Nevyziadany update pri starte windowsu

[h4pple]

Dobry den, moj problem vyzera asi takto....zapnem windows a okamzite po starte sa mi spusti aplikacia s nazvom steamhelper ktora nieco updatuje, nejde to vypnut, nezapina sa to subezne so steamom lebo ten mam pri starte windowsu vypnuty stale, neviem v com moze byt problem ale je to dost otravne....zaroven by som bol rad aj za preventivku kedze sa mi uz nejaka haved mohla dostat do PC od poslednej kontroly, dakujem tu je log:



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
Ran by h4pple99 (administrator) on H4PPLE (04-01-2016 19:12:55)
Running from C:\Users\h4pple99\Desktop
Loaded Profiles: h4pple99 (Available Profiles: h4pple99 & Administrator)
Platform: Windows 8.1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update Service.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(forum.viry.cz) C:\Users\h4pple99\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-08] (ELAN Microelectronics Corp.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [903384 2013-07-24] (Conexant Systems, Inc.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2013-08-12] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2013-08-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Smart Update] => C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update.exe [1706576 2012-08-02] (Lenovo)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-18] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-3547628435-3712409865-1790832751-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-3547628435-3712409865-1790832751-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [177600 2015-11-05] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177600 2015-11-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155792 2015-11-05] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-18] (AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-08-12]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\h4pple99\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2015-06-24] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{414FCED5-01D5-4364-8232-DEEAADE4E362}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{8D1082C1-5AE6-4177-AAED-D5F9BD04EF82}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3547628435-3712409865-1790832751-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-3547628435-3712409865-1790832751-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-3547628435-3712409865-1790832751-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-3547628435-3712409865-1790832751-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-18] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-25] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-18] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-25] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-30] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll [2012-07-16] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2012-12-19] (Verimatrix, Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3547628435-3712409865-1790832751-1002: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2012-12-19] (Verimatrix, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-18]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-18]

