Malware - SmartTweak - FixMyRegistry

[Kallerno]

zdravím, do pc se mi dostala tato havet (SmartTweak - FixMyRegistry) a ani přes násilné odinstalace nezmizela.Opravdu nevím co s tím. Přikládám log z RSIT (scan za poslední tři měsíce) -

Logfile of random's system information tool 1.09 (written by random/random)
Run by Marti at 2014-05-19 09:14:29
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 277 GB (40%) free of 698 GB
Total RAM: 8030 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:14:35, on 19.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
C:\Program Files\trend micro\Marti.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [FixMyRegistry] C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll c:\progra~2\websea~1\sprote~1.dll c:\progra~2\safesa~1\sprote~1.dll, C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.5 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: USB MIDI Series Audio Device Monitor (USBMIDIAudioDevMon) - M-Audio - C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe

--
End of file - 13153 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 32256304
\??\C:\Windows\system32\conhost.exe "1781212858199564526412021812631501011898719908872-1710701038-1764728540705475600
taskeng.exe {3E798C2B-3C81-4262-AD07-57A341FA80C4}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe"
"C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe"
"taskhost.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe" /ot /as
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Dolby PCEE4\pcee4.exe" -autostart
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-1486498135-1007905656-11735073691597610916243184161286812359671127040-1943126800
taskeng.exe {098C2015-40F1-4BFF-BFF1-29C8BBA924DE}
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=5476.8ef7590.1102002987 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 5476 "\\.\pipe\gecko-crash-server-pipe.5476" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe" --proxy-stub-channel=Flash6124.68096010.27986 --host-broker-channel=Flash6124.68096010.16742 --host-pid=6124 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe" --channel=5840.001EF878.438505396 --proxy-stub-channel=Flash6124.68096010.27986 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll" --host-npapi-version=27 --type=renderer
"C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe"
"C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe"
\??\C:\Windows\system32\conhost.exe "1581394108-247782075666239553-1652729530186683901168811139330202668-1569956790
\??\C:\Windows\system32\conhost.exe "13516385801082693263-259448060-1125416011-1096286741-1290647849-273475931684561242
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\Marti\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Marti\AppData\Roaming\Mozilla\Firefox\Profiles\94t0aamt.default

prefs.js - "browser.search.useDBForOrder" - true

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll


C:\Program Files (x86)\Mozilla Firefox\components\
flashplayer.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll

C:\Users\Marti\AppData\Roaming\Mozilla\Firefox\Profiles\94t0aamt.default\extensions\
143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com
eaeaayyi@pu.com
okv-fl40@rtieaa-.co.uk
omm1av@ououevkh.edu
ouow@iuor.edu

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-02-20 51872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-02-20 398616]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-02-20 440600]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-12-27 12343400]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-11-15 1156712]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-03-07 2821936]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-02-20 1020576]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2012-02-20 800416]
"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2012-02-08 1829768]
"InstantUpdate"=C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe [2012-04-07 124520]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-02-05 2234144]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
"FixMyRegistry"=C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe [2013-07-22 1886840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru]
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-09-20 341360]
"BackupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2012-01-05 296984]
"Dolby Home Theater v4"=C:\Dolby PCEE4\pcee4.exe [2011-06-01 506712]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2012-03-23 1105488]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-02-27 291608]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-02-14 430080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"midi6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2014-05-19 09:14:29 ----DC---- C:\rsit
2014-05-19 09:14:29 ----D---- C:\Program Files\trend micro
2014-05-19 09:11:49 ----D---- C:\ProgramData\RegClean
2014-05-19 08:33:53 ----D---- C:\Users\Marti\AppData\Roaming\eCyber
2014-05-19 08:33:24 ----A---- C:\Windows\system32\drivers\iSafeKrnlBoot.sys
2014-05-19 08:33:18 ----D---- C:\Windows\system32\log
2014-05-19 08:32:38 ----D---- C:\Users\Marti\AppData\Roaming\iSafe
2014-05-19 08:26:43 ----D---- C:\Users\Marti\AppData\Roaming\Geek Uninstaller
2014-05-19 08:14:48 ----D---- C:\ProgramData\VS Revo Group
2014-05-19 08:13:18 ----D---- C:\Program Files (x86)\VS Revo Group
2014-05-18 11:44:29 ----D---- C:\Program Files (x86)\SmartTweak
2014-05-18 11:44:04 ----D---- C:\Program Files (x86)\globalUpdate
2014-05-18 11:43:15 ----D---- C:\Program Files (x86)\Seznam.cz
2014-05-18 11:43:04 ----D---- C:\Users\Marti\AppData\Roaming\Seznam.cz
2014-05-15 07:40:09 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-05-15 07:40:09 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-15 07:40:09 ----A---- C:\Windows\system32\mshtml.dll
2014-05-15 07:40:08 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-05-15 07:34:34 ----A---- C:\Windows\system32\shell32.dll
2014-05-15 07:34:30 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-05-15 07:34:25 ----A---- C:\Windows\system32\aepdu.dll
2014-05-15 07:34:22 ----A---- C:\Windows\system32\aeinv.dll
2014-05-15 07:33:56 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-15 07:33:56 ----A---- C:\Windows\system32\kerberos.dll
2014-05-15 07:33:55 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-05-15 07:33:55 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-05-15 07:33:55 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-05-15 07:33:55 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-05-15 07:33:55 ----A---- C:\Windows\system32\winlogon.exe
2014-05-15 07:33:55 ----A---- C:\Windows\system32\objsel.dll
2014-05-15 07:33:55 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-15 07:33:55 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-15 07:33:54 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-05-15 07:33:54 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-05-15 07:33:54 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-05-15 07:33:54 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-05-15 07:33:54 ----A---- C:\Windows\system32\wdigest.dll
2014-05-15 07:33:54 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-15 07:33:54 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-15 07:33:54 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-15 07:33:53 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-05-15 07:33:53 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-05-15 07:33:53 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-05-15 07:33:53 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-05-15 07:33:53 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-05-15 07:33:53 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-05-15 07:33:53 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-05-15 07:33:53 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-05-15 07:33:53 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-05-15 07:33:53 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-05-15 07:33:53 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-15 07:33:53 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-15 07:33:53 ----A---- C:\Windows\system32\sspicli.dll
2014-05-15 07:33:53 ----A---- C:\Windows\system32\schannel.dll
2014-05-15 07:33:53 ----A---- C:\Windows\system32\secur32.dll
2014-05-15 07:33:53 ----A---- C:\Windows\system32\lsass.exe
2014-05-15 07:33:53 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-15 07:33:53 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-15 07:33:53 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-15 07:33:53 ----A---- C:\Windows\system32\credssp.dll
2014-05-15 07:33:53 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-15 07:33:53 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-15 07:33:53 ----A---- C:\Windows\system32\adprovider.dll
2014-05-12 08:23:43 ----DC---- C:\Bound By Flame
2014-05-11 10:55:59 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-05-06 16:17:26 ----SD---- C:\Windows\system32\CompatTel
2014-05-02 12:56:45 ----D---- C:\ProgramData\Bohemia Interactive
2014-05-02 12:18:13 ----DC---- C:\Arma 3
2014-04-27 19:16:25 ----D---- C:\Users\Marti\AppData\Roaming\OpenOffice
2014-04-27 14:04:59 ----D---- C:\Program Files (x86)\OpenOffice 4
