PC zavirováno

[toox]

Log z MBAM

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 22.11.2015
Čas skenování: 19:52
Protokol: f.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2015.11.22.05
Databáze rootkitů: v2015.11.22.02
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Honza

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 385221
Uplynulý čas: 14 min, 26 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 12
Trojan.Agent.MSIL, C:\Users\Honza\AppData\Local\Volity.exe, 1240, , [fb12176a0a8143f3a7f9d44e6899f10f]
PUP.Optional.Amonetize, C:\Program Files\Dripkix\Dripkix.exe, 5576, , [25e87a07ff8c5cda7c8390b753ae718f]
PUP.Optional.WindowsProtectManager, C:\ProgramData\HWMiniProH\WMiniPro.exe, 3060, , [60ad87fa96f53df92d008ffaf40dcc34]
PUP.Optional.Elex, C:\Program Files (x86)\SFK\SSFK.exe, 5796, , [937acdb4cbc0340286810a9cea17a45c]
PUP.Optional.Elex, C:\Program Files (x86)\SFK\SSFK.exe, 6128, , [937acdb4cbc0340286810a9cea17a45c]
PUP.Optional.BrowseFox.Generic, C:\Program Files (x86)\00000000-1448217437-0000-0000-1C6F65469F9A\jnsc299C.tmp, 3228, , [5fae0f72018a38fe604c22dedc245da3]
PUP.Optional.BrowseFox.Generic, C:\Program Files (x86)\00000000-1448217437-0000-0000-1C6F65469F9A\hnsn401B.tmp, 3456, , [85887c05e4a747efc8e443bd54acc23e]
PUP.Optional.BrowseFox.Generic, C:\Program Files (x86)\00000000-1448217437-0000-0000-1C6F65469F9A\knsc130A.tmpfs, 2256, , [3ecf275acac17cbaf5b7df21cd330bf5]
PUP.Optional.BrowseFox.Generic, C:\Users\Honza\AppData\Local\00000000-1448221105-0000-0000-1C6F65469F9A\snsy11EA.tmp, 3724, , [50bd5031d8b372c4e7c654ac45bbf709]
PUP.Optional.MultiPlug, C:\Program Files (x86)\00000000-1448217437-0000-0000-1C6F65469F9A\vnsc78B.tmp, 604, , [65a8f988d0bb280ebed35c301fe4fc04]
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\ihpmServer.exe, 5488, , [917c9be6b8d3cb6beae88b25b15253ad]
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\notifier.exe, 5200, , [da331e63b9d23bfb6c68587da85ba25e]

Moduly: 2
PUP.Optional.CrossRider, C:\Users\Honza\AppData\Local\Comp Mart\zBin\CompMart.dll, , [3bd20e73256605318a332d2a33d16898],
PUP.Optional.CrossAd.Gen, C:\Users\Honza\AppData\Local\Comp Mart\zBin\xdwspqst.dll, , [927b146d3a51fe389c5e2c5b6a9ac23e],

Klíče registru: 31
Trojan.Agent.MSIL, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\dnwnloadvpaate, , [fb12176a0a8143f3a7f9d44e6899f10f],
PUP.Optional.Amonetize, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Dripkix, , [25e87a07ff8c5cda7c8390b753ae718f],
PUP.Optional.CrossRider, HKU\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{9563BC59-9556-4805-8CD4-886781779D8D}, , [3bd20e73256605318a332d2a33d16898],
PUP.Optional.WindowsProtectManager, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WdsManPro, , [60ad87fa96f53df92d008ffaf40dcc34],
PUP.Optional.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SSFK, , [937acdb4cbc0340286810a9cea17a45c],
PUP.Optional.BrowseFox.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\gofidywi, , [5fae0f72018a38fe604c22dedc245da3],
PUP.Optional.BrowseFox.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\guzoroxu, , [85887c05e4a747efc8e443bd54acc23e],
PUP.Optional.BrowseFox.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\zuropygu, , [3ecf275acac17cbaf5b7df21cd330bf5],
PUP.Optional.BrowseFox.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\rylusycy, , [50bd5031d8b372c4e7c654ac45bbf709],
PUP.Optional.WinManger, HKLM\SOFTWARE\CLASSES\APPID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}, , [ab62b0d1ddae0c2ab98ddd6615ed8a76],
PUP.Optional.WinManger, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}, , [ab62b0d1ddae0c2ab98ddd6615ed8a76],
PUP.Optional.WinManger, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}, , [ab62b0d1ddae0c2ab98ddd6615ed8a76],
PUP.Optional.ConvertAd, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SoftwareUpdater, , [af5eb1d0f29956e0d50c0a675ca748b8],
PUP.Optional.Elex, HKLM\SOFTWARE\CLASSES\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ihpmServer, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.FeedNotifier, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{6091F327-2B13-4193-A6F1-4B2271613A74}_is1, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.DownChecker, HKLM\SOFTWARE\downchecker, , [60ad1968385394a2c5464350c43e718f],
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\MICROSOFT\TRACING\Dripkix_RASAPI32, , [8c81d9a8ccbf1d19d742de0828db1be5],
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\MICROSOFT\TRACING\Dripkix_RASMANCS, , [0effb0d1e3a8c07672a75492b25142be],
PUP.Optional.DownChecker, HKLM\SOFTWARE\WOW6432NODE\downchecker, , [c944f38eaddeb1857497058e1ae80bf5],
PUP.Optional.FFPluginHp, HKLM\SOFTWARE\WOW6432NODE\FFPluginHp, , [dc31e29f3655ce680891b2c9b0535ea2],
PUP.Optional.Elex, HKLM\SOFTWARE\WOW6432NODE\ihpmserver, , [2be27f022b603105c50e5759828107f9],
PUP.Optional.WdsManPro, HKLM\SOFTWARE\WOW6432NODE\WdsManPro, , [c6472f526b2092a491e7e8c5c93a19e7],
PUP.Optional.PCSpeedUp, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\PCSUSpeedTest_RASAPI32, , [927bf28ff992f046fb48a10f5da642be],
PUP.Optional.PCSpeedUp, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\PCSUSpeedTest_RASMANCS, , [838a1f620b8060d62d16e9c72dd608f8],
PUP.Optional.VOPackage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPackage, , [bd50394890fbe94d7a41f0b49b6808f8],
PUP.Optional.Elex, HKLM\SOFTWARE\WOW6432NODE\RAYDLD, , [4fbe433e3556e452836aa8e99f6351af],
PUP.Optional.DeskCut, HKU\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\MOZILLA\EXTENDS, , [5bb2671a0e7df640adcacaad40c3e719],
PUP.Optional.OutBrowse, HKU\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\OB, , [53ba5b26127993a3cee98609ed1621df],

Hodnoty registru: 19
PUP.Optional.Package, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|Update, C:\Users\Honza\AppData\Roaming\VOPackage\VOPackage.exe /runonce, , [a06dcfb2404bc175b61eaee114effb05]
PUP.Optional.VOPackage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPACKAGE|UninstallString, "C:\Users\Honza\AppData\Roaming\VOPackage\Uninstall.exe", , [f419e79a58337eb8377edcc61ce69d63]
PUP.Optional.DeskCut, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|deskCutv2@gmail.com, C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\extensions\deskCutv2@gmail.com, , [f11c7d042d5e66d0d6a27ff86e959868]
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|yahooprotected@gmail.com, C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\extensions\yahooprotected@gmail.com, , [808d552c424914220419325dc83a9b65]
PUP.Optional.Elex, HKLM\SOFTWARE\WOW6432NODE\RAYDLD|dir, C:\Program Files (x86)\RayDld, , [4fbe433e3556e452836aa8e99f6351af]
PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\gofidywi|ImagePath, C:\Program Files (x86)\00000000-1448217437-0000-0000-1C6F65469F9A\jnsc299C.tmp, , [f21b5a279eeda2942c91e3a9e221d32d]
PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\guzoroxu|ImagePath, C:\Program Files (x86)\00000000-1448217437-0000-0000-1C6F65469F9A\hnsn401B.tmp, , [8885374a65265dd9457803896a9905fb]
PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\rylusycy|ImagePath, C:\Users\Honza\AppData\Local\00000000-1448221105-0000-0000-1C6F65469F9A\snsy11EA.tmp, , [ad60abd66d1ee94d5c61494320e301ff]
PUP.Optional.MultiPlug, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\zuropygu|ImagePath, C:\Program Files (x86)\00000000-1448217437-0000-0000-1C6F65469F9A\knsc130A.tmpfs, , [808df78ae8a3a591902d3b512dd60bf5]
PUP.Optional.Linkury.ShrtCln, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DRIPKIX|ImagePath, "C:\Program Files\Dripkix\Dripkix.exe" /s iid=8089439 did=Missing sid= ref= id=abe75eecd72662aef2f585bf5e3998cf1b9656d269129792f9bfeb117ea6d969, , [63aa85fc4b40db5b109e1fc27b883ac6]
PUP.Optional.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SSFK|ImagePath, C:\Program Files (x86)\SFK\SSFK.exe -s, , [3cd1c5bc6e1d69cdb5786c27847e26da]
PUP.Optional.WindowsProtectManager, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WdsManPro|ImagePath, C:\ProgramData\HWMiniProH\WMiniPro.exe -service, , [39d4265bbdced75fb4464893c142ed13]
PUP.Optional.DeskCut, HKU\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\MOZILLA\EXTENDS|appid, deskCutv2@gmail.com, , [5bb2671a0e7df640adcacaad40c3e719]
PUP.Optional.OutBrowse, HKU\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\OB|monitype20, 11/22/15 19:37:19, , [53ba5b26127993a3cee98609ed1621df]
PUP.Optional.OutBrowse, HKU\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\OB|monitype24, 11/22/15 19:37:19, , [ba5394ed107b1224c6f1533cb3508e72]
PUP.Optional.OutBrowse, HKU\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\OB|monitype27, 11/22/15 19:37:19, , [51bc324ff8930e286f481c737a8941bf]
PUP.Optional.OutBrowse, HKU\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\OB|monitype6, 11/22/15 19:38:32, , [6f9efe83b3d8d5612097830cc340f20e]
PUP.Optional.OutBrowse, HKU\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\OB|monitype14, 11/22/15 19:39:16, , [53bae39edab14fe7bafd8e01da295da3]
PUP.Optional.OutBrowse, HKU\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\OB|monitype15, 11/22/15 19:40:51, , [b954f28f771486b0d8df127d1be84cb4]

