtGtDyB0CtCtBtCzy0DyC0AtD0D2QtN1B1L1H1Ezu1O2U1M1B&cr=800180028&ir=

-\\ Mozilla Firefox v31.0 (x86 cs)

[ File : C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\jyqg2kpb.default\prefs.js ]


-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Homepage] : hxxps://mail.google.com/mail/ca/u/0/#inbox
Found [Extension] : bakijjialdiiboeaknfpmflphhmljfkd

*************************

AdwCleaner[R0].txt - [3007 octets] - [05/08/2014 09:29:50]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3067 octets] ##########


# AdwCleaner v3.302 - Report created 05/08/2014 at 09:38:23
# Updated 30/07/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Josef - KLADIVO
# Running from : C:\Users\Josef\Desktop\adwcleaner_3.302.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\jyqg2kpb.default\searchplugins\Speedial.xml

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v31.0 (x86 cs)

[ File : C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\jyqg2kpb.default\prefs.js ]


-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Homepage] : hxxps://mail.google.com/mail/ca/u/0/#inbox
Deleted [Extension] : bakijjialdiiboeaknfpmflphhmljfkd

*************************

AdwCleaner[R0].txt - [3163 octets] - [05/08/2014 09:29:50]
AdwCleaner[S0].txt - [1799 octets] - [05/08/2014 09:38:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1859 octets] ##########


>> JRT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Josef on Łt 05. 08. 2014 at 9:19:37.42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore



~~~ Files

Successfully deleted: [File] "C:\end"



~~~ Folders



~~~ FireFox

Successfully deleted: [File] C:\Users\Josef\AppData\Roaming\mozilla\firefox\profiles\jyqg2kpb.default\user.js
Emptied folder: C:\Users\Josef\AppData\Roaming\mozilla\firefox\profiles\jyqg2kpb.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 05. 08. 2014 at 9:24:11.42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


>> ZOEK

Zoek.exe v5.0.0.0 Updated 04-August-2014
Tool run by Josef on Łt 05. 08. 2014 at 9:45:01.62.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Josef\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

5. 8. 2014 9:47:42 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1455752520-2206065722-920479103-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\jyqg2kpb.default\prefs.js:
user_pref("browser.startup.homepage", "http://google.com");

Added to C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\jyqg2kpb.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\PROGRA~3\CorelDRAW Graphics Suite X7 x64 deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Josef\Searches deleted
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\jyqg2kpb.default
- FlashFirebug - %ProfilePath%\extensions\flashfirebug@o-minds.com
- Classic Theme Restorer Customize Australis - %ProfilePath%\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi
- Firebug - %ProfilePath%\extensions\firebug@software.joehewitt.com.xpi
- CodeBurner for Firebug - %ProfilePath%\extensions\firebug@tools.sitepoint.com.xpi
- FirePHP - %ProfilePath%\extensions\FirePHPExtension-Build@firephp.org.xpi
- Web Developer - %ProfilePath%\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\jyqg2kpb.default
4390CCD3790F8D9C427C0C29590C62D7 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash
D6ED6EB98E759460AD8C66DE23070132 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll - Microsoft Office 2013
18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL - Microsoft Office 2013
FF0D6F82A0EC13952E83B9439100E45D - C:\Users\Josef\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin


==== Chrome Look ======================

Facebook Select All - Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbcjpjecmkjagmnhgfojblhjhnalbda
Bomomo - Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnalbhgkcocoepphagnnlaiomnnngeln
Axure RP Extension for Chrome - Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\dogkpdfcklifaemcdfbildhcofnopogp
Stylish - Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe
AdBlock - Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Checker Plus for Google Calendar™ - Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkhggnncdpfibdhinjiegagmopldibha
Multilingual TTS Engine - Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\megclklaoidjbomplbhbdgbelkoebbdl
Popup my Bookmarks - Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppflflkbbafeopeoeigkbbdjdbeifni
Checker Plus for Gmail™ - Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj

==== Chromium Startpages ======================

C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "https://mail.google.com/mail/ca/u/0/#inbox",


==== Chrome Fix ======================

C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.softonic.com_0.localstorage deleted successfully
C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_imo.en.softonic.com_0.localstorage deleted successfully
C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_imo.en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_iwantim.en.softonic.com_0.localstorage deleted successfully
C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_iwantim.en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.coreldraw.com_0.localstorage deleted successfully
C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.coreldraw.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\notepad.exe deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Josef\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Josef\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Josef\AppData\Local\Mozilla\Firefox\Profiles\jyqg2kpb.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=74 folders=88 18983554 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Josef\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Josef\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\ib345E.tmp" not found
"C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\ib346E.tmp" not found
"C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\ib346F.tmp" not found
"C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\ib350D.tmp" not found
"C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\ib3925.tmp" not found

==== EOF on Łt 05. 08. 2014 at 9:58:51.46 ======================



jinak nod přes noc při hloubkové kontrole našel :

C:\Users\Josef\AppData\Local\Temp\nsh6B4D.tmp\DTLite.exe Win32/DownWare.L

To jsem odstranil, než jsem pokračoval dál.

Díky.

(Jelikož je po několika restartech, tak to funguje, napíši později, zdali se problém objeví)

Poprosim nyni o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

>>> FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-08-2014
Ran by Josef (administrator) on KLADIVO on 05-08-2014 11:25:42
Running from C:\Users\Josef\Desktop
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Apache Software Foundation) W:\_serv\Apache2\bin\httpd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() W:\_serv\MySQL55\MySQL Server 5.6\bin\mysqld.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Zend Technologies Ltd.) W:\_serv\ZendServer\bin\zdd.exe
(Apache Software Foundation) W:\_serv\Apache2\bin\httpd.exe
(Zend Technologies Ltd.) W:\_serv\ZendServer\bin\MonitorNode.exe
(Zend Technologies Ltd.) W:\_serv\ZendServer\bin\zsd.exe
(Zend Technologies Ltd.) W:\_serv\ZendServer\bin\scd.exe
(The PHP Group) W:\_serv\ZendServer\bin\php-cgi.exe
(The PHP Group) W:\_serv\ZendServer\bin\php-cgi.exe
(The PHP Group) W:\_serv\ZendServer\bin\php-cgi.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Oracle Corporation) W:\_serv\MySQL55\MySQL Notifier 1.1.5\MySQLNotifier.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Apache Software Foundation) W:\_serv\Apache2\bin\ApacheMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\Josef\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
() C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\pushbullet_app.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\Evernote.exe
(Cerulean Studios) C:\Program Files (x86)\Trillian\trillian.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Oracle Corporation) C:\Program Files\NetBeans 8.0\bin\netbeans64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Martin Prikryl) C:\Program Files (x86)\WinSCP\WinSCP.exe
() C:\Program Files\Notepad2\Notepad2.exe
() C:\Program Files\Notepad2\Notepad2.exe
(Martin Prikryl) C:\Program Files (x86)\WinSCP\WinSCP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Josef\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [678296 2012-07-09] (Alps Electric Co., Ltd.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [4384928 2012-07-12] (Dell Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-24] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5581888 2014-02-24] (ESET)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694040 2014-07-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FileZilla Server Interface] => C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe [2322944 2014-06-07] (FileZilla Project)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707496 2014-06-11] (Cisco Systems, Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1455752520-2206065722-920479103-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-1455752520-2206065722-920479103-1001\...\Run: [MySQL Notifier] => W:\_serv\MySQL55\MySQL Notifier 1.1.5\MySqlNotifier.exe [771584 2013-11-25] (Oracle Corporation)
HKU\S-1-5-21-1455752520-2206065722-920479103-1001\...\Run: [Facebook Update] => C:\Users\Josef\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-06-01] (Facebook Inc.)