2014-04-20 21:31:07 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-04-20 21:31:03 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-04-20 21:31:03 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-04-20 21:31:03 ----A---- C:\Windows\SYSWOW64\java.exe
2014-04-09 14:51:00 ----D---- C:\Program Files (x86)\Rockstar Games
2014-04-09 07:32:10 ----A---- C:\Windows\system32\ieui.dll
2014-04-09 07:32:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-04-09 07:32:08 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-04-09 07:32:08 ----A---- C:\Windows\system32\vbscript.dll
2014-04-09 07:32:04 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-09 07:32:04 ----A---- C:\Windows\system32\iernonce.dll
2014-04-09 07:32:04 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-04-09 07:32:04 ----A---- C:\Windows\system32\ie4uinit.exe
2014-04-09 07:32:03 ----A---- C:\Windows\system32\jscript9diag.dll
2014-04-09 07:32:02 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-04-09 07:32:02 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-04-09 07:32:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-04-09 07:32:02 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-04-09 07:32:02 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-04-09 07:32:02 ----A---- C:\Windows\system32\msrating.dll
2014-04-09 07:32:02 ----A---- C:\Windows\system32\msfeeds.dll
2014-04-09 07:32:02 ----A---- C:\Windows\system32\jsproxy.dll
2014-04-09 07:32:02 ----A---- C:\Windows\system32\dxtrans.dll
2014-04-09 07:32:02 ----A---- C:\Windows\system32\dxtmsft.dll
2014-04-09 07:32:01 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-04-09 07:32:01 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-04-09 07:32:01 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-04-09 07:32:01 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-04-09 07:32:01 ----A---- C:\Windows\system32\ieUnatt.exe
2014-04-09 07:32:01 ----A---- C:\Windows\system32\iesetup.dll
2014-04-09 07:31:59 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-04-09 07:31:59 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-04-09 07:31:59 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-04-09 07:31:59 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-04-09 07:31:59 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-04-09 07:31:59 ----A---- C:\Windows\system32\ieapfltr.dll
2014-04-09 07:31:58 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-04-09 07:31:58 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-09 07:31:57 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-04-09 07:31:57 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-04-09 07:31:57 ----A---- C:\Windows\system32\wininet.dll
2014-04-09 07:31:57 ----A---- C:\Windows\system32\urlmon.dll
2014-04-09 07:31:57 ----A---- C:\Windows\system32\iertutil.dll
2014-04-09 07:31:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-04-09 07:31:56 ----A---- C:\Windows\system32\ieframe.dll
2014-04-09 07:31:54 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-04-09 07:31:54 ----A---- C:\Windows\system32\jscript9.dll
2014-04-09 07:23:10 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-04-09 07:23:09 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2014-04-09 07:23:09 ----A---- C:\Windows\system32\iologmsg.dll
2014-04-09 07:23:09 ----A---- C:\Windows\system32\drivers\storport.sys
2014-04-09 07:23:09 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-04-09 07:22:54 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-04-09 07:22:54 ----A---- C:\Windows\system32\wow64.dll
2014-04-09 07:22:54 ----A---- C:\Windows\system32\kernel32.dll
2014-04-09 07:22:53 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-04-09 07:22:53 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-04-09 07:22:53 ----A---- C:\Windows\system32\wow64win.dll
2014-04-09 07:22:53 ----A---- C:\Windows\system32\wow64cpu.dll
2014-04-09 07:22:53 ----A---- C:\Windows\system32\ntvdm64.dll
2014-04-09 07:22:51 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-04-09 07:22:50 ----A---- C:\Windows\SYSWOW64\user.exe
2014-04-09 07:22:50 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-04-09 07:22:11 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-03-22 14:07:25 ----D---- C:\Users\Marti\AppData\Roaming\Origin
2014-03-15 19:52:12 ----D---- C:\Users\Marti\AppData\Roaming\NVIDIA
2014-03-15 10:24:43 ----D---- C:\ProgramData\PACE
2014-03-15 10:18:58 ----D---- C:\Program Files (x86)\iLok License Manager
2014-03-14 15:47:06 ----DC---- C:\TeamViewer
2014-03-14 08:16:27 ----A---- C:\Windows\system32\wwansvc.dll
2014-03-14 08:16:26 ----A---- C:\Windows\SYSWOW64\wer.dll
2014-03-14 08:16:26 ----A---- C:\Windows\system32\wer.dll
2014-03-14 08:16:25 ----A---- C:\Windows\system32\win32k.sys
2014-03-14 08:16:09 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-03-14 08:16:09 ----A---- C:\Windows\system32\qedit.dll
2014-03-14 08:16:07 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-03-14 08:16:07 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-03-13 20:02:33 ----D---- C:\ProgramData\Sonic Academy
2014-03-13 20:01:26 ----A---- C:\Windows\SYSWOW64\msvcr80.dll
2014-03-13 20:01:25 ----D---- C:\Program Files (x86)\LUXONIX
2014-03-12 10:16:45 ----D---- C:\Windows\SYSWOW64\Logs
2014-03-12 09:17:08 ----D---- C:\Windows\SYSWOW64\NV
2014-03-12 09:17:08 ----D---- C:\Windows\system32\NV
2014-03-12 09:04:52 ----A---- C:\Windows\system32\nvspcap64.dll
2014-03-12 09:04:51 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2014-03-12 09:02:48 ----A---- C:\Windows\system32\nvvsvc.exe
2014-03-12 09:02:48 ----A---- C:\Windows\system32\nvsvcr.dll
2014-03-12 09:02:48 ----A---- C:\Windows\system32\nvsvc64.dll
2014-03-12 09:02:48 ----A---- C:\Windows\system32\nvshext.dll
2014-03-12 09:02:48 ----A---- C:\Windows\system32\nvmctray.dll
2014-03-12 09:02:48 ----A---- C:\Windows\system32\nvcpl.dll
2014-03-12 09:02:48 ----A---- C:\Windows\system32\nv3dappshextr.dll
2014-03-12 09:02:48 ----A---- C:\Windows\system32\nv3dappshext.dll
2014-03-12 08:54:34 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-03-12 08:54:34 ----A---- C:\Windows\system32\nvaudcap64v.dll
2014-03-12 08:54:34 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-03-12 08:54:33 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-03-12 08:54:33 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-03-12 08:54:33 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-03-12 08:54:33 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-03-12 08:54:33 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-03-12 08:54:33 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-03-12 08:54:33 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2014-03-12 08:54:33 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-03-12 08:54:33 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-03-12 08:54:33 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2014-03-12 08:54:33 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-03-12 08:54:33 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-03-12 08:54:33 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-03-12 08:54:33 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-03-12 08:54:33 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-03-12 08:54:33 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-03-12 08:54:33 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-03-12 08:54:33 ----A---- C:\Windows\system32\nvumdshimx.dll
2014-03-12 08:54:33 ----A---- C:\Windows\system32\nvopencl.dll
2014-03-12 08:54:33 ----A---- C:\Windows\system32\nvoglv64.dll
2014-03-12 08:54:33 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-03-12 08:54:33 ----A---- C:\Windows\system32\nvinitx.dll
2014-03-12 08:54:33 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2014-03-12 08:54:33 ----A---- C:\Windows\system32\NvIFR64.dll
2014-03-12 08:54:33 ----A---- C:\Windows\system32\NvFBC64.dll
2014-03-12 08:54:33 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2014-03-12 08:54:33 ----A---- C:\Windows\system32\nvdispgenco6433523.dll
2014-03-12 08:54:33 ----A---- C:\Windows\system32\nvdispco6433523.dll
2014-03-12 08:54:33 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-03-12 08:54:33 ----A---- C:\Windows\system32\nvcuvid.dll
2014-03-12 08:54:33 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-03-12 08:54:33 ----A---- C:\Windows\system32\nvcuda.dll
2014-03-12 08:54:33 ----A---- C:\Windows\system32\nvcompiler.dll
2014-03-12 08:54:33 ----A---- C:\Windows\system32\nvapi64.dll
2014-03-12 08:54:33 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2014-03-12 08:54:33 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-03-09 19:57:00 ----DC---- C:\Downloader
2014-03-02 14:36:44 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2014-03-02 14:35:55 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2014-03-02 13:42:08 ----D---- C:\Users\Marti\AppData\Roaming\Wanted - Weapons of Fate
2014-03-01 18:55:30 ----D---- C:\Program Files\Image-Line
2014-03-01 18:54:56 ----D---- C:\Users\Marti\AppData\Roaming\FlowStone
2014-03-01 18:54:56 ----D---- C:\Program Files (x86)\DSPRobotics
2014-03-01 18:45:40 ----DC---- C:\FL Studio 11
2014-02-26 15:32:28 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-02-26 15:32:27 ----A---- C:\Windows\system32\mstscax.dll