Data registru: 6
PUP.Optional.OurSearch, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|CustomizeSearch, http://www.yoursearching.com/web/?type= ... earchTerms}, Dobré: (www.google.com), Špatné: (http://www.yoursearching.com/web/?type= ... earchTerms}),,[67a60e735437ed49029a84dd51b3728e]
PUP.Optional.OurSearch, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://www.yoursearching.com/web/?type= ... earchTerms}, Dobré: (www.google.com), Špatné: (http://www.yoursearching.com/web/?type= ... earchTerms}),,[8c81cab77b10bb7b16861d449c683fc1]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[ef1ee8993a51dd59460a352a9d6734cc]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[5cb19ae77615a78f113fe778749045bb]
PUP.Optional.OurSearch, HKU\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.yoursearching.com/?type=hp&t ... j90zc39855, Dobré: (www.google.com), Špatné: (http://www.yoursearching.com/?type=hp&t ... j90zc39855),,[56b78cf523681b1b1584a7ba12f2669a]
PUP.Optional.OurSearch, HKU\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.yoursearching.com/?type=hp&t ... j90zc39855, Dobré: (www.google.com), Špatné: (http://www.yoursearching.com/?type=hp&t ... j90zc39855),,[020bdaa76d1ef1454455b8a94bb94ab6]

Složky: 52
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14, , [bd50136eaae159ddc8072a663dc5ac54],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo, , [bd50136eaae159ddc8072a663dc5ac54],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1, , [37d6671a97f43402e2ed018f956d2cd4],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl, , [37d6671a97f43402e2ed018f956d2cd4],
PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14, , [cf3e3d44fe8dd5613f90cec26d95847c],
PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo, , [cf3e3d44fe8dd5613f90cec26d95847c],
PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1, , [a86548398ffcf3439d32a4ec3cc65ea2],
PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl, , [a86548398ffcf3439d32a4ec3cc65ea2],
PUP.Optional.MultiPlug, C:\Users\Honza\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14, , [df2ea5dc04876fc7b6197e12f2108a76],
PUP.Optional.MultiPlug, C:\Users\Honza\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo, , [df2ea5dc04876fc7b6197e12f2108a76],
PUP.Optional.MultiPlug, C:\Users\Honza\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1, , [32db90f18b000e286d62117f0101f30d],
PUP.Optional.MultiPlug, C:\Users\Honza\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl, , [32db90f18b000e286d62117f0101f30d],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14, , [13fa3849a3e84fe7844c0b850af8d828],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo, , [13fa3849a3e84fe7844c0b850af8d828],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1, , [5ab3c2bf5f2cea4c369af29e778b6b95],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl, , [5ab3c2bf5f2cea4c369af29e778b6b95],
PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14, , [96771b66ec9f3600ebe5058b6a98659b],
PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo, , [96771b66ec9f3600ebe5058b6a98659b],
PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1, , [fe0fa7da65266fc7943c9ef24fb323dd],
PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl, , [fe0fa7da65266fc7943c9ef24fb323dd],
PUP.Optional.MultiPlug, C:\Users\Honza\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14, , [b15c86fbe6a5d0664e82fb958181817f],
PUP.Optional.MultiPlug, C:\Users\Honza\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo, , [b15c86fbe6a5d0664e82fb958181817f],
PUP.Optional.MultiPlug, C:\Users\Honza\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1, , [24e9641deba0f93d844c0e82a062fa06],
PUP.Optional.MultiPlug, C:\Users\Honza\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl, , [24e9641deba0f93d844c0e82a062fa06],
PUP.Optional.ConvertAd, C:\Users\Honza\AppData\Local\00000000-1448221105-0000-0000-1C6F65469F9A, , [af5eb1d0f29956e0d50c0a675ca748b8],
PUP.Optional.MultiPlug, C:\Program Files (x86)\00000000-1448217437-0000-0000-1C6F65469F9A, , [65a8f988d0bb280ebed35c301fe4fc04],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\SFK, , [37d6b8c93a515adc8a7de0d41fe45ca4],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\cache, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\Microsoft.VC90.CRT, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\sounds, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.CrossAd.Gen, C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\jetpack\@E51D91331AE6C40F446AED1F1575C10FE51D, , [cb427b06315a072fd7d664fc10f2857b],
PUP.Optional.CrossAd.Gen, C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\jetpack\@E51D91331AE6C40F446AED1F1575C10FE51D\simple-storage, , [cb427b06315a072fd7d664fc10f2857b],
PUP.Optional.VOPackage, C:\Users\Honza\AppData\Roaming\VOPackage, , [23eaee930b80ae8852e44a3d738fc937],
PUP.Optional.VOPackage, C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage, , [2fdec6bb58331c1a69ceeb9cfc068c74],
PUP.Optional.FastSearch, C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\extensions\1448217637_xpi, , [62ab0d74bbd02610742587030df51ce4],
PUP.Optional.FastSearch, C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\extensions\1448217637_xpi\chrome, , [62ab0d74bbd02610742587030df51ce4],
PUP.Optional.FastSearch, C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\extensions\1448217637_xpi\chrome\content, , [62ab0d74bbd02610742587030df51ce4],
PUP.Optional.FastSearch, C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\extensions\1448217637_xpi\chrome\skin, , [62ab0d74bbd02610742587030df51ce4],
PUP.Optional.WindowsProtectManager, C:\ProgramData\HWMiniProH, , [3fceed940e7dd066b8facdbfb74bb749],
PUP.Optional.WindowsProtectManager, C:\ProgramData\HWMiniProH\mitest, , [3fceed940e7dd066b8facdbfb74bb749],
PUP.Optional.Dripkix, C:\Program Files\Dripkix, , [818ca0e1cdbe93a31f71305de31ff60a],
PUP.Optional.Dripkix, C:\Program Files\Dripkix\packages, , [818ca0e1cdbe93a31f71305de31ff60a],
PUP.Optional.Dripkix, C:\Program Files\Dripkix\packages\1ab53720-b44a-4ee5-ae8e-6a68eedfdbe8, , [818ca0e1cdbe93a31f71305de31ff60a],
PUP.Optional.IStartPageing.ChrPRST, C:\Users\Honza\AppData\Roaming\istartpageing, , [0c0198e9a5e61125be3aa1ed1be7f010],
PUP.Optional.CrossAd.Gen, C:\Users\Honza\AppData\Local\Comp Mart\Component, , [927b146d3a51fe389c5e2c5b6a9ac23e],
PUP.Optional.CrossAd.Gen, C:\Users\Honza\AppData\Local\Comp Mart, , [927b146d3a51fe389c5e2c5b6a9ac23e],
PUP.Optional.CrossAd.Gen, C:\Users\Honza\AppData\Local\Comp Mart\Component2, , [927b146d3a51fe389c5e2c5b6a9ac23e],
PUP.Optional.CrossAd.Gen, C:\Users\Honza\AppData\Local\Comp Mart\zBin, , [927b146d3a51fe389c5e2c5b6a9ac23e],