Chrome:
=======
CHR HomePage: Default -> hxxp://start.icq.com/
CHR StartupUrls: Default -> "hxxp://websearch.pu-results.info/?pid=625&r=2013/03/17&hid=1086573019&lg=EN&cc=SK","hxxp://isearch.omiga-plus.com/?type=hp&ts=1404473379&from=smt&uid=ST1000LM024XHN-M101MBB_S2SMJ9ED542223","hxxp://www.delta-homes.com/?type=hp&ts=1419416 ... J9ED542223"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (Google Search) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (AdBlock) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-08]
CHR Extension: (Gmail) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-30]
CHR Profile: C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-13]
CHR Extension: (Google Docs) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-13]
CHR Extension: (Google Drive) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-13]
CHR Extension: (YouTube) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-13]
CHR Extension: (Google Search) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-13]
CHR Extension: (Avast SafePrice) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-01-13]
CHR Extension: (Google Sheets) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-13]
CHR Extension: (Avast Online Security) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-13]
CHR Extension: (Google Wallet) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-13]
CHR Extension: (Gmail) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-18]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-18] (AVAST Software)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2014-12-25] (Alcohol Soft Development Team)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-04-02] (BitRaider, LLC)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [953720 2012-08-26] (Broadcom Corporation.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 Lenovo Smart Update Service; C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update Service.exe [66640 2012-07-18] (Lenovo)
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-07-16] (Nitro PDF Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-23] (Electronic Arts)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2014-12-25] (StarWind Software) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-12-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-12-25] (Microsoft Corporation)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-18] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-18] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2015-12-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [451040 2015-12-18] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-18] (AVAST Software)
U3 axscsidrv; C:\Windows\System32\Drivers\axscsidrv.sys [293888 2014-12-25] (Alcohol Soft Development Team)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-04-03] (BitRaider)
U3 dtscsidrv; C:\Windows\System32\Drivers\dtscsidrv.sys [309248 2014-12-25] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-12-25] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [43664 2015-05-24] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8222736 2012-06-15] (Realtek Semiconductor Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-12-25] (Duplex Secure Ltd.)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35320 2014-12-25] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [258368 2014-12-25] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-12-25] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-04 19:12 - 2016-01-04 19:13 - 00022805 _____ C:\Users\h4pple99\Desktop\FRST.txt
2016-01-04 19:07 - 2016-01-04 19:10 - 00112640 _____ (forum.viry.cz) C:\Users\h4pple99\Desktop\FRSTLauncher.exe
2016-01-04 19:06 - 2016-01-04 19:06 - 02370560 _____ (Farbar) C:\Users\h4pple99\Desktop\FRST64.exe
2016-01-04 16:37 - 2016-01-04 16:38 - 00000222 _____ C:\Users\h4pple99\Desktop\Heroes & Generals.url
2016-01-04 15:24 - 2016-01-04 15:26 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\Ubisoft
2016-01-02 13:49 - 2016-01-02 13:49 - 00000000 ____D C:\Users\h4pple99\Downloads\RYTMUS.sidliskovy.sen.2015.DVDRip.XviD.CZ-TreZzoR
2016-01-02 13:47 - 2016-01-02 13:47 - 00000000 ____D C:\Users\h4pple99\Downloads\Ted.2.2015.BDRip.XviD.CZ-TreZzoR
2016-01-02 13:39 - 2016-01-02 13:46 - 1872568320 ____R C:\Users\h4pple99\Downloads\Maze.Runner.The.Scorch.Trials.2015.BDRip.XviD.AC3.CZ-Worm.avi
2016-01-02 13:31 - 2016-01-02 16:54 - 1262449266 _____ C:\Users\h4pple99\Downloads\Hitman.Agent.47.2015.BDRip.x264.CZ-TreZzoR.mkv
2016-01-02 13:30 - 2016-01-02 13:37 - 1351063552 ____R C:\Users\h4pple99\Downloads\Vacation.2015.BDRip.XviD.AC3.CZ-Worm.avi
2016-01-02 13:24 - 2016-01-02 13:29 - 1437431808 ____R C:\Users\h4pple99\Downloads\Nesmrtelný 2015 Cz dab..avi
2016-01-02 08:12 - 2016-01-02 08:27 - 00000000 ____D C:\Users\h4pple99\AppData\Local\Warframe
2016-01-01 13:10 - 2016-01-01 13:13 - 785940480 ____R C:\Users\h4pple99\Downloads\Jeden musí z kola ven Tinker Tailor Soldier Spy (2011).avi
2016-01-01 12:35 - 2016-01-01 12:40 - 964165632 ____R C:\Users\h4pple99\Downloads\Child.44.2015.BDRip.XviD.CZ-HiDE.avi
2016-01-01 12:30 - 2016-01-01 12:48 - 752730112 ____R C:\Users\h4pple99\Downloads\The Grey.avi
2015-12-29 22:10 - 2015-12-29 22:10 - 00001759 _____ C:\Users\Public\Desktop\Prison Architect.lnk
2015-12-29 22:10 - 2015-12-29 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prison Architect [GOG.com]
2015-12-29 00:52 - 2016-01-04 18:55 - 00003432 _____ C:\WINDOWS\System32\Tasks\SteamClient
2015-12-29 00:52 - 2015-12-29 00:52 - 00001493 _____ C:\Users\Public\Desktop\Life Is Strange.lnk
2015-12-29 00:52 - 2015-12-29 00:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Life Is Strange
2015-12-29 00:28 - 2015-12-30 19:01 - 00000000 ____D C:\Program Files (x86)\Life Is Strange
2015-12-28 22:22 - 2015-12-28 22:22 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\MMFApplications
2015-12-28 22:15 - 2015-12-29 21:50 - 00000000 ____D C:\Users\h4pple99\AppData\Local\Introversion
2015-12-25 22:44 - 2015-12-25 22:53 - 00000000 ____D C:\Users\h4pple99\Downloads\Everest.2015.HDRip.XViD-ETRG
2015-12-18 21:00 - 2015-12-18 21:05 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\MultiBitHD
2015-12-18 20:57 - 2015-12-18 20:57 - 00001992 _____ C:\Users\Public\Desktop\MultiBit HD.lnk
2015-12-18 20:57 - 2015-12-18 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiBit HD
2015-12-18 20:56 - 2015-12-18 20:57 - 00000000 ____D C:\Program Files\MultiBit HD
2015-12-18 07:43 - 2015-12-18 07:43 - 00386096 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-12-18 07:43 - 2015-12-18 07:43 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-12-15 21:26 - 2015-12-15 21:26 - 00000219 _____ C:\Users\h4pple99\Desktop\Counter-Strike Global Offensive.url