======List of files/folders modified in the last 3 months======

2014-05-19 09:14:29 ----RD---- C:\Program Files
2014-05-19 09:14:18 ----RD---- C:\Program Files (x86)
2014-05-19 09:14:05 ----D---- C:\Windows\Temp
2014-05-19 09:14:02 ----A---- C:\Windows\SYSWOW64\log.txt
2014-05-19 09:12:10 ----D---- C:\Windows\system32\config
2014-05-19 09:11:49 ----HD---- C:\ProgramData
2014-05-19 09:06:24 ----D---- C:\Users\Marti\AppData\Roaming\vlc
2014-05-19 09:03:25 ----D---- C:\Windows\system32\Tasks
2014-05-19 09:03:25 ----D---- C:\Windows\System32
2014-05-19 08:57:01 ----RSD---- C:\Windows\Fonts
2014-05-19 08:56:37 ----D---- C:\ProgramData\Origin
2014-05-19 08:53:24 ----SHD---- C:\Windows\Installer
2014-05-19 08:53:24 ----DC---- C:\Ableton
2014-05-19 08:48:36 ----SHD---- C:\System Volume Information
2014-05-19 08:43:54 ----D---- C:\ProgramData\Electronic Arts
2014-05-19 08:35:28 ----D---- C:\Windows\Prefetch
2014-05-19 08:33:24 ----D---- C:\Windows\system32\drivers
2014-05-19 08:24:27 ----D---- C:\Windows\system32\catroot2
2014-05-19 08:04:44 ----D---- C:\Windows\Tasks
2014-05-18 20:25:42 ----D---- C:\Users\Marti\AppData\Roaming\BitTorrent
2014-05-18 12:05:09 ----D---- C:\Windows
2014-05-18 12:04:23 ----AD---- C:\ProgramData\Temp
2014-05-18 11:52:29 ----D---- C:\Program Files (x86)\Intelore
2014-05-18 11:47:21 ----HD---- C:\Windows\system32\GroupPolicy
2014-05-18 11:47:21 ----D---- C:\Windows\SYSWOW64\GroupPolicy
2014-05-18 11:47:19 ----D---- C:\Program Files\Common Files
2014-05-18 11:43:38 ----D---- C:\Windows\SysWOW64
2014-05-16 17:14:39 ----D---- C:\Windows\rescache
2014-05-16 16:48:52 ----D---- C:\Windows\Microsoft.NET
2014-05-16 16:48:23 ----RSD---- C:\Windows\assembly
2014-05-16 07:24:52 ----D---- C:\Windows\winsxs
2014-05-15 21:48:16 ----D---- C:\Windows\system32\cs-CZ
2014-05-15 12:26:02 ----D---- C:\Windows\debug
2014-05-15 11:12:13 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-05-15 07:40:14 ----D---- C:\Windows\system32\catroot
2014-05-15 07:39:45 ----D---- C:\Windows\system32\MRT
2014-05-15 07:36:56 ----A---- C:\Windows\system32\MRT.exe
2014-05-14 14:46:53 ----D---- C:\Windows\Logs
2014-05-14 13:46:25 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-05-13 17:06:39 ----DC---- C:\World of Warcraft
2014-05-13 10:39:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-05-13 10:39:08 ----D---- C:\Windows\inf
2014-05-12 11:02:12 ----D---- C:\ProgramData\Steam
2014-05-12 08:49:02 ----HD---- C:\Windows\msdownld.tmp
2014-05-07 17:08:19 ----D---- C:\Users\Marti\AppData\Roaming\Skype
2014-05-03 19:07:28 ----DC---- C:\Traktor S4
2014-05-02 14:18:40 ----D---- C:\Users\Marti\AppData\Roaming\DAEMON Tools Lite
2014-04-28 05:40:45 ----RD---- C:\Program Files (x86)\Skype
2014-04-27 14:04:45 ----D---- C:\Program Files (x86)\OpenOffice.org 3
2014-04-27 13:59:10 ----DC---- C:\Open Office 3.4.1
2014-04-25 14:27:05 ----D---- C:\Windows\SoftwareDistribution
2014-04-20 21:31:14 ----D---- C:\ProgramData\Oracle
2014-04-20 21:31:00 ----D---- C:\Program Files (x86)\Java
2014-04-09 16:55:18 ----D---- C:\Program Files\Internet Explorer
2014-04-09 16:55:17 ----D---- C:\Windows\SYSWOW64\en-US
2014-04-09 16:55:17 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-04-09 16:55:15 ----D---- C:\Windows\PolicyDefinitions
2014-04-09 16:55:14 ----D---- C:\Windows\system32\en-US
2014-04-09 16:55:11 ----D---- C:\Program Files (x86)\Internet Explorer
2014-04-09 16:55:07 ----D---- C:\Windows\AppPatch
2014-04-09 16:55:06 ----D---- C:\Windows\system32\DriverStore
2014-04-09 14:42:55 ----D---- C:\Windows\SYSWOW64\directx
2014-04-08 16:06:41 ----D---- C:\ProgramData\Orbit
2014-04-08 14:53:19 ----D---- C:\Windows\system32\NDF
2014-03-31 09:35:08 ----N---- C:\Windows\system32\MpSigStub.exe
2014-03-15 10:45:25 ----D---- C:\Program Files (x86)\Common Files
2014-03-14 08:05:47 ----D---- C:\Program Files\Microsoft Silverlight
2014-03-14 08:05:45 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 10:16:45 ----D---- C:\Windows\SYSWOW64\config
2014-03-12 09:17:01 ----D---- C:\ProgramData\NVIDIA
2014-03-12 09:06:16 ----D---- C:\ProgramData\NVIDIA Corporation
2014-03-12 09:04:51 ----D---- C:\Program Files\NVIDIA Corporation
2014-03-12 09:04:40 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-03-09 19:57:57 ----DC---- C:\ASIO4ALL v2
2014-03-09 19:44:32 ----DC---- C:\FL Studio 10
2014-03-05 13:55:49 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-03-05 13:54:59 ----D---- C:\Windows\Panther
2014-03-02 22:43:54 ----D---- C:\ProgramData\Skype
2014-02-25 16:52:29 ----D---- C:\Program Files\Common Files\VST3
2014-02-22 23:11:19 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-06-27 189936]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2012-02-02 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-02-27 16152]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2014-03-04 33736]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-06-27 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-06-27 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-17 283200]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2012-03-26 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2012-03-26 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-03-26 62776]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2012-01-21 16128]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-02-15 3538432]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service; C:\Windows\system32\DRIVERS\b57xdbd.sys [2011-11-04 68648]
R3 b57xdmp;Broadcom xD Picture vstorp client drv; C:\Windows\system32\DRIVERS\b57xdmp.sys [2011-11-04 19496]
R3 bScsiMSa;bScsiMSa; C:\Windows\system32\DRIVERS\bScsiMSa.sys [2011-09-02 51752]
R3 bScsiSDa;bScsiSDa; C:\Windows\system32\DRIVERS\bScsiSDa.sys [2012-05-03 81928]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2012-02-20 30368]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-03-07 238384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-02-14 14692224]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-01-03 4730344]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-02-27 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-02-27 788760]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2012-01-19 435240]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2012-02-07 18432]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2012-02-07 17408]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2012-02-20 36000]
S3 AVEO;USB2.0 PC Camera; C:\Windows\system32\DRIVERS\AVEOdcnt.sys [2010-09-06 265728]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2012-02-20 339616]
S3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2012-02-20 110752]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2012-02-20 167584]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2012-02-20 68256]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2012-02-20 280992]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2012-02-20 550560]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-09-21 80384]
S3 cpuz130;cpuz130; \??\C:\Users\Marti\AppData\Local\Temp\cpuz130\cpuz_x64.sys []
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-06-06 14448]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-06-06 27760]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RL_MIXAGE_IE_MIDI;Mixage Interface Edition WDM MIDI Device; C:\Windows\system32\drivers\rlmxgiem.sys [2010-11-24 36928]
S3 RL_MIXAGE_IE_USB;usb-audio.de driver for Reloop Mixage Interface Edition; C:\Windows\System32\Drivers\rlmxgieu.sys [2010-11-24 413760]
S3 RL_MIXAGE_IE_WDM;Mixage Interface Edition WDM Audio; C:\Windows\system32\drivers\rlmxgiea.sys [2010-11-24 54336]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 115240]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-02-20 106144]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-04-11 1390720]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-04-11 1764992]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-03-23 355920]
R2 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2012-02-08 871296]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2012-02-29 28264]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-02-02 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-08 161560]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-02-07 255376]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-02-08 277784]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2012-01-05 256536]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-02-05 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-02-05 16941856]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-03-04 922968]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-03-02 76888]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-08 363800]
R2 USBMIDIAudioDevMon;USB MIDI Series Audio Device Monitor; C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe [2010-04-13 1636872]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14 257712]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-02-20 276248]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-05-03 655624]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.5; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2012-01-21 149504]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-08-18 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[vyosek]

Zdravim a dobre rano preji

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[Kallerno]

LOG JRT -

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Marti on po 19.05.2014 at 9:31:51,87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smarttweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\desksvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\isafe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASMANCS



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Marti\AppData\Roaming\isafe"
Failed to delete: [Folder] "C:\Program Files (x86)\smarttweak"
Successfully deleted: [Folder] "C:\Users\Marti\AppData\Roaming\microsoft\windows\start menu\programs\smarttweak software"



~~~ FireFox

Successfully deleted: [File] C:\Users\Marti\AppData\Roaming\mozilla\firefox\profiles\94t0aamt.default\user.js
Successfully deleted: [Folder] C:\Users\Marti\AppData\Roaming\mozilla\firefox\profiles\94t0aamt.default\extensions\143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com
Successfully deleted the following from C:\Users\Marti\AppData\Roaming\mozilla\firefox\profiles\94t0aamt.default\prefs.js

user_pref("aol_toolbar.default.homepage.check", false);
user_pref("aol_toolbar.default.search.check", false);
user_pref("extensions.BabylonToolbar.prtkDS", 0);
user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
user_pref("extensions.crossrider.bic", "1460f26d6fc46154ac261f8b0c1855cb");
user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
user_pref("sweetim.toolbar.previous.keyword.URL", "");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
user_pref("sweetim.toolbar.searchguard.enable", "");
Emptied folder: C:\Users\Marti\AppData\Roaming\mozilla\firefox\profiles\94t0aamt.default\minidumps [326 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 19.05.2014 at 9:38:39,35
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Kallerno]

LOG - adwcleaner

# AdwCleaner v3.209 - Report created 19/05/2014 at 09:40:10
# Updated 18/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Marti - MARTIN-PC
# Running from : C:\Users\Marti\Desktop\adwcleaner_3.209.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\RegClean
Folder Deleted : C:\ProgramData\safe asavea
Folder Deleted : C:\ProgramData\Safe save
Folder Deleted : C:\ProgramData\seAAFe save
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\SmartTweak
Folder Deleted : C:\Program Files (x86)\WinZipper
Folder Deleted : C:\Users\Marti\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Marti\AppData\LocalLow\Goobzo
Folder Deleted : C:\Users\Marti\AppData\Roaming\eCyber
Folder Deleted : C:\Users\Marti\AppData\Roaming\WinZipper
Folder Deleted : C:\Users\Public\Documents\Goobzo
Folder Deleted : C:\Users\Marti\AppData\Roaming\Mozilla\Firefox\Profiles\94t0aamt.default\Extensions\eaeaayyi@pu.com
Folder Deleted : C:\Users\Marti\AppData\Roaming\Mozilla\Firefox\Profiles\94t0aamt.default\Extensions\okv-fl40@rtieaa-.co.uk
Folder Deleted : C:\Users\Marti\AppData\Roaming\Mozilla\Firefox\Profiles\94t0aamt.default\Extensions\omm1av@ououevkh.edu
Folder Deleted : C:\Users\Marti\AppData\Roaming\Mozilla\Firefox\Profiles\94t0aamt.default\Extensions\ouow@iuor.edu
File Deleted : C:\Users\Marti\AppData\Roaming\Mozilla\Firefox\Profiles\94t0aamt.default\Extensions\zulagames@ZulaGames.com.xpi
File Deleted : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser
File Deleted : C:\Windows\System32\Tasks\Omiga Plus RunAsStdUser

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dnnajmlhehgnkclpdlggknanmcplloej
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [FixMyRegistry]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2692FAFF-C5CE-4BC9-B895-D0C41856A364}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9B0D9D81-840C-45FC-9FBF-FF7883F3B9EB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Goobzo
Key Deleted : HKCU\Software\AppDataLow\Software\BitTorrentControl_v12
Key Deleted : HKLM\Software\hdcode
Key Deleted : HKLM\Software\omigaplusSvc
Key Deleted : HKLM\Software\winzipersvc
Key Deleted : HKLM\Software\BitTorrentControl_v12
Key Deleted : [x64] HKLM\SOFTWARE\installedbrowserextensions
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [IconCache]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v29.0.1 (cs)

[ File : C:\Users\Marti\AppData\Roaming\Mozilla\Firefox\Profiles\94t0aamt.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [4277 octets] - [19/05/2014 09:39:35]
AdwCleaner[S0].txt - [3955 octets] - [19/05/2014 09:40:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4015 octets] ##########

[vyosek]

Supr, jdeme dale

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[Kallerno]

Zoek se nechce spustit.

[vyosek]

Tak dejte log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

[Kallerno]

Zoek se nakonec spustil, přikládám log.


Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Marti on po 19.05.2014 at 9:49:22,01.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Marti\Desktop\zoek.scr [Scan all users] [Script inserted]

==== System Restore Info ======================

19.5.2014 9:53:02 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2648260563-251267029-1120944512-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_USERS\S-1-5-21-2648260563-251267029-1120944512-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_USERS\S-1-5-21-2648260563-251267029-1120944512-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\S-1-5-21-2648260563-251267029-1120944512-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\S-1-5-21-2648260563-251267029-1120944512-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_USERS\S-1-5-21-2648260563-251267029-1120944512-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Marti\AppData\Roaming\Mozilla\Firefox\Profiles\94t0aamt.default\prefs.js:
user_pref("browser.search.defaulturl", "");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename,S", "");
user_pref("browser.search.selectedEngine,S", "");
user_pref("browser.search.order.1", "Google");
user_pref("browser.search.order.1,S", "");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Marti\AppData\Roaming\Mozilla\Firefox\Profiles\94t0aamt.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Marti\AppData\Roaming\Mozilla\Firefox\Profiles\94t0aamt.default

user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 3);
---- Lines a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292 removed from prefs.js ----
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.active", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.addressbar", "NA");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.addressbarenhanced", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.asyncdb.was_copied", "true");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.asyncdb_dbWasSet", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.asyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.asyncinternaldb.was_copied", "true");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.asyncinternaldb_dbWasSet", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.asyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.backgroundver", 1);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.certdomaininstaller", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.cookie._GPL_aoi.value", "%221400413553%22");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.cookie._GPL_parent_zoneid.expiration", "Fri Feb
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.cookie._GPL_parent_zoneid.value", "%22532302%22"
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.cookie.InstallationTime.expiration", "Fri Feb 01
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.cookie.InstallationTime.value", "1400413542");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.description", ".");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.domain", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.enablesearch", false);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.homepage", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.changeprevious", false);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.iframe", false);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.InstallationTime", 1400413542);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerParamsCache.expiration", "Fr
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerParamsCache.value", "%7B%22s
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerUserIdentifiersCache.expirat
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerUserIdentifiersCache.value",
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.monetization_plugin__disable_bi_pixel
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.monetization_plugin__disable_bi_pixel
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.monetization_plugin_bundledUrls.expir
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.monetization_plugin_bundledUrls.value
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.monetization_plugin_bundledWithHash.e
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.monetization_plugin_bundledWithHash.v
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.monetization_plugin_last_executable_r
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.monetization_plugin_last_executable_r
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.monetization_plugin_notBundledArr_.ex
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.monetization_plugin_notBundledArr_.va
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_appVer.expiration", "Fri Fe
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_appVer.value", "55");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_lastVersion.expiration", "F
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_lastVersion.value", "0");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_meta.expiration", "Fri Feb
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_nextCheck.expiration", "Mon
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_queue.expiration", "Fri Feb
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_remote_resources.expiration
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_remote_resources.value", "%
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.lastDailyReport", "1400474157554");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.lastUpdate", "1400474157547");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.manifesturl", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.name", "Sense");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.newtab", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.opensearch", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.pluginsurl", "http://js.clientstaticserv.com/plu
