jsem naprosto zoufalá z ADS BY info neb AD OPTIONS

[simplyfine]

Zdravím, mám v PC bordel vyskakovacích oken, které mají popis v dolním rámečku ADS BY info vlevo a napravo AD OPTIONS, dále se mi přesměrovávají webový stránky. Přečetla jsem všechny dostupné postupy jak se toho zbavit: 1. odinstalováním v prohlížečích, 2. stáhnutím různých ad aware programů apod. Nic se nestalo. Moc prosím o pomoc a přikládám log. Jinak jsem obyčejný uživatel a ne expert

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:23:42, on 6.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\Tomáš\Downloads\hijackthis(1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11859 bytes

[Márty84]

Zdravim

Samotny log z HJT je uz nekolik let nedostatecny.

Dejte tedy log z RSITx64 http://images.malwareremoval.com/random/RSITx64.exe . Navod zde http://forum.viry.cz/viewtopic.php?f=13&t=130786

[simplyfine]

tak tady to je:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Tomáš at 2015-04-06 11:53:49
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 48 GB (21%) free of 228 GB
Total RAM: 4076 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:53:50, on 6.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe
C:\Program Files (x86)\new game\new_game_notification_service.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\Tomáš.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12350 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-035aea0a-b8d2-486d-866e-1728324a92cc -SystemEventPortName:HostProcess-020cc5d4-61b3-48c3-80d8-8b2b4177cbd7 -IoCancelEventPortName:HostProcess-2df3cc97-4826-475b-bd4e-624d2ea1223a -NonStateChangingEventPortName:HostProcess-cf9af234-7bba-41ad-9c0f-7ef5d7e703b7 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f678680e-dac2-4e67-af7f-552fe479aa27 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"taskhost.exe"
taskeng.exe {B2698488-9BF8-47E8-ADCB-0DBF5BBC7F89}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2632
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe" -hide
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"
"C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe"
"taskhost.exe"
taskeng.exe {428AAE45-8793-4640-AA6C-CF60257B0793}
"C:\Program Files (x86)\new game\new_game_notification_service.exe" /url='http://cdn.selectbestopt.com/notf_sys/index.html' /crregname='new game' /appid='73143' /srcid='2913' /bic='9e65f5abcfd11407b3727dce44e608c2' /verifier='13f9a8f44ac6d1436264e1f4040b0ff6' /installerversion='1.50.3.10' /statsdomain='http://stats.buildomserv.com/data.gif?' /errorsdomain='http://stats.buildomserv.com/data.gif?' /monetizationdomain='http://logs.buildomserv.com/monetization.gif?' /installationtime='1428183927' /runfrom='task' /brwtype='notbg' /postponedhours='6'

"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=6852.1b514f10.1765670884 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 6852 "\\.\pipe\gecko-crash-server-pipe.6852" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe" --proxy-stub-channel=Flash6288.64C2BE28.23294 --host-broker-channel=Flash6288.64C2BE28.24984 --host-pid=6288 --host-npapi-version=28 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe" --channel=4072.003DF4CC.1200267502 --proxy-stub-channel=Flash6288.64C2BE28.23294 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll" --host-npapi-version=28 --type=renderer
taskeng.exe {4215C678-B455-4AAC-A310-C6222D8B319A}
"C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" c9885b1c-93c3-4c03-8c54-45bb496e6e85 1
\??\C:\Windows\system32\conhost.exe "479319159198424220-801104945-913077780-738398490-1848719898-1845312318105181635
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-1955632768-1887123920-630908699-1524317364-19079933642912558542621984232132585302
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -scheduled
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
taskmgr.exe /3
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Tomáš\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\0414bUpdateInfo.job - C:\ProgramData\Avg_Update_0414b\0414b_AVG-Secure-Search-Update.exe /SETINFO /CMPID=0414b /INFORETRY=3
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\lpVZv7X228u6cWyo3qjt.job - C:\Users\Tom�\AppData\Roaming\lpVZv7X228u6cWyo3qjt.exe --c=g05xhrS8gLVgv4t6PeW6MoVrxqPAa2yRXdbLi6KI5iO938pynS/2+MyZ8xGMhMHUwDYW90WixjdHs/6YG09t2Qdazd2kEFjq1vd+pzCP3b2taH8Ua/7MycLGwCmCmdRSq5rXVdQnOXyKsZCqVouep1myKSR+iO6CwpnOJREc0nMrhsN6BToQ4BcuYeEC1Y2QlfEcaJS0HDy/n7s9YlyDYAM/ZYoUv7nOLn2ix+4mOjoJAWNI5bJFPQ9Vs/wC3qOpOMeORTfjasTb9SAzsSYXTa2vvVrttVShZ4cKkvNsTprOp02wFo5AktGIwHuJ6xZ01vxRYZKuDQE6vPpYUElbKQ==
C:\Windows\tasks\new_game_notification_service.job - C:\Program Files (x86)\new game\new_game_notification_service.exe /url='http://cdn.selectbestopt.com/notf_sys/index.html' /crregname='new game' /appid='73143' /srcid='2913' /bic='9e65f5abcfd11407b3727dce44e608c2' /verifier='13f9a8f44ac6d1436264e1f4040b0ff6' /installerversion='1.50.3.10' /statsdomain='http://stats.buildomserv.com/data.gif?' /errorsdomain='http://stats.buildomserv.com/data.gif?' /monetizationdomain='http://logs.buildomserv.com/monetization.gif?' /installationtime='1428183927' /runfrom='task' /brwtype='notbg' /postponedhours='6'
C:\Windows\tasks\new_game_updating_service.job - C:\Program Files (x86)\new game\new_game_updating_service.exe /campid=2913 /verid=1 /url=http://cdn.buildomserv.com/txt/@CAMPID@/@VER@/file.txt /appid=73143 /taskname=new_game_updating_service /funurl=http://stats.buildomserv.com
C:\Windows\tasks\pf7gISjpqyWoBOPwbVGngYW.job - C:\Users\Tom�\AppData\Roaming\pf7gISjpqyWoBOPwbVGngYW.exe --c=Jd+fjku0tmXsiHkEIXdn71r2H1joJ+1YW26b++mWcInhw0weC7ckTlZ1BOVYeYbDVnXQxdnx17gjOLnOIt+9OSYqN/39CmW681wTTt+DY/+x7fpX0qQ7f+geC6YJGcM81cdAgijgFBSwSWmk6jrP1pOdKJ45ThW1Jj/zelpSBRm2pStuz5B9muiafV+2UPoMZohwmYjeaYh1wlSaGNToeftxg2pxuiEBX6I8O6Jco/LPeZgJdC/cm20B2L23l/CagvEVV8C9HV9SsKgICtWOIXsBXMGs55A1FIfPAB1vFNUmfY2GEyCCoE95ig/DQ+QhjVM3dehdmuXTWs8FCrYXYQ==

=========Mozilla firefox=========

ProfilePath - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\s67l7c61.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://google.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\Sony\Media Go\npmediago.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\22\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\s67l7c61.default\extensions\
LIupn@gmail.com
{6dfc4f52-26f0-4e5f-89c7-31d6de480db9}

C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\s67l7c61.default\searchplugins\
google-default.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10 218776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-02-10 886488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10 2334928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-02-10 710864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-11-30 11660904]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-03-28 2673296]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2015-01-30 1332296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2015-03-26 7806232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud]
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-05-26 2688920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeMovieService]
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [2011-08-31 185640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Tomáš\AppData\Roaming\Seznam.cz\szninstall.exe -c []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Tomáš\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe -q []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Program Files (x86)\Origin\Origin.exe [2014-12-27 3618648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Family Tree Builder Update]
C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hotkey Utility]
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2011-08-11 627304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-12-20 844296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files (x86)\Samsung\Kies\Kies.exe [2012-12-20 1476104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2012-12-20 310280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup]
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OneDrive]
C:\Users\Tomáš\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-03-14 281248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrivitizeVPNInstaller]
C:\Users\Tomáš\AppData\Local\PrivitizeVPNInstaller\PrivitizeVPN_1.0.0.2_install_config.exe [2012-11-26 1281936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-02-26 31344744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray]
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-04-02 340848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YTDownloader]
C:\Program Files (x86)\YTDownloader\YTDownloader.exe /boot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Tomáš^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk]
C:\PROGRA~2\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Tomáš^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Banished.lnk]
C:\PROGRA~3\{E03AD~1\Banished.exe --startup=1 []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"MSVideo"=vfwwdm32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Windows\System32\WScript.exe" "%1" %*
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