Soubory: 216
Trojan.Agent.MSIL, C:\Users\Honza\AppData\Local\Volity.exe, , [fb12176a0a8143f3a7f9d44e6899f10f],
PUP.Optional.Amonetize, C:\Program Files\Dripkix\Dripkix.exe, , [25e87a07ff8c5cda7c8390b753ae718f],
PUP.Optional.CrossRider, C:\Users\Honza\AppData\Local\Comp Mart\zBin\CompMart.dll, , [3bd20e73256605318a332d2a33d16898],
PUP.Optional.WindowsProtectManager, C:\ProgramData\HWMiniProH\WMiniPro.exe, , [60ad87fa96f53df92d008ffaf40dcc34],
PUP.Optional.Elex, C:\Program Files (x86)\SFK\SSFK.exe, , [937acdb4cbc0340286810a9cea17a45c],
PUP.Optional.BrowseFox.Generic, C:\Program Files (x86)\00000000-1448217437-0000-0000-1C6F65469F9A\jnsc299C.tmp, , [5fae0f72018a38fe604c22dedc245da3],
PUP.Optional.BrowseFox.Generic, C:\Program Files (x86)\00000000-1448217437-0000-0000-1C6F65469F9A\hnsn401B.tmp, , [85887c05e4a747efc8e443bd54acc23e],
PUP.Optional.BrowseFox.Generic, C:\Program Files (x86)\00000000-1448217437-0000-0000-1C6F65469F9A\knsc130A.tmpfs, , [3ecf275acac17cbaf5b7df21cd330bf5],
PUP.Optional.BrowseFox.Generic, C:\Users\Honza\AppData\Local\00000000-1448221105-0000-0000-1C6F65469F9A\snsy11EA.tmp, , [50bd5031d8b372c4e7c654ac45bbf709],
Trojan.Agent.MSIL, C:\Users\Honza\AppData\Local\Temp\Js9Do.tmp, , [1fee433e46454ee8257b44de5fa256aa],
Heuristics.Shuriken, C:\Users\Honza\AppData\Local\Temp\_@665D.tmp, , [ffffffffffffffffffffffffffffffff],
PUP.Optional.Somoto, C:\Users\Honza\AppData\Local\Temp\bitool.dll, , [b8554a3707845adcbefff3c34fb210f0],
PUP.Optional.Somoto, C:\Users\Honza\AppData\Local\Temp\nsc6B7F.tmp, , [b5581968b9d22214fc99f193cd37f30d],
Trojan.Downloader, C:\Users\Honza\AppData\Local\Temp\nslF697.tmp, , [719c99e8a5e6be7814bb45108381a45c],
PUP.Optional.Amonetize, C:\Users\Honza\AppData\Local\Temp\nsoD67F.exe, , [c54861200685023466b098868a77e21e],
PUP.Optional.CheckOffer, C:\Users\Honza\AppData\Local\Temp\nssDBD6.tmp, , [db32a5dc9af1d5614ee241c0b64ba858],
Trojan.Agent.MSIL, C:\Users\Honza\AppData\Local\Temp\Js9Do\xrc.exe, , [3ad3b4cd3358ca6cccd4c55d1fe2db25],
PUP.Optional.Runner, C:\Users\Honza\AppData\Local\Temp\Js9Dox\runner.exe, , [e5285f225635181efbb0af97bf41bc44],
PUP.Optional.Elex, C:\Users\Honza\AppData\Local\Temp\benz34\tmp\SSFK_v2.0.6.50.exe, , [937aa3de305b171f10f770363ac727d9],
PUP.Optional.WindowsProtectManager, C:\Users\Honza\AppData\Local\Temp\benz34\tmp\wpm_v20.0.0.2305.exe, , [e02d4839acdf77bf9d90abde28d9f907],
Trojan.PasswordStealer.Generic, C:\Windows\Temp\ld4aidwp.g54.exe, , [d6371c65f794fd39832ee179f11034cc],
PUP.Optional.OutBrowse, C:\Users\Honza\Downloads\Setup.exe, , [db32e49d602bf93dfbcda006629fa759],
PUP.Optional.Yontoo.IStartSurf.ShrtCln, C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\searchplugins\istartpageing.xml, , [e12c7e03eba00333e9889ef137cbb54b],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14\lsdb.js, , [bd50136eaae159ddc8072a663dc5ac54],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14\background.html, , [bd50136eaae159ddc8072a663dc5ac54],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14\content.js, , [bd50136eaae159ddc8072a663dc5ac54],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14\manifest.json, , [bd50136eaae159ddc8072a663dc5ac54],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\lsdb.js, , [37d6671a97f43402e2ed018f956d2cd4],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\background.html, , [37d6671a97f43402e2ed018f956d2cd4],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\content.js, , [37d6671a97f43402e2ed018f956d2cd4],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\manifest.json, , [37d6671a97f43402e2ed018f956d2cd4],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\newtab.html, , [37d6671a97f43402e2ed018f956d2cd4],
PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14\lsdb.js, , [cf3e3d44fe8dd5613f90cec26d95847c],
PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14\background.html, , [cf3e3d44fe8dd5613f90cec26d95847c],
PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14\content.js, , [cf3e3d44fe8dd5613f90cec26d95847c],
PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14\manifest.json, , [cf3e3d44fe8dd5613f90cec26d95847c],
PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\lsdb.js, , [a86548398ffcf3439d32a4ec3cc65ea2],
PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\background.html, , [a86548398ffcf3439d32a4ec3cc65ea2],
PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\content.js, , [a86548398ffcf3439d32a4ec3cc65ea2],
PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\manifest.json, , [a86548398ffcf3439d32a4ec3cc65ea2],
PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\newtab.html, , [a86548398ffcf3439d32a4ec3cc65ea2],
PUP.Optional.MultiPlug, C:\Users\Honza\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14\lsdb.js, , [df2ea5dc04876fc7b6197e12f2108a76],
PUP.Optional.MultiPlug, C:\Users\Honza\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14\background.html, , [df2ea5dc04876fc7b6197e12f2108a76],
PUP.Optional.MultiPlug, C:\Users\Honza\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14\content.js, , [df2ea5dc04876fc7b6197e12f2108a76],
PUP.Optional.MultiPlug, C:\Users\Honza\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14\manifest.json, , [df2ea5dc04876fc7b6197e12f2108a76],
PUP.Optional.MultiPlug, C:\Users\Honza\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\lsdb.js, , [32db90f18b000e286d62117f0101f30d],
PUP.Optional.MultiPlug, C:\Users\Honza\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\background.html, , [32db90f18b000e286d62117f0101f30d],
PUP.Optional.MultiPlug, C:\Users\Honza\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\content.js, , [32db90f18b000e286d62117f0101f30d],
PUP.Optional.MultiPlug, C:\Users\Honza\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\manifest.json, , [32db90f18b000e286d62117f0101f30d],
PUP.Optional.MultiPlug, C:\Users\Honza\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\newtab.html, , [32db90f18b000e286d62117f0101f30d],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14\lsdb.js, , [13fa3849a3e84fe7844c0b850af8d828],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14\background.html, , [13fa3849a3e84fe7844c0b850af8d828],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14\content.js, , [13fa3849a3e84fe7844c0b850af8d828],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14\manifest.json, , [13fa3849a3e84fe7844c0b850af8d828],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\lsdb.js, , [5ab3c2bf5f2cea4c369af29e778b6b95],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\background.html, , [5ab3c2bf5f2cea4c369af29e778b6b95],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\content.js, , [5ab3c2bf5f2cea4c369af29e778b6b95],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\manifest.json, , [5ab3c2bf5f2cea4c369af29e778b6b95],
PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\newtab.html, , [5ab3c2bf5f2cea4c369af29e778b6b95],
PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14\lsdb.js, , [96771b66ec9f3600ebe5058b6a98659b],
PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14\background.html, , [96771b66ec9f3600ebe5058b6a98659b],
PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14\content.js, , [96771b66ec9f3600ebe5058b6a98659b],
PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14\manifest.json, , [96771b66ec9f3600ebe5058b6a98659b],
PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\lsdb.js, , [fe0fa7da65266fc7943c9ef24fb323dd],
PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\background.html, , [fe0fa7da65266fc7943c9ef24fb323dd],
PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\content.js, , [fe0fa7da65266fc7943c9ef24fb323dd],
PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\manifest.json, , [fe0fa7da65266fc7943c9ef24fb323dd],
PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\newtab.html, , [fe0fa7da65266fc7943c9ef24fb323dd],
PUP.Optional.MultiPlug, C:\Users\Honza\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14\lsdb.js, , [b15c86fbe6a5d0664e82fb958181817f],
PUP.Optional.MultiPlug, C:\Users\Honza\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14\background.html, , [b15c86fbe6a5d0664e82fb958181817f],
PUP.Optional.MultiPlug, C:\Users\Honza\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14\content.js, , [b15c86fbe6a5d0664e82fb958181817f],
PUP.Optional.MultiPlug, C:\Users\Honza\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gelkmhmjloceoieeahaihoehkpljmmoo\2.14\manifest.json, , [b15c86fbe6a5d0664e82fb958181817f],
PUP.Optional.MultiPlug, C:\Users\Honza\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\lsdb.js, , [24e9641deba0f93d844c0e82a062fa06],
PUP.Optional.MultiPlug, C:\Users\Honza\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\background.html, , [24e9641deba0f93d844c0e82a062fa06],
PUP.Optional.MultiPlug, C:\Users\Honza\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\content.js, , [24e9641deba0f93d844c0e82a062fa06],
PUP.Optional.MultiPlug, C:\Users\Honza\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\manifest.json, , [24e9641deba0f93d844c0e82a062fa06],
PUP.Optional.MultiPlug, C:\Users\Honza\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mojijhkkfiomlbbflehapamfglaodndl\2.1\newtab.html, , [24e9641deba0f93d844c0e82a062fa06],
PUP.Optional.ConvertAd, C:\Users\Honza\AppData\Local\00000000-1448221105-0000-0000-1C6F65469F9A\Uninstall.exe, , [af5eb1d0f29956e0d50c0a675ca748b8],
PUP.Optional.ConvertAd, C:\Users\Honza\AppData\Local\00000000-1448221105-0000-0000-1C6F65469F9A\onsy11EC.tmp, , [af5eb1d0f29956e0d50c0a675ca748b8],
PUP.Optional.ConvertAd, C:\Users\Honza\AppData\Local\00000000-1448221105-0000-0000-1C6F65469F9A\pnsy11ED.exe, , [af5eb1d0f29956e0d50c0a675ca748b8],
PUP.Optional.ConvertAd, C:\Users\Honza\AppData\Local\00000000-1448221105-0000-0000-1C6F65469F9A\rnsy11EB.exe, , [af5eb1d0f29956e0d50c0a675ca748b8],
PUP.Optional.MultiPlug, C:\Program Files (x86)\00000000-1448217437-0000-0000-1C6F65469F9A\vnsc78B.tmp, , [65a8f988d0bb280ebed35c301fe4fc04],
PUP.Optional.MultiPlug, C:\Program Files (x86)\00000000-1448217437-0000-0000-1C6F65469F9A\rnss2738.exe, , [65a8f988d0bb280ebed35c301fe4fc04],