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-04 19:13 - 2014-09-24 06:35 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-04 19:13 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-01-04 19:12 - 2015-08-06 19:49 - 00000000 ____D C:\FRST
2016-01-04 18:58 - 2014-12-24 17:20 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\Nitro PDF
2016-01-04 18:56 - 2015-10-20 14:20 - 00003490 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2016-01-04 18:49 - 2014-12-25 11:44 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-01-04 18:47 - 2015-03-26 21:05 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-01-04 18:47 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-04 18:47 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2016-01-04 18:42 - 2015-10-30 15:28 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-04 17:46 - 2015-08-30 09:29 - 00000958 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-04 17:35 - 2015-01-22 21:22 - 00000000 ____D C:\Users\h4pple99\AppData\LocalLow\Heroes and Generals
2016-01-04 17:25 - 2015-05-17 15:01 - 00003974 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B98C943C-C770-4D89-B63D-386C9D33D4FF}
2016-01-04 16:58 - 2014-12-25 10:22 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3547628435-3712409865-1790832751-1002
2016-01-04 16:44 - 2014-12-25 02:11 - 00000000 ____D C:\Users\h4pple99
2016-01-04 15:35 - 2015-03-13 11:18 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2016-01-04 15:35 - 2015-03-13 11:18 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2016-01-04 15:35 - 2013-08-12 14:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-04 15:32 - 2014-12-24 12:11 - 00000000 ____D C:\Users\h4pple99\AppData\Local\Packages
2016-01-04 15:32 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-04 15:23 - 2013-08-30 12:15 - 00000000 ____D C:\Games
2016-01-04 11:05 - 2013-08-17 21:21 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2016-01-04 01:25 - 2014-12-25 20:11 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\uTorrent
2016-01-04 01:02 - 2014-12-25 20:26 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\vlc
2016-01-03 22:53 - 2014-12-28 09:09 - 00000000 ____D C:\Users\h4pple99\AppData\Local\Deployment
2016-01-03 15:19 - 2014-12-25 11:38 - 01223168 ___SH C:\Users\h4pple99\Desktop\Thumbs.db
2016-01-03 05:41 - 2015-03-26 21:05 - 00003858 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-01-02 14:47 - 2015-01-22 20:29 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-02 14:15 - 2015-11-23 19:32 - 00040448 ___SH C:\Users\h4pple99\Downloads\Thumbs.db
2016-01-02 14:06 - 2014-12-25 18:36 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\Skype
2016-01-02 06:37 - 2015-08-06 20:38 - 00000000 ____D C:\AdwCleaner
2016-01-02 06:37 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-31 22:42 - 2014-12-25 13:24 - 00000000 ____D C:\Users\h4pple99\AppData\Local\Battle.net
2015-12-31 21:58 - 2013-10-24 14:33 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-12-29 21:50 - 2015-01-22 21:22 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\NVIDIA
2015-12-29 11:28 - 2015-02-16 11:45 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\Steam
2015-12-29 01:12 - 2013-08-16 12:24 - 00000000 ____D C:\Users\h4pple99\Documents\My Games
2015-12-28 22:21 - 2015-01-28 16:46 - 00000000 ____D C:\GOG Games
2015-12-27 15:31 - 2014-11-05 22:46 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-12-27 14:12 - 2013-10-24 14:38 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-12-23 15:14 - 2015-12-01 11:45 - 00000000 ____D C:\Users\h4pple99\Downloads\S4
2015-12-23 00:30 - 2015-09-24 14:54 - 00001178 _____ C:\Users\Public\Desktop\FIFA 16.lnk
2015-12-23 00:27 - 2014-12-25 12:30 - 00000000 ____D C:\ProgramData\Origin
2015-12-23 00:27 - 2013-09-10 18:40 - 00000000 ____D C:\Program Files (x86)\Origin
2015-12-18 19:43 - 2014-12-25 11:44 - 00451040 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-12-18 19:43 - 2014-12-25 11:44 - 00097648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2015-12-18 07:43 - 2014-12-25 11:44 - 00273784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-12-18 07:43 - 2014-12-25 11:44 - 00155304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-12-18 07:43 - 2014-12-25 11:44 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-12-18 07:43 - 2014-12-25 11:44 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-12-18 07:43 - 2014-12-25 11:44 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-12-18 07:42 - 2014-12-25 11:44 - 01055560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-12-16 20:50 - 2014-12-24 18:26 - 00002226 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-12 22:08 - 2013-09-15 18:10 - 00000000 ____D C:\Users\h4pple99\Documents\Dokumenty
2015-12-09 19:29 - 2015-03-21 10:15 - 00003854 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1378842729
2015-12-09 19:29 - 2013-09-10 20:52 - 00000000 ____D C:\Program Files (x86)\Opera
2015-12-09 11:03 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps

==================== Files in the root of some directories =======

2014-12-24 17:10 - 2014-12-25 18:24 - 0006379 _____ () C:\Users\h4pple99\AppData\Roaming\AbsoluteReminder.xml
2015-06-13 20:21 - 2015-06-13 20:22 - 0003584 _____ () C:\Users\h4pple99\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-06 22:11 - 2015-08-06 22:11 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\h4pple99\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\h4pple99\Desktop" je 56 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Rudy]

Zdravím!
Samotný Steam je tolerovaný šmejd. Ve svém PC bych ho nesnesl. Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[h4pple]

este taka poznamka, adwcleaner som spustal presne vcera, presne tie isty problemy mi vyhodilo a tvarilo sa presne tak isto ako teraz, ze ich to zmazalo a ono po dnesnom scane su tam opat...a po restarte PC znova to iste s tym steamhelperom...tu je log:


# AdwCleaner v5.027 - Logfile created 04/01/2016 at 20:21:32
# Updated 30/12/2015 by Xplode
# Database : 2016-01-04.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : h4pple99 - H4PPLE
# Running from : C:\Users\h4pple99\Desktop\adwcleaner_5.027.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

[-] [C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : search.delta-homes.com
[-] [C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : search.delta-homes.com__
[-] [C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : icq
[-] [C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : isearch.omiga-plus.com
[-] [C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : delta-homes
[-] [C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : websearch
[-] [C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : daemon-tools.en.softonic.com
[-] [C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : omiga-plus
[-] [C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : search.delta-homes.com_
[-] [C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://websearch.pu-results.info/?pid=625&r=2013/03/17&hid=1086573019&lg=EN&cc=SK
[-] [C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://isearch.omiga-plus.com/?type=hp&ts=1404473379&from=smt&uid=ST1000LM024XHN-M101MBB_S2SMJ9ED542223
[-] [C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.delta-homes.com/?type=hp&ts=1419416 ... J9ED542223
[-] [C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : noajmlkipclmeolfcnflkjhijkigpfjh
[-] [C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://start.icq.com/

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [2707 bytes] ##########

[Rudy]

Dejte nový log FRST.

[h4pple]

tu je log:


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
Ran by h4pple99 (administrator) on H4PPLE (04-01-2016 21:28:08)
Running from C:\Users\h4pple99\Desktop
Loaded Profiles: h4pple99 (Available Profiles: h4pple99 & Administrator)
Platform: Windows 8.1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update Service.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Users\h4pple99\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(forum.viry.cz) C:\Users\h4pple99\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-08] (ELAN Microelectronics Corp.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [903384 2013-07-24] (Conexant Systems, Inc.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2013-08-12] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2013-08-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Smart Update] => C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update.exe [1706576 2012-08-02] (Lenovo)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-18] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-3547628435-3712409865-1790832751-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-3547628435-3712409865-1790832751-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [177600 2015-11-05] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177600 2015-11-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155792 2015-11-05] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-18] (AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-08-12]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\h4pple99\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2015-06-24] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{414FCED5-01D5-4364-8232-DEEAADE4E362}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{8D1082C1-5AE6-4177-AAED-D5F9BD04EF82}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3547628435-3712409865-1790832751-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-3547628435-3712409865-1790832751-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-3547628435-3712409865-1790832751-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-3547628435-3712409865-1790832751-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-18] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-25] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-18] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-25] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-30] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll [2012-07-16] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2012-12-19] (Verimatrix, Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3547628435-3712409865-1790832751-1002: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2012-12-19] (Verimatrix, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-18]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-18]