======List of files/folders created in the last 1 month======

2015-04-06 11:50:25 ----D---- C:\rsit
2015-04-06 11:50:25 ----D---- C:\Program Files\trend micro
2015-04-04 23:45:25 ----D---- C:\Program Files (x86)\new game
2015-04-04 22:55:31 ----A---- C:\Windows\system32\authuitu.dll
2015-04-04 22:55:30 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2015-04-04 22:55:28 ----A---- C:\Windows\SYSWOW64\uxtuneup.dll
2015-04-04 22:55:28 ----A---- C:\Windows\system32\uxtuneup.dll
2015-04-04 22:50:51 ----A---- C:\Windows\system32\TURegOpt.exe
2015-04-04 22:49:40 ----D---- C:\Program Files (x86)\AVG
2015-04-04 20:59:53 ----D---- C:\Users\Tomáš\AppData\Roaming\Infigo
2015-04-04 19:35:27 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-04 19:35:27 ----SD---- C:\Windows\system32\GWX
2015-04-04 17:48:30 ----D---- C:\Users\Tomáš\AppData\Roaming\SUPERAntiSpyware.com
2015-04-04 17:47:59 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2015-04-04 17:47:59 ----D---- C:\Program Files\SUPERAntiSpyware
2015-04-04 17:42:59 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-04-04 17:40:17 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-04-04 17:40:17 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-04-04 17:40:17 ----A---- C:\Windows\system32\nvopencl.dll
2015-04-04 17:40:16 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-04-04 17:40:16 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-04-04 17:40:16 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-04-04 17:40:16 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-04-04 17:40:16 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-04-04 17:40:16 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-04-04 17:40:16 ----A---- C:\Windows\system32\nvoglv64.dll
2015-04-04 17:40:16 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-04-04 17:40:16 ----A---- C:\Windows\system32\nvinitx.dll
2015-04-04 17:40:16 ----A---- C:\Windows\system32\NvIFR64.dll
2015-04-04 17:40:16 ----A---- C:\Windows\system32\NvFBC64.dll
2015-04-04 17:40:16 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-04-04 17:40:15 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-04-04 17:40:15 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-04-04 17:40:15 ----A---- C:\Windows\system32\nvdispgenco6434788.dll
2015-04-04 17:40:15 ----A---- C:\Windows\system32\nvdispco6434788.dll
2015-04-04 17:40:15 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-04-04 17:40:15 ----A---- C:\Windows\system32\nvcuvid.dll
2015-04-04 17:40:15 ----A---- C:\Windows\system32\nvcuda.dll
2015-04-04 17:40:11 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-04-04 17:40:11 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-04-04 17:40:11 ----A---- C:\Windows\system32\nvcompiler.dll
2015-04-04 17:12:15 ----A---- C:\Windows\system32\bddel.dat
2015-04-04 16:59:36 ----D---- C:\Users\Tomáš\AppData\Roaming\LavasoftStatistics
2015-04-04 16:59:11 ----A---- C:\Windows\system32\LavasoftTcpService64.dll
2015-04-04 16:59:10 ----A---- C:\Windows\SYSWOW64\LavasoftTcpService.dll
2015-04-04 16:35:55 ----A---- C:\Windows\Reimage.ini
2015-04-04 13:20:15 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-03 15:49:34 ----A---- C:\Users\Tomáš\AppData\Roaming\YGfDh4QaTC6i74pMkc7e.exe
2015-04-03 15:49:34 ----A---- C:\Users\Tomáš\AppData\Roaming\lpVZv7X228u6cWyo3qjt.exe
2015-04-03 15:49:34 ----A---- C:\Users\Tomáš\AppData\Roaming\IxQnq8uZotLEwLLOPgFo.exe
2015-04-03 15:49:12 ----A---- C:\Users\Tomáš\AppData\Roaming\VtvjHxih3kn4ipYw3NqUzjxf1Ji.exe
2015-04-03 15:49:12 ----A---- C:\Users\Tomáš\AppData\Roaming\s9ZKYkKryl6.exe
2015-04-03 15:49:12 ----A---- C:\Users\Tomáš\AppData\Roaming\pf7gISjpqyWoBOPwbVGngYW.exe
2015-03-31 20:31:30 ----D---- C:\Program Files (x86)\Scroll Marker
2015-03-31 19:51:35 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2015-03-25 14:37:29 ----A---- C:\Windows\system32\invagent.dll
2015-03-25 14:37:29 ----A---- C:\Windows\system32\generaltel.dll
2015-03-25 14:37:29 ----A---- C:\Windows\system32\devinv.dll
2015-03-25 14:37:29 ----A---- C:\Windows\system32\appraiser.dll
2015-03-25 14:37:29 ----A---- C:\Windows\system32\aepic.dll
2015-03-25 14:37:29 ----A---- C:\Windows\system32\aepdu.dll
2015-03-25 14:37:29 ----A---- C:\Windows\system32\aeinv.dll
2015-03-25 14:37:29 ----A---- C:\Windows\system32\acmigration.dll
2015-03-23 15:21:41 ----D---- C:\Users\Tomáš\AppData\Roaming\HomeMakeover3PC
2015-03-21 17:17:32 ----A---- C:\Windows\SYSWOW64\msxml4a.dll
2015-03-21 17:11:22 ----D---- C:\Users\Tomáš\AppData\Roaming\Logitech
2015-03-15 21:21:40 ----D---- C:\Users\Tomáš\AppData\Roaming\quickclick
2015-03-15 17:58:30 ----D---- C:\Users\Tomáš\AppData\Roaming\ZOG
2015-03-11 16:26:26 ----D---- C:\Program Files (x86)\ShOpDrop
2015-03-11 16:26:22 ----D---- C:\Program Files (x86)\Dota 2 Stream Browser
2015-03-11 16:13:24 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-03-11 16:13:24 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-03-11 16:13:24 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-03-11 16:13:24 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-03-11 16:13:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-03-11 16:13:24 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-03-11 16:13:23 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-03-11 16:13:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-03-11 16:13:23 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-03-11 16:13:23 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-03-11 16:13:23 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-03-11 16:13:23 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-03-11 16:13:23 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 16:13:23 ----A---- C:\Windows\system32\iernonce.dll
2015-03-11 16:13:23 ----A---- C:\Windows\system32\ie4uinit.exe
2015-03-11 16:13:22 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-03-11 16:13:22 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-03-11 16:13:22 ----A---- C:\Windows\system32\iedkcs32.dll
2015-03-11 16:13:21 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-03-11 16:13:21 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-03-11 16:13:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-03-11 16:13:21 ----A---- C:\Windows\system32\urlmon.dll
2015-03-11 16:13:21 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 16:13:20 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-03-11 16:13:17 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 16:13:16 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-03-11 16:13:16 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-03-11 16:13:16 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-03-11 16:13:16 ----A---- C:\Windows\system32\msfeeds.dll
2015-03-11 16:13:16 ----A---- C:\Windows\system32\iesetup.dll
2015-03-11 16:13:16 ----A---- C:\Windows\system32\ieapfltr.dll
2015-03-11 16:13:16 ----A---- C:\Windows\system32\dxtrans.dll
2015-03-11 16:13:15 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-03-11 16:13:15 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-03-11 16:13:15 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-03-11 16:13:15 ----A---- C:\Windows\system32\iertutil.dll
2015-03-11 16:13:14 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-03-11 16:13:14 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-03-11 16:13:14 ----A---- C:\Windows\system32\jsproxy.dll
2015-03-11 16:13:14 ----A---- C:\Windows\system32\ieUnatt.exe
2015-03-11 16:13:14 ----A---- C:\Windows\system32\dxtmsft.dll
2015-03-11 16:13:13 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-03-11 16:13:13 ----A---- C:\Windows\system32\mshtmled.dll
2015-03-11 16:13:13 ----A---- C:\Windows\system32\jscript9diag.dll
2015-03-11 16:13:13 ----A---- C:\Windows\system32\ieui.dll
2015-03-11 16:13:13 ----A---- C:\Windows\system32\ieframe.dll
2015-03-11 16:13:12 ----A---- C:\Windows\system32\wininet.dll
2015-03-11 16:13:12 ----A---- C:\Windows\system32\vbscript.dll
2015-03-11 16:13:12 ----A---- C:\Windows\system32\jscript9.dll
2015-03-11 16:13:11 ----A---- C:\Windows\system32\msrating.dll
2015-03-11 16:13:11 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-03-11 16:13:11 ----A---- C:\Windows\system32\mshtml.dll
2015-03-11 16:11:07 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-03-11 16:11:07 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-03-11 16:11:07 ----A---- C:\Windows\system32\lpk.dll
2015-03-11 16:11:07 ----A---- C:\Windows\system32\atmlib.dll
2015-03-11 16:11:07 ----A---- C:\Windows\system32\atmfd.dll
2015-03-11 16:11:06 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-03-11 16:11:06 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-03-11 16:11:06 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-03-11 16:11:06 ----A---- C:\Windows\system32\rdpudd.dll
2015-03-11 16:11:06 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 16:11:06 ----A---- C:\Windows\system32\rdpcorets.dll
2015-03-11 16:11:06 ----A---- C:\Windows\system32\fontsub.dll
2015-03-11 16:11:06 ----A---- C:\Windows\system32\dciman32.dll
2015-03-11 16:10:53 ----A---- C:\Windows\SYSWOW64\mf.dll
2015-03-11 16:10:53 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-03-11 16:10:51 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-03-11 16:10:44 ----A---- C:\Windows\system32\crypt32.dll
2015-03-11 16:10:42 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-03-11 16:10:42 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-03-11 16:10:42 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-03-11 16:10:41 ----A---- C:\Windows\system32\mf.dll
2015-03-11 16:10:41 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-03-11 16:10:40 ----A---- C:\Windows\system32\wmp.dll
2015-03-11 16:10:39 ----A---- C:\Windows\SYSWOW64\quartz.dll
2015-03-11 16:10:39 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2015-03-11 16:10:39 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2015-03-11 16:10:39 ----A---- C:\Windows\system32\winload.exe
2015-03-11 16:10:39 ----A---- C:\Windows\system32\quartz.dll
2015-03-11 16:10:39 ----A---- C:\Windows\system32\msscp.dll
2015-03-11 16:10:39 ----A---- C:\Windows\system32\drmv2clt.dll
2015-03-11 16:10:39 ----A---- C:\Windows\system32\cryptui.dll
2015-03-11 16:10:38 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2015-03-11 16:10:38 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-03-11 16:10:38 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2015-03-11 16:10:38 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-03-11 16:10:38 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2015-03-11 16:10:38 ----A---- C:\Windows\system32\wmdrmsdk.dll
2015-03-11 16:10:38 ----A---- C:\Windows\system32\wintrust.dll
2015-03-11 16:10:38 ----A---- C:\Windows\system32\srcore.dll
2015-03-11 16:10:38 ----A---- C:\Windows\system32\rstrui.exe
2015-03-11 16:10:38 ----A---- C:\Windows\system32\pcasvc.dll
2015-03-11 16:10:38 ----A---- C:\Windows\system32\cryptnet.dll
2015-03-11 16:10:38 ----A---- C:\Windows\system32\blackbox.dll
2015-03-11 16:10:38 ----A---- C:\Windows\system32\audiosrv.dll
2015-03-11 16:10:37 ----A---- C:\Windows\SYSWOW64\msscp.dll
2015-03-11 16:10:37 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2015-03-11 16:10:37 ----A---- C:\Windows\SYSWOW64\evr.dll
2015-03-11 16:10:37 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2015-03-11 16:10:37 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-03-11 16:10:37 ----A---- C:\Windows\system32\qdvd.dll
2015-03-11 16:10:37 ----A---- C:\Windows\system32\mfplat.dll
2015-03-11 16:10:37 ----A---- C:\Windows\system32\evr.dll
2015-03-11 16:10:37 ----A---- C:\Windows\system32\drmmgrtn.dll
2015-03-11 16:10:37 ----A---- C:\Windows\system32\cryptsvc.dll
2015-03-11 16:10:37 ----A---- C:\Windows\system32\AudioSes.dll
2015-03-11 16:10:37 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-03-11 16:10:37 ----A---- C:\Windows\system32\audiodg.exe
2015-03-11 16:10:36 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2015-03-11 16:10:36 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2015-03-11 16:10:36 ----A---- C:\Windows\system32\rrinstaller.exe
2015-03-11 16:10:36 ----A---- C:\Windows\system32\pcadm.dll
2015-03-11 16:10:36 ----A---- C:\Windows\system32\msnetobj.dll
2015-03-11 16:10:36 ----A---- C:\Windows\system32\AudioEng.dll
2015-03-11 16:10:35 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2015-03-11 16:10:35 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2015-03-11 16:10:35 ----A---- C:\Windows\system32\smss.exe
2015-03-11 16:10:35 ----A---- C:\Windows\system32\mfps.dll
2015-03-11 16:10:33 ----A---- C:\Windows\SYSWOW64\mfps.dll
2015-03-11 16:10:33 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-03-11 16:10:29 ----A---- C:\Windows\system32\msmmsp.dll
2015-03-11 16:10:29 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2015-03-11 16:10:27 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 16:10:26 ----A---- C:\Windows\system32\pcawrk.exe
2015-03-11 16:10:26 ----A---- C:\Windows\system32\appidsvc.dll
2015-03-11 16:10:26 ----A---- C:\Windows\system32\appidapi.dll
2015-03-11 16:10:24 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2015-03-11 16:10:21 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2015-03-11 16:10:20 ----A---- C:\Windows\system32\pcalua.exe
2015-03-11 16:10:20 ----A---- C:\Windows\system32\mfpmp.exe
2015-03-11 16:10:20 ----A---- C:\Windows\system32\cryptsp.dll
2015-03-11 16:10:18 ----A---- C:\Windows\system32\srclient.dll
2015-03-11 16:10:16 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-03-11 16:10:16 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-03-11 16:10:16 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2015-03-11 16:10:16 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-03-11 16:10:16 ----A---- C:\Windows\system32\spwmp.dll
2015-03-11 16:10:16 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-03-11 16:10:16 ----A---- C:\Windows\system32\pcaevts.dll
2015-03-11 16:10:16 ----A---- C:\Windows\system32\EncDump.dll
2015-03-11 16:10:16 ----A---- C:\Windows\system32\dxmasf.dll
2015-03-11 16:10:16 ----A---- C:\Windows\system32\drivers\appid.sys
2015-03-11 16:10:16 ----A---- C:\Windows\system32\csrsrv.dll
2015-03-11 16:10:16 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 16:10:15 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-03-11 16:10:15 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-03-11 16:10:15 ----A---- C:\Windows\system32\wmploc.DLL
2015-03-11 16:10:15 ----A---- C:\Windows\system32\apisetschema.dll
2015-03-11 16:10:14 ----A---- C:\Windows\SYSWOW64\mferror.dll
2015-03-11 16:10:14 ----A---- C:\Windows\system32\mferror.dll
2015-03-11 16:09:38 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2015-03-11 16:09:38 ----A---- C:\Windows\system32\ubpm.dll
2015-03-11 16:09:37 ----A---- C:\Windows\system32\shell32.dll
2015-03-11 16:09:36 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-03-11 16:09:29 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-03-11 16:09:29 ----A---- C:\Windows\system32\schannel.dll
2015-03-11 16:09:29 ----A---- C:\Windows\system32\lsasrv.dll
2015-03-11 16:09:29 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-03-11 16:09:29 ----A---- C:\Windows\system32\drivers\cng.sys
2015-03-11 16:09:28 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-03-11 16:09:27 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-03-11 16:09:27 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-03-11 16:09:27 ----A---- C:\Windows\system32\wdigest.dll
2015-03-11 16:09:27 ----A---- C:\Windows\system32\ncrypt.dll
2015-03-11 16:09:27 ----A---- C:\Windows\system32\msv1_0.dll
2015-03-11 16:09:27 ----A---- C:\Windows\system32\kerberos.dll
2015-03-11 16:09:26 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-03-11 16:09:26 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-03-11 16:09:26 ----A---- C:\Windows\system32\TSpkg.dll
2015-03-11 16:09:26 ----A---- C:\Windows\system32\sspicli.dll
2015-03-11 16:09:25 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-03-11 16:09:25 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-03-11 16:09:25 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-03-11 16:09:25 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-03-11 16:09:25 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-03-11 16:09:25 ----A---- C:\Windows\system32\sspisrv.dll
2015-03-11 16:09:25 ----A---- C:\Windows\system32\secur32.dll
2015-03-11 16:09:25 ----A---- C:\Windows\system32\lsass.exe
2015-03-11 16:09:25 ----A---- C:\Windows\system32\credssp.dll
2015-03-11 16:09:25 ----A---- C:\Windows\system32\auditpol.exe
2015-03-11 16:09:24 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-03-11 16:09:24 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-03-11 16:09:24 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-03-11 16:09:24 ----A---- C:\Windows\system32\msobjs.dll
2015-03-11 16:09:24 ----A---- C:\Windows\system32\msaudite.dll
2015-03-11 16:09:24 ----A---- C:\Windows\system32\adtschema.dll
2015-03-11 16:09:22 ----A---- C:\Windows\system32\msctf.dll
2015-03-11 16:09:21 ----A---- C:\Windows\SYSWOW64\msctf.dll
2015-03-11 16:09:21 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-03-11 16:09:20 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-03-11 16:09:19 ----A---- C:\Windows\system32\win32k.sys
2015-03-11 16:04:18 ----A---- C:\Windows\system32\WMPhoto.dll
2015-03-11 16:04:17 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll

======List of files/folders modified in the last 1 month======

2015-04-06 11:53:29 ----D---- C:\Windows\Temp
2015-04-06 11:50:25 ----RD---- C:\Program Files
2015-04-06 11:19:36 ----D---- C:\Windows\system32\config
2015-04-06 11:02:01 ----SHD---- C:\Windows\Installer
2015-04-06 11:01:12 ----D---- C:\Windows\SysWOW64
2015-04-06 11:00:23 ----SHD---- C:\System Volume Information
2015-04-05 10:53:40 ----D---- C:\Windows\system32\Tasks
2015-04-04 23:45:32 ----D---- C:\Windows\Tasks
2015-04-04 23:45:25 ----D---- C:\Program Files (x86)
2015-04-04 23:38:03 ----D---- C:\Windows\inf
2015-04-04 23:38:02 ----D---- C:\Windows\system32\DriverStore
2015-04-04 23:32:25 ----D---- C:\Windows
2015-04-04 23:19:40 ----D---- C:\Users\Tomáš\AppData\Roaming\Sony
2015-04-04 23:19:40 ----D---- C:\Users\Tomáš\AppData\Roaming\Skype
2015-04-04 23:19:39 ----HD---- C:\ProgramData
2015-04-04 23:19:39 ----D---- C:\Program Files (x86)\Steam
2015-04-04 23:19:39 ----AD---- C:\ProgramData\Temp
2015-04-04 23:19:25 ----D---- C:\Windows\Panther
2015-04-04 23:08:54 ----D---- C:\Windows\System32
2015-04-04 23:08:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-04 23:08:19 ----D---- C:\ProgramData\clear.fi
2015-04-04 23:05:07 ----A---- C:\Windows\SYSWOW64\log.txt
2015-04-04 23:02:36 ----D---- C:\ProgramData\NVIDIA
2015-04-04 22:50:15 ----D---- C:\Users\Tomáš\AppData\Roaming\AVG
2015-04-04 22:48:42 ----D---- C:\ProgramData\AVG
2015-04-04 21:11:22 ----D---- C:\Windows\debug
2015-04-04 19:35:40 ----D---- C:\Windows\winsxs
2015-04-04 19:35:38 ----D---- C:\Windows\Logs
2015-04-04 19:34:02 ----A---- C:\Windows\wininit.ini
2015-04-04 19:19:15 ----D---- C:\Program Files (x86)\PatchBeam
2015-04-04 19:19:08 ----D---- C:\ProgramData\Sony Corporation
2015-04-04 19:19:08 ----D---- C:\Program Files (x86)\Sony
2015-04-04 19:18:58 ----RSD---- C:\Windows\assembly
2015-04-04 19:17:59 ----D---- C:\Users\Tomáš\AppData\Roaming\Seznam.cz
2015-04-04 18:34:44 ----D---- C:\Users\Tomáš\AppData\Roaming\Adobe
2015-04-04 18:29:27 ----D---- C:\Program Files (x86)\Google
2015-04-04 18:25:03 ----D---- C:\Windows\Prefetch
2015-04-04 18:23:24 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-04 18:19:54 ----D---- C:\ProgramData\Adobe
2015-04-04 18:19:48 ----D---- C:\Program Files (x86)\Adobe
2015-04-04 17:43:24 ----D---- C:\Temp
2015-04-04 17:41:44 ----D---- C:\Windows\system32\drivers
2015-04-04 17:41:43 ----D---- C:\Program Files\NVIDIA Corporation
2015-04-04 17:31:25 ----D---- C:\Program Files (x86)\Common Files
2015-04-04 17:28:39 ----D---- C:\ProgramData\MAGIX
2015-04-04 17:27:15 ----D---- C:\Program Files\Common Files
2015-04-04 17:16:19 ----D---- C:\Program Files (x86)\IncludeMonitor
2015-04-02 19:01:04 ----RD---- C:\Program Files (x86)\Skype
2015-04-02 12:48:23 ----D---- C:\ProgramData\9774519795248689689
2015-04-01 21:11:58 ----D---- C:\Windows\system32\wdi
2015-04-01 16:34:22 ----D---- C:\ProgramData\Skype
2015-03-31 23:17:30 ----D---- C:\Users\Tomáš\AppData\Roaming\SoftGrid Client
2015-03-28 05:44:01 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-03-28 05:44:01 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-03-28 05:43:39 ----A---- C:\Windows\system32\nvspcap64.dll
2015-03-28 05:43:39 ----A---- C:\Windows\system32\nvspbridge64.dll
2015-03-26 16:45:19 ----SD---- C:\Windows\system32\CompatTel
2015-03-26 16:45:19 ----D---- C:\Windows\system32\wbem
2015-03-26 16:45:19 ----D---- C:\Windows\system32\appraiser
2015-03-26 16:45:18 ----D---- C:\Windows\AppPatch
2015-03-23 15:24:10 ----D---- C:\Users\Tomáš\AppData\Roaming\MysteryTag
2015-03-22 19:48:27 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-03-21 18:20:57 ----D---- C:\Users\Tomáš\AppData\Roaming\XBMC
2015-03-21 17:18:46 ----D---- C:\Users\Tomáš\AppData\Roaming\MAGIX
2015-03-21 15:59:23 ----D---- C:\Windows\system32\NDF
2015-03-18 18:33:54 ----D---- C:\Users\Tomáš\AppData\Roaming\Audacity
2015-03-17 19:21:40 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-03-17 19:20:07 ----D---- C:\Program Files\Microsoft Office 15
2015-03-15 21:20:45 ----D---- C:\Users\Tomáš\AppData\Roaming\WhenInRome_Realore_WildTanget
2015-03-15 16:58:36 ----D---- C:\Users\Tomáš\AppData\Roaming\ShamanGS
2015-03-15 11:13:52 ----D---- C:\Windows\pss
2015-03-13 21:41:47 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-03-13 21:41:47 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-03-13 21:41:47 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-03-13 21:41:47 ----A---- C:\Windows\system32\nvapi64.dll
2015-03-13 18:16:47 ----A---- C:\Windows\system32\nvsvc64.dll
2015-03-13 18:16:47 ----A---- C:\Windows\system32\nvcpl.dll
2015-03-13 18:16:45 ----A---- C:\Windows\system32\nvvsvc.exe
2015-03-13 18:16:45 ----A---- C:\Windows\system32\nvsvcr.dll
2015-03-13 18:16:45 ----A---- C:\Windows\system32\nvshext.dll
2015-03-13 18:16:45 ----A---- C:\Windows\system32\nvmctray.dll
2015-03-13 18:16:45 ----A---- C:\Windows\system32\nv3dappshextr.dll
2015-03-13 18:16:45 ----A---- C:\Windows\system32\nv3dappshext.dll
2015-03-12 20:19:24 ----D---- C:\Windows\rescache
2015-03-12 16:44:39 ----D---- C:\Program Files\Windows Media Player
2015-03-12 16:44:39 ----D---- C:\Program Files (x86)\Windows Media Player
2015-03-12 16:44:37 ----D---- C:\Windows\SYSWOW64\Dism
2015-03-12 16:44:37 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-03-12 16:44:36 ----D---- C:\Windows\system32\Dism
2015-03-12 16:44:35 ----D---- C:\Windows\system32\en-US
2015-03-12 16:44:35 ----D---- C:\Windows\system32\cs-CZ
2015-03-12 16:44:33 ----D---- C:\Windows\system32\Boot
2015-03-12 16:44:28 ----D---- C:\Program Files\Internet Explorer
2015-03-12 16:44:27 ----D---- C:\Windows\SYSWOW64\en-US
2015-03-12 16:44:22 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-11 22:35:03 ----D---- C:\Windows\system32\MRT
2015-03-11 22:26:15 ----D---- C:\Windows\system32\catroot2
2015-03-11 18:48:24 ----A---- C:\Windows\system32\MRT.exe
2015-03-07 20:53:51 ----D---- C:\Program Files (x86)\TakETheCoUPooN

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-06 438808]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-11-15 274696]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-03-18 23704]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-07-11 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-07-11 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-07-11 62776]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-11-15 124560]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2011-06-30 54784]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2011-06-30 77696]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-11-30 2647528]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
R3 LVUVC64;Logitech HD Webcam C310(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2010-08-11 1014624]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-10-09 195728]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-03-28 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-05-16 533096]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2014-08-28 14112]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 sbmntr;SBMNTR; \??\C:\PROGRA~2\YTDOWN~1\sbmntr.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-12-08 36328]
S3 cpuz134;cpuz134; \??\C:\Users\TOM~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 massfilter_hs;HS HandSet Mass Storage Filter Driver; \??\C:\Windows\system32\drivers\massfilter_hs.sys [2012-06-20 20232]
S3 PcaSp60;Rawether NDIS 6.X SPR Protocol Driver; C:\Windows\system32\DRIVERS\PcaSp60.sys [2010-09-07 38912]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-12-08 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-12-08 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-12-08 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-12-08 146920]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2011-12-08 136264]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2011-12-08 19016]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2011-12-08 172104]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2015-02-10 2714800]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-03-28 1152144]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2015-03-30 2490216]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2015-03-30 417552]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-20 325656]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-01-30 23784]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-03-28 1878672]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-03-28 22995600]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-03-13 935056]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-03-13 410768]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2673064]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2015-02-25 2604856]
R2 UMVPFSrv;UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-01-30 366512]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-12-07 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-30 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2014-08-02 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-22 268464]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-09-07 255040]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-05-09 203344]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-12-07 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-30 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-20 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-04 148080]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-02-15 1910128]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-10-03 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2013-10-03 5132888]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-10-21 833728]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-30 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[Márty84]

Haveti je tam dost


Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.