PUP.Optional.MultiPlug, C:\Program Files (x86)\00000000-1448217437-0000-0000-1C6F65469F9A\Uninstall.exe, , [65a8f988d0bb280ebed35c301fe4fc04],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\uninstall.exe, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\DuiLib.dll, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\ihpmServer.exe, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\ihpmServer.ini, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\msvcp110.dll, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\msvcr110.dll, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\Raydld.exe, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\main.xml, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\About.xml, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\about_banner.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\animate_history.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\animate_portal.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\animate_recent.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\big_button_down.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\bk_shadow.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\bottom_toolbar_bk.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\brower_back.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\brower_refresh.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\btn.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\btn_browser_dir.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\ck_box.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\ck_check.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\close.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\create.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\delete.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\drag_flag.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\exclamation.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\list_header_bk.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\logo_16.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\logo_small.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\Menu.xml, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\MenuItem.xml, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\menu_bk.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\menu_bk_seperator.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\MessageBox.xml, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\min.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\open_position.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\pause.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\progress_bk.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\progress_fore.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\scrollbar.bmp, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\Start.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\sysmenu.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\TaskListItem.xml, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\TaskListItemHistory.xml, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\TaskNew.xml, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\task_completed.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\task_failed.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\task_pause.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\toolbar_separator.png, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\WebPortal.xml, , [917c9be6b8d3cb6beae88b25b15253ad],
PUP.Optional.Elex, C:\Program Files (x86)\SFK\SFK.ini, , [37d6b8c93a515adc8a7de0d41fe45ca4],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\notifier.exe.log, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\feeds.dat, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\library.zip, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\log.txt, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\notifier.exe, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\unins000.dat, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\unins000.exe, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\w9xpopen.exe, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\comment32.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\16.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\24.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\256.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\32.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\48.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\about.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\accept.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\add.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\checked.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\cog.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\cog32.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\control_end.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\control_end_blue.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\control_fastforward.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\control_fastforward_blue.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\control_pause.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\control_pause_blue.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\control_play.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\control_play_blue.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\control_rewind.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\control_rewind_blue.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\control_start.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\control_start_blue.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\cross.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\cross_hover.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\delete.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\door_out.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\feed.ico, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\feed.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\feed.svg, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\feed32.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\feed_add.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\feed_delete.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\feed_disabled.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\feed_go.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\filter32.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\info32.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\information.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\transmit.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\icons\unchecked.png, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\Microsoft.VC90.CRT\msvcm90.dll, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\Microsoft.VC90.CRT\msvcp90.dll, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\Microsoft.VC90.CRT\msvcr90.dll, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.FeedNotifier, C:\Program Files (x86)\Feed Notifier\sounds\notification.wav, , [da331e63b9d23bfb6c68587da85ba25e],
PUP.Optional.Package, C:\Users\Honza\AppData\Roaming\VOPackage\VOPackage.exe, , [a06dcfb2404bc175b61eaee114effb05],
PUP.Optional.CrossAd.Gen, C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\jetpack\@E51D91331AE6C40F446AED1F1575C10FE51D\simple-storage\store.json, , [cb427b06315a072fd7d664fc10f2857b],
PUP.Optional.VOPackage, C:\Users\Honza\AppData\Roaming\VOPackage\Uninstall.exe, , [23eaee930b80ae8852e44a3d738fc937],
PUP.Optional.VOPackage, C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage\Configure.lnk, , [2fdec6bb58331c1a69ceeb9cfc068c74],
PUP.Optional.FastSearch, C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\extensions\1448217637_xpi\chrome.manifest, , [62ab0d74bbd02610742587030df51ce4],
PUP.Optional.FastSearch, C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\extensions\1448217637_xpi\install.rdf, , [62ab0d74bbd02610742587030df51ce4],
PUP.Optional.FastSearch, C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\extensions\1448217637_xpi\chrome\content\jquery-2.1.0.min.js, , [62ab0d74bbd02610742587030df51ce4],
PUP.Optional.FastSearch, C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\extensions\1448217637_xpi\chrome\content\toolbar.xul, , [62ab0d74bbd02610742587030df51ce4],
PUP.Optional.FastSearch, C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\extensions\1448217637_xpi\chrome\skin\icon.png, , [62ab0d74bbd02610742587030df51ce4],
PUP.Optional.WindowsProtectManager, C:\ProgramData\HWMiniProH\mitestconf, , [3fceed940e7dd066b8facdbfb74bb749],
PUP.Optional.Dripkix, C:\Program Files\Dripkix\config.conf, , [818ca0e1cdbe93a31f71305de31ff60a],
PUP.Optional.Dripkix, C:\Program Files\Dripkix\Dripkix.exe.config, , [818ca0e1cdbe93a31f71305de31ff60a],
PUP.Optional.Dripkix, C:\Program Files\Dripkix\packages\1ab53720-b44a-4ee5-ae8e-6a68eedfdbe8\clean.exe, , [818ca0e1cdbe93a31f71305de31ff60a],
PUP.Optional.Dripkix, C:\Program Files\Dripkix\packages\1ab53720-b44a-4ee5-ae8e-6a68eedfdbe8\clean.exe.config, , [818ca0e1cdbe93a31f71305de31ff60a],
PUP.Optional.IStartPageing.ChrPRST, C:\Users\Honza\AppData\Roaming\istartpageing\bnd, , [0c0198e9a5e61125be3aa1ed1be7f010],
PUP.Optional.CrossAd.Gen, C:\Users\Honza\AppData\Local\Comp Mart\Component\config.json, , [927b146d3a51fe389c5e2c5b6a9ac23e],
PUP.Optional.CrossAd.Gen, C:\Users\Honza\AppData\Local\Comp Mart\Component\hello.js, , [927b146d3a51fe389c5e2c5b6a9ac23e],
PUP.Optional.CrossAd.Gen, C:\Users\Honza\AppData\Local\Comp Mart\Component\manifest.json, , [927b146d3a51fe389c5e2c5b6a9ac23e],
PUP.Optional.CrossAd.Gen, C:\Users\Honza\AppData\Local\Comp Mart\Component\scriptTagContext.js, , [927b146d3a51fe389c5e2c5b6a9ac23e],
PUP.Optional.CrossAd.Gen, C:\Users\Honza\AppData\Local\Comp Mart\Component\tmp_bg.js, , [927b146d3a51fe389c5e2c5b6a9ac23e],
PUP.Optional.CrossAd.Gen, C:\Users\Honza\AppData\Local\Comp Mart\Component\uconfig.json, , [927b146d3a51fe389c5e2c5b6a9ac23e],
PUP.Optional.CrossAd.Gen, C:\Users\Honza\AppData\Local\Comp Mart\Component2\plugin, , [927b146d3a51fe389c5e2c5b6a9ac23e],
PUP.Optional.CrossAd.Gen, C:\Users\Honza\AppData\Local\Comp Mart\zBin\c.dat, , [927b146d3a51fe389c5e2c5b6a9ac23e],
PUP.Optional.CrossAd.Gen, C:\Users\Honza\AppData\Local\Comp Mart\zBin\xdwspqst.dll, , [927b146d3a51fe389c5e2c5b6a9ac23e],
PUP.Optional.QuickStart, C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\prefs.js, Dobré: (), Špatné: (user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");), ,[c746463ba0eb2412fcf41e68d62e1fe1]
PUP.Optional.OurSearch, C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\prefs.js, Dobré: (browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Špatné: (browser.startup.homepage", "http://www.yoursearching.com), ,[b8553d448308bd790a8e0588ac589967]