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.pluginsversion", 50);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.publisher", "Object Browser");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.searchstatus", 0);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.setnewtab", false);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.thankyou", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.updateinterval", 360);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.ver", 55);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.apps", "48292");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.bic", "1460f26d6fc46154ac261f8b0c1855cb");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.cid", 48292);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.FilesValidatorDueTime", "1400474205751");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.firstrun", false);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.hadappinstalled", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.installationdate", 1400413542);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.modetype", "production");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.reportInstall", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.statsDailyCounter", 3);
---- Lines extensions.EMLBCH7KA removed from prefs.js ----
user_pref("extensions.EMLBCH7KA.epoch", "1374178469");
user_pref("extensions.EMLBCH7KA.scode", "if(window.self.location.hostname.indexOf('mail.')==-1)\r\n{try{for(i=0;i<5;i++){window.setTimeout(function(){
user_pref("extensions.EMLBCH7KA.url", "http://getjpijs.info/sync2/?q=hfZ9ojYGq ... FqHsErjnHr
---- Lines extensions.VJbzrA47LK4_ removed from prefs.js ----
user_pref("extensions.VJbzrA47LK4_.epoch", "1374178469");
user_pref("extensions.VJbzrA47LK4_.scode", "if(window.self.location.hostname.indexOf('mail.')==-1)\r\n{try{for(i=0;i<5;i++){window.setTimeout(function
user_pref("extensions.VJbzrA47LK4_.url", "http://getsync.info/sync2/?q=hfZ9ojYGqc ... dCFqHsErjn
---- Lines extensions.YNT_S8 removed from prefs.js ----
user_pref("extensions.YNT_S8.epoch", "1374173530");
user_pref("extensions.YNT_S8.scode", "if(-1==window.self.location.hostname.indexOf('mail.')){for(i=0;5>i;i++)window.setTimeout(function(){document.get
user_pref("extensions.YNT_S8.url", "http://getsrv1.info/sync2/?q=hfZ9ofDSBS ... 5qjsFrih7h
---- Lines extensions.lmbBWm removed from prefs.js ----
user_pref("extensions.lmbBWm.epoch", "1374178469");
user_pref("extensions.lmbBWm.scode", "if(window.self.location.hostname.indexOf('mail.')==-1)\r\n{try{for(i=0;i<5;i++){window.setTimeout(function(){if(
user_pref("extensions.lmbBWm.url", "http://getproxy5.info/sync2/?q=hfZ9ojYG ... HsErjnHrih
---- FireFox user.js and prefs.js backups ----

prefs_19.05.2014_1004_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\GUM5B01.tmp deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\pref.js deleted
C:\PROGRA~2\The Sea App (Firefox) deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Marti\AppData\Local\CRE deleted
C:\Windows\WinInit.Ini deleted
C:\windows\SysNative\tasks\RunAsStdUser Task deleted
C:\Windows\Syswow64\tmp69A1.tmp deleted
C:\Windows\Syswow64\tmpE5AA.tmp deleted
C:\Windows\Syswow64\tmpE5BB.tmp deleted
"C:\Users\Marti\AppData\Roaming\vlc" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [13.06.2013 21:09]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Marti\AppData\Roaming\Mozilla\Firefox\Profiles\94t0aamt.default
A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dknkjnkhedbanphkkpbpcgoblmkbfhlf - C:\Users\Marti\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
dknkjnkhedbanphkkpbpcgoblmkbfhlf - C:\Users\Marti\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx[]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"IconCache"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"IconCache"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{62597E3E-B7FD-9676-434E-39B283B75498} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71386BED-2C40-4213-C14F-4A5901C43AA9} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{841F2A22-C306-77DE-C6A6-A4D9156FEEC5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Marti\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Marti\AppData\Local\Mozilla\Firefox\Profiles\94t0aamt.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Marti\AppData\Local\Chromium\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=79 folders=5 9019447 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Marti\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser.MARTIN-PC\AppData\Local\Temp emptied successfully
C:\Users\UPDATU~1.MAR\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Marti\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on po 19.05.2014 at 10:11:14,69 ======================

[vyosek]

Supr, tak jeste FRST a docistime to

[Kallerno]

Přikládám FRST LOG: (+ příloha addition)

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by Marti (administrator) on MARTIN-PC on 19-05-2014 10:18:23
Running from C:\Users\Marti\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(M-Audio) C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe
(Atheros) C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2011-12-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2821936 2012-03-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1020576 2012-02-20] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2012-02-20] (Atheros Commnucations)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-08] (Acer Incorporated)
HKLM\...\Run: [InstantUpdate] => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe [124520 2012-04-07] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1105488 2012-03-23] (Dritek System Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2648260563-251267029-1120944512-1001\...\Run: [DAEMON Tools Lite] => C:\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-2648260563-251267029-1120944512-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2648260563-251267029-1120944512-1001\...\MountPoints2: {bb8202df-ce63-11e2-ab28-dc0ea1aaf964} - I:\Startme.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.46

FireFox:
========
FF ProfilePath: C:\Users\Marti\AppData\Roaming\Mozilla\Firefox\Profiles\94t0aamt.default
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @t.garena.com/garenatalk - C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-05-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-04-14]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-03-02] ()
R2 USBMIDIAudioDevMon; C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe [1636872 2010-04-13] (M-Audio)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe [72864 2012-02-20] (Atheros)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-27] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-27] ()
S3 AVEO; C:\Windows\System32\DRIVERS\AVEOdcnt.sys [265728 2010-09-06] (AVEO Corp)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-08-17] (DT Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 RL_MIXAGE_IE_MIDI; C:\Windows\System32\drivers\rlmxgiem.sys [36928 2010-11-24] (Ploytec GmbH)
S3 RL_MIXAGE_IE_USB; C:\Windows\System32\Drivers\rlmxgieu.sys [413760 2010-11-24] (Ploytec GmbH)
S3 RL_MIXAGE_IE_WDM; C:\Windows\System32\drivers\rlmxgiea.sys [54336 2010-11-24] (Ploytec GmbH)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 cpuz130; \??\C:\Users\Marti\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-19 10:18 - 2014-05-19 10:18 - 00016772 _____ () C:\Users\Marti\Desktop\FRST.txt
2014-05-19 10:17 - 2014-05-19 10:18 - 00000000 ___DC () C:\FRST
2014-05-19 10:17 - 2014-05-19 10:17 - 02067456 ____C (Farbar) C:\Users\Marti\Desktop\FRST64.exe
2014-05-19 10:16 - 2014-05-19 10:16 - 00112640 ____C (forum.viry.cz) C:\Users\Marti\Desktop\FRSTLauncher.exe
2014-05-19 10:16 - 2014-05-19 10:16 - 00029696 _____ () C:\Users\Marti\AppData\Local\MSGBOX.EXE
2014-05-19 10:16 - 2014-05-19 10:16 - 00015327 _____ () C:\Users\Marti\Desktop\LM.bat
2014-05-19 10:10 - 2014-02-13 23:59 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-19 09:52 - 2014-05-19 10:11 - 00024005 ____C () C:\zoek-results.log
2014-05-19 09:46 - 2014-05-19 10:10 - 00000000 ___DC () C:\zoek_backup
2014-05-19 09:46 - 2014-05-19 09:47 - 00000091 _____ () C:\Users\Marti\Desktop\sc.txt
2014-05-19 09:45 - 2014-05-19 09:45 - 04095370 _____ () C:\Users\Marti\Desktop\zoek.zip
2014-05-19 09:45 - 2014-03-08 11:24 - 01285120 _____ () C:\Users\Marti\Desktop\zoek.exe
2014-05-19 09:45 - 2014-03-08 11:05 - 01414742 _____ () C:\Users\Marti\Desktop\zoek.scr
2014-05-19 09:45 - 2014-03-08 11:05 - 01414742 _____ () C:\Users\Marti\Desktop\zoek.com
2014-05-19 09:39 - 2014-05-19 09:40 - 00000000 ___DC () C:\AdwCleaner
2014-05-19 09:38 - 2014-05-19 09:38 - 00002983 _____ () C:\Users\Marti\Desktop\JRT.txt
2014-05-19 09:33 - 2014-05-19 09:33 - 01328723 _____ () C:\Users\Marti\Desktop\adwcleaner_3.209.exe
2014-05-19 09:31 - 2014-05-19 09:31 - 01016261 _____ (Thisisu) C:\Users\Marti\Desktop\JRT.exe
2014-05-19 09:14 - 2014-05-19 09:14 - 00935175 _____ () C:\Users\Marti\Desktop\RSITx64.exe
2014-05-19 09:14 - 2014-05-19 09:14 - 00000000 ___DC () C:\rsit
2014-05-19 09:14 - 2014-05-19 09:14 - 00000000 ____D () C:\Program Files\trend micro
2014-05-19 08:33 - 2014-05-19 08:33 - 00000000 ____D () C:\Windows\system32\log
2014-05-19 08:33 - 2014-05-16 04:50 - 00043520 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2014-05-19 08:14 - 2014-05-19 08:14 - 00000000 ____D () C:\Users\Marti\AppData\Local\VS Revo Group
2014-05-19 08:14 - 2014-05-19 08:14 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-05-19 08:13 - 2014-05-19 08:32 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-18 20:25 - 2014-05-18 20:25 - 00000000 ____D () C:\Users\Marti\Desktop\Sad beat
2014-05-18 16:57 - 2014-05-18 16:59 - 00000000 ____D () C:\Users\Marti\Downloads\Contracted 2013 720p BRRip x264 AC3-JYK
2014-05-18 14:39 - 2014-05-18 14:39 - 00000000 ____D () C:\Users\Marti\Downloads\Dark Skies (2013) [1080p]
2014-05-18 13:58 - 2014-05-18 13:59 - 00000000 ____D () C:\Users\Marti\Downloads\Rio.2.2014.720p.HDTS.x264.MP3-RARBG
2014-05-18 12:05 - 2014-05-19 10:10 - 00001512 _____ () C:\Windows\setupact.log
2014-05-18 12:05 - 2014-05-18 12:05 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-18 12:04 - 2014-05-19 10:10 - 00023818 _____ () C:\Windows\PFRO.log
2014-05-18 11:45 - 2014-05-18 11:45 - 00003118 _____ () C:\Windows\System32\Tasks\{BC5878DE-1B57-4B8F-96CC-33D1D7A9E804}
2014-05-18 11:43 - 2014-05-18 11:46 - 00000000 ____D () C:\Users\Marti\AppData\Roaming\Seznam.cz
2014-05-18 11:43 - 2014-05-18 11:46 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-05-18 11:43 - 2014-05-18 11:43 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-05-18 11:43 - 2014-05-18 11:43 - 00003448 _____ () C:\Windows\System32\Tasks\YTAUpdate
2014-05-18 11:43 - 2014-05-18 11:43 - 00003262 _____ () C:\Windows\System32\Tasks\YTAUpdate_logon
2014-05-17 21:26 - 2014-05-17 22:08 - 00466547 _____ () C:\Users\Marti\Desktop\Madness.flp
2014-05-17 20:09 - 2014-05-17 21:12 - 00000000 ____D () C:\Users\Marti\Desktop\Madness