Postupujte podle navodu kolegy

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Postupujte podle navodu kolegy

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[simplyfine]

tak tady je výsledek:

# AdwCleaner v4.200 - Log vytvooen 06/04/2015 v 12:06:28
# Aktualizováno 29/03/2015 by Xplode
# Databáze : 2015-03-29.1 [Server]
# Operaení system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Tomáš - MILOUS
# Spuštino z : C:\Users\Tomáš\Desktop\adwcleaner_4.200.exe
# Nastavení : Eištiní

***** [ Služby ] *****

[#] Služba Smazáno : globalUpdate
[#] Služba Smazáno : globalUpdatem
[#] Služba Smazáno : sbmntr

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\AVG Security Toolbar
Složka Smazáno : C:\ProgramData\IePluginServices
Složka Smazáno : C:\ProgramData\ShopperPro
Složka Smazáno : C:\ProgramData\DeleteAd
Složka Smazáno : C:\Program Files (x86)\globalUpdate
Složka Smazáno : C:\Program Files (x86)\ShopDroP
Složka Smazáno : C:\Program Files (x86)\video download converter
Složka Smazáno : C:\Program Files (x86)\NeiwoSaveeR
Složka Smazáno : C:\Program Files (x86)\RegularDealls
Složka Smazáno : C:\Program Files (x86)\TakETheCoUPooN
Složka Smazáno : C:\Program Files (x86)\unuisales
Složka Smazáno : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Infigo
Složka Smazáno : C:\Users\Tomáš\AppData\Local\globalUpdate
Složka Smazáno : C:\Users\Tomáš\AppData\LocalLow\Ge-Force
Složka Smazáno : C:\Users\Tomáš\AppData\Roaming\quickclick
Složka Smazáno : C:\Users\Tomáš\AppData\Roaming\Infigo
Složka Smazáno : C:\Users\Tomáš\AppData\Roaming\dll-files.com
Složka Smazáno : C:\Users\Tomáš\AppData\Roaming\download Manager
Složka Smazáno : C:\Users\Tomáš\Documents\Updater
Složka Smazáno : C:\Users\Tomáš\Documents\video download converter
Složka Smazáno : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\oalbifknmclbnmjlljdemhjjlkmppjjl
Složka Smazáno : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Složka Smazáno : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\obbfamljbihbcghcciagdafdpbgcmkne
Soubor Smazáno : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_oalbifknmclbnmjlljdemhjjlkmppjjl_0.localstorage
Soubor Smazáno : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_oalbifknmclbnmjlljdemhjjlkmppjjl_0.localstorage-journal
Soubor Smazáno : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\oalbifknmclbnmjlljdemhjjlkmppjjl
Soubor Smazáno : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage
Soubor Smazáno : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage-journal
Soubor Smazáno : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nafaimnnclfjfedmmabolbppcngeolgf_0.localstorage
Soubor Smazáno : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nafaimnnclfjfedmmabolbppcngeolgf_0.localstorage-journal
Soubor Smazáno : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eagomcfjiefffhpaejnlpjccikpipdoe_0.localstorage
Soubor Smazáno : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eagomcfjiefffhpaejnlpjccikpipdoe_0.localstorage-journal
Soubor Smazáno : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_eagomcfjiefffhpaejnlpjccikpipdoe_0
Soubor Smazáno : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eagomcfjiefffhpaejnlpjccikpipdoe
Soubor Smazáno : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage
Soubor Smazáno : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage-journal
Soubor Smazáno : C:\Windows\Reimage.ini
Soubor Smazáno : C:\Users\TOM~1\AppData\Local\Temp\Uninstall.exe
Soubor Smazáno : C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\s67l7c61.default\invalidprefs.js

***** [ Naplánované úlohy ] *****

Úloha Smazáno : globalUpdateUpdateTaskMachineCore
Úloha Smazáno : globalUpdateUpdateTaskMachineUA
Úloha Smazáno : YTDownloader
Úloha Smazáno : YTDownloaderUpd

***** [ Zástupci ] *****


***** [ Registry ] *****

Klíe Smazáno : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Klíe Smazáno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Klíe Smazáno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Klíe Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Klíe Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Klíe Smazáno : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Klíe Smazáno : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Klíe Smazáno : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Klíe Smazáno : HKLM\SOFTWARE\22f2987e-b1ca-4c85-aeb5-b203e1c63f7b
Klíe Smazáno : HKLM\SOFTWARE\3c683020-53bd-427d-aa6b-9e67297f70eb
Klíe Smazáno : HKLM\SOFTWARE\40f4fff5-b3aa-46de-9859-5f6b0658b98f
Klíe Smazáno : HKLM\SOFTWARE\4b9af39b-ae08-4815-af8a-d179005a5ed1
Klíe Smazáno : HKLM\SOFTWARE\6a08834d-603d-453b-9ecf-0285024c0830
Klíe Smazáno : HKLM\SOFTWARE\76b6a704-53d6-4ff3-99b7-aa653402ea5a
Klíe Smazáno : HKLM\SOFTWARE\ae00b601-bcc0-2fe0-c3dd-8b5f9f61a813
Klíe Smazáno : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíe Smazáno : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíe Smazáno : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611191111}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611341129}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611571181}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622192211}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622342229}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622572281}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{C43F0D7D-78F0-47B8-954C-8FB36960B785}
Klíe Smazáno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Smazáno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Smazáno : HKLM\SOFTWARE\Classes\Interface\{C43F0D7D-78F0-47B8-954C-8FB36960B785}
Klíe Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{89310413-97E0-4F09-AA75-390A7F4D4918}
Klíe Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611191111}
Klíe Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611341129}
Klíe Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611571181}
Klíe Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Klíe Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611191111}
Klíe Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611341129}
Klíe Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611571181}
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611191111}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611571181}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622192211}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622342229}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622572281}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{CA021789-C8CD-4676-BC40-90077A19D5CD}
Data Obnoveno : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Klíe Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
Klíe Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ECF590BD-6DEE-4134-82D7-5DFCBE10C144}
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Smazáno : HKCU\Software\GlobalUpdate
Klíe Smazáno : HKCU\Software\InstalledBrowserExtensions
Klíe Smazáno : HKCU\Software\Softonic
Klíe Smazáno : HKCU\Software\Reimage
Klíe Smazáno : HKCU\Software\onekit
Klíe Smazáno : HKCU\Software\YTDownloader
Klíe Smazáno : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Klíe Smazáno : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Klíe Smazáno : HKCU\Software\AppDataLow\Software\adawarebp
Klíe Smazáno : HKCU\Software\AppDataLow\Software\Crossrider
Klíe Smazáno : HKCU\Software\AppDataLow\Software\SavePass 1.1
Klíe Smazáno : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Klíe Smazáno : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Klíe Smazáno : HKLM\SOFTWARE\GlobalUpdate
Klíe Smazáno : HKLM\SOFTWARE\InstalledBrowserExtensions
Klíe Smazáno : HKLM\SOFTWARE\omiga-plusSoftware
Klíe Smazáno : HKLM\SOFTWARE\SavePass 1.1
Klíe Smazáno : HKLM\SOFTWARE\YTDownloader
Klíe Smazáno : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Klíe Smazáno : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Klíe Smazáno : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Klíe Smazáno : [x64] HKLM\SOFTWARE\ShopperPro
Klíe Smazáno : [x64] HKLM\SOFTWARE\Reimage

***** [ Prohlížeee ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v37.0.1 (x86 cs)

[s67l7c61.default\prefs.js] - Oádek Smazáno : user_pref("browser.search.defaultenginename,S", "WebSearch");
[s67l7c61.default\prefs.js] - Oádek Smazáno : user_pref("browser.search.defaulturl", "hxxp://websearch.look-for-it.info/?pid=20494&r=2015/02/12&hid=11400787491652640491&lg=EN&cc=CZ&unqvl=82&l=1&q=");
[s67l7c61.default\prefs.js] - Oádek Smazáno : user_pref("browser.search.order.1", "WebSearch");
[s67l7c61.default\prefs.js] - Oádek Smazáno : user_pref("browser.search.order.1,S", "WebSearch");
[s67l7c61.default\prefs.js] - Oádek Smazáno : user_pref("browser.search.selectedEngine,S", "WebSearch");

-\\ Google Chrome v41.0.2272.118

[C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://dts.search.ask.com/web?q={searchTerms}&v=1.1_519&d=533_257&apn_ptnrs=%5EAG5&o=APN10644A&tpr=1&gct=hp&ts=1414963691796

*************************

AdwCleaner[R2].txt - [16960 bytu] - [06/04/2015 12:05:13]
AdwCleaner[S2].txt - [15965 bytu] - [06/04/2015 12:06:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [16024 bytu] ##########

[Márty84]

Fajn, pokracujte s Junkware a Zoekem

[simplyfine]

tak další výsledky dvou dalších, bohužel pohledem oka, již vidím, že mí nerozluční vyskakující kámoši si žijí dál:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.2 (04.06.2015:1)
OS: Windows 7 Home Premium x64
Ran by Tom ç on po 06.04.2015 at 12:15:16,15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update pacfunction



~~~ Files

Successfully deleted: [File] "C:\Windows\wininit.ini"



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Tom ç\appdata\local\cre"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Tom ç\appdata\local\{01225727-BC8B-410E-AA1C-D702D62A77F4}
Successfully deleted: [Empty Folder] C:\Users\Tom ç\appdata\local\{2A24AD9E-21DA-4B27-B7F2-DD685DC298B7}
Successfully deleted: [Empty Folder] C:\Users\Tom ç\appdata\local\{4F2DD2D1-49E5-4061-A86C-B7765FC43B74}
Successfully deleted: [Empty Folder] C:\Users\Tom ç\appdata\local\{8B4C3D46-E0C6-4B8E-9309-0C13AA00C864}
Successfully deleted: [Empty Folder] C:\Users\Tom ç\appdata\local\{C19CB615-19F6-4547-81A4-F20C15A84E17}



~~~ FireFox

Successfully deleted the following from C:\Users\Tom ç\AppData\Roaming\mozilla\firefox\profiles\s67l7c61.default\prefs.js

user_pref("avg.wtu.ext.dnsWhiteList", "toolbarhome.com,avg.com");
user_pref("avg.wtu.ext.extHomepage", "hxxps://mysearch.avg.com?pid=wtu&sg=&cid=%7Ba1e92501-9f1e-4a6e-9d23-20a9e61423b5%7D&mid=2d1090599d4647d091dbe92931a9ffbc-ce93f7ae63ec350a
user_pref("avg.wtu.ext.guardWhiteList", "toolbarhome.com,avg.com");
Emptied folder: C:\Users\Tom ç\AppData\Roaming\mozilla\firefox\profiles\s67l7c61.default\minidumps [709 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 06.04.2015 at 12:17:54,94
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

a poslední:

Zoek.exe v5.0.0.0 Updated 02-April-2015
Tool run by Tom ç on po 06.04.2015 at 12:21:26,54.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TOM~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