Chrome:
=======
CHR HomePage: Default -> hxxp://start.icq.com/
CHR StartupUrls: Default -> "hxxp://websearch.pu-results.info/?pid=625&r=2013/03/17&hid=1086573019&lg=EN&cc=SK","hxxp://isearch.omiga-plus.com/?type=hp&ts=1404473379&from=smt&uid=ST1000LM024XHN-M101MBB_S2SMJ9ED542223","hxxp://www.delta-homes.com/?type=hp&ts=1419416 ... J9ED542223"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (Google Search) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (AdBlock) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-08]
CHR Extension: (Gmail) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-30]
CHR Profile: C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-13]
CHR Extension: (Google Docs) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-13]
CHR Extension: (Google Drive) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-13]
CHR Extension: (YouTube) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-13]
CHR Extension: (Google Search) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-13]
CHR Extension: (Avast SafePrice) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-01-13]
CHR Extension: (Google Sheets) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-13]
CHR Extension: (Avast Online Security) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-13]
CHR Extension: (Google Wallet) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-13]
CHR Extension: (Gmail) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-18]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-18] (AVAST Software)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2014-12-25] (Alcohol Soft Development Team)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-04-02] (BitRaider, LLC)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [953720 2012-08-26] (Broadcom Corporation.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 Lenovo Smart Update Service; C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update Service.exe [66640 2012-07-18] (Lenovo)
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-07-16] (Nitro PDF Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-23] (Electronic Arts)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2014-12-25] (StarWind Software) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-12-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-12-25] (Microsoft Corporation)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-18] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-18] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2015-12-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [451040 2015-12-18] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-18] (AVAST Software)
U3 axscsidrv; C:\Windows\System32\Drivers\axscsidrv.sys [293888 2014-12-25] (Alcohol Soft Development Team)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-04-03] (BitRaider)
U3 dtscsidrv; C:\Windows\System32\Drivers\dtscsidrv.sys [309248 2014-12-25] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-12-25] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [43664 2015-05-24] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8222736 2012-06-15] (Realtek Semiconductor Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-12-25] (Duplex Secure Ltd.)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35320 2014-12-25] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [258368 2014-12-25] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-12-25] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-04 21:27 - 2015-06-23 20:04 - 00112640 _____ (forum.viry.cz) C:\Users\h4pple99\Desktop\FRSTLauncher.exe
2016-01-04 20:13 - 2016-01-04 20:13 - 01745920 _____ C:\Users\h4pple99\Desktop\adwcleaner_5.027.exe
2016-01-04 19:12 - 2016-01-04 21:28 - 00022791 _____ C:\Users\h4pple99\Desktop\FRST.txt
2016-01-04 19:06 - 2016-01-04 19:06 - 02370560 _____ (Farbar) C:\Users\h4pple99\Desktop\FRST64.exe
2016-01-04 16:37 - 2016-01-04 16:38 - 00000222 _____ C:\Users\h4pple99\Desktop\Heroes & Generals.url
2016-01-04 15:24 - 2016-01-04 15:26 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\Ubisoft
2016-01-02 13:49 - 2016-01-02 13:49 - 00000000 ____D C:\Users\h4pple99\Downloads\RYTMUS.sidliskovy.sen.2015.DVDRip.XviD.CZ-TreZzoR
2016-01-02 13:47 - 2016-01-02 13:47 - 00000000 ____D C:\Users\h4pple99\Downloads\Ted.2.