2014-05-17 16:36 - 2014-05-17 16:45 - 00000000 ____D () C:\Users\Marti\Desktop\Ibranovski - Filthy
2014-05-16 20:02 - 2014-05-16 19:14 - 00108771 _____ () C:\Users\Marti\Desktop\Paranormal Activity The Marked Ones.srt
2014-05-16 19:13 - 2014-05-16 19:13 - 00000000 ____D () C:\Users\Marti\Downloads\Paranormal Activity The Marked Ones (2014) [1080p]
2014-05-15 20:25 - 2014-05-15 20:25 - 00000000 ____D () C:\Users\Marti\Downloads\Elysium (2013) [1080p]
2014-05-15 07:40 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 07:40 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 07:40 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 07:40 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 07:40 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 07:40 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 07:34 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 07:34 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 07:34 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 07:34 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 07:33 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 07:33 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 07:33 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 07:33 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 07:33 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 07:33 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 07:33 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 07:33 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 07:33 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 07:33 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 07:33 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 07:33 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 07:33 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 07:33 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 07:33 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 07:33 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 07:33 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 07:33 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 07:33 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 07:33 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 07:33 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 07:33 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 07:33 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 07:33 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 07:33 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 07:33 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 07:33 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 07:33 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 07:33 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 07:33 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 07:33 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 07:33 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 07:33 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 07:33 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 07:33 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 07:33 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 07:33 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 07:33 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 07:33 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 07:33 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 07:33 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-14 17:15 - 2014-05-14 17:15 - 00000000 ____D () C:\Users\Marti\Downloads\12 Years a Slave (2013) [1080p]
2014-05-14 17:11 - 2014-05-14 17:11 - 00000000 ____D () C:\Users\Marti\Downloads\After Earth (2013) [1080p]
2014-05-14 13:21 - 2014-05-14 13:21 - 00001339 _____ () C:\Users\Marti\Desktop\L4D2 Control Panel.lnk
2014-05-14 13:21 - 2014-05-14 13:21 - 00001299 _____ () C:\Users\Marti\Desktop\Left 4 Dead 2.lnk
2014-05-14 11:40 - 2014-05-14 12:30 - 00000000 ____D () C:\Users\Marti\Downloads\Left 4 Dead 2 V2.0.2.7 Full-Rip {blaze69}
2014-05-12 11:02 - 2014-05-12 14:57 - 00000000 ____D () C:\Users\Marti\Documents\Bound by Flame
2014-05-12 08:23 - 2014-05-19 08:45 - 00000000 ___DC () C:\Bound By Flame
2014-05-11 10:55 - 2014-05-11 12:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-06 20:45 - 2014-05-05 18:55 - 00092266 _____ () C:\Users\Marti\Desktop\The Hobbit The Desolation of Smaug.srt
2014-05-06 16:17 - 2014-05-15 21:48 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-05 15:34 - 2014-05-05 15:34 - 00000000 ____D () C:\Users\Marti\Downloads\Hobbit The Desolation of Smaug (2013) [1080p]
2014-05-05 15:34 - 2014-05-05 15:34 - 00000000 ____D () C:\Users\Marti\Downloads\Hobbit An Unexpected Journey (2012) [1080p]
2014-05-05 15:32 - 2014-05-05 15:32 - 00000000 ____D () C:\Users\Marti\Downloads\Bridge to Terabithia (2007) [1080p]
2014-05-03 19:08 - 2014-05-18 12:05 - 00000000 ____D () C:\Users\Marti\Desktop\Tit
2014-05-03 18:50 - 2014-05-03 18:50 - 00000000 ____D () C:\Users\Marti\Downloads\Silent Hills (2006) [1080p]
2014-05-03 18:46 - 2014-05-03 18:47 - 00000000 ____D () C:\Users\Marti\Downloads\World War Z (2013) [1080p]
2014-05-03 18:45 - 2014-05-03 18:45 - 00000000 ____D () C:\Users\Marti\Downloads\Hansel and Gretel Witch Hunters (2013) [1080p]
2014-05-03 18:44 - 2014-05-03 18:44 - 00000000 ____D () C:\Users\Marti\Downloads\Curse of Chucky (2013) [1080p]
2014-05-03 18:41 - 2014-05-03 18:41 - 00000000 ____D () C:\Users\Marti\Downloads\Ghostquake UNCUT (2012) [1080p]
2014-05-03 18:37 - 2014-05-03 18:37 - 00000000 ____D () C:\Users\Marti\Downloads\Chernobyl (2012) [1080p]
2014-05-02 18:29 - 2014-05-02 18:29 - 00000000 ____D () C:\Users\Marti\Downloads\The Purge (2013) [1080p]
2014-05-02 18:25 - 2014-05-02 18:25 - 00000000 ____D () C:\Users\Marti\Downloads\Carrie (2013) [1080p]
2014-05-02 18:22 - 2014-05-02 18:49 - 00000000 ____D () C:\Users\Marti\Downloads\The.Divide.2011.LIMITED.1080p.Bluray.x264.anoXmous
2014-05-02 12:56 - 2014-05-02 13:00 - 00000000 ____D () C:\Users\Marti\AppData\Local\Arma 3
2014-05-02 12:56 - 2014-05-02 12:57 - 00000000 ____D () C:\Users\Marti\Documents\Arma 3
2014-05-02 12:56 - 2014-05-02 12:56 - 00000000 ____D () C:\ProgramData\Bohemia Interactive
2014-05-02 12:18 - 2014-05-13 18:38 - 00000000 ___DC () C:\Arma 3
2014-04-29 19:43 - 2014-04-29 19:43 - 00000000 ____D () C:\Users\Marti\Downloads\The Amazing Spiderman 2 3D 2014 NEW 720p CAM x264 Pimp4003
2014-04-29 19:15 - 2014-04-29 19:15 - 00000000 ____D () C:\Users\Marti\Downloads\The.Amazing.Spiderman.2.2014.CAM.V1.XviD.MP3-RARBG
2014-04-28 16:39 - 2014-04-28 16:39 - 00000000 ____D () C:\Users\Marti\Downloads\Kick-Ass (2010)
2014-04-27 19:16 - 2014-04-27 19:16 - 00000000 ____D () C:\Users\Marti\AppData\Roaming\OpenOffice
2014-04-27 14:05 - 2014-04-27 14:05 - 00001172 _____ () C:\Users\Marti\Desktop\OpenOffice 4.0.1.lnk
2014-04-27 14:05 - 2014-04-27 14:05 - 00000000 ___SD () C:\Users\Marti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-04-27 14:04 - 2014-04-27 14:05 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-04-27 13:34 - 2014-04-27 13:34 - 00000000 ____D () C:\Users\Marti\Downloads\Kick-Ass.2.2013.SWESUB.1080p.BRRip.H264
2014-04-25 14:26 - 2014-05-19 10:14 - 00891637 _____ () C:\Windows\WindowsUpdate.log
2014-04-24 16:56 - 2014-04-24 16:56 - 00000000 ____D () C:\Users\Marti\Downloads\Pride and Prejudice (2005) [1080p]
2014-04-20 21:41 - 2014-04-20 21:41 - 00000000 ____D () C:\Users\Marti\Downloads\The Karate Kid Part III (1989)
2014-04-20 21:41 - 2014-04-20 21:41 - 00000000 ____D () C:\Users\Marti\Downloads\The Karate Kid Part 2 (1986) [1080p]
2014-04-20 21:41 - 2014-04-20 21:41 - 00000000 ____D () C:\Users\Marti\Downloads\The Karate Kid (1984) [1080p]
2014-04-20 21:31 - 2014-04-20 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-20 21:31 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-20 21:31 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-20 21:31 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-20 21:31 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-20 21:30 - 2014-04-20 21:31 - 00004030 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log

==================== One Month Modified Files and Folders =======

2014-05-19 10:18 - 2014-05-19 10:18 - 00016772 _____ () C:\Users\Marti\Desktop\FRST.txt
2014-05-19 10:18 - 2014-05-19 10:17 - 00000000 ___DC () C:\FRST
2014-05-19 10:18 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-19 10:18 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-19 10:17 - 2014-05-19 10:17 - 02067456 ____C (Farbar) C:\Users\Marti\Desktop\FRST64.exe
2014-05-19 10:16 - 2014-05-19 10:16 - 00112640 ____C (forum.viry.cz) C:\Users\Marti\Desktop\FRSTLauncher.exe
2014-05-19 10:16 - 2014-05-19 10:16 - 00029696 _____ () C:\Users\Marti\AppData\Local\MSGBOX.EXE
2014-05-19 10:16 - 2014-05-19 10:16 - 00015327 _____ () C:\Users\Marti\Desktop\LM.bat
2014-05-19 10:14 - 2014-04-25 14:26 - 00891637 _____ () C:\Windows\WindowsUpdate.log
2014-05-19 10:11 - 2014-05-19 09:52 - 00024005 ____C () C:\zoek-results.log
2014-05-19 10:11 - 2013-04-14 09:10 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-19 10:10 - 2014-05-19 09:46 - 00000000 ___DC () C:\zoek_backup
2014-05-19 10:10 - 2014-05-18 12:05 - 00001512 _____ () C:\Windows\setupact.log
2014-05-19 10:10 - 2014-05-18 12:04 - 00023818 _____ () C:\Windows\PFRO.log
2014-05-19 10:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-19 09:47 - 2014-05-19 09:46 - 00000091 _____ () C:\Users\Marti\Desktop\sc.txt
2014-05-19 09:46 - 2012-10-06 07:45 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-19 09:45 - 2014-05-19 09:45 - 04095370 _____ () C:\Users\Marti\Desktop\zoek.zip
2014-05-19 09:40 - 2014-05-19 09:39 - 00000000 ___DC () C:\AdwCleaner
2014-05-19 09:38 - 2014-05-19 09:38 - 00002983 _____ () C:\Users\Marti\Desktop\JRT.txt
2014-05-19 09:33 - 2014-05-19 09:33 - 01328723 _____ () C:\Users\Marti\Desktop\adwcleaner_3.209.exe
2014-05-19 09:31 - 2014-05-19 09:31 - 01016261 _____ (Thisisu) C:\Users\Marti\Desktop\JRT.exe
2014-05-19 09:30 - 2012-10-09 06:53 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-19 09:14 - 2014-05-19 09:14 - 00935175 _____ () C:\Users\Marti\Desktop\RSITx64.exe
2014-05-19 09:14 - 2014-05-19 09:14 - 00000000 ___DC () C:\rsit
2014-05-19 09:14 - 2014-05-19 09:14 - 00000000 ____D () C:\Program Files\trend micro
2014-05-19 09:11 - 2009-07-14 06:45 - 00310312 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-19 08:57 - 2014-03-14 15:47 - 00000000 ___DC () C:\TeamViewer
2014-05-19 08:57 - 2012-08-17 15:02 - 00067248 _____ () C:\Users\Marti\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-19 08:56 - 2013-10-04 10:04 - 00000000 ____D () C:\ProgramData\Origin