6.4.2015 12:23:17 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\AVS4YOU deleted successfully
C:\PROGRA~2\f3af8154-34e5-4ea8-b899-a5811b3c76cf deleted successfully
C:\PROGRA~2\IncludeMonitor deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\PokerStars.NET deleted successfully
C:\PROGRA~2\Sony Ericsson deleted successfully
C:\PROGRA~2\uTorrent deleted successfully
C:\PROGRA~3\AWEM deleted successfully
C:\PROGRA~3\Big Fish Games deleted successfully
C:\PROGRA~3\CorelDRAW Graphics Suite X5 deleted successfully
C:\PROGRA~3\Evernote deleted successfully
C:\PROGRA~3\regid.1986-12.com.adobe deleted successfully
C:\PROGRA~3\Sony Ericsson deleted successfully
C:\PROGRA~3\WinZipEC deleted successfully
C:\Users\Tom ç\AppData\Local\BeamNG deleted successfully
C:\Users\Tom ç\AppData\Local\Downloaded Installations deleted successfully
C:\Users\Tom ç\AppData\Local\PokerStars.NET deleted successfully
C:\Users\Tom ç\AppData\Local\Tales of Lagoona 2 deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10394670-B55A-4B38-9883-AFB67CADDDDB} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{120A8003-37BB-472F-B41E-BB81D4C818F1} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16B9D758-7039-47B6-8757-E48BC104435} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17B6CC64-6B37-493B-9134-D157D7E66082} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{18DD09F7-B6C5-46F2-8A65-D07C642034EB} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A6B2C79-2730-41E4-99EF-AE697D44A6B2} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1CB8D7AF-ED86-4468-81C3-AFD9C7A7BF2} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E0CEDC0-885B-425E-A413-EC41577E4EB} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E74CF27-A429-4DB4-A4EB-DEA2F95CF8EA} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1EF04362-4406-4D3D-8EA2-3E1D6E6B6584} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F3B5E35-8267-420C-90F5-A7520F1881E} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F719C5E-6F9C-4612-86DE-B02693912CC5} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F97E28F-8B9C-47C8-8B5D-62E226C9162} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23E75B27-5630-445A-A04D-F6927F5CFB8} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{244020A0-9789-4405-A059-54A82D6066CA} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{24C1E29-A0EF-4EF9-873F-CA3449D31319} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{25A28AB6-E58E-427C-9DE2-B010B2478D50} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{268F0D85-F2DA-4000-9325-8465C6B050A4} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{277A111B-B743-45F1-A919-DCF2261F34AB} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28755430-D0F1-4C58-AA56-42DDCFCF721F} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2A67627A-882-4D2D-895-CA36CB952C3D} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B7B4691-F641-47C2-BDEB-434330B3D0B2} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BFE27C3-8AED-4D57-893-1969BD8B952} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2FB59B9E-5D98-4559-84F6-E7F1A1E1D329} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{309E50CC-2A4D-45E5-B7A6-CA8FBED4EA63} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{320A1558-BDAE-4ABA-93EF-B299A3A86D65} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{336221b4-41c0-4edd-a595-444270e141bb} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35C50274-DE6D-4D0E-8287-E79F27655455} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3881A34F-9304-43F4-B2C5-18673AAFDEC9} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3A4EC686-2AE7-457B-9AD-44E3144D21DB} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D4E1659-5792-43E5-A884-6D3C78CE5CF} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D5CE475-9B3E-4A16-BE23-98DA9B82C915} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E76AD58-47B5-4EDB-99C9-983E6651F878} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42C49CA-1545-4F00-80C4-2B3FCC73A11A} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{431F17F4-998D-4853-83B0-66FA8351C062} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{43AC6766-D5F7-4DA8-9677-4C32BCFC3CBC} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{43E64C32-83CB-44B0-98E6-D9785776568C} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4427A32C-5626-4472-83E1-F68E248F950} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44434A91-C05C-4AF6-AAC4-66FC34DC2AC7} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{454AEC9F-2456-41E5-83C6-F65B11E49FB3} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{45503f0a-ab9e-4ee5-9fa2-f4f5278e6f21} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{459A81B7-AD17-4F91-BC69-B56D55CDE32A} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{45C3A4DA-B69F-41DA-B0F4-17616FD470CD} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{45D10559-5092-4785-9C3-9E8972479A41} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{46283706-9867-458E-8DFD-AFBCDB753CE9} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47804CF0-F140-4FC5-8EF1-2BBCB5F6F8E9} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{48205C57-6A00-4920-BD67-82BDA59CA4C} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{48EAA3B-C4EF-450E-93AF-2CC35FFCE9FB} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4A500F58-F2FE-4D5C-AA42-F3DEE0CB4838} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4A618D7A-2FEB-4466-997A-52CBC17D48A3} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4BB92031-B07A-45C9-A07B-DE9552496A7E} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4BC67A06-28B-48BA-B95D-F6DD4572DFD} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D405ABE-D0FA-446C-BC43-5EBDA51C4385} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4ED84A24-8A8-4277-97D8-4B87BA1021CB} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4f17d9ad-add9-41e4-bac2-5a4e28cd2464} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4F9A04AF-B345-4B89-A6CE-746D9829F2F} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51778338-EADE-49F2-8399-2F55C695E06D} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5188CC92-8B0-48C7-9311-9A704D275BDF} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52D36C5-2E7B-4F5F-8667-BAABCBAF7049} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52DAC37D-FECA-43E2-B4F3-63BA9EA1F6A} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{54583AFF-164D-4DD3-B3A4-345648A23A6F} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55A058E3-1D1-4F43-A2D3-5B3697F43454} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55D417D-9C38-4B4D-953C-8A5CC662D23B} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{583165C5-ECD2-4B2B-9E17-D0F34C02B4D} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5838EE5D-5CE1-4C85-903A-DBEF85943F4B} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58E02917-A5F0-4A00-857A-F035736D8EE9} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{598F726B-3B2C-4B84-A085-9A2818D1B375} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5DBCAC27-2196-4F76-B053-12B7A426AEE2} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5F426C8F-DCDF-4330-A81E-98F8FD9CD981} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5F5F66A4-EFBC-4B2C-89BC-8B7B6DF21459} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5F9C8F31-4452-408A-8DC9-E81FA2B290C8} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5FCDBC42-38EA-49D6-A935-AC534E6BDFFF} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5FDB7FDE-7005-4F34-B526-1559AE818021} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60E76996-B8B9-4096-9713-F5DFBA89BBB4} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60F28560-6910-4EBB-BB5A-5AE8E9EBA7CC} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61AAC35C-A7B-4607-9162-8622788C1A71} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{64033AA5-A334-4D40-BD58-A7831C127723} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6457D484-5CB1-4A6A-BEBB-E4BED37F5DA} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6676A529-C5C-425A-AD1C-9DC7798EE480} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6AD7CFC1-5B57-4E0D-A7C3-438FDCE5FB6C} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6EA1F0F4-2D29-4811-A6F9-9E3CB6D459} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6EAC8426-CF6E-4F1C-89FB-BB8759B54AB} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{704DAFED-4D9-4EFC-8A9-1D79DC8A75B} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70EA554D-28A8-4435-B5CC-274E59EB22F7} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71F8817D-311-4811-8D8E-1479984CBC6} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72CFFBB3-7B35-4E79-A537-A1996ACB8416} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{735ACF64-3ED0-44B8-B9E4-BEB74D9276AC} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7396E234-BFFE-47B2-A2F5-56BFF49F1C30} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73C2914A-7515-46F9-A339-45569D6C1E29} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73E8E7A9-356A-46A4-9C35-C28C7554329A} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{741B3AE0-CC06-44A8-974B-7A7DAE4BA7B7} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{750E70E-95E6-4FFC-AD95-40B9DBCDEE79} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76897FD8-FB71-4F95-95AA-389A703FB851} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{770017EF-8CA5-4AF8-80C8-119CAEB98E7F} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{779A2FDD-6196-4069-B9AF-467CF57E7223} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7938D0EC-CFE8-4E82-939A-2693A0CB71E2} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7982E1F1-D4D7-4336-8B70-6891E934D291} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A6907E2-5405-4763-8CAF-193392BE2713} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A8EFE7-E1BB-4DA6-A1B9-AAE98E9139B5} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A9FAFA-EA07-4BD0-93A1-915F42BB316} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AB28BBB-6A8-4D8C-8CEB-3BC49ADDC0ED} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AB77B2B-A8AF-4FAD-9A3-AFE86FF2779} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B9053DF-78CD-49FE-8096-B9FAEF75A960} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C7F69A0-89DD-4C12-A8BF-4821BF28DC26} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D1C972B-3E-451F-BF72-153E8C67BC7} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D50D4A3-A84F-4DBA-8252-FDBB5B256811} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D6F32EF-9A98-40D1-9424-BED4148360AE} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E829E78-ACA2-40AF-BA88-962D69FEB63} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8284D13A-28FC-4DC2-8AB2-86F75EB862B4} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{832640BF-AD95-4916-B8D7-4425DDC26D0} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83A51CF3-EE17-4B33-BCFC-DDDA6A1CE5E} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83E487EC-52A7-4BDB-99D7-88C6AEFC672} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{849A7905-7D37-4083-A71-54AD323DDA9F} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85D215DA-B016-4282-A06D-4B99A51D3F36} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8794E338-BC19-4991-8480-60DD6ED6477B} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88D35EBE-9C05-4834-8683-E19D6BC173D0} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8ADC6CAD-13FF-42B4-9965-EE59E34DEFD5} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D06B645-125B-4311-A1A5-EAA2AAE8295A} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E8B30F8-1CA5-41DC-BDF0-B9E677C82DD7} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8EC1149F-A9E3-4952-A044-14B24428AE66} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8ED509A8-D928-42E2-821B-45C363B0BC1B} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F992250-A988-48B8-A9DD-F51C399B4AB0} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8FDF3704-A708-44E4-85C1-E842F39E7B7C} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{908F0140-81F8-4CCE-99B1-88F18952470} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{90B40F49-3324-49E5-A330-5369B6B8EA7C} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91465D89-DE6F-4FBB-B5E0-A921ECD9AD16} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{932C24B2-56E1-49F0-85D7-5E8CB336E1D3} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9371E2E3-B34D-47B0-809E-54D71730C960} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94E2CA87-C5E3-4083-A385-97214B52C4E1} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{955F2727-C311-489B-96AA-CA9B9184D3} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9720761C-A1FC-4CA7-B880-3E549F8C950} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98AB056E-A991-4127-B021-4E8C3E769387} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99C95325-CF0E-45CA-ABE4-5F9B4B68A4D} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9B6BDBDB-4A16-48F6-96CA-7F8515222E1E} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9E7740A2-B728-43DC-96D5-9B82BE4A526A} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9FE8C38E-BD3C-4B2A-8E26-2E936EA2C1DC} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A086D8EC-4532-4F9D-8FCA-2BD88FD1298A} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A0BBD3B0-2F10-47E6-80B4-DA7FEB2882C9} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A0EF46E4-3B1C-457F-9E34-746943FE27DB} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A10DBA68-7EC1-4388-B14C-CA5147636A} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1B05C1F-A726-4673-8483-FFB1A171C9A7} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A233D26F-563D-4B09-BFA9-7344C0C3AF6A} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A2671E77-1AA7-4BC4-8F8D-91FCDDD29B6E} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A39143D3-217D-4E91-9E0-2545D37B9A7} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A3CE8ADA-11A-4BBB-A17B-6F8B9B3E5DA0} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A482E104-B58-4DCB-8F60-86D07684B5FD} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4B787F5-7EE3-46DC-8DB4-2A8445F53C23} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A518CCC9-19BA-4D95-844E-B5EBD0F25387} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A91D82F6-BF6A-44E3-9BAD-74FE6F6E3F2C} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A955C2CD-548B-4FBC-96C0-949AB57356F6} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AB6D9EE3-3FC6-4854-B1F1-88C59D86378} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD175374-9319-4FC8-81DC-A71D6F34F22F} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE45820C-733B-447A-B875-3FEE86B8BFB4} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE563935-5A63-4F3C-B6C4-8E45E0ED2F49} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE5E2DDC-8298-4C80-8CEA-447C63227F30} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AEEA1E5A-3DB8-4B56-9062-BBD6393F71B6} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AF5EC1E0-DED9-408B-AD50-689043FB130} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B0232BA4-56CB-439D-A6C4-EBF4D219106B} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B260F987-7E4D-4857-B6B4-553B5DCB5C74} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2E769E-DA84-4B39-AAE6-ED823A2BBD43} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B3C9C7D-25DC-4EE1-8678-6CB9BF799C} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B48508DB-6965-45F8-A0F5-BAC9149F52D5} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B4A074CE-D680-4C29-B8A6-A3B03BEAA789} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5C44435-E7A6-46AE-A1E4-BE6E8B1AB6E8} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B60B4B08-E531-491B-AF54-93E4741A528} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6928178-3A02-43D9-B0E8-A82962462690} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B88E3377-4370-4359-BD56-FAFA508722E9} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BDA7215C-18D2-4C4B-BFE4-C663C76333B2} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE34B6FE-29E-47A6-AF70-3DFAE9F520BA} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEF7E933-1921-47BB-A9E0-77F07F1FB78D} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C135E756-B7B0-491D-AAB0-CFD30C28B17} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c141435d-88cc-48e4-93d4-9b4e8b1fab26} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C40C4907-74F4-40BA-9A1A-BB0ED16E0B5} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C43D546A-FCD6-4B50-B692-6B8770121FEE} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4EAAEA4-419-4448-AF44-59EB6BDF327} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8C0992E-3770-4274-9374-AD1B8E7B5BC} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C91D66E4-53EA-4F3C-9474-EDEA549BD8EF} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c98fc67f-96c8-4dfc-840c-e1144ef4aff9} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA234F89-347C-476E-A534-A959DD42E88C} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB72BC4C-2298-4176-A7CC-BD4F4A278FDA} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cc340b82-6a55-4a15-8ed9-7087c4735f2c} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD585AB6-553D-40CE-A25F-E011C48AF92E} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CE6FE197-1BBE-4C41-836-2F3DA1C4EF8C} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cee9df57-9b79-48ad-8712-9866d043c5e8} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D065C981-76C9-4D7B-BF0-C86AEB252D8D} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D0766871-8BD8-47D2-9A79-9FC55813B442} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D550D676-5BA9-4891-9B40-43EFB72EBE7E} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D61ABA43-E542-49BE-89B1-F6CD1AEED24F} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D93BBDC2-1AC5-40AD-A188-F5633050BBD0} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D9DEE61C-64-4074-B772-1EF130FE2FBE} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA58F5BD-4C9-468A-B286-A09BC74F9BA6} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBE1218-DE9D-4677-BA5F-862A1925F03} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc7e4ecb-20d6-4314-9279-132652944240} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DE9E0980-3266-403D-84D6-9F1D6095EF7F} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DEE2151D-549-4539-831A-A9D5804B704D} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DF95379-1DF6-45D2-AE98-F3F2AC288BE7} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0F0CA25-105E-4FB7-9ED1-18D97DDEBC2} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E124DFCF-2001-4220-9211-9EFCF372413} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E27F1742-D987-4CAB-AE30-5AE0B8A11F44} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3BA6D3B-BFE6-42A5-87D-E33C11868BDE} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E491D3A2-304B-466C-BF79-A461506E24F} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E544FADF-8EA3-480F-867F-8F1E64FE189} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6557BD3-4E94-4811-BF29-F8205FC03CE0} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6ABCEF0-955D-4ED1-A235-6718A2927C0} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DBA1E3-BF3-4502-A4E4-7861FC7D824} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E826FA81-122D-4E7C-8ABB-858F6DEDED57} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E8781A8D-8BCA-4C14-9C54-A98AE649E5B} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E90B6F00-D6F8-4BC6-A8BD-3420CEE532A4} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA9B39B7-5118-4966-A63-40DDAAF2639F} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA9C987-833F-43A3-80F1-44CD85298E7F} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EAD21F99-E012-4AED-9F32-7EF9ACA8A27E} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EAFC3214-966E-4573-95A1-4835FBF1A88C} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB1E3306-B64E-44C5-98A6-BBF5DC6F114D} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB2CA21E-E1E2-4D28-A0B9-4EA37B3C4B34} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC370C55-7FC9-4DC4-8721-D7F4F58A36D5} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC5FCFBC-95B8-494A-9E3D-D77D4244FB9} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEFBB72D-832A-4CA3-B763-D25393561B1} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF1451B8-FB14-4D69-B7F-6341D210FBAA} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF3FB3F2-CF6A-4A2F-BD62-A84622979459} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EFA1E7E-40F5-4E73-9A9B-C37271E7E} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F0583E72-3A40-457F-89A2-7B12DF437870} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F08F5495-B6D5-4D8F-A8F1-A7296FFA7380} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F0AF3B70-442A-4F77-945E-1FDBA5613434} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F181086E-EE35-4BFE-B911-DE6D4C7E2534} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F218D65C-F799-4239-8B81-699A935B6FF4} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5087EE5-28C6-43CF-A216-5546F6CD8C1} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F52B4EF7-AE51-4B83-B26F-35C48F616455} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5460D8C-43F6-442A-87B1-A54B8047622D} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5C56D9B-8EF0-4AC3-957-C227C1B8C4FB} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5FEB158-3D41-44FD-BD79-5FDE3ABE50F2} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F6864089-91B7-4FD3-91BC-6BACC52D9F5} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F6FB010C-7263-4946-9B6B-9B6B1C3CFE82} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9A8A4D6-27AB-4D18-BBEC-6BC3D97719} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FA8DBD8F-ECB0-437C-97ED-AEFC3C68EEC9} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC025A05-EB26-45E0-864F-DF9377BCBC} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FCD299DB-10E7-4F06-BC4-376A2F79E46} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD5F0097-CDE4-422D-BECC-F47CA4AA17A1} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FDFF55D4-3D23-4681-81A0-BD8D5C6B302B} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFAFFD1E-14C3-4959-BCEE-97EB7A2BFA4E} deleted successfully
HKEY_USERS\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFC6A3CE-927C-4F63-B1D8-16494B167B39} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{336221b4-41c0-4edd-a595-444270e141bb} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{45503f0a-ab9e-4ee5-9fa2-f4f5278e6f21} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4f17d9ad-add9-41e4-bac2-5a4e28cd2464} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c141435d-88cc-48e4-93d4-9b4e8b1fab26} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c98fc67f-96c8-4dfc-840c-e1144ef4aff9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cc340b82-6a55-4a15-8ed9-7087c4735f2c} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cee9df57-9b79-48ad-8712-9866d043c5e8} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc7e4ecb-20d6-4314-9279-132652944240} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\TOM~1\AppData\Roaming\Mozilla\Firefox\Profiles\s67l7c61.default\prefs.js:
user_pref("browser.startup.homepage", "http://google.cz/");
user_pref("browser.newtab.url", "http://google.cz/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google Default");
user_pref("browser.search.selectedEngine", "Bing");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\TOM~1\AppData\Roaming\Mozilla\Firefox\Profiles\s67l7c61.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\TOM~1\AppData\Roaming\Mozilla\Firefox\Profiles\s67l7c61.default