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[toox]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Honza at 2015-11-22 20:09:17
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 432 GB (45%) free of 954 GB
Total RAM: 4087 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:09:20, on 22.11.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\00000000-1448217437-0000-0000-1C6F65469F9A\vnsc78B.tmp
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Feed Notifier\notifier.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Users\Honza\AppData\Local\Temp\nso4C1E.tmp
C:\Users\Honza\AppData\Local\Temp\nsjD91C.tmp
C:\Users\Honza\AppData\Local\Temp\benz73\tmp\wpm_v20.0.0.2305.exe
C:\Users\Honza\AppData\Local\Temp\benz73\tmp\SSFK_v2.0.6.50.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Honza.exe
C:\Users\Honza\AppData\Local\Temp\nsj48F4.tmp

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yoursearching.com/?type=hp&t ... j90zc39855
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.yoursearching.com/web/?type= ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.yoursearching.com/web/?type= ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yoursearching.com/?type=hp&t ... j90zc39855
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - Startup: Feed Notifier.lnk = C:\Program Files (x86)\Feed Notifier\notifier.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8834 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\wbem\wmiprvse.exe
WLIDSvcM.exe 528
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 14b1984f-8f2a-4359-8f96-c1a6a4206273 1
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-54c00a1c-26fc-4df4-b958-56c80314ef26 -SystemEventPortName:HostProcess-663a6a78-a67f-4eb9-8c1e-adc0aa2d7ac0 -IoCancelEventPortName:HostProcess-5f3ee39c-502d-4430-9837-29cc58354e84 -NonStateChangingEventPortName:HostProcess-59f0b6e2-9563-4957-b35b-b334396ab7b8 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b0a211a8-84f8-4e98-be2a-9e6efcfbc17d -DeviceGroupId:WpdFsGroup
\??\C:\Windows\system32\conhost.exe "-153911945518456300701830072215-19938572383187970101409093054610458829923221623
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "2112145303-1982585478-1377470360-921259187-245299764944340757-1618257418-89760334
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\00000000-1448217437-0000-0000-1C6F65469F9A\vnsc78B.tmp" /qualify
"C:\Program Files (x86)\00000000-1448217437-0000-0000-1C6F65469F9A\knsc130A.tmpfs"
"C:\Program Files (x86)\00000000-1448217437-0000-0000-1C6F65469F9A\jnsc299C.tmp"
"C:\Program Files (x86)\00000000-1448217437-0000-0000-1C6F65469F9A\hnsn401B.tmp"
C:\Users\Honza\AppData\Local\00000000-1448221105-0000-0000-1C6F65469F9A\snsy11EA.tmp
C:\Users\Honza\AppData\Local\Volity.exe ueoatj dnwnloadvpaate
"C:\Program Files\Dripkix\Dripkix.exe" /s iid=8089439 did=Missing sid= ref= id=abe75eecd72662aef2f585bf5e3998cf1b9656d269129792f9bfeb117ea6d969
"C:\Program Files (x86)\RayDld\ihpmServer.exe"
taskeng.exe {BE0707A5-FC97-494D-B582-3007565D4848}
C:\Windows\system32\rundll32.exe "C:\Users\Honza\AppData\Local\Comp Mart\zBin\CompMart.dll",#3
C:\Windows\system32\rundll32.exe "C:\Users\Honza\AppData\Local\Comp Mart\zBin\CompMart.dll",#3
ctfmon.exe
"C:\Program Files (x86)\Feed Notifier\notifier.exe"
"C:\Program Files\AVAST Software\Avast\avDump32.exe" --pid 1268 --exception_ptr 6A3A1AC4 --thread_id 1088 --dump_level 0 --dump_file "C:\ProgramData\AVAST Software\Avast\log\unp304837982768332451.mdmp"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe"

"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Play -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe58_ Global\UsGthrCtrlFltPipeMssGthrPipe58 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
C:\Users\Honza\AppData\Local\Temp\nso4C1E.tmp /idn
"C:\Windows\system32\cmd.exe" /C %TEMP%\MBamshorCln.bat
\??\C:\Windows\system32\conhost.exe "-98291334-1064522984118622109368269312340953333-2108462685188067192-1218717908
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Users\Honza\AppData\Local\Temp\nsjD91C.tmp
"C:\Users\Honza\AppData\Local\Temp\benz73\tmp\wpm_v20.0.0.2305.exe" -ptid=cmi -install
"C:\Users\Honza\AppData\Local\Temp\benz73\tmp\SSFK_v2.0.6.50.exe" /ptid=cmi /url=http://www.istartpageing.com/?type=hp&t ... J90ZC39855 /S
"C:\Users\Honza\Desktop\RSITx64.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Users\Honza\AppData\Local\Temp\nsj48F4.tmp
C:\Windows\SYSTEM32\cscript.exe "C:\Users\Honza\AppData\Local\Temp\MbamShorCln.vbs" "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avi2Dvd\Avi2Dvd.lnk"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.malwarebytes.org/restorebro ... j90zc39855"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.245 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.245 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\extensions\
deskCutv2@gmail.com
yahooprotected@gmail.com

C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\searchplugins\
kinobox.xml
yoursearching.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-08 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-08 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-26 10135584]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-05 2345848]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-02-05 1514528]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent"=C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe [2015-10-13 1977192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-02-05 2585744]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-01-19 43632]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-11-06 6133520]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware (cleanup)"=C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [2015-10-05 54072]