2014-05-19 08:53 - 2013-10-18 13:47 - 00000000 ___DC () C:\Ableton
2014-05-19 08:45 - 2014-05-12 08:23 - 00000000 ___DC () C:\Bound By Flame
2014-05-19 08:43 - 2013-02-26 20:48 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-05-19 08:43 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-19 08:40 - 2013-02-23 09:41 - 00000000 ____D () C:\Users\Marti\Desktop\ZZ
2014-05-19 08:33 - 2014-05-19 08:33 - 00000000 ____D () C:\Windows\system32\log
2014-05-19 08:32 - 2014-05-19 08:13 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-19 08:14 - 2014-05-19 08:14 - 00000000 ____D () C:\Users\Marti\AppData\Local\VS Revo Group
2014-05-19 08:14 - 2014-05-19 08:14 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-05-18 20:25 - 2014-05-18 20:25 - 00000000 ____D () C:\Users\Marti\Desktop\Sad beat
2014-05-18 20:25 - 2012-08-17 15:58 - 00000000 ____D () C:\Users\Marti\AppData\Roaming\BitTorrent
2014-05-18 16:59 - 2014-05-18 16:57 - 00000000 ____D () C:\Users\Marti\Downloads\Contracted 2013 720p BRRip x264 AC3-JYK
2014-05-18 14:39 - 2014-05-18 14:39 - 00000000 ____D () C:\Users\Marti\Downloads\Dark Skies (2013) [1080p]
2014-05-18 13:59 - 2014-05-18 13:58 - 00000000 ____D () C:\Users\Marti\Downloads\Rio.2.2014.720p.HDTS.x264.MP3-RARBG
2014-05-18 12:05 - 2014-05-18 12:05 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-18 12:05 - 2014-05-03 19:08 - 00000000 ____D () C:\Users\Marti\Desktop\Tit
2014-05-18 12:04 - 2012-08-17 23:23 - 00000000 ____D () C:\Users\Marti\AppData\Local\CrashDumps
2014-05-18 11:52 - 2012-08-22 23:11 - 00000000 ____D () C:\Program Files (x86)\Intelore
2014-05-18 11:47 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-05-18 11:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-05-18 11:46 - 2014-05-18 11:43 - 00000000 ____D () C:\Users\Marti\AppData\Roaming\Seznam.cz
2014-05-18 11:46 - 2014-05-18 11:43 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-05-18 11:45 - 2014-05-18 11:45 - 00003118 _____ () C:\Windows\System32\Tasks\{BC5878DE-1B57-4B8F-96CC-33D1D7A9E804}
2014-05-18 11:43 - 2014-05-18 11:43 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-05-18 11:43 - 2014-05-18 11:43 - 00003448 _____ () C:\Windows\System32\Tasks\YTAUpdate
2014-05-18 11:43 - 2014-05-18 11:43 - 00003262 _____ () C:\Windows\System32\Tasks\YTAUpdate_logon
2014-05-18 10:48 - 2012-08-25 19:47 - 00000631 _____ () C:\Users\Marti\Desktop\World of Warcraft.lnk
2014-05-17 22:08 - 2014-05-17 21:26 - 00466547 _____ () C:\Users\Marti\Desktop\Madness.flp
2014-05-17 21:12 - 2014-05-17 20:09 - 00000000 ____D () C:\Users\Marti\Desktop\Madness
2014-05-17 16:45 - 2014-05-17 16:36 - 00000000 ____D () C:\Users\Marti\Desktop\Ibranovski - Filthy
2014-05-16 19:14 - 2014-05-16 20:02 - 00108771 _____ () C:\Users\Marti\Desktop\Paranormal Activity The Marked Ones.srt
2014-05-16 19:13 - 2014-05-16 19:13 - 00000000 ____D () C:\Users\Marti\Downloads\Paranormal Activity The Marked Ones (2014) [1080p]
2014-05-16 17:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-16 07:25 - 2012-08-17 15:05 - 00000000 ___RD () C:\Users\Marti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 07:25 - 2012-08-17 15:05 - 00000000 ___RD () C:\Users\Marti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 04:50 - 2014-05-19 08:33 - 00043520 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2014-05-15 21:48 - 2014-05-06 16:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-15 20:25 - 2014-05-15 20:25 - 00000000 ____D () C:\Users\Marti\Downloads\Elysium (2013) [1080p]
2014-05-15 11:27 - 2014-02-16 11:28 - 00000000 ____D () C:\Users\Marti\AppData\Local\Battle.net
2014-05-15 11:12 - 2013-01-05 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-05-15 11:12 - 2012-03-26 08:37 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-15 07:39 - 2013-08-14 08:54 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 07:36 - 2012-08-18 13:10 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 17:15 - 2014-05-14 17:15 - 00000000 ____D () C:\Users\Marti\Downloads\12 Years a Slave (2013) [1080p]
2014-05-14 17:11 - 2014-05-14 17:11 - 00000000 ____D () C:\Users\Marti\Downloads\After Earth (2013) [1080p]
2014-05-14 16:26 - 2013-11-05 09:58 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-14 13:46 - 2012-10-06 07:45 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 13:46 - 2012-03-26 09:06 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 13:46 - 2012-03-26 09:06 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 13:21 - 2014-05-14 13:21 - 00001339 _____ () C:\Users\Marti\Desktop\L4D2 Control Panel.lnk
2014-05-14 13:21 - 2014-05-14 13:21 - 00001299 _____ () C:\Users\Marti\Desktop\Left 4 Dead 2.lnk
2014-05-14 12:30 - 2014-05-14 11:40 - 00000000 ____D () C:\Users\Marti\Downloads\Left 4 Dead 2 V2.0.2.7 Full-Rip {blaze69}
2014-05-13 18:38 - 2014-05-02 12:18 - 00000000 ___DC () C:\Arma 3
2014-05-13 17:06 - 2012-08-25 17:58 - 00000000 ___DC () C:\World of Warcraft
2014-05-13 10:39 - 2012-05-03 21:08 - 00669116 _____ () C:\Windows\system32\perfh005.dat
2014-05-13 10:39 - 2012-05-03 21:08 - 00141744 _____ () C:\Windows\system32\perfc005.dat
2014-05-13 10:39 - 2009-07-14 07:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-12 14:57 - 2014-05-12 11:02 - 00000000 ____D () C:\Users\Marti\Documents\Bound by Flame
2014-05-12 11:02 - 2013-03-21 10:39 - 00000000 ____D () C:\ProgramData\Steam
2014-05-12 08:49 - 2012-08-18 17:28 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-05-11 12:39 - 2014-05-11 10:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 08:14 - 2014-05-15 07:34 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-15 07:34 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-07 17:08 - 2012-08-17 15:32 - 00000000 ____D () C:\Users\Marti\AppData\Roaming\Skype
2014-05-06 06:40 - 2014-05-15 07:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-15 07:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-15 07:40 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-15 07:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-15 07:40 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-15 07:40 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 18:55 - 2014-05-06 20:45 - 00092266 _____ () C:\Users\Marti\Desktop\The Hobbit The Desolation of Smaug.srt
2014-05-05 15:34 - 2014-05-05 15:34 - 00000000 ____D () C:\Users\Marti\Downloads\Hobbit The Desolation of Smaug (2013) [1080p]
2014-05-05 15:34 - 2014-05-05 15:34 - 00000000 ____D () C:\Users\Marti\Downloads\Hobbit An Unexpected Journey (2012) [1080p]
2014-05-05 15:32 - 2014-05-05 15:32 - 00000000 ____D () C:\Users\Marti\Downloads\Bridge to Terabithia (2007) [1080p]
2014-05-05 14:50 - 2014-04-15 15:57 - 00000000 ____D () C:\Users\Marti\Desktop\MSS texty
2014-05-03 19:07 - 2012-12-27 22:04 - 00000000 ___DC () C:\Traktor S4
2014-05-03 18:50 - 2014-05-03 18:50 - 00000000 ____D () C:\Users\Marti\Downloads\Silent Hills (2006) [1080p]
2014-05-03 18:47 - 2014-05-03 18:46 - 00000000 ____D () C:\Users\Marti\Downloads\World War Z (2013) [1080p]
2014-05-03 18:45 - 2014-05-03 18:45 - 00000000 ____D () C:\Users\Marti\Downloads\Hansel and Gretel Witch Hunters (2013) [1080p]
2014-05-03 18:44 - 2014-05-03 18:44 - 00000000 ____D () C:\Users\Marti\Downloads\Curse of Chucky (2013) [1080p]
2014-05-03 18:41 - 2014-05-03 18:41 - 00000000 ____D () C:\Users\Marti\Downloads\Ghostquake UNCUT (2012) [1080p]
2014-05-03 18:37 - 2014-05-03 18:37 - 00000000 ____D () C:\Users\Marti\Downloads\Chernobyl (2012) [1080p]
2014-05-02 18:49 - 2014-05-02 18:22 - 00000000 ____D () C:\Users\Marti\Downloads\The.Divide.2011.LIMITED.1080p.Bluray.x264.anoXmous
2014-05-02 18:29 - 2014-05-02 18:29 - 00000000 ____D () C:\Users\Marti\Downloads\The Purge (2013) [1080p]
2014-05-02 18:25 - 2014-05-02 18:25 - 00000000 ____D () C:\Users\Marti\Downloads\Carrie (2013) [1080p]
2014-05-02 14:18 - 2012-08-17 18:02 - 00000000 ____D () C:\Users\Marti\AppData\Roaming\DAEMON Tools Lite
2014-05-02 13:00 - 2014-05-02 12:56 - 00000000 ____D () C:\Users\Marti\AppData\Local\Arma 3
2014-05-02 12:57 - 2014-05-02 12:56 - 00000000 ____D () C:\Users\Marti\Documents\Arma 3
2014-05-02 12:56 - 2014-05-02 12:56 - 00000000 ____D () C:\ProgramData\Bohemia Interactive
2014-05-01 18:54 - 2014-03-22 16:14 - 00000000 ____D () C:\Users\Marti\Desktop\Undarion
2014-04-29 19:43 - 2014-04-29 19:43 - 00000000 ____D () C:\Users\Marti\Downloads\The Amazing Spiderman 2 3D 2014 NEW 720p CAM x264 Pimp4003
2014-04-29 19:15 - 2014-04-29 19:15 - 00000000 ____D () C:\Users\Marti\Downloads\The.Amazing.Spiderman.2.2014.CAM.V1.XviD.MP3-RARBG
2014-04-28 16:39 - 2014-04-28 16:39 - 00000000 ____D () C:\Users\Marti\Downloads\Kick-Ass (2010)
2014-04-28 05:40 - 2013-07-19 21:07 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-27 19:16 - 2014-04-27 19:16 - 00000000 ____D () C:\Users\Marti\AppData\Roaming\OpenOffice
2014-04-27 14:05 - 2014-04-27 14:05 - 00001172 _____ () C:\Users\Marti\Desktop\OpenOffice 4.0.1.lnk
2014-04-27 14:05 - 2014-04-27 14:05 - 00000000 ___SD () C:\Users\Marti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-04-27 14:05 - 2014-04-27 14:04 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-04-27 14:04 - 2012-09-16 12:57 - 00000000 ____D () C:\Program Files (x86)\OpenOffice.org 3
2014-04-27 13:59 - 2012-09-16 12:56 - 00000000 ___DC () C:\Open Office 3.4.1
2014-04-27 13:43 - 2012-12-07 17:07 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-04-27 13:43 - 2012-12-07 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-04-27 13:34 - 2014-04-27 13:34 - 00000000 ____D () C:\Users\Marti\Downloads\Kick-Ass.2.2013.SWESUB.1080p.BRRip.H264
2014-04-24 16:56 - 2014-04-24 16:56 - 00000000 ____D () C:\Users\Marti\Downloads\Pride and Prejudice (2005) [1080p]
2014-04-20 21:41 - 2014-04-20 21:41 - 00000000 ____D () C:\Users\Marti\Downloads\The Karate Kid Part III (1989)
2014-04-20 21:41 - 2014-04-20 21:41 - 00000000 ____D () C:\Users\Marti\Downloads\The Karate Kid Part 2 (1986) [1080p]
2014-04-20 21:41 - 2014-04-20 21:41 - 00000000 ____D () C:\Users\Marti\Downloads\The Karate Kid (1984) [1080p]
2014-04-20 21:31 - 2014-04-20 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-20 21:31 - 2014-04-20 21:30 - 00004030 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-20 21:31 - 2013-10-16 14:52 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-20 21:31 - 2013-10-16 14:51 - 00000000 ____D () C:\Program Files (x86)\Java

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-15 07:33] - [2014-03-04 11:43] - 0455168 ____A (Microsoft Corporation) 88AB9B72B4BF3963A0DE0820B4B0B06C

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-19 06:58

==================== End Of Log ============================

[vyosek]

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [InstantUpdate] => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe [124520 2012-04-07] ()
  HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
  HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
  HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
  HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
  HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
  HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
  HKU\S-1-5-21-2648260563-251267029-1120944512-1001\...\Run: [DAEMON Tools Lite] => C:\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
  HKU\S-1-5-21-2648260563-251267029-1120944512-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
  HKU\S-1-5-21-2648260563-251267029-1120944512-1001\...\MountPoints2: {bb8202df-ce63-11e2-ab28-dc0ea1aaf964} - I:\Startme.exe
  
  SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
  BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
  Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
  
  FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-05-11]
  
  DisableService: c2cautoupdatesvc
  DisableService: c2cpnrsvc
  
  S3 cpuz130; \??\C:\Users\Marti\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
  S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
  S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
  
  C:\Program Files\Enigma Software Group
  C:\Spybot - Search & Destroy
  2014-05-19 10:16 - 2014-05-19 10:16 - 00112640 ____C (forum.viry.cz) C:\Users\Marti\Desktop\FRSTLauncher.exe
  2014-05-19 10:16 - 2014-05-19 10:16 - 00029696 _____ () C:\Users\Marti\AppData\Local\MSGBOX.EXE
  2014-05-19 10:16 - 2014-05-19 10:16 - 00015327 _____ () C:\Users\Marti\Desktop\LM.bat
  2014-05-19 10:10 - 2014-02-13 23:59 - 00024064 _____ () C:\Windows\zoek-delete.exe
  2014-05-19 09:52 - 2014-05-19 10:11 - 00024005 ____C () C:\zoek-results.log
  2014-05-19 09:46 - 2014-05-19 10:10 - 00000000 ___DC () C:\zoek_backup
  2014-05-19 09:46 - 2014-05-19 09:47 - 00000091 _____ () C:\Users\Marti\Desktop\sc.txt
  2014-05-19 09:45 - 2014-05-19 09:45 - 04095370 _____ () C:\Users\Marti\Desktop\zoek.zip
  2014-05-19 09:45 - 2014-03-08 11:24 - 01285120 _____ () C:\Users\Marti\Desktop\zoek.exe
  2014-05-19 09:45 - 2014-03-08 11:05 - 01414742 _____ () C:\Users\Marti\Desktop\zoek.scr
  2014-05-19 09:45 - 2014-03-08 11:05 - 01414742 _____ () C:\Users\Marti\Desktop\zoek.com
  2014-05-19 09:38 - 2014-05-19 09:38 - 00002983 _____ () C:\Users\Marti\Desktop\JRT.txt
  2014-05-19 09:33 - 2014-05-19 09:33 - 01328723 _____ () C:\Users\Marti\Desktop\adwcleaner_3.209.exe
  2014-05-19 09:31 - 2014-05-19 09:31 - 01016261 _____ (Thisisu) C:\Users\Marti\Desktop\JRT.exe
  2014-05-19 09:14 - 2014-05-19 09:14 - 00935175 _____ () C:\Users\Marti\Desktop\RSITx64.exe
  2014-05-19 09:14 - 2014-05-19 09:14 - 00000000 ___DC () C:\rsit
  2014-05-19 09:14 - 2014-05-19 09:14 - 00000000 ____D () C:\Program Files\trend micro
  2014-05-18 11:43 - 2014-05-18 11:43 - 00003448 _____ () C:\Windows\System32\Tasks\YTAUpdate
  2014-05-18 11:43 - 2014-05-18 11:43 - 00003262 _____ () C:\Windows\System32\Tasks\YTAUpdate_logon
  
  
  Task: {029ABDB0-3C69-48D0-B5FD-7636655B5DF5} - \YourFile Update No Task File <==== ATTENTION
  Task: {11CA61A8-D37A-4883-B463-DB3BA25E4E57} - \Desk 365 RunAsStdUser No Task File <==== ATTENTION
  Task: {3B522D63-4A4C-4248-8BFF-5C361A96F290} - \RunAsStdUser Task No Task File <==== ATTENTION
  Task: {49718A0A-5841-40CA-9693-FE87BD8E76B8} - \Omiga Plus RunAsStdUser No Task File <==== ATTENTION
  Task: {EE36BBB6-1F3A-440A-A23C-DC34E78DCAFA} - \Funmoods No Task File <==== ATTENTION
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  
  AlternateDataStreams: C:\ProgramData\Temp:56E2E879
  
  Hosts:
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[Kallerno]

Fixlog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-05-2014
Ran by Marti at 2014-05-19 10:39:06 Run:1
Running from C:\Users\Marti\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [InstantUpdate] => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe [124520 2012-04-07] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2648260563-251267029-1120944512-1001\...\Run: [DAEMON Tools Lite] => C:\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-2648260563-251267029-1120944512-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2648260563-251267029-1120944512-1001\...\MountPoints2: {bb8202df-ce63-11e2-ab28-dc0ea1aaf964} - I:\Startme.exe

SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-05-11]

DisableService: c2cautoupdatesvc
DisableService: c2cpnrsvc

S3 cpuz130; \??\C:\Users\Marti\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]

C:\Program Files\Enigma Software Group
C:\Spybot - Search & Destroy
2014-05-19 10:16 - 2014-05-19 10:16 - 00112640 ____C (forum.viry.cz) C:\Users\Marti\Desktop\FRSTLauncher.exe
2014-05-19 10:16 - 2014-05-19 10:16 - 00029696 _____ () C:\Users\Marti\AppData\Local\MSGBOX.EXE
2014-05-19 10:16 - 2014-05-19 10:16 - 00015327 _____ () C:\Users\Marti\Desktop\LM.bat
2014-05-19 10:10 - 2014-02-13 23:59 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-19 09:52 - 2014-05-19 10:11 - 00024005 ____C () C:\zoek-results.log
2014-05-19 09:46 - 2014-05-19 10:10 - 00000000 ___DC () C:\zoek_backup
2014-05-19 09:46 - 2014-05-19 09:47 - 00000091 _____ () C:\Users\Marti\Desktop\sc.txt
2014-05-19 09:45 - 2014-05-19 09:45 - 04095370 _____ () C:\Users\Marti\Desktop\zoek.zip
2014-05-19 09:45 - 2014-03-08 11:24 - 01285120 _____ () C:\Users\Marti\Desktop\zoek.exe
2014-05-19 09:45 - 2014-03-08 11:05 - 01414742 _____ () C:\Users\Marti\Desktop\zoek.scr
2014-05-19 09:45 - 2014-03-08 11:05 - 01414742 _____ () C:\Users\Marti\Desktop\zoek.com
2014-05-19 09:38 - 2014-05-19 09:38 - 00002983 _____ () C:\Users\Marti\Desktop\JRT.txt
2014-05-19 09:33 - 2014-05-19 09:33 - 01328723 _____ () C:\Users\Marti\Desktop\adwcleaner_3.209.exe
2014-05-19 09:31 - 2014-05-19 09:31 - 01016261 _____ (Thisisu) C:\Users\Marti\Desktop\JRT.exe
2014-05-19 09:14 - 2014-05-19 09:14 - 00935175 _____ () C:\Users\Marti\Desktop\RSITx64.exe
2014-05-19 09:14 - 2014-05-19 09:14 - 00000000 ___DC () C:\rsit
2014-05-19 09:14 - 2014-05-19 09:14 - 00000000 ____D () C:\Program Files\trend micro
2014-05-18 11:43 - 2014-05-18 11:43 - 00003448 _____ () C:\Windows\System32\Tasks\YTAUpdate
2014-05-18 11:43 - 2014-05-18 11:43 - 00003262 _____ () C:\Windows\System32\Tasks\YTAUpdate_logon


Task: {029ABDB0-3C69-48D0-B5FD-7636655B5DF5} - \YourFile Update No Task File <==== ATTENTION
Task: {11CA61A8-D37A-4883-B463-DB3BA25E4E57} - \Desk 365 RunAsStdUser No Task File <==== ATTENTION
Task: {3B522D63-4A4C-4248-8BFF-5C361A96F290} - \RunAsStdUser Task No Task File <==== ATTENTION
Task: {49718A0A-5841-40CA-9693-FE87BD8E76B8} - \Omiga Plus RunAsStdUser No Task File <==== ATTENTION
Task: {EE36BBB6-1F3A-440A-A23C-DC34E78DCAFA} - \Funmoods No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

AlternateDataStreams: C:\ProgramData\Temp:56E2E879

Hosts:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\InstantUpdate => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvBackend => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IsMyWinLockerReboot => Value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IsMyWinLockerReboot => Value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IsMyWinLockerReboot => Value deleted successfully.
HKU\S-1-5-21-2648260563-251267029-1120944512-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\S-1-5-21-2648260563-251267029-1120944512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks => Value deleted successfully.
HKU\S-1-5-21-2648260563-251267029-1120944512-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bb8202df-ce63-11e2-ab28-dc0ea1aaf964} => Key deleted successfully.
HKCR\CLSID\{bb8202df-ce63-11e2-ab28-dc0ea1aaf964} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{53707962-6F74-2D53-2644-206D7942484F} => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi => Moved successfully.
c2cautoupdatesvc service was disabled
c2cpnrsvc service was disabled
cpuz130 => Service deleted successfully.
esgiguard => Service deleted successfully.
GGSAFERDriver => Service deleted successfully.
C:\Program Files\Enigma Software Group => Moved successfully.
C:\Spybot - Search & Destroy => Moved successfully.
C:\Users\Marti\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\Marti\AppData\Local\MSGBOX.EXE => Moved successfully.
C:\Users\Marti\Desktop\LM.bat => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Marti\Desktop\sc.txt => Moved successfully.
C:\Users\Marti\Desktop\zoek.zip => Moved successfully.
C:\Users\Marti\Desktop\zoek.exe => Moved successfully.
C:\Users\Marti\Desktop\zoek.scr => Moved successfully.
C:\Users\Marti\Desktop\zoek.com => Moved successfully.
C:\Users\Marti\Desktop\JRT.txt => Moved successfully.
C:\Users\Marti\Desktop\adwcleaner_3.209.exe => Moved successfully.
C:\Users\Marti\Desktop\JRT.exe => Moved successfully.
C:\Users\Marti\Desktop\RSITx64.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Windows\System32\Tasks\YTAUpdate => Moved successfully.
C:\Windows\System32\Tasks\YTAUpdate_logon => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{029ABDB0-3C69-48D0-B5FD-7636655B5DF5} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{029ABDB0-3C69-48D0-B5FD-7636655B5DF5} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YourFile Update => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{11CA61A8-D37A-4883-B463-DB3BA25E4E57} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11CA61A8-D37A-4883-B463-DB3BA25E4E57} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Desk 365 RunAsStdUser => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B522D63-4A4C-4248-8BFF-5C361A96F290} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B522D63-4A4C-4248-8BFF-5C361A96F290} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RunAsStdUser Task => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{49718A0A-5841-40CA-9693-FE87BD8E76B8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49718A0A-5841-40CA-9693-FE87BD8E76B8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Omiga Plus RunAsStdUser => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EE36BBB6-1F3A-440A-A23C-DC34E78DCAFA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE36BBB6-1F3A-440A-A23C-DC34E78DCAFA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Funmoods => Key deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\ProgramData\Temp => ":56E2E879" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

[vyosek]

Jak se chova PC, problemy pryc?

[Kallerno]

SmartTweak se už nespouští, pod skrytáma ikonama není.Myslím, že je problém vyřešen.Děkuji za pomoc.Vážím si toho.

[vyosek]

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse Jinak nemate zac, rado se stalo