user.js not found
---- Lines extensions.KLT6MabazSpaxQJR removed from prefs.js ----
user_pref("extensions.KLT6MabazSpaxQJR.epoch", "1426447517");
---- FireFox user.js and prefs.js backups ----

prefs_06.04.2015_1236_.backup

==== Batch Command(s) Run By Tool======================


Katalog Winsock byl ŁspŘçnŘ resetov n.
K dokonźenˇ resetov nˇ je nutn‚ restartovat poźˇtaź.


==== Deleting Files \ Folders ======================

C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\AVS4YOU not found
C:\PROGRA~2\f3af8154-34e5-4ea8-b899-a5811b3c76cf not found
C:\PROGRA~2\IncludeMonitor not found
C:\PROGRA~2\PokerStars.NET not found
C:\PROGRA~2\Sony Ericsson not found
C:\PROGRA~2\uTorrent not found
C:\Users\Tomáš\.android not found
C:\Users\Tomáš\AppData\Local\cache not found
C:\Users\Tomáš\AppData\Local\CrashRpt not found
C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma.crx not found
C:\Users\Tomáš\Documents\Add-in Express not found
C:\PROGRA~2\PrivitizeVPN deleted
C:\PROGRA~2\Dota 2 Stream Browser deleted
C:\PROGRA~2\Microformats for Google Chrome deleted
C:\PROGRA~2\One Number deleted
C:\PROGRA~2\Scroll Marker deleted
C:\PROGRA~3\dibbjkbgnadkmkpoejgbbbhomhoipfhl deleted
C:\windows\SysNative\Tasks\0414bUpdateInfo deleted
C:\Program Files (x86)\Adobe\da163475-d09b-495e-83d1-b9e33fd0402e.dll deleted
C:\Program Files (x86)\Adobe\37d7f9d4-f496-4144-ade2-3b8aa39c35ba.dll deleted
C:\Program Files (x86)\2e56a52c-17d4-4d58-bfcb-f011299ed8e9\49fe1220-29fd-4268-a86e-ef5d476dfcf7.dll deleted
C:\Program Files (x86)\2e56a52c-17d4-4d58-bfcb-f011299ed8e9\2e56a52c-17d4-4d58-bfcb-f011299ed8e9.dll deleted
C:\PROGRA~3\9774519795248689689 deleted
C:\PROGRA~2\2e56a52c-17d4-4d58-bfcb-f011299ed8e9 deleted
C:\PROGRA~2\37d7f9d4-f496-4144-ade2-3b8aa39c35ba deleted
C:\Program Files\Common Files\System\SysMenu.dll deleted
C:\Program Files\Common Files\System\SysMenu64.dll deleted
C:\PROGRA~3\Avg_Update_0215tb deleted
C:\PROGRA~3\Avg_Update_0414b deleted
C:\PROGRA~3\Video Accelerator deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Public\Documents\ShopperPro deleted
C:\Users\TOM~1\Downloads\Setup-snarkbustersbundle-wildgames!0555b0eb5074487fbee15246550fc474.exe deleted
C:\Users\TOM~1\Downloads\SopCast.zip deleted
C:\Users\TOM~1\Downloads\ReimageRepair.exe deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\tasks\0414bUpdateInfo.job deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Windows\Syswow64\sho426B.tmp deleted
C:\Windows\SysWOW64\LavasoftTcpService.dll deleted
C:\Users\TOM~1\AppData\Roaming\Mozilla\Firefox\Profiles\s67l7c61.default\jetpack deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\TOM~1\AppData\Roaming\Mozilla\Firefox\Profiles\s67l7c61.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"DSE"="true" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\TOM~1\AppData\Roaming\Mozilla\Firefox\Profiles\s67l7c61.default
- Undetermined - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\s67l7c61.default\extensions\LIupn@gmail.com
- Undetermined - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\s67l7c61.default\extensions\{6dfc4f52-26f0-4e5f-89c7-31d6de480db9}
- new game - %ProfilePath%\extensions\LIupn@gmail.com
- 6dfc4f5226f04e5f89c731d6de480db9 - %ProfilePath%\extensions\{6dfc4f52-26f0-4e5f-89c7-31d6de480db9}
- Send to XBMC - %ProfilePath%\extensions\jid0-YCM0p5WlCGjvBJcZhAusQ5h26wM@jetpack.xpi
- Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi
- ImTranslator - %ProfilePath%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================


==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Tomáš\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================

Google Chrome Version: 41.0.2272.118 (Latest Stable version: 41.0.2272.118)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
jfmjfhklogoienhpfnppmbcbjfjnkonk - No path found[]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.cz/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.cz/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{2DC877C2-2943-49C5-BDA7-6F743EEC268A} Google Url="https://www.google.com/search?q={searchTerms}"
{E9D9C6F5-1EDF-4AAC-AF24-C7D018B97257} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_14875"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Family Tree Builder Update deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YTDownloader deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Tomáš\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Tomáš\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=104 folders=48 33960961 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Tomáš\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\TOM~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on po 06.04.2015 at 12:46:39,35 ======================

[simplyfine]

tak jsem ještě nechala proběhnout dvakrát za sebou čištění a ukazuje se něco , co se pořád maže a pak zase asi vrací? -

# AdwCleaner v4.200 - Log vytvooen 06/04/2015 v 13:11:38
# Aktualizováno 29/03/2015 by Xplode
# Databáze : 2015-03-29.1 [Server]
# Operaení system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Tomáš - MILOUS
# Spuštino z : C:\Users\Tomáš\Desktop\adwcleaner_4.200.exe
# Nastavení : Eištiní

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Soubor Smazáno : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\oalbifknmclbnmjlljdemhjjlkmppjjl
Soubor Smazáno : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_eagomcfjiefffhpaejnlpjccikpipdoe_0
Soubor Smazáno : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eagomcfjiefffhpaejnlpjccikpipdoe

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****


***** [ Prohlížeee ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v37.0.1 (x86 cs)


-\\ Google Chrome v41.0.2272.118


*************************

AdwCleaner[R2].txt - [16960 bytu] - [06/04/2015 12:05:13]
AdwCleaner[R3].txt - [1338 bytu] - [06/04/2015 13:10:48]
AdwCleaner[S2].txt - [16156 bytu] - [06/04/2015 12:06:28]
AdwCleaner[S3].txt - [1260 bytu] - [06/04/2015 13:11:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1318 bytu] ##########

a další čištění -

# AdwCleaner v4.200 - Log vytvooen 06/04/2015 v 13:15:37
# Aktualizováno 29/03/2015 by Xplode
# Databáze : 2015-03-29.1 [Server]
# Operaení system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Tomáš - MILOUS
# Spuštino z : C:\Users\Tomáš\Desktop\adwcleaner_4.200.exe
# Nastavení : Eištiní

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Soubor Smazáno : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\oalbifknmclbnmjlljdemhjjlkmppjjl
Soubor Smazáno : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_eagomcfjiefffhpaejnlpjccikpipdoe_0
Soubor Smazáno : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eagomcfjiefffhpaejnlpjccikpipdoe

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****


***** [ Prohlížeee ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v37.0.1 (x86 cs)


-\\ Google Chrome v41.0.2272.118


*************************

AdwCleaner[R2].txt - [16960 bytu] - [06/04/2015 12:05:13]
AdwCleaner[R3].txt - [1338 bytu] - [06/04/2015 13:10:48]
AdwCleaner[R4].txt - [1454 bytu] - [06/04/2015 13:14:51]
AdwCleaner[S2].txt - [16156 bytu] - [06/04/2015 12:06:28]
AdwCleaner[S3].txt - [1397 bytu] - [06/04/2015 13:11:38]
AdwCleaner[S4].txt - [1376 bytu] - [06/04/2015 13:15:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1434 bytu] ##########

[Márty84]

Ano, nejde to udelat najednou, musime to nicit postupne a pak jeste docistit skriptem.


Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[simplyfine]

vkládám výsledku testu, nic jsem neodstranila, dle pokynu

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 6.4.2015
Čas skenování: 15:17:35
Protokol: výsledky malwarebytes.txt
Správce: Ano

Verze: 2.01.4.1018
Databáze malwaru: v2015.04.06.05
Databáze rootkitů: v2015.03.31.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: TomA!A!