C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Feed Notifier.lnk - C:\Program Files (x86)\Feed Notifier\notifier.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"VIDC.FPS1"=frapsv64.dll
"msacm.ac3filter"=ac3filter64.acm
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-11-22 20:09:10 ----D---- C:\ProgramData\6WMiniPro6
2015-11-22 20:09:09 ----D---- C:\Users\Honza\AppData\Roaming\istartpageing
2015-11-22 19:48:31 ----D---- C:\Program Files (x86)\SFK
2015-11-22 19:48:25 ----D---- C:\ProgramData\HWMiniProH
2015-11-22 19:48:25 ----A---- C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-11-22 19:47:36 ----D---- C:\Program Files (x86)\Feed Notifier
2015-11-22 19:40:56 ----D---- C:\Program Files (x86)\RayDld
2015-11-22 19:40:31 ----D---- C:\Users\Honza\AppData\Roaming\yoursearching
2015-11-22 19:40:20 ----D---- C:\Program Files\Dripkix
2015-11-22 19:39:13 ----D---- C:\Users\Honza\AppData\Roaming\Opera Software
2015-11-22 19:37:42 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-11-22 19:37:17 ----D---- C:\Program Files (x86)\00000000-1448217437-0000-0000-1C6F65469F9A
2015-11-19 01:47:51 ----D---- C:\Users\Honza\AppData\Roaming\DVDVideoSoft
2015-11-19 01:34:01 ----D---- C:\Program Files (x86)\Xvid
2015-11-19 01:34:01 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2015-11-19 01:34:01 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2015-11-19 01:33:49 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2015-11-19 01:33:48 ----D---- C:\Program Files (x86)\ffdshow
2015-11-19 01:33:30 ----D---- C:\Program Files (x86)\Haali
2015-11-19 01:33:23 ----A---- C:\Windows\SYSWOW64\CoreAAC-uninstall.exe
2015-11-19 01:32:50 ----D---- C:\Program Files (x86)\Avi2Dvd
2015-11-18 23:09:07 ----D---- C:\Users\Honza\AppData\Roaming\DVD Flick
2015-11-18 23:08:58 ----D---- C:\Program Files (x86)\DVD Flick
2015-11-18 23:08:58 ----A---- C:\Windows\SYSWOW64\ssubtmr6.dll
2015-11-12 06:49:12 ----D---- C:\Users\Honza\AppData\Roaming\Apple Computer
2015-11-11 19:42:45 ----D---- C:\ProgramData\Apple Computer
2015-11-11 19:42:45 ----D---- C:\Program Files (x86)\QuickTime
2015-11-11 19:41:49 ----D---- C:\Program Files (x86)\Apple Software Update
2015-11-11 19:41:24 ----D---- C:\ProgramData\Apple
2015-11-11 18:32:38 ----D---- C:\ProgramData\Sony
2015-11-11 18:32:38 ----D---- C:\Program Files\Sony
2015-11-11 18:32:38 ----D---- C:\Program Files (x86)\Sony
2015-11-10 08:37:49 ----D---- C:\Users\Honza\AppData\Roaming\chc
2015-11-07 11:20:43 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2015-11-22 20:09:18 ----D---- C:\Program Files\trend micro
2015-11-22 20:09:10 ----D---- C:\ProgramData
2015-11-22 20:09:09 ----D---- C:\Windows\SysWOW64
2015-11-22 20:07:51 ----D---- C:\Windows\Temp
2015-11-22 19:48:31 ----RD---- C:\Program Files (x86)
2015-11-22 19:47:08 ----SHD---- C:\Windows\Installer
2015-11-22 19:47:08 ----D---- C:\Config.Msi
2015-11-22 19:47:07 ----D---- C:\Windows\system32\Tasks
2015-11-22 19:40:38 ----D---- C:\Windows\Tasks
2015-11-22 19:40:20 ----D---- C:\Program Files
2015-11-22 19:38:12 ----SD---- C:\ProgramData\Microsoft
2015-11-22 19:37:40 ----D---- C:\Windows\system32\drivers\etc
2015-11-22 08:34:38 ----D---- C:\Users\Honza\AppData\Roaming\BitTorrent
2015-11-22 07:33:27 ----D---- C:\ProgramData\NVIDIA
2015-11-21 15:43:17 ----D---- C:\Users\Honza\AppData\Roaming\Ubisoft
2015-11-21 15:42:55 ----D---- C:\ProgramData\Ubisoft
2015-11-21 15:39:45 ----D---- C:\Windows\Logs
2015-11-21 15:39:23 ----RSD---- C:\Windows\assembly
2015-11-21 15:39:07 ----D---- C:\Windows
2015-11-21 15:29:41 ----SHD---- C:\System Volume Information
2015-11-21 15:29:38 ----D---- C:\Program Files (x86)\Ubisoft
2015-11-21 15:29:37 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-11-21 15:28:19 ----D---- C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
2015-11-19 01:33:16 ----D---- C:\Program Files (x86)\AC3Filter
2015-11-19 01:33:14 ----D---- C:\Windows\System32
2015-11-18 23:41:39 ----D---- C:\Users\Honza\AppData\Roaming\vlc
2015-11-17 11:20:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-16 12:10:18 ----D---- C:\Windows\inf
2015-11-14 14:44:31 ----D---- C:\Windows\system32\config
2015-11-11 19:43:11 ----D---- C:\Program Files\Internet Explorer
2015-11-11 19:41:36 ----D---- C:\Windows\winsxs
2015-11-11 19:41:24 ----D---- C:\Program Files (x86)\Common Files
2015-11-11 18:31:53 ----D---- C:\Users\Honza\AppData\Roaming\Sony
2015-11-11 17:08:46 ----D---- C:\Users\Honza\AppData\Roaming\2K Sports
2015-11-11 16:28:06 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-11-11 09:39:30 ----D---- C:\Users\Honza\AppData\Roaming\Skype
2015-11-10 19:53:09 ----D---- C:\Users\Honza\AppData\Roaming\ViberPC
2015-11-08 09:45:34 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-07 10:02:35 ----D---- C:\Windows\system32\drivers

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-10-09 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-10-09 274808]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2010-01-27 115312]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-10-09 132656]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-10-09 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-11-06 1059656]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-11-06 449992]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-27 283200]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-10-09 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-10-09 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-10-09 153744]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-10-09 274336]
R3 CompFilter64;UVCCompositeFilter; C:\Windows\system32\DRIVERS\lvbflt64.sys [2012-09-21 24608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-03-26 2307616]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-09-21 351520]
R3 LVUVC64;Logitech HD Webcam C510(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-09-21 4763680]
R3 ManyCam;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv.sys [2014-07-28 49264]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-11-22 192216]
R3 mcaudrv_simple;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2014-05-13 35440]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-02-05 195728]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-02-05 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 DxVGrb;DxVGrb; C:\Windows\system32\drivers\DxVGrb.sys [2014-04-08 227456]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 63704]
S3 qcusbnet;Qualcomm USB-NDIS miniport; C:\Windows\system32\DRIVERS\innosusbnet.sys [2012-10-26 510976]
S3 qcusbser;Qualcomm USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\innosusbser.sys [2012-10-26 369792]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbrndis6;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 19968]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2011-02-17 14464]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-10-09 146600]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2015-06-02 244392]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-02-05 1148560]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-02-05 1706128]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-02-05 21833360]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-02-05 935056]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-06-28 66872]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2013-03-06 389896]
R2 SSFK;SSFK; C:\Program Files (x86)\SFK\SSFK.exe [2015-11-22 170656]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-02-05 410952]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-07-29 5613328]
R2 WdsManPro;WdsManPro Service; C:\ProgramData\6WMiniPro6\WMiniPro.exe [2015-11-22 309384]
R2 wlidsvc;Windows Live ID Sign-in Assistant; c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-10-09 4048280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11 269000]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-02 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-11-07 147624]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-27 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[Rudy]

Zdravím!
Vše, co MBAM nalezl, smažte. Dále spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[toox]

# AdwCleaner v5.022 - Logfile created 22/11/2015 at 20:51:42
# Updated 22/11/2015 by Xplode
# Database : 2015-11-22.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Honza - HONZA-PC
# Running from : C:\Users\Honza\Downloads\adwcleaner_5.022.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : SSFK
[-] Service Deleted : WdsManPro

***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\6WMiniPro6
[-] Folder Deleted : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\Extensions\deskCutv2@gmail.com

***** [ Files ] *****

[-] File Deleted : C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Feed Notifier.lnk
[-] File Deleted : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\searchplugins\istartpageing.xml

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Mozilla\Extends
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WdsManPro
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [deskCutv2@gmail.com]
[-] Key Deleted : HKCU\Software\Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}
[-] Key Deleted : HKCU\Software\WEBAPP
[-] Key Deleted : HKLM\SOFTWARE\FFPluginHp
[-] Key Deleted : HKLM\SOFTWARE\WdsManPro
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\S-1-5-19\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\S-1-5-20\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

***** [ Web browsers ] *****

[-] [C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\prefs.js] [Preference] Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[-] [C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\prefs.js] [Preference] Deleted : user_pref("browser.search.defaultenginename", "istartpageing");
[-] [C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\prefs.js] [Preference] Deleted : user_pref("browser.search.hiddenOneOffs", "Seznam,Heuréka,Mapy.cz,Wikipedie (cs),yoursearching");
[-] [C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\prefs.js] [Preference] Deleted : user_pref("browser.search.selectedEngine", "istartpageing");
[-] [C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\prefs.js] [Preference] Deleted : user_pref("extensions.quick_start.enable_search1", false);
[-] [C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\prefs.js] [Preference] Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [4257 bytes] ##########

[Rudy]

Dejte nový log RSIT.

[toox]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Honza at 2015-11-24 14:58:43
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 434 GB (45%) free of 954 GB
Total RAM: 4087 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:58:46, on 24.11.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal

Running processes:
C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Honza\AppData\Roaming\BitTorrent\updates\7.9.5_41203\utorrentie.exe
C:\Users\Honza\AppData\Roaming\BitTorrent\updates\7.9.5_41203\utorrentie.exe
C:\Users\Honza\AppData\Roaming\BitTorrent\updates\7.9.5_41203\utorrentie.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Honza.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7387 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2384
C:\Windows\system32\wbem\wmiprvse.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session
"taskhost.exe"
"C:\Program Files\AVAST Software\Avast\ng\ngtool.exe" build create -repair 1
\??\C:\Windows\system32\conhost.exe "-2204226291123448143-118219983071894676658993336106570447-1794562827-45476424
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
"C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Users\Honza\AppData\Roaming\BitTorrent\updates\7.9.5_41203\utorrentie.exe" BitTorrent_2824_00A22410_838556781 BT4823DF041B09 BitTorrent
"C:\Users\Honza\AppData\Roaming\BitTorrent\updates\7.9.5_41203\utorrentie.exe" BitTorrent_2824_00A224C0_1180153873 BT4823DF041B09 BitTorrent
"C:\Users\Honza\AppData\Roaming\BitTorrent\updates\7.9.5_41203\utorrentie.exe" BitTorrent_2824_00A22A98_1530675880 BT4823DF041B09 BitTorrent
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8ea4f707-0003-4a2a-a700-2bed5b14753d -SystemEventPortName:HostProcess-6e4ddbe7-f4e0-4445-99ca-bce134a219af -IoCancelEventPortName:HostProcess-1db5ac65-dd8e-4c3b-b319-ed0185f83bc7 -NonStateChangingEventPortName:HostProcess-2e58a9e1-58a8-4cf2-a6b2-651724afd56a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:bedaac43-94f2-4034-bf42-584474bbd24f -DeviceGroupId:WpdFsGroup
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 14b1984f-8f2a-4359-8f96-c1a6a4206273 1
\??\C:\Windows\system32\conhost.exe "1109180186-517203552-217104991-15760480134581407-1935575286-6895152851354799015
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-1424146246-1060647434971728194-887471083-1528688950-1051024531-53931680493569509
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
taskeng.exe {45361568-1E51-483B-9354-760E64CDA3CD}
C:\Windows\system32\sppsvc.exe
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
"C:\Program Files\AVAST Software\Avast\ng\ngtool.exe" build registry "C:\ProgramData\AVAST Software\Avast\ng\registry\regs.ini"
"C:\Users\Honza\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.malwarebytes.org/restorebro ... j90zc39855"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.245 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.245 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\searchplugins\
kinobox.xml
yoursearching.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-08 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-08 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-26 10135584]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-05 2345848]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-02-05 1514528]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent"=C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe [2015-10-13 1977192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-02-05 2585744]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-01-19 43632]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-11-22 7004376]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"VIDC.FPS1"=frapsv64.dll
"msacm.ac3filter"=ac3filter64.acm
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-11-22 20:28:42 ----RD---- C:\Program Files (x86)\Skype
2015-11-22 20:22:39 ----A---- C:\Windows\system32\aswBoot.exe
2015-11-22 20:22:31 ----A---- C:\Windows\avastSS.scr
2015-11-22 19:48:25 ----A---- C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-11-22 19:40:31 ----D---- C:\Users\Honza\AppData\Roaming\yoursearching
2015-11-22 19:39:13 ----D---- C:\Users\Honza\AppData\Roaming\Opera Software
2015-11-22 19:37:42 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-11-19 01:47:51 ----D---- C:\Users\Honza\AppData\Roaming\DVDVideoSoft
2015-11-19 01:34:01 ----D---- C:\Program Files (x86)\Xvid
2015-11-19 01:34:01 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2015-11-19 01:34:01 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2015-11-19 01:33:49 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2015-11-19 01:33:48 ----D---- C:\Program Files (x86)\ffdshow
2015-11-19 01:33:30 ----D---- C:\Program Files (x86)\Haali
2015-11-19 01:33:23 ----A---- C:\Windows\SYSWOW64\CoreAAC-uninstall.exe
2015-11-19 01:32:50 ----D---- C:\Program Files (x86)\Avi2Dvd
2015-11-18 23:09:07 ----D---- C:\Users\Honza\AppData\Roaming\DVD Flick
2015-11-18 23:08:58 ----D---- C:\Program Files (x86)\DVD Flick
2015-11-18 23:08:58 ----A---- C:\Windows\SYSWOW64\ssubtmr6.dll
2015-11-12 06:49:12 ----D---- C:\Users\Honza\AppData\Roaming\Apple Computer
2015-11-11 19:42:45 ----D---- C:\ProgramData\Apple Computer
2015-11-11 19:42:45 ----D---- C:\Program Files (x86)\QuickTime
2015-11-11 19:41:49 ----D---- C:\Program Files (x86)\Apple Software Update
2015-11-11 19:41:24 ----D---- C:\ProgramData\Apple
2015-11-11 18:32:38 ----D---- C:\ProgramData\Sony
2015-11-11 18:32:38 ----D---- C:\Program Files\Sony
2015-11-11 18:32:38 ----D---- C:\Program Files (x86)\Sony
2015-11-10 08:37:49 ----D---- C:\Users\Honza\AppData\Roaming\chc
2015-11-07 11:20:43 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2015-11-24 14:58:45 ----D---- C:\Program Files\trend micro
2015-11-24 14:57:55 ----D---- C:\Users\Honza\AppData\Roaming\BitTorrent
2015-11-24 14:56:50 ----D---- C:\Windows\SYSWOW64\vbox
2015-11-24 14:56:49 ----D---- C:\Windows\system32\vbox
2015-11-24 14:54:21 ----D---- C:\Windows\Temp
2015-11-24 14:50:40 ----D---- C:\ProgramData\NVIDIA
2015-11-24 14:50:26 ----D---- C:\Windows\system32\drivers
2015-11-22 21:15:44 ----D---- C:\Windows\tracing
2015-11-22 20:51:42 ----D---- C:\ProgramData
2015-11-22 20:51:42 ----D---- C:\AdwCleaner
2015-11-22 20:35:52 ----D---- C:\Users\Honza\AppData\Roaming\Skype
2015-11-22 20:28:51 ----SHD---- C:\Windows\Installer
2015-11-22 20:28:51 ----D---- C:\ProgramData\Skype
2015-11-22 20:28:50 ----D---- C:\Config.Msi
2015-11-22 20:28:43 ----D---- C:\Program Files (x86)\Common Files
2015-11-22 20:28:42 ----RD---- C:\Program Files (x86)
2015-11-22 20:22:56 ----D---- C:\Windows\system32\Tasks
2015-11-22 20:22:39 ----D---- C:\Windows\System32
2015-11-22 20:22:37 ----D---- C:\Windows
2015-11-22 20:11:33 ----D---- C:\Program Files
2015-11-22 20:09:59 ----D---- C:\Windows\SysWOW64
2015-11-22 19:40:38 ----D---- C:\Windows\Tasks
2015-11-22 19:38:12 ----SD---- C:\ProgramData\Microsoft
2015-11-22 19:37:40 ----D---- C:\Windows\system32\drivers\etc
2015-11-21 15:43:17 ----D---- C:\Users\Honza\AppData\Roaming\Ubisoft
2015-11-21 15:42:55 ----D---- C:\ProgramData\Ubisoft
2015-11-21 15:39:45 ----D---- C:\Windows\Logs
2015-11-21 15:39:23 ----RSD---- C:\Windows\assembly
2015-11-21 15:29:41 ----SHD---- C:\System Volume Information
2015-11-21 15:29:38 ----D---- C:\Program Files (x86)\Ubisoft
2015-11-21 15:29:37 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-11-21 15:28:19 ----D---- C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
2015-11-19 01:33:16 ----D---- C:\Program Files (x86)\AC3Filter
2015-11-18 23:41:39 ----D---- C:\Users\Honza\AppData\Roaming\vlc
2015-11-17 11:20:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-16 12:10:18 ----D---- C:\Windows\inf
2015-11-14 14:44:31 ----D---- C:\Windows\system32\config
2015-11-11 19:43:11 ----D---- C:\Program Files\Internet Explorer
2015-11-11 19:41:36 ----D---- C:\Windows\winsxs
2015-11-11 18:31:53 ----D---- C:\Users\Honza\AppData\Roaming\Sony
2015-11-11 17:08:46 ----D---- C:\Users\Honza\AppData\Roaming\2K Sports
2015-11-11 16:28:06 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-11-10 19:53:09 ----D---- C:\Users\Honza\AppData\Roaming\ViberPC
2015-11-08 09:45:34 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-11-22 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-11-22 273784]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2010-01-27 115312]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-11-22 147088]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-11-22 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-11-22 1059656]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-11-22 449992]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-27 283200]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-11-22 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-11-22 97648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-11-22 154256]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-11-22 310904]
R3 CompFilter64;UVCCompositeFilter; C:\Windows\system32\DRIVERS\lvbflt64.sys [2012-09-21 24608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-03-26 2307616]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-09-21 351520]
R3 LVUVC64;Logitech HD Webcam C510(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-09-21 4763680]
R3 ManyCam;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv.sys [2014-07-28 49264]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 mcaudrv_simple;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2014-05-13 35440]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-02-05 195728]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-02-05 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 DxVGrb;DxVGrb; C:\Windows\system32\drivers\DxVGrb.sys [2014-04-08 227456]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 63704]
S3 qcusbnet;Qualcomm USB-NDIS miniport; C:\Windows\system32\DRIVERS\innosusbnet.sys [2012-10-26 510976]
S3 qcusbser;Qualcomm USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\innosusbser.sys [2012-10-26 369792]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbrndis6;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 19968]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2011-02-17 14464]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-11-22 174416]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2015-06-02 244392]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-02-05 1148560]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-02-05 1706128]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-02-05 21833360]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-02-05 935056]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-06-28 66872]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2013-03-06 389896]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-02-05 410952]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-07-29 5613328]
R2 wlidsvc;Windows Live ID Sign-in Assistant; c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-11-22 5554152]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11 269000]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-02 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-11-07 147624]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-27 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\searchplugins\yoursearching.xml
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

[toox]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Honza at 2015-11-24 18:54:22
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 434 GB (46%) free of 954 GB
Total RAM: 4087 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:54:27, on 24.11.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal

Running processes:
C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Honza\AppData\Roaming\BitTorrent\updates\7.9.5_41203\utorrentie.exe
C:\Users\Honza\AppData\Roaming\BitTorrent\updates\7.9.5_41203\utorrentie.exe
C:\Users\Honza\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Program Files\trend micro\Honza.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7397 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"taskhost.exe"
taskeng.exe {EB82BA1F-35B1-4E31-9DF1-B5FB193219B3}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2964
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\11242015_185049.log
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
"C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Users\Honza\AppData\Roaming\BitTorrent\updates\7.9.5_41203\utorrentie.exe" BitTorrent_3396_002F29C8_1827939352 BT4823DF041B09 BitTorrent
"C:\Users\Honza\AppData\Roaming\BitTorrent\updates\7.9.5_41203\utorrentie.exe" BitTorrent_3396_002F2A78_1159805893 BT4823DF041B09 BitTorrent
C:\Users\Honza\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Users\Honza\Desktop\RSITx64.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.malwarebytes.org/restorebro ... j90zc39855"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.245 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.245 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-08 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-08 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-26 10135584]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-05 2345848]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-02-05 1514528]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent"=C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe [2015-10-13 1977192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-02-05 2585744]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-01-19 43632]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-11-22 7004376]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"VIDC.FPS1"=frapsv64.dll
"msacm.ac3filter"=ac3filter64.acm
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-11-24 18:50:49 ----D---- C:\_OTM
2015-11-22 20:28:42 ----RD---- C:\Program Files (x86)\Skype
2015-11-22 20:22:39 ----A---- C:\Windows\system32\aswBoot.exe
2015-11-22 20:22:31 ----A---- C:\Windows\avastSS.scr
2015-11-22 19:40:31 ----D---- C:\Users\Honza\AppData\Roaming\yoursearching
2015-11-22 19:39:13 ----D---- C:\Users\Honza\AppData\Roaming\Opera Software
2015-11-22 19:37:42 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-11-19 01:47:51 ----D---- C:\Users\Honza\AppData\Roaming\DVDVideoSoft
2015-11-19 01:34:01 ----D---- C:\Program Files (x86)\Xvid
2015-11-19 01:34:01 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2015-11-19 01:34:01 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2015-11-19 01:33:49 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2015-11-19 01:33:48 ----D---- C:\Program Files (x86)\ffdshow
2015-11-19 01:33:30 ----D---- C:\Program Files (x86)\Haali
2015-11-19 01:33:23 ----A---- C:\Windows\SYSWOW64\CoreAAC-uninstall.exe
2015-11-19 01:32:50 ----D---- C:\Program Files (x86)\Avi2Dvd
2015-11-18 23:09:07 ----D---- C:\Users\Honza\AppData\Roaming\DVD Flick
2015-11-18 23:08:58 ----D---- C:\Program Files (x86)\DVD Flick
2015-11-18 23:08:58 ----A---- C:\Windows\SYSWOW64\ssubtmr6.dll
2015-11-12 06:49:12 ----D---- C:\Users\Honza\AppData\Roaming\Apple Computer
2015-11-11 19:42:45 ----D---- C:\ProgramData\Apple Computer
2015-11-11 19:42:45 ----D---- C:\Program Files (x86)\QuickTime
2015-11-11 19:41:49 ----D---- C:\Program Files (x86)\Apple Software Update
2015-11-11 19:41:24 ----D---- C:\ProgramData\Apple
2015-11-11 18:32:38 ----D---- C:\ProgramData\Sony
2015-11-11 18:32:38 ----D---- C:\Program Files\Sony
2015-11-11 18:32:38 ----D---- C:\Program Files (x86)\Sony
2015-11-10 08:37:49 ----D---- C:\Users\Honza\AppData\Roaming\chc
2015-11-07 11:20:43 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2015-11-24 18:54:24 ----D---- C:\Program Files\trend micro
2015-11-24 18:54:12 ----D---- C:\Users\Honza\AppData\Roaming\BitTorrent
2015-11-24 18:53:39 ----D---- C:\Windows\Temp
2015-11-24 18:53:13 ----D---- C:\Windows
2015-11-24 18:53:12 ----D---- C:\ProgramData\NVIDIA
2015-11-24 18:50:50 ----D---- C:\ProgramData
2015-11-24 18:50:23 ----D---- C:\Users\Honza\AppData\Roaming\Skype
2015-11-24 17:55:47 ----D---- C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
2015-11-24 17:55:22 ----D---- C:\Windows\inf
2015-11-24 17:55:05 ----D---- C:\Windows\Logs
2015-11-24 15:58:42 ----D---- C:\Users\Honza\AppData\Roaming\ViberPC
2015-11-24 14:56:50 ----D---- C:\Windows\SYSWOW64\vbox
2015-11-24 14:56:49 ----D---- C:\Windows\system32\vbox
2015-11-24 14:50:26 ----D---- C:\Windows\tracing
2015-11-24 14:50:26 ----D---- C:\Windows\system32\drivers
2015-11-22 20:51:42 ----D---- C:\AdwCleaner
2015-11-22 20:28:51 ----SHD---- C:\Windows\Installer
2015-11-22 20:28:51 ----D---- C:\ProgramData\Skype
2015-11-22 20:28:50 ----D---- C:\Config.Msi
2015-11-22 20:28:43 ----D---- C:\Program Files (x86)\Common Files
2015-11-22 20:28:42 ----RD---- C:\Program Files (x86)
2015-11-22 20:22:56 ----D---- C:\Windows\system32\Tasks
2015-11-22 20:22:39 ----D---- C:\Windows\System32
2015-11-22 20:11:33 ----D---- C:\Program Files
2015-11-22 20:09:59 ----D---- C:\Windows\SysWOW64
2015-11-22 19:40:38 ----D---- C:\Windows\Tasks
2015-11-22 19:38:12 ----SD---- C:\ProgramData\Microsoft
2015-11-22 19:37:40 ----D---- C:\Windows\system32\drivers\etc
2015-11-21 15:43:17 ----D---- C:\Users\Honza\AppData\Roaming\Ubisoft
2015-11-21 15:42:55 ----D---- C:\ProgramData\Ubisoft
2015-11-21 15:39:23 ----RSD---- C:\Windows\assembly
2015-11-21 15:29:41 ----SHD---- C:\System Volume Information
2015-11-21 15:29:38 ----D---- C:\Program Files (x86)\Ubisoft
2015-11-21 15:29:37 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-11-19 01:33:16 ----D---- C:\Program Files (x86)\AC3Filter
2015-11-18 23:41:39 ----D---- C:\Users\Honza\AppData\Roaming\vlc
2015-11-17 11:20:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-14 14:44:31 ----D---- C:\Windows\system32\config
2015-11-11 19:43:11 ----D---- C:\Program Files\Internet Explorer
2015-11-11 19:41:36 ----D---- C:\Windows\winsxs
2015-11-11 18:31:53 ----D---- C:\Users\Honza\AppData\Roaming\Sony
2015-11-11 17:08:46 ----D---- C:\Users\Honza\AppData\Roaming\2K Sports
2015-11-11 16:28:06 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-11-08 09:45:34 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-11-22 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-11-22 273784]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2010-01-27 115312]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-11-22 147088]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-11-22 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-11-22 1059656]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-11-22 449992]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-27 283200]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-11-22 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-11-22 97648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-11-22 154256]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-11-22 310904]
R3 CompFilter64;UVCCompositeFilter; C:\Windows\system32\DRIVERS\lvbflt64.sys [2012-09-21 24608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-03-26 2307616]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-09-21 351520]
R3 LVUVC64;Logitech HD Webcam C510(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-09-21 4763680]
R3 ManyCam;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv.sys [2014-07-28 49264]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 mcaudrv_simple;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2014-05-13 35440]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-02-05 195728]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 DxVGrb;DxVGrb; C:\Windows\system32\drivers\DxVGrb.sys [2014-04-08 227456]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 63704]
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-02-05 19600]
S3 qcusbnet;Qualcomm USB-NDIS miniport; C:\Windows\system32\DRIVERS\innosusbnet.sys [2012-10-26 510976]
S3 qcusbser;Qualcomm USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\innosusbser.sys [2012-10-26 369792]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbrndis6;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 19968]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2011-02-17 14464]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-11-22 174416]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2015-06-02 244392]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-02-05 1148560]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-02-05 1706128]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-02-05 21833360]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-02-05 935056]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-06-28 66872]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2013-03-06 389896]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-02-05 410952]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-07-29 5613328]
R2 wlidsvc;Windows Live ID Sign-in Assistant; c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11 269000]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-11-22 5554152]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-02 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-11-07 147624]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-27 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[Rudy]

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?

[toox]

Po startu vyskakuje chybová hláška, jinak vše ok. Je vše hotovo?

[Rudy]

Ještě udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

[toox]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 24.11.2015
Čas skenování: 21:17
Protokol: ffd.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2015.11.24.06
Databáze rootkitů: v2015.11.23.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Honza

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 385136
Uplynulý čas: 12 min, 58 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Rudy]

Toto je OK. Bude to nějaký zbytek v registry. Podle návodu: http://forum.viry.cz/viewtopic.php?f=46&t=2791 otevřte regedit, do vyhledávání zadejte kompmart a všechny nalezené položky v registry smažte.

[toox]

Ok je to v pořádku

[Rudy]

Tak to jsem rád.