HKU\S-1-5-21-1455752520-2206065722-920479103-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24477056 2014-06-27] (Google)
HKU\S-1-5-21-1455752520-2206065722-920479103-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1455752520-2206065722-920479103-1001\...\Run: [Pushbullet] => C:\Program Files (x86)\Pushbullet\pushbullet_app.exe [822320 2014-07-16] ()
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Apache Web Server Monitor.lnk
ShortcutTarget: Apache Web Server Monitor.lnk -> W:\_serv\Apache2\bin\ApacheMonitor.exe (Apache Software Foundation)
Startup: C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Josef\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteTray.lnk
ShortcutTarget: EvernoteTray.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk
ShortcutTarget: Trillian.lnk -> C:\Program Files (x86)\Trillian\trillian.exe (Cerulean Studios)
ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Josef\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Josef\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Josef\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Josef\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Josef\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Josef\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Josef\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

FireFox:
========
FF ProfilePath: C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\jyqg2kpb.default
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Josef\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: FlashFirebug - C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\jyqg2kpb.default\Extensions\flashfirebug@o-minds.com [2014-07-31]
FF Extension: Classic Theme Restorer - C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\jyqg2kpb.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-05-21]
FF Extension: Firebug - C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\jyqg2kpb.default\Extensions\firebug@software.joehewitt.com.xpi [2014-05-03]
FF Extension: CodeBurner for Firebug - C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\jyqg2kpb.default\Extensions\firebug@tools.sitepoint.com.xpi [2014-05-03]
FF Extension: FirePHP - C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\jyqg2kpb.default\Extensions\FirePHPExtension-Build@firephp.org.xpi [2014-05-05]
FF Extension: Web Developer - C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\jyqg2kpb.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2014-05-03]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-07-11]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-02]
CHR Extension: (Disk Google) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-02]
CHR Extension: (YouTube) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-02]
CHR Extension: (Vyhledávání Google) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-02]
CHR Extension: (Peněženka Google) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02]
CHR Extension: (Gmail) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apache2.2-Zend; W:\_serv\Apache2\bin\httpd.exe [27680 2014-02-09] (Apache Software Foundation)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-05-03] (BitRaider, LLC)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_host.exe [51016 2014-06-26] (Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2279608 2014-05-21] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1343408 2014-02-24] (ESET)
R2 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [642048 2014-06-07] (FileZilla Project) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MySQL56; W:\_serv\MySQL55\data\my.ini [14223 2014-05-05] () [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-07-24] (IDT, Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZendDeployment; W:\_serv\ZendServer\bin\zdd.exe [1197480 2014-02-09] (Zend Technologies Ltd.)
S2 ZendJobQueue; W:\_serv\ZendServer\bin\jqd.exe [1193384 2014-02-09] (Zend Technologies Ltd.) [File not signed]
R2 ZendMonitor; W:\_serv\ZendServer\bin\MonitorNode.exe [572840 2014-02-09] (Zend Technologies Ltd.)
R2 ZendServerDaemon; W:\_serv\ZendServer\bin\zsd.exe [1817512 2014-02-09] (Zend Technologies Ltd.)
R2 ZendSessionClustering; W:\_serv\ZendServer\bin\scd.exe [1057192 2014-02-09] (Zend Technologies Ltd.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-05-04] (BitRaider)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [304784 2010-02-16] ()
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-07-22] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
R1 Ext2Fsd; C:\Windows\System32\Drivers\Ext2Fsd.sys [744072 2009-07-26] (www.ext2fsd.com)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-08-31] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 SaiK0D25; C:\Windows\System32\drivers\SaiK0D25.sys [181024 2013-01-19] (Saitek)
R3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52592 2014-06-11] (Cisco Systems, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-05 11:25 - 2014-08-05 11:25 - 00032169 _____ () C:\Users\Josef\Desktop\FRST.txt
2014-08-05 11:25 - 2014-08-05 11:25 - 00000000 ____D () C:\FRST
2014-08-05 11:24 - 2014-08-05 11:24 - 00112640 _____ (forum.viry.cz) C:\Users\Josef\Desktop\FRSTLauncher.exe
2014-08-05 11:22 - 2014-08-05 11:23 - 02094080 _____ (Farbar) C:\Users\Josef\Desktop\FRST64.exe
2014-08-05 09:56 - 2014-08-05 09:44 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2014-08-05 09:47 - 2014-08-05 09:58 - 00011069 _____ () C:\zoek-results.log
2014-08-05 09:47 - 2014-08-05 09:47 - 00001646 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.bc.txt
2014-08-05 09:44 - 2014-08-05 09:55 - 00000000 ____D () C:\zoek_backup
2014-08-05 09:44 - 2014-08-05 09:44 - 01288704 _____ () C:\Users\Josef\Desktop\zoek.exe
2014-08-05 09:30 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-08-05 09:29 - 2014-08-05 09:38 - 00000000 ____D () C:\AdwCleaner
2014-08-05 09:28 - 2014-08-05 09:28 - 01361309 _____ () C:\Users\Josef\Desktop\adwcleaner_3.302.exe
2014-08-05 09:24 - 2014-08-05 09:24 - 00000986 _____ () C:\Users\Josef\Desktop\JRT.txt
2014-08-05 09:22 - 2014-08-05 09:22 - 00000148 _____ () C:\Users\Josef\Desktop\nod_detect.txt
2014-08-05 09:19 - 2014-08-05 09:19 - 01016261 _____ (Thisisu) C:\Users\Josef\Desktop\JRT.exe
2014-08-05 09:19 - 2014-08-05 09:19 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-05 00:14 - 2014-08-05 00:15 - 00000000 ____D () C:\rsit
2014-08-05 00:14 - 2014-08-05 00:14 - 01222144 _____ () C:\Users\Josef\Desktop\RSITx64.exe
2014-08-05 00:14 - 2014-08-05 00:14 - 00000000 ____D () C:\Program Files\trend micro
2014-08-04 23:59 - 2014-08-04 23:59 - 00388608 _____ (Trend Micro Inc.) C:\Users\Josef\Desktop\hijackthis.exe
2014-08-04 23:59 - 2014-08-04 23:59 - 00018451 _____ () C:\Users\Josef\Desktop\hijackthis.log
2014-08-04 23:54 - 2014-08-04 23:54 - 00004028 _____ () C:\Users\Josef\Desktop\Rkill.txt
2014-08-04 23:54 - 2014-08-04 23:54 - 00000000 ____D () C:\Users\Josef\Desktop\rkill
2014-08-04 23:53 - 2014-08-04 23:53 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Josef\Desktop\rkill.exe
2014-08-04 23:50 - 2014-08-04 23:51 - 05567674 _____ (Swearware) C:\Users\Josef\Desktop\ComboFix.exe
2014-07-29 13:21 - 2014-07-29 13:21 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\PotPlayerMini
2014-07-29 13:20 - 2014-07-29 13:20 - 00000000 ____D () C:\Program Files (x86)\DAUM
2014-07-24 11:12 - 2014-07-24 11:12 - 00001333 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-07-24 11:12 - 2014-07-24 11:12 - 00001321 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-07-24 10:30 - 2014-08-05 09:59 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\pushbullet
2014-07-24 10:30 - 2014-07-24 10:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pushbullet
2014-07-24 10:30 - 2014-07-24 10:30 - 00000000 ____D () C:\Program Files (x86)\Pushbullet
2014-07-23 16:40 - 2014-07-23 16:40 - 1623541091 _____ () C:\WINDOWS\MEMORY.DMP
2014-07-23 16:40 - 2014-07-23 16:40 - 00307216 _____ () C:\WINDOWS\Minidump\072314-9546-01.dmp
2014-07-23 16:40 - 2014-07-23 16:40 - 00000000 ____D () C:\WINDOWS\Minidump
2014-07-22 23:29 - 2014-07-22 23:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-22 21:18 - 2014-07-22 21:18 - 00000000 ____D () C:\ProgramData\Steam
2014-07-22 20:12 - 2014-07-22 20:13 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\DAEMON Tools Lite
2014-07-22 20:12 - 2014-07-22 20:12 - 00283064 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2014-07-22 20:12 - 2014-07-22 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-07-22 20:12 - 2014-07-22 20:12 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-07-22 20:11 - 2014-07-22 20:13 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-07-22 15:51 - 2014-07-22 15:51 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
2014-07-22 15:51 - 2014-07-22 15:51 - 00002507 _____ () C:\Users\Public\Desktop\Safari.lnk
2014-07-22 15:51 - 2014-07-22 15:51 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\Apple Computer
2014-07-22 15:51 - 2014-07-22 15:51 - 00000000 ____D () C:\Users\Josef\AppData\Local\Apple Computer
2014-07-22 15:50 - 2014-07-22 15:51 - 00000000 ____D () C:\Program Files (x86)\Safari
2014-07-22 15:50 - 2014-07-22 15:50 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-07-22 15:50 - 2014-07-22 15:50 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Apple
2014-07-22 15:50 - 2014-07-22 15:50 - 00000000 ____D () C:\Users\Josef\AppData\Local\Apple
2014-07-22 15:50 - 2014-07-22 15:50 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-07-22 15:50 - 2014-07-22 15:50 - 00000000 ____D () C:\ProgramData\Apple
2014-07-22 15:50 - 2014-07-22 15:50 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-07-18 10:00 - 2014-07-18 10:00 - 00000000 ____D () C:\Users\Josef\AppData\Local\Cisco
2014-07-18 10:00 - 2014-07-18 10:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2014-07-18 10:00 - 2014-07-18 10:00 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-07-18 10:00 - 2014-06-11 05:15 - 00112496 ____R (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\acsock64.sys
2014-07-18 09:59 - 2014-07-18 10:00 - 00000000 ____D () C:\ProgramData\Cisco
2014-07-16 12:58 - 2014-07-16 12:59 - 00000000 ____D () C:\ssh
2014-07-14 12:58 - 2014-08-05 09:59 - 00000000 ___RD () C:\Users\Josef\Disk Google
2014-07-14 12:58 - 2014-07-14 12:58 - 00002062 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-07-14 12:58 - 2014-07-14 12:58 - 00002060 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-07-14 12:58 - 2014-07-14 12:58 - 00002050 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-07-14 12:58 - 2014-07-14 12:58 - 00001749 _____ () C:\Users\Josef\Desktop\Disk Google.lnk
2014-07-14 12:58 - 2014-07-14 12:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-14 12:52 - 2014-07-14 12:52 - 00000000 ____D () C:\Users\Josef\AppData\Local\calibre-cache
2014-07-14 12:51 - 2014-07-14 12:52 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\calibre
2014-07-14 12:51 - 2014-07-14 12:51 - 00000946 _____ () C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2014-07-14 12:51 - 2014-07-14 12:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2014-07-14 12:51 - 2014-07-14 12:51 - 00000000 ____D () C:\Program Files\Calibre2
2014-07-12 16:21 - 2014-07-12 16:21 - 00001480 _____ () C:\Users\Josef\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2014-07-12 09:30 - 2014-07-12 09:30 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-11 13:46 - 2014-07-11 13:46 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\ESET
2014-07-11 13:46 - 2014-07-11 13:46 - 00000000 ____D () C:\Users\Josef\AppData\Local\ESET
2014-07-11 13:44 - 2014-07-11 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-07-11 13:44 - 2014-07-11 13:44 - 00000000 ____D () C:\ProgramData\ESET
2014-07-11 13:44 - 2014-07-11 13:44 - 00000000 ____D () C:\Program Files\ESET
2014-07-11 09:21 - 2014-07-11 09:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-11 09:21 - 2014-07-11 09:21 - 00000979 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-07-11 09:21 - 2014-07-11 09:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-10 18:33 - 2014-07-10 18:33 - 00001523 _____ () C:\Users\Public\Desktop\Git Bash.lnk
2014-07-10 16:13 - 2014-08-04 23:48 - 00006649 ____H () C:\Users\Josef\_viminfo
2014-07-10 16:10 - 2014-07-10 16:10 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\TortoiseGit
2014-07-10 16:08 - 2014-08-05 09:21 - 00000000 ____D () C:\Users\Josef\AppData\Local\TGitCache
2014-07-10 16:07 - 2014-07-10 16:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseGit
2014-07-10 16:07 - 2014-07-10 16:07 - 00000000 ____D () C:\Program Files\TortoiseGit
2014-07-09 05:00 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-08 23:07 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-08 23:07 - 2014-06-17 00:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-08 23:07 - 2014-06-06 16:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-08 23:07 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-08 23:07 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-08 23:07 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-08 23:07 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-08 23:07 - 2014-05-29 08:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-08 23:07 - 2014-05-29 07:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-08 23:07 - 2014-05-29 07:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-08 23:06 - 2014-07-08 23:06 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-08 23:06 - 2014-07-01 00:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-08 23:06 - 2014-06-28 09:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-08 23:06 - 2014-06-28 09:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-08 23:06 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-08 23:06 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-08 23:06 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-08 23:06 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-08 23:06 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-08 23:06 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-08 23:06 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-08 23:06 - 2014-06-19 01:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-08 23:06 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-08 23:06 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-08 23:06 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-08 23:06 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-08 23:06 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-08 23:06 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-08 23:06 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-08 23:06 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-08 23:06 - 2014-06-19 00:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-08 23:06 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-08 23:06 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-08 23:06 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-08 23:06 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-08 23:06 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-08 23:06 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-08 23:06 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-08 23:06 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-08 23:06 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-08 23:06 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-08 23:06 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-08 23:06 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-08 23:06 - 2014-05-31 12:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-08 23:06 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-08 23:06 - 2014-05-31 05:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-08 23:06 - 2014-05-31 05:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-08 23:06 - 2014-05-31 05:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-08 23:06 - 2014-05-31 05:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-08 23:06 - 2014-05-31 05:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-08 23:06 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-08 23:06 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-08 23:06 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-08 23:06 - 2014-05-31 04:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-08 23:06 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-08 23:06 - 2014-05-31 04:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-08 23:06 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-08 23:06 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-05 11:25 - 2014-08-05 11:25 - 00032169 _____ () C:\Users\Josef\Desktop\FRST.txt
2014-08-05 11:25 - 2014-08-05 11:25 - 00000000 ____D () C:\FRST
2014-08-05 11:24 - 2014-08-05 11:24 - 00112640 _____ (forum.viry.cz) C:\Users\Josef\Desktop\FRSTLauncher.exe
2014-08-05 11:23 - 2014-08-05 11:22 - 02094080 _____ (Farbar) C:\Users\Josef\Desktop\FRST64.exe
2014-08-05 11:23 - 2014-06-05 15:33 - 00003966 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{12D95831-AF34-4B45-B496-F095855418F8}
2014-08-05 11:11 - 2014-05-30 10:50 - 00000390 _____ () C:\WINDOWS\Tasks\WpsNotifyTask_Josef.job
2014-08-05 11:09 - 2014-05-03 09:17 - 01903106 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-05 11:08 - 2014-05-30 10:50 - 00000390 _____ () C:\WINDOWS\Tasks\WpsUpdateTask_Josef.job
2014-08-05 11:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-05 10:59 - 2014-05-05 09:00 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\Skype
2014-08-05 10:39 - 2014-05-05 13:05 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-05 10:31 - 2014-05-02 21:15 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1455752520-2206065722-920479103-1001
2014-08-05 10:28 - 2014-05-02 21:13 - 00000966 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-05 10:09 - 2014-06-04 09:26 - 00004970 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for KLADIVO-Josef kladivo
2014-08-05 10:08 - 2014-05-03 09:19 - 00000000 ____D () C:\Users\Josef
2014-08-05 10:03 - 2014-03-18 17:33 - 01747498 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-05 10:03 - 2014-03-18 16:54 - 00740386 _____ () C:\WINDOWS\system32\perfh005.dat
2014-08-05 10:03 - 2014-03-18 16:54 - 00151782 _____ () C:\WINDOWS\system32\perfc005.dat
2014-08-05 10:02 - 2014-05-03 20:42 - 00000000 ____D () C:\Users\Josef\AppData\Local\TSVNCache
2014-08-05 10:00 - 2014-05-02 21:13 - 00002207 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-05 09:59 - 2014-07-24 10:30 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\pushbullet
2014-08-05 09:59 - 2014-07-14 12:58 - 00000000 ___RD () C:\Users\Josef\Disk Google
2014-08-05 09:59 - 2014-05-03 09:40 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\Dropbox
2014-08-05 09:59 - 2014-05-03 09:25 - 00000000 __RDO () C:\Users\Josef\OneDrive
2014-08-05 09:58 - 2014-08-05 09:47 - 00011069 _____ () C:\zoek-results.log
2014-08-05 09:57 - 2014-05-02 21:13 - 00000962 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-05 09:57 - 2014-03-18 09:20 - 00010532 _____ () C:\WINDOWS\PFRO.log
2014-08-05 09:57 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-05 09:57 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-05 09:55 - 2014-08-05 09:44 - 00000000 ____D () C:\zoek_backup
2014-08-05 09:47 - 2014-08-05 09:47 - 00001646 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.bc.txt
2014-08-05 09:44 - 2014-08-05 09:56 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2014-08-05 09:44 - 2014-08-05 09:44 - 01288704 _____ () C:\Users\Josef\Desktop\zoek.exe
2014-08-05 09:38 - 2014-08-05 09:29 - 00000000 ____D () C:\AdwCleaner
2014-08-05 09:36 - 2014-06-01 12:31 - 00000944 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1455752520-2206065722-920479103-1001UA.job
2014-08-05 09:28 - 2014-08-05 09:28 - 01361309 _____ () C:\Users\Josef\Desktop\adwcleaner_3.302.exe
2014-08-05 09:24 - 2014-08-05 09:24 - 00000986 _____ () C:\Users\Josef\Desktop\JRT.txt
2014-08-05 09:22 - 2014-08-05 09:22 - 00000148 _____ () C:\Users\Josef\Desktop\nod_detect.txt
2014-08-05 09:21 - 2014-07-10 16:08 - 00000000 ____D () C:\Users\Josef\AppData\Local\TGitCache
2014-08-05 09:19 - 2014-08-05 09:19 - 01016261 _____ (Thisisu) C:\Users\Josef\Desktop\JRT.exe
2014-08-05 09:19 - 2014-08-05 09:19 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-05 02:00 - 2014-05-03 19:58 - 00000000 ____D () C:\Users\Josef\AppData\Local\Adobe
2014-08-05 00:15 - 2014-08-05 00:14 - 00000000 ____D () C:\rsit
2014-08-05 00:14 - 2014-08-05 00:14 - 01222144 _____ () C:\Users\Josef\Desktop\RSITx64.exe
2014-08-05 00:14 - 2014-08-05 00:14 - 00000000 ____D () C:\Program Files\trend micro
2014-08-04 23:59 - 2014-08-04 23:59 - 00388608 _____ (Trend Micro Inc.) C:\Users\Josef\Desktop\hijackthis.exe
2014-08-04 23:59 - 2014-08-04 23:59 - 00018451 _____ () C:\Users\Josef\Desktop\hijackthis.log
2014-08-04 23:59 - 2014-05-02 20:27 - 00000000 ____D () C:\Users\Josef\AppData\Local\VirtualStore
2014-08-04 23:54 - 2014-08-04 23:54 - 00004028 _____ () C:\Users\Josef\Desktop\Rkill.txt
2014-08-04 23:54 - 2014-08-04 23:54 - 00000000 ____D () C:\Users\Josef\Desktop\rkill
2014-08-04 23:53 - 2014-08-04 23:53 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Josef\Desktop\rkill.exe
2014-08-04 23:51 - 2014-08-04 23:50 - 05567674 _____ (Swearware) C:\Users\Josef\Desktop\ComboFix.exe
2014-08-04 23:50 - 2014-05-05 09:35 - 00000600 _____ () C:\Users\Josef\AppData\Roaming\winscp.rnd
2014-08-04 23:49 - 2014-05-05 12:46 - 00000600 _____ () C:\Users\Josef\AppData\Local\PUTTY.RND
2014-08-04 23:48 - 2014-07-10 16:13 - 00006649 ____H () C:\Users\Josef\_viminfo
2014-08-04 22:02 - 2014-05-02 20:27 - 00000000 ____D () C:\Users\Josef\AppData\Local\Packages
2014-08-04 12:36 - 2014-06-01 12:31 - 00000922 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1455752520-2206065722-920479103-1001Core.job
2014-08-01 14:44 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-29 13:21 - 2014-07-29 13:21 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\PotPlayerMini
2014-07-29 13:20 - 2014-07-29 13:20 - 00000000 ____D () C:\Program Files (x86)\DAUM
2014-07-29 13:20 - 2014-05-03 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2014-07-29 13:16 - 2014-05-14 10:55 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\vlc
2014-07-25 02:27 - 2014-05-03 09:42 - 00001070 _____ () C:\Users\Josef\Desktop\Dropbox.lnk
2014-07-25 02:27 - 2014-05-03 09:41 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-24 11:12 - 2014-07-24 11:12 - 00001333 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-07-24 11:12 - 2014-07-24 11:12 - 00001321 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-07-24 11:11 - 2014-05-03 19:59 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-07-24 10:53 - 2014-06-20 11:14 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 10:53 - 2014-06-20 11:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-24 10:53 - 2014-05-03 09:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-24 10:30 - 2014-07-24 10:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pushbullet
2014-07-24 10:30 - 2014-07-24 10:30 - 00000000 ____D () C:\Program Files (x86)\Pushbullet
2014-07-24 05:30 - 2014-06-20 11:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-23 16:40 - 2014-07-23 16:40 - 1623541091 _____ () C:\WINDOWS\MEMORY.DMP
2014-07-23 16:40 - 2014-07-23 16:40 - 00307216 _____ () C:\WINDOWS\Minidump\072314-9546-01.dmp
2014-07-23 16:40 - 2014-07-23 16:40 - 00000000 ____D () C:\WINDOWS\Minidump
2014-07-23 16:40 - 2014-06-03 09:46 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-07-23 16:40 - 2014-06-03 09:46 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-07-23 14:46 - 2014-06-17 22:50 - 00000000 ____D () C:\Users\Josef\.VirtualBox
2014-07-23 08:26 - 2014-05-13 23:17 - 00000000 ____D () C:\Users\Josef\AppData\Local\JDownloader v2.0
2014-07-22 23:29 - 2014-07-22 23:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-22 21:18 - 2014-07-22 21:18 - 00000000 ____D () C:\ProgramData\Steam
2014-07-22 20:13 - 2014-07-22 20:12 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\DAEMON Tools Lite
2014-07-22 20:13 - 2014-07-22 20:11 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-07-22 20:12 - 2014-07-22 20:12 - 00283064 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2014-07-22 20:12 - 2014-07-22 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-07-22 20:12 - 2014-07-22 20:12 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-07-22 15:51 - 2014-07-22 15:51 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
2014-07-22 15:51 - 2014-07-22 15:51 - 00002507 _____ () C:\Users\Public\Desktop\Safari.lnk
2014-07-22 15:51 - 2014-07-22 15:51 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\Apple Computer
2014-07-22 15:51 - 2014-07-22 15:51 - 00000000 ____D () C:\Users\Josef\AppData\Local\Apple Computer
2014-07-22 15:51 - 2014-07-22 15:50 - 00000000 ____D () C:\Program Files (x86)\Safari
2014-07-22 15:50 - 2014-07-22 15:50 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-07-22 15:50 - 2014-07-22 15:50 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Apple
2014-07-22 15:50 - 2014-07-22 15:50 - 00000000 ____D () C:\Users\Josef\AppData\Local\Apple
2014-07-22 15:50 - 2014-07-22 15:50 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-07-22 15:50 - 2014-07-22 15:50 - 00000000 ____D () C:\ProgramData\Apple
2014-07-22 15:50 - 2014-07-22 15:50 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-07-22 10:18 - 2014-06-19 10:17 - 00003826 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1399891940
2014-07-22 10:18 - 2014-05-12 12:52 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-07-18 14:02 - 2013-08-22 16:46 - 00339310 _____ () C:\WINDOWS\setupact.log
2014-07-18 10:08 - 2014-05-03 19:07 - 00000000 ____D () C:\Program Files\Java
2014-07-18 10:00 - 2014-07-18 10:00 - 00000000 ____D () C:\Users\Josef\AppData\Local\Cisco
2014-07-18 10:00 - 2014-07-18 10:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2014-07-18 10:00 - 2014-07-18 10:00 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-07-18 10:00 - 2014-07-18 09:59 - 00000000 ____D () C:\ProgramData\Cisco
2014-07-16 12:59 - 2014-07-16 12:58 - 00000000 ____D () C:\ssh
2014-07-14 12:58 - 2014-07-14 12:58 - 00002062 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-07-14 12:58 - 2014-07-14 12:58 - 00002060 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-07-14 12:58 - 2014-07-14 12:58 - 00002050 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-07-14 12:58 - 2014-07-14 12:58 - 00001749 _____ () C:\Users\Josef\Desktop\Disk Google.lnk
2014-07-14 12:58 - 2014-07-14 12:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-14 12:58 - 2014-05-02 21:13 - 00000000 ____D () C:\Users\Josef\AppData\Local\Google
2014-07-14 12:58 - 2014-05-02 21:13 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-14 12:52 - 2014-07-14 12:52 - 00000000 ____D () C:\Users\Josef\AppData\Local\calibre-cache
2014-07-14 12:52 - 2014-07-14 12:51 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\calibre
2014-07-14 12:51 - 2014-07-14 12:51 - 00000946 _____ () C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2014-07-14 12:51 - 2014-07-14 12:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2014-07-14 12:51 - 2014-07-14 12:51 - 00000000 ____D () C:\Program Files\Calibre2
2014-07-12 16:21 - 2014-07-12 16:21 - 00001480 _____ () C:\Users\Josef\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2014-07-12 16:20 - 2014-05-02 20:27 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\Adobe
2014-07-12 09:42 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-12 09:31 - 2013-08-22 16:44 - 05830168 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-12 09:30 - 2014-07-12 09:30 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-12 09:30 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-12 09:30 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-12 09:30 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-12 09:30 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-11 13:46 - 2014-07-11 13:46 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\ESET
2014-07-11 13:46 - 2014-07-11 13:46 - 00000000 ____D () C:\Users\Josef\AppData\Local\ESET
2014-07-11 13:44 - 2014-07-11 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-07-11 13:44 - 2014-07-11 13:44 - 00000000 ____D () C:\ProgramData\ESET
2014-07-11 13:44 - 2014-07-11 13:44 - 00000000 ____D () C:\Program Files\ESET
2014-07-11 09:33 - 2014-07-11 09:21 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-11 09:21 - 2014-07-11 09:21 - 00000979 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-07-11 09:21 - 2014-07-11 09:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-10 18:33 - 2014-07-10 18:33 - 00001523 _____ () C:\Users\Public\Desktop\Git Bash.lnk
2014-07-10 18:33 - 2014-05-04 09:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2014-07-10 18:33 - 2014-05-04 09:59 - 00000000 ____D () C:\Git
2014-07-10 16:10 - 2014-07-10 16:10 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\TortoiseGit
2014-07-10 16:07 - 2014-07-10 16:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseGit
2014-07-10 16:07 - 2014-07-10 16:07 - 00000000 ____D () C:\Program Files\TortoiseGit
2014-07-09 05:01 - 2014-05-02 22:00 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-09 05:01 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-09 05:00 - 2014-05-02 22:00 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-09 05:00 - 2014-03-18 17:10 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-08 23:06 - 2014-07-08 23:06 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-08 19:00 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-08 18:39 - 2014-05-05 13:05 - 00003802 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

Some content of TEMP:
====================
C:\Users\Josef\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpf9fv4m.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-05 04:00




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (ssd1) (Fixed) (Total:223.23 GB) (Free:110.26 GB) NTFS
Drive d: (data) (Fixed) (Total:720.54 GB) (Free:247 GB) NTFS
Drive e: (ssd2) (Fixed) (Total:29.82 GB) (Free:7.38 GB) NTFS
Drive j: () (Removable) (Total:14.71 GB) (Free:14.71 GB) FAT32
Drive w: (work) (Fixed) (Total:195.31 GB) (Free:135.16 GB) NTFS

Available physical RAM: 11329.14 MB
Total physical RAM: 16244.01 MB
Percentage of memory in use: 30%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 224 GB) (Disk ID: 4917CF70)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)
Disk: 1 (Size: 932 GB) (Disk ID: DDB5923F)
Disk: 2 (Size: 30 GB) (Disk ID: 5E3BC3DB)
Disk: 3 (Size: 15 GB) (Disk ID: 00000000)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1455752520-2206065722-920479103-1001Core.job => C:\Users\Josef\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1455752520-2206065722-920479103-1001UA.job => C:\Users\Josef\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Josef.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Josef.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Users\Josef\OneDrive:ms-properties

==================== Security Center ==================

AV: ESET Smart Security 7.0 (Disabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Disabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Josef\Desktop" je 14 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Addition.zip

Jen doplním, (protože je to opět v logu), že jsem po předchozím příspěvku opět upravil etc/hosts . Potřebuji to mít upravené pro práci.

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
  HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694040 2014-07-03] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
  HKU\S-1-5-21-1455752520-2206065722-920479103-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
  HKU\S-1-5-21-1455752520-2206065722-920479103-1001\...\Run: [Facebook Update] => C:\Users\Josef\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-06-01] (Facebook Inc.)
  HKU\S-1-5-21-1455752520-2206065722-920479103-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
  HKU\S-1-5-21-1455752520-2206065722-920479103-1001\...\Run: [Pushbullet] => C:\Program Files (x86)\Pushbullet\pushbullet_app.exe [822320 2014-07-16] ()
  C:\Program Files (x86)\Pushbullet
  
  SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  
  2014-08-05 11:25 - 2014-08-05 11:25 - 00032169 _____ () C:\Users\Josef\Desktop\FRST.txt
  2014-08-05 11:24 - 2014-08-05 11:24 - 00112640 _____ (forum.viry.cz) C:\Users\Josef\Desktop\FRSTLauncher.exe
  2014-08-05 09:47 - 2014-08-05 09:58 - 00011069 _____ () C:\zoek-results.log
  2014-08-05 09:47 - 2014-08-05 09:47 - 00001646 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.bc.txt
  2014-08-05 09:44 - 2014-08-05 09:55 - 00000000 ____D () C:\zoek_backup
  2014-08-05 09:44 - 2014-08-05 09:44 - 01288704 _____ () C:\Users\Josef\Desktop\zoek.exe
  2014-08-05 09:30 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
  2014-08-05 09:29 - 2014-08-05 09:38 - 00000000 ____D () C:\AdwCleaner
  2014-08-05 09:28 - 2014-08-05 09:28 - 01361309 _____ () C:\Users\Josef\Desktop\adwcleaner_3.302.exe
  2014-08-05 09:24 - 2014-08-05 09:24 - 00000986 _____ () C:\Users\Josef\Desktop\JRT.txt
  2014-08-05 09:22 - 2014-08-05 09:22 - 00000148 _____ () C:\Users\Josef\Desktop\nod_detect.txt
  2014-08-05 09:19 - 2014-08-05 09:19 - 01016261 _____ (Thisisu) C:\Users\Josef\Desktop\JRT.exe
  2014-08-05 09:19 - 2014-08-05 09:19 - 00000000 ____D () C:\WINDOWS\ERUNT
  2014-08-05 00:14 - 2014-08-05 00:15 - 00000000 ____D () C:\rsit
  2014-08-05 00:14 - 2014-08-05 00:14 - 01222144 _____ () C:\Users\Josef\Desktop\RSITx64.exe
  2014-08-05 00:14 - 2014-08-05 00:14 - 00000000 ____D () C:\Program Files\trend micro
  2014-08-04 23:59 - 2014-08-04 23:59 - 00388608 _____ (Trend Micro Inc.) C:\Users\Josef\Desktop\hijackthis.exe
  2014-08-04 23:59 - 2014-08-04 23:59 - 00018451 _____ () C:\Users\Josef\Desktop\hijackthis.log
  2014-08-04 23:54 - 2014-08-04 23:54 - 00004028 _____ () C:\Users\Josef\Desktop\Rkill.txt
  2014-08-04 23:54 - 2014-08-04 23:54 - 00000000 ____D () C:\Users\Josef\Desktop\rkill
  2014-08-04 23:53 - 2014-08-04 23:53 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Josef\Desktop\rkill.exe
  2014-08-04 23:50 - 2014-08-04 23:51 - 05567674 _____ (Swearware) C:\Users\Josef\Desktop\ComboFix.exe
  2014-07-24 10:30 - 2014-08-05 09:59 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\pushbullet
  2014-07-24 10:30 - 2014-07-24 10:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pushbullet
  2014-07-24 10:30 - 2014-07-24 10:30 - 00000000 ____D () C:\Program Files (x86)\Pushbullet
  
  Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1455752520-2206065722-920479103-1001Core.job => C:\Users\Josef\AppData\Local\Facebook\Update\FacebookUpdate.exe
  Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1455752520-2206065722-920479103-1001UA.job => C:\Users\Josef\AppData\Local\Facebook\Update\FacebookUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.e
  
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-08-2014
Ran by Josef at 2014-08-05 16:43:36 Run:1
Running from C:\Users\Josef\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694040 2014-07-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-1455752520-2206065722-920479103-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-1455752520-2206065722-920479103-1001\...\Run: [Facebook Update] => C:\Users\Josef\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-06-01] (Facebook Inc.)
HKU\S-1-5-21-1455752520-2206065722-920479103-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1455752520-2206065722-920479103-1001\...\Run: [Pushbullet] => C:\Program Files (x86)\Pushbullet\pushbullet_app.exe [822320 2014-07-16] ()
C:\Program Files (x86)\Pushbullet

SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

2014-08-05 11:25 - 2014-08-05 11:25 - 00032169 _____ () C:\Users\Josef\Desktop\FRST.txt
2014-08-05 11:24 - 2014-08-05 11:24 - 00112640 _____ (forum.viry.cz) C:\Users\Josef\Desktop\FRSTLauncher.exe
2014-08-05 09:47 - 2014-08-05 09:58 - 00011069 _____ () C:\zoek-results.log
2014-08-05 09:47 - 2014-08-05 09:47 - 00001646 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.bc.txt
2014-08-05 09:44 - 2014-08-05 09:55 - 00000000 ____D () C:\zoek_backup
2014-08-05 09:44 - 2014-08-05 09:44 - 01288704 _____ () C:\Users\Josef\Desktop\zoek.exe
2014-08-05 09:30 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-08-05 09:29 - 2014-08-05 09:38 - 00000000 ____D () C:\AdwCleaner
2014-08-05 09:28 - 2014-08-05 09:28 - 01361309 _____ () C:\Users\Josef\Desktop\adwcleaner_3.302.exe
2014-08-05 09:24 - 2014-08-05 09:24 - 00000986 _____ () C:\Users\Josef\Desktop\JRT.txt
2014-08-05 09:22 - 2014-08-05 09:22 - 00000148 _____ () C:\Users\Josef\Desktop\nod_detect.txt
2014-08-05 09:19 - 2014-08-05 09:19 - 01016261 _____ (Thisisu) C:\Users\Josef\Desktop\JRT.exe
2014-08-05 09:19 - 2014-08-05 09:19 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-05 00:14 - 2014-08-05 00:15 - 00000000 ____D () C:\rsit
2014-08-05 00:14 - 2014-08-05 00:14 - 01222144 _____ () C:\Users\Josef\Desktop\RSITx64.exe
2014-08-05 00:14 - 2014-08-05 00:14 - 00000000 ____D () C:\Program Files\trend micro
2014-08-04 23:59 - 2014-08-04 23:59 - 00388608 _____ (Trend Micro Inc.) C:\Users\Josef\Desktop\hijackthis.exe
2014-08-04 23:59 - 2014-08-04 23:59 - 00018451 _____ () C:\Users\Josef\Desktop\hijackthis.log
2014-08-04 23:54 - 2014-08-04 23:54 - 00004028 _____ () C:\Users\Josef\Desktop\Rkill.txt
2014-08-04 23:54 - 2014-08-04 23:54 - 00000000 ____D () C:\Users\Josef\Desktop\rkill
2014-08-04 23:53 - 2014-08-04 23:53 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Josef\Desktop\rkill.exe
2014-08-04 23:50 - 2014-08-04 23:51 - 05567674 _____ (Swearware) C:\Users\Josef\Desktop\ComboFix.exe
2014-07-24 10:30 - 2014-08-05 09:59 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\pushbullet
2014-07-24 10:30 - 2014-07-24 10:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pushbullet
2014-07-24 10:30 - 2014-07-24 10:30 - 00000000 ____D () C:\Program Files (x86)\Pushbullet

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1455752520-2206065722-920479103-1001Core.job => C:\Users\Josef\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1455752520-2206065722-920479103-1001UA.job => C:\Users\Josef\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.e

Reboot:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Creative Cloud => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKU\S-1-5-21-1455752520-2206065722-920479103-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value deleted successfully.
HKU\S-1-5-21-1455752520-2206065722-920479103-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => value deleted successfully.
HKU\S-1-5-21-1455752520-2206065722-920479103-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-1455752520-2206065722-920479103-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Pushbullet => value deleted successfully.
C:\Program Files (x86)\Pushbullet => Moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"C:\Users\Josef\Desktop\FRST.txt" => File/Directory not found.
C:\Users\Josef\Desktop\FRSTLauncher.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\WINDOWS\system32\Drivers\etc\hosts.bc.txt => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Josef\Desktop\zoek.exe => Moved successfully.
C:\WINDOWS\SysWOW64\sqlite3.dll => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Josef\Desktop\adwcleaner_3.302.exe => Moved successfully.
C:\Users\Josef\Desktop\JRT.txt => Moved successfully.
C:\Users\Josef\Desktop\nod_detect.txt => Moved successfully.
C:\Users\Josef\Desktop\JRT.exe => Moved successfully.
C:\WINDOWS\ERUNT => Moved successfully.
C:\rsit => Moved successfully.
C:\Users\Josef\Desktop\RSITx64.exe => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\Josef\Desktop\hijackthis.exe => Moved successfully.
C:\Users\Josef\Desktop\hijackthis.log => Moved successfully.
C:\Users\Josef\Desktop\Rkill.txt => Moved successfully.
C:\Users\Josef\Desktop\rkill => Moved successfully.
C:\Users\Josef\Desktop\rkill.exe => Moved successfully.
C:\Users\Josef\Desktop\ComboFix.exe => Moved successfully.

"C:\Users\Josef\AppData\Roaming\pushbullet" directory move:

C:\Users\Josef\AppData\Roaming\pushbullet\pb_20140724_083049.log => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pb_20140724_083058.log => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pb_20140724_090906.log => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pb_20140724_090909.log => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pb_20140727_170419.log => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pb_20140727_170423.log => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pb_20140731_161655.log => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pb_20140731_161658.log => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pb_20140805_074045.log => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pb_20140805_074048.log => Moved successfully.
Could not move "C:\Users\Josef\AppData\Roaming\pushbullet\pb_20140805_075922.log" => Scheduled to move on reboot.
Could not move "C:\Users\Josef\AppData\Roaming\pushbullet\pb_20140805_075925.log" => Scheduled to move on reboot.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet.json => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94.zip => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\bz2.pyd => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\gevent.ares.pyd => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\gevent.core.pyd => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\gevent._semaphore.pyd => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\gevent._util.pyd => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\greenlet.pyd => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\library.zip => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\Microsoft.VC90.CRT.manifest => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\msvcm90.dll => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\msvcp90.dll => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\MSVCR90.dll => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\pushbullet_app.exe => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\pyexpat.pyd => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\pysqlite2._sqlite.pyd => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\python27.dll => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\pywintypes27.dll => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\select.pyd => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\sqlite3.dll => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\unicodedata.pyd => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\version.txt => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\win32api.pyd => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\win32gui.pyd => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\win32pipe.pyd => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\win32wnet.pyd => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\wx._controls_.pyd => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\wx._core_.pyd => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\wx._gdi_.pyd => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\wx._misc_.pyd => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\wx._windows_.pyd => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\wxbase30u_net_vc90.dll => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\wxbase30u_vc90.dll => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\wxmsw30u_adv_vc90.dll => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\wxmsw30u_core_vc90.dll => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\wxmsw30u_html_vc90.dll => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\_ctypes.pyd => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\_hashlib.pyd => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\_socket.pyd => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\_sqlite3.pyd => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\_ssl.pyd => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\.DS_Store => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\address-color.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\address-color@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\address-color@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\address-color@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\address-rect.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\address-rect@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\address-rect@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\address-rect@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\address-sel.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\address-sel@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\address-sel@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\address-sel@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\address.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\address@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\address@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\address@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\black16.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\download-rect.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\download-rect@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\download-rect@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\download-rect@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\drop-arrow.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\drop-arrow@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\drop-arrow@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\drop-arrow@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\error-rect.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\error-rect@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\error-rect@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\error-rect@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\file-color.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\file-color@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\file-color@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\file-color@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\file-rect.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\file-rect@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\file-rect@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\file-rect@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\file-sel.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\file-sel@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\file-sel@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\file-sel@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\file.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\file@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\file@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\file@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\icon128.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\icon16-disabled.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\icon16-download.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\icon16-error.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\icon16-none.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\icon16-upload.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\icon16.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\icon32.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\icon48.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\icon64.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\link-color.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\link-color@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\link-color@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\link-color@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\link-rect.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\link-rect@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\link-rect@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\link-rect@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\link-sel.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\link-sel@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\link-sel@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\link-sel@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\link.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\link@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\link@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\link@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\list-color.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\list-color@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\list-color@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\list-color@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\list-rect.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\list-rect@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\list-rect@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\list-rect@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\list-sel.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\list-sel@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\list-sel@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\list-sel@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\list.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\list@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\list@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\list@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\menu-browser.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\menu-browser@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\menu-browser@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\menu-browser@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\menu-computer.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\menu-computer@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\menu-computer@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\menu-computer@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\menu-friend.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\menu-friend@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\menu-friend@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\menu-friend@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\menu-laptop.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\menu-laptop@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\menu-laptop@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\menu-laptop@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\menu-other.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\menu-other@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\menu-other@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\menu-other@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\menu-phone.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\menu-phone@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\menu-phone@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\menu-phone@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\note-color.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\note-color@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\note-color@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\note-color@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\note-rect.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\note-rect@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\note-rect@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\note-rect@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\note-sel.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\note-sel@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\note-sel@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\note-sel@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\note.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\note@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\note@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\note@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\Thumbs.db => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\update-color.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\update-color@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\update-color@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\update-color@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\upload-rect.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\upload-rect@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\upload-rect@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\upload-rect@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\x-close-down.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\x-close-down@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\x-close-down@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\x-close-down@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\x-close-over.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\x-close-over@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\x-close-over@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\x-close-over@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\x-close-up.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\x-close-up@1.25x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\x-close-up@1.5x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\x-close-up@2x.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\x-close.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\sounds\notification.wav => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\rightclickmenu\.DS_Store => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\rightclickmenu\icon16.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\rightclickmenu\menu-browser.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\rightclickmenu\menu-computer.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\rightclickmenu\menu-friend.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\rightclickmenu\menu-laptop.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\rightclickmenu\menu-more.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\rightclickmenu\menu-other.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\rightclickmenu\menu-phone.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\logos\icon128.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\logos\icon16.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\logos\icon32.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\logos\icon64.png => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\logos\Thumbs.db => Moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pushbullet_94\data\certs\cacert.pem => Moved successfully.
Could not move "C:\Users\Josef\AppData\Roaming\pushbullet" directory. => Scheduled to move on reboot.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pushbullet => Moved successfully.
"C:\Program Files (x86)\Pushbullet" => File/Directory not found.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1455752520-2206065722-920479103-1001Core.job => Moved successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1455752520-2206065722-920479103-1001UA.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-08-05 16:45:29)<=

C:\Users\Josef\AppData\Roaming\pushbullet\pb_20140805_075922.log => Is moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet\pb_20140805_075925.log => Is moved successfully.
C:\Users\Josef\AppData\Roaming\pushbullet => Is moved successfully.

==== End of Fixlog ====

Jak se chova PC???

Zatím se zdá, že je již vše OK.

Díky za pomoc, kdyby se něco během zítřka změnilo ozvu se.

Díky.

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Ještě jednou díky za pomoc. Vše funguje jak má.

PS: přes PayPal jsem poslal 500CZK donate. Ještě jednou díky!

Nemate zac, rad jsem pomohl Zase nekdy

Za podporu fora jmenem celeho tymu dekuji

A na zaklade Pravidla o zamykani temat