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 724917
Uplynulý čas: 2 hod, 23 min, 12 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 1
PUP.Optional.CrossRider, C:\Program Files (x86)\new game\new_game_notification_service.exe, 2372, , [520b7bee4a40a5917118fd45020020e0]

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 16
PUP.Optional.Multiplug, HKU\S-1-5-21-3337465978-2193547489-3213491474-1001_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [322be88104861a1c53e9062d5ca714ec],
PUP.Optional.Multiplug, HKU\S-1-5-21-3337465978-2193547489-3213491474-1001_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, , [322be88104861a1c53e9062d5ca714ec],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\HQ-Video-Pro-2.1cV04.12-nv, , [f36abbae7119d85e273f56ecbf4646ba],
PUP.Optional.AdGazelle.A, HKLM\SOFTWARE\WOW6432NODE\AdGazelle, , [c895cc9d35554beba7db0ab8748fc63a],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\Ge-Force, , [46173534cac05cda33f9cf6f10f541bf],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\Ge-Force-nv, , [77e626439ceefc3ab5396edb44c1a060],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\HQ-Video-Pro-2.1cV04.12, , [3429dd8c3f4bcc6a95d191b1f60f9769],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\HQ-Video-Pro-2.1cV04.12-nv, , [4b126cfde5a5290dc6a04df5e81d669a],
PUP.Optional.SavePass.A, HKLM\SOFTWARE\WOW6432NODE\SavePass 1.1-nv, , [b5a85c0d8604d066fb2c28b6c43f3ac6],
PUP.Optional.GeForce.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\Ge-Force, , [0a534029ccbe9f972905c27ce025ba46],
PUP.Optional.HQVideo.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\HQ-Video-Pro-2.1cV04.12, , [80ddd693a5e5c47291d78db5cd38ac54],
PUP.Optional.GeForce.A, HKU\S-1-5-21-3337465978-2193547489-3213491474-1001\SOFTWARE\Ge-Force-nv, , [1b4280e95d2dfa3c14dbe069bf465ea2],
PUP.Optional.HQVideo.A, HKU\S-1-5-21-3337465978-2193547489-3213491474-1001\SOFTWARE\HQ-Video-Pro-2.1cV04.12-nv, , [08559acf305a80b6e285231fbb4a748c],
PUP.Optional.SavePass.A, HKU\S-1-5-21-3337465978-2193547489-3213491474-1001\SOFTWARE\SavePass 1.1-nv, , [15486900365481b560c86a74976cde22],
PUP.Optional.GeForce.A, HKU\S-1-5-21-3337465978-2193547489-3213491474-1001\SOFTWARE\APPDATALOW\SOFTWARE\Ge-Force, , [cd905a0f9cee40f660ce0a3451b4867a],
PUP.Optional.HQVideo.A, HKU\S-1-5-21-3337465978-2193547489-3213491474-1001\SOFTWARE\APPDATALOW\SOFTWARE\HQ-Video-Pro-2.1cV04.12, , [144998d1ed9dc670ff69d86a65a0659b],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 6
PUP.Optional.MultiPlug.A, C:\Users\TomA!A!\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnhfhjlfbaehncgjfnleejhehimhleip\202, , [ed703a2fc3c7d26407c411a40df6649c],
PUP.Optional.MultiPlug.A, C:\Users\TomA!A!\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnhfhjlfbaehncgjfnleejhehimhleip, , [ed703a2fc3c7d26407c411a40df6649c],
PUP.Optional.MultiPlug.A, C:\Users\TomA!A!\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdoinodpdahlmpgmpmhonheidpjhhnid\148, , [f26bff6a9af0270fc605ddd861a210f0],
PUP.Optional.MultiPlug.A, C:\Users\TomA!A!\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdoinodpdahlmpgmpmhonheidpjhhnid, , [f26bff6a9af0270fc605ddd861a210f0],
PUP.Optional.MultiPlug.A, C:\Users\TomA!A!\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcioajokdgfncdnnhajlofmphdobjhla\232, , [7edf9ecb3753c670a02bf5c0a0634cb4],
PUP.Optional.MultiPlug.A, C:\Users\TomA!A!\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcioajokdgfncdnnhajlofmphdobjhla, , [7edf9ecb3753c670a02bf5c0a0634cb4],

Soubory: 33
PUP.Optional.CrossRider, C:\Program Files (x86)\new game\new_game_notification_service.exe, , [520b7bee4a40a5917118fd45020020e0],
PUP.Optional.CrossRider, C:\Program Files (x86)\new game\new_game_updating_service.exe, , [e4792a3f9feb2a0c4b2f80c1748e4cb4],
PUP.Optional.HQVideo.A, C:\Users\TomA!A!\AppData\Roaming\MXPUWBDF.exe, , [2439c8a156342016cb13ba7059add32d],
PUP.Optional.Sense.A, C:\Users\TomA!A!\AppData\Roaming\CFBEDSDX.exe, , [1a437aef0f7b32048aa9c2b8b34ef10f],
PUP.Optional.HQVideo.A, C:\Users\TomA!A!\AppData\Roaming\WGPYQE.exe, , [67f60069b7d353e3f1ed4ddd66a07d83],
PUP.Optional.CrossRider.A, C:\Users\TomA!A!\AppData\Roaming\YGfDh4QaTC6i74pMkc7e.exe, , [e67773f66e1c39fdef26acabfc0424dc],
PUP.Optional.CrossRider.A, C:\Users\TomA!A!\AppData\Roaming\IxQnq8uZotLEwLLOPgFo.exe, , [6fee36333456a195e72e91c6aa561be5],
PUP.Optional.Sense.A, C:\Users\TomA!A!\AppData\Roaming\SM.exe, , [f7664d1c29613ef838fb1367d1300bf5],
PUP.Optional.CrossRider.A, C:\Users\TomA!A!\AppData\Roaming\lpVZv7X228u6cWyo3qjt.exe, , [431a15545832e84e4acb154243bdcc34],
Trojan.Bitcoin.SE, C:\Users\TomA!A!\Documents\bioshock-infinite.exe, , [65f8e38693f74fe7a53e8cc12fd2de22],
PUP.Optional.Nova.A, C:\zoek_backup\C_Program Files (x86)_2e56a52c-17d4-4d58-bfcb-f011299ed8e9_49fe1220-29fd-4268-a86e-ef5d476dfcf7.dll.vir, , [89d487e2f595b77fbd9e828dbb4717e9],
PUP.Optional.Nova.A, C:\zoek_backup\C_Program Files (x86)_Adobe_da163475-d09b-495e-83d1-b9e33fd0402e.dll.vir, , [5508a3c681095adc77e4020dba48f60a],
PUP.Optional.Nova.A, C:\zoek_backup\C_PROGRA~2_2e56a52c-17d4-4d58-bfcb-f011299ed8e9\49fe1220-29fd-4268-a86e-ef5d476dfcf7.dll, , [1647c5a490fadf57abb09b74c53dc838],
PUP.Optional.Nova.A, C:\zoek_backup\C_PROGRA~2_2e56a52c-17d4-4d58-bfcb-f011299ed8e9\576a9750-6521-4dda-b229-23c233cd9446.dll, , [312c0663dab0cb6bbba07699fb0753ad],
PUP.Optional.Nova.A, C:\zoek_backup\C_PROGRA~2_37d7f9d4-f496-4144-ade2-3b8aa39c35ba\cb515d45-ebaa-4080-8906-98e494595bd6.dll, , [ed70d099d2b822148dce729dca38738d],
PUP.Optional.MultiPlug.A, C:\Users\TomA!A!\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnhfhjlfbaehncgjfnleejhehimhleip\202\lsdb.js, , [ed703a2fc3c7d26407c411a40df6649c],
PUP.Optional.MultiPlug.A, C:\Users\TomA!A!\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnhfhjlfbaehncgjfnleejhehimhleip\202\background.html, , [ed703a2fc3c7d26407c411a40df6649c],
PUP.Optional.MultiPlug.A, C:\Users\TomA!A!\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnhfhjlfbaehncgjfnleejhehimhleip\202\content.js, , [ed703a2fc3c7d26407c411a40df6649c],
PUP.Optional.MultiPlug.A, C:\Users\TomA!A!\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnhfhjlfbaehncgjfnleejhehimhleip\202\manifest.json, , [ed703a2fc3c7d26407c411a40df6649c],
PUP.Optional.MultiPlug.A, C:\Users\TomA!A!\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnhfhjlfbaehncgjfnleejhehimhleip\202\vRR2xin.js, , [ed703a2fc3c7d26407c411a40df6649c],
PUP.Optional.MultiPlug.A, C:\Users\TomA!A!\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdoinodpdahlmpgmpmhonheidpjhhnid\148\lsdb.js, , [f26bff6a9af0270fc605ddd861a210f0],
PUP.Optional.MultiPlug.A, C:\Users\TomA!A!\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdoinodpdahlmpgmpmhonheidpjhhnid\148\background.html, , [f26bff6a9af0270fc605ddd861a210f0],
PUP.Optional.MultiPlug.A, C:\Users\TomA!A!\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdoinodpdahlmpgmpmhonheidpjhhnid\148\content.js, , [f26bff6a9af0270fc605ddd861a210f0],
PUP.Optional.MultiPlug.A, C:\Users\TomA!A!\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdoinodpdahlmpgmpmhonheidpjhhnid\148\manifest.json, , [f26bff6a9af0270fc605ddd861a210f0],
PUP.Optional.MultiPlug.A, C:\Users\TomA!A!\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdoinodpdahlmpgmpmhonheidpjhhnid\148\W2lnLF.js, , [f26bff6a9af0270fc605ddd861a210f0],
PUP.Optional.MultiPlug.A, C:\Users\TomA!A!\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcioajokdgfncdnnhajlofmphdobjhla\232\lsdb.js, , [7edf9ecb3753c670a02bf5c0a0634cb4],
PUP.Optional.MultiPlug.A, C:\Users\TomA!A!\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcioajokdgfncdnnhajlofmphdobjhla\232\background.html, , [7edf9ecb3753c670a02bf5c0a0634cb4],
PUP.Optional.MultiPlug.A, C:\Users\TomA!A!\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcioajokdgfncdnnhajlofmphdobjhla\232\content.js, , [7edf9ecb3753c670a02bf5c0a0634cb4],
PUP.Optional.MultiPlug.A, C:\Users\TomA!A!\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcioajokdgfncdnnhajlofmphdobjhla\232\manifest.json, , [7edf9ecb3753c670a02bf5c0a0634cb4],
PUP.Optional.MultiPlug.A, C:\Users\TomA!A!\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcioajokdgfncdnnhajlofmphdobjhla\232\u0p3Mh.js, , [7edf9ecb3753c670a02bf5c0a0634cb4],
PUP.Optional.QuickStart.A, C:\Users\TomA!A!\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma.crx, , [cc916cfd7a1060d61e75fbc38f7403fd],
Trojan.Script, C:\Windows\SysWOW64\mskfsglo.vbe, , [b9a4eb7e5832cb6b48610ff9bf45d828],
Trojan.Script, C:\Windows\SysWOW64\mslvru.vbe, , [baa334357b0f092d2287a36515ef669a],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Márty84]

Vsechny nalezy hodte do karanteny. Po dalsim restartu pc test s MBAM zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup

[simplyfine]

díky za všechny rady a posílám zatím poslední výsledek testu
a info o chování pc: firefox neustále vyskakující okna ADS BY name AD OPTIONS, zatím se nepřesměrovávají stránky- edit: už přesměrovává , IE je asi zatím nejvíc ok - nic nevyskakuje a ani se nepřesměrovává, Chrome - se "pouze" přesměrovává a nevyskakují okna

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 6.4.2015
Čas skenování: 18:09:22
Protokol: Malwarebytes nový test.txt
Správce: Ano

Verze: 2.01.4.1018
Databáze malwaru: v2015.04.06.07
Databáze rootkitů: v2015.03.31.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: TomA!A!

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 454115
Uplynulý čas: 25 min, 59 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Prema16]

Mám úplně stejný problém. V IE běží vše normálně. Ve firefox se nedá nic dělat ADblock něco zachytí, přesto je to hrůza.
Sleduji jak to dopadne abych zbytečně nezakládal nové téma.

[Márty84]

díky za všechny rady a posílám zatím poslední výsledek testu

Ale tentokrat jste nenastavila test jako poprve. Nevadi, pritvrdime.


Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Mám úplně stejný problém. V IE běží vše normálně. Ve firefox se nedá nic dělat ADblock něco zachytí, přesto je to hrůza.
Sleduji jak to dopadne abych zbytečně nezakládal nové téma.

Necekejte a zalozte si urcite sve tema. Kazdy pc je jiny, i pricina muze byt jina. Co nezabere tam, muze zabrat tam a opacne.

[simplyfine]

tak mám výsledek a chování pc - vše je stejné jako o patro výše: firefox na h...., vyskakujou blbý okýnka a přesměrovávají se stránky, IE je ok a chrome to samé firefox a tady posílám comfix:

ComboFix 15-04-01.01 - Tomáš 06.04.2015 20:56:50.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4076.2035 [GMT 2:00]
Spuštěný z: c:\users\TomßÜ\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Tomáš\AppData\Roaming\pf7gISjpqyWoBOPwbVGngYW.exe
c:\users\Tomáš\AppData\Roaming\s9ZKYkKryl6.exe
c:\users\Tomáš\AppData\Roaming\VtvjHxih3kn4ipYw3NqUzjxf1Ji.exe
c:\windows\PFRO.log
c:\windows\SysWow64\firefox
c:\windows\SysWow64\firefox\firefox_setup_13.0.exe
c:\windows\SysWow64\firefox\install-toolbar.bat
c:\windows\SysWow64\firefox\lista-atlas-cz.xpi
c:\windows\SysWow64\System32\MASetupCleaner.exe
c:\windows\SysWow64\System32\muzapp.exe
D:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-03-06 do 2015-04-06 )))))))))))))))))))))))))))))))
.
.
2015-04-06 19:05 . 2015-04-06 19:05 -------- d-----w- c:\users\TOC19D~1\AppData\Local\temp
2015-04-06 19:05 . 2015-04-06 19:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-04-06 17:24 . 2015-04-06 16:57 24064 ----a-w- c:\windows\zoek-delete.exe
2015-04-06 17:24 . 2015-04-06 19:05 -------- d-----w- c:\users\Tomáš\AppData\Local\Temp
2015-04-06 17:24 . 2015-04-06 17:24 -------- d-----w- c:\users\Tom??
2015-04-06 13:14 . 2015-04-06 16:07 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-06 13:14 . 2015-03-17 04:15 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-04-06 13:14 . 2015-03-17 04:15 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-04-06 13:14 . 2015-03-17 04:15 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-04-06 10:40 . 2015-04-06 10:40 -------- d-----w- c:\users\TomßÜ
2015-04-06 10:21 . 2015-04-06 17:15 -------- d-----w- C:\zoek_backup
2015-04-06 10:15 . 2015-04-06 10:15 -------- d-----w- C:\RegBackup
2015-04-06 10:04 . 2015-04-06 16:55 -------- d-----w- C:\AdwCleaner
2015-04-06 09:50 . 2015-04-06 09:53 -------- d-----w- c:\program files\trend micro
2015-04-06 09:50 . 2015-04-06 09:50 -------- d-----w- C:\rsit
2015-04-06 09:09 . 2015-03-14 10:02 12002392 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EF8D1BBC-F95E-484A-B89B-C8EB708A8153}\mpengine.dll
2015-04-05 08:45 . 2015-03-14 10:02 12002392 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-04-04 20:55 . 2015-02-25 08:24 44856 ----a-w- c:\windows\system32\uxt6279.tmp
2015-04-04 20:49 . 2015-04-04 20:49 -------- d-----w- c:\program files (x86)\AVG
2015-04-04 17:35 . 2015-04-04 17:35 -------- d-s---w- c:\windows\system32\GWX
2015-04-04 17:35 . 2015-04-04 17:35 -------- d-s---w- c:\windows\SysWow64\GWX
2015-04-04 15:42 . 2015-03-13 15:38 622224 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-04-04 14:59 . 2015-04-04 14:59 -------- d-----w- c:\users\Tomáš\AppData\Roaming\LavasoftStatistics
2015-04-04 14:59 . 2015-03-12 09:59 373864 ----a-w- c:\windows\system32\LavasoftTcpService64.dll
2015-04-01 14:34 . 2015-04-01 14:34 -------- d-----w- c:\users\Tomáš\Tracing
2015-03-31 18:02 . 2015-03-26 15:00 1187344 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{43EF85C9-0C1C-4E62-AA4E-98C9D80B95B7}\gapaengine.dll
2015-03-31 17:51 . 2015-03-31 17:51 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2015-03-25 12:37 . 2015-03-11 04:06 677888 ----a-w- c:\windows\system32\generaltel.dll
2015-03-25 12:37 . 2015-03-11 04:06 760832 ----a-w- c:\windows\system32\invagent.dll
2015-03-25 12:37 . 2015-03-11 04:06 414720 ----a-w- c:\windows\system32\devinv.dll
2015-03-25 12:37 . 2015-03-11 04:06 943616 ----a-w- c:\windows\system32\appraiser.dll
2015-03-25 12:37 . 2015-03-11 04:05 30720 ----a-w- c:\windows\system32\acmigration.dll
2015-03-25 12:37 . 2015-03-11 04:05 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-03-25 12:37 . 2015-03-11 04:05 192000 ----a-w- c:\windows\system32\aepic.dll
2015-03-25 12:37 . 2015-03-11 04:02 1107456 ----a-w- c:\windows\system32\aeinv.dll
2015-03-23 13:21 . 2015-03-23 13:21 -------- d-----w- c:\users\Tomáš\AppData\Roaming\HomeMakeover3PC
2015-03-21 19:35 . 2015-03-21 19:35 -------- d-----w- c:\users\Tomáš\AppData\Local\MAGIX
2015-03-21 15:17 . 2003-04-18 15:29 44544 ----a-w- c:\windows\SysWow64\msxml4a.dll
2015-03-21 15:11 . 2015-03-21 15:11 -------- d-----w- c:\users\Tomáš\AppData\Roaming\Logitech
2015-03-15 15:58 . 2015-03-15 15:58 -------- d-----w- c:\users\Tomáš\AppData\Roaming\ZOG
2015-03-11 14:11 . 2015-02-20 04:41 41984 ----a-w- c:\windows\system32\lpk.dll
2015-03-11 14:11 . 2015-02-20 04:40 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-03-11 14:11 . 2015-02-20 04:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-03-11 14:11 . 2015-02-20 03:29 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-03-11 14:11 . 2015-02-20 03:09 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-03-11 14:11 . 2015-02-20 04:40 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-03-11 14:11 . 2015-02-20 04:40 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-03-11 14:11 . 2015-02-20 04:13 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-03-11 14:11 . 2015-02-20 04:13 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-03-11 14:11 . 2015-02-20 04:12 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-03-11 14:11 . 2015-01-31 03:48 3179520 ----a-w- c:\windows\system32\rdpcorets.dll
2015-03-11 14:11 . 2015-01-31 03:48 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 14:11 . 2015-01-30 23:56 243200 ----a-w- c:\windows\system32\rdpudd.dll
2015-03-11 14:09 . 2015-02-03 03:31 215552 ----a-w- c:\windows\system32\ubpm.dll
2015-03-11 14:04 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2015-03-11 14:04 . 2015-02-04 02:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-04 10:14 . 2015-02-18 13:52 20 ----a-w- c:\users\Tomáš\AppData\Roaming\appdataFr3.bin
2015-04-04 10:14 . 2015-02-18 13:52 20 ----a-w- c:\users\Tomáš\AppData\Roaming\appdataFr3.bin
2015-03-30 13:25 . 2014-03-19 19:13 33856 ---ha-w- c:\windows\system32\hamachi.sys
2015-03-28 03:44 . 2014-11-22 13:12 1316000 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-03-28 03:44 . 2014-11-22 13:12 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-03-28 03:43 . 2014-11-22 13:12 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-03-28 03:43 . 2014-11-22 13:12 1570672 ----a-w- c:\windows\system32\nvspcap64.dll
2015-03-26 15:00 . 2015-02-22 15:50 1187344 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-03-22 17:48 . 2012-04-02 21:01 778928 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-03-22 17:48 . 2011-07-11 04:09 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-13 19:41 . 2015-01-22 19:18 16022016 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-03-13 19:41 . 2012-02-09 04:27 18580512 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-03-13 19:41 . 2012-02-09 04:27 14121624 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-03-13 19:41 . 2012-02-09 04:27 3303448 ----a-w- c:\windows\system32\nvapi64.dll
2015-03-13 16:16 . 2011-03-08 21:19 6861968 ----a-w- c:\windows\system32\nvcpl.dll
2015-03-13 16:16 . 2011-03-08 21:19 3526856 ----a-w- c:\windows\system32\nvsvc64.dll
2015-03-13 16:16 . 2011-03-08 21:19 935056 ----a-w- c:\windows\system32\nvvsvc.exe
2015-03-13 16:16 . 2011-03-08 21:19 75976 ----a-w- c:\windows\system32\nv3dappshextr.dll
2015-03-13 16:16 . 2011-03-08 21:19 62608 ----a-w- c:\windows\system32\nvshext.dll
2015-03-13 16:16 . 2011-03-08 21:19 386248 ----a-w- c:\windows\system32\nvmctray.dll
2015-03-13 16:16 . 2011-03-08 21:19 2559808 ----a-w- c:\windows\system32\nvsvcr.dll
2015-03-13 16:16 . 2011-03-08 21:19 1099408 ----a-w- c:\windows\system32\nv3dappshext.dll
2015-03-11 16:48 . 2012-03-30 18:21 122905856 ----a-w- c:\windows\system32\MRT.exe
2015-03-11 13:10 . 2011-03-08 21:19 4246327 ----a-w- c:\windows\system32\nvcoproc.bin
2015-03-06 05:42 . 2015-03-11 14:09 341504 ----a-w- c:\windows\system32\schannel.dll
2015-03-06 05:10 . 2015-03-11 14:09 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-03-03 13:17 . 2010-11-21 03:27 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-02-10 10:36 . 2013-11-02 16:34 627912 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2015-02-05 21:01 . 2015-02-15 15:19 1895240 ----a-w- c:\windows\system32\nvdispco6434752.dll
2015-02-05 21:01 . 2015-02-15 15:19 1557648 ----a-w- c:\windows\system32\nvdispgenco6434752.dll
2015-01-27 23:36 . 2015-02-11 16:36 1239720 ----a-w- c:\windows\system32\aitstatic.exe
2015-01-13 04:15 . 2015-01-22 19:18 1540240 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2015-01-10 08:07 . 2015-01-22 19:18 1556808 ----a-w- c:\windows\system32\nvdispgenco6434725.dll
2015-01-10 08:07 . 2015-01-22 19:18 1895240 ----a-w- c:\windows\system32\nvdispco6434725.dll
2015-01-09 03:14 . 2015-02-15 15:30 91136 ----a-w- c:\windows\system32\wdi.dll
2015-01-09 03:14 . 2015-02-15 15:30 29696 ----a-w- c:\windows\system32\powertracker.dll
2015-01-09 03:14 . 2015-02-15 15:30 950272 ----a-w- c:\windows\system32\perftrack.dll
2015-01-09 02:48 . 2015-02-15 15:30 76800 ----a-w- c:\windows\SysWow64\wdi.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-03-14 08:44 329376 ----a-w- c:\users\Tomáš\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-03-14 08:44 329376 ----a-w- c:\users\Tomáš\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-03-14 08:44 329376 ----a-w- c:\users\Tomáš\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *bddel.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" -d
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe"
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"LWS"=c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 cpuz134;cpuz134;c:\users\TOM~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\TOM~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 GamesAppIntegrationService;GamesAppIntegrationService;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 massfilter_hs;HS HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys;c:\windows\SYSNATIVE\drivers\massfilter_hs.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 PcaSp60;Rawether NDIS 6.X SPR Protocol Driver;c:\windows\system32\DRIVERS\PcaSp60.sys;c:\windows\SYSNATIVE\DRIVERS\PcaSp60.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 ClickToRunSvc;Služba Microsoft Office ClickToRun;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Webcam C310(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - NVSTREAMKMS
*Deregistered* - TuneUpUtilitiesDrv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-04-04 16:29 1061704 ----a-w- c:\program files (x86)\Google\Chrome\Application\41.0.2272.118\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-04-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 17:48]
.
2015-04-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-30 18:23]
.
2015-04-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-30 18:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-05-23 00:10 671904 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-05-23 00:10 671904 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-05-23 00:10 671904 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-03-14 08:44 358056 ----a-w- c:\users\Tomáš\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-03-14 08:44 358056 ----a-w- c:\users\Tomáš\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-03-14 08:44 358056 ----a-w- c:\users\Tomáš\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-02-10 11:52 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-02-10 11:52 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-02-10 11:52 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-30 11660904]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-03-28 2673296]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-01-30 1332296]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
mStart Page = about:blank
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
FF - ProfilePath - c:\users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\s67l7c61.default\
FF - prefs.js: browser.startup.homepage - hxxp://atlas.centrum.cz/
.
.
------- Asociace souborů -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-04-06 21:08:19
ComboFix-quarantined-files.txt 2015-04-06 19:08
.
Před spuštěním: Volných bajtů: 50 318 446 592
Po spuštění: Volných bajtů: 49 799 790 592
.
- - End Of File - - 5EDA01FB219B2EFC9FD8CA48DD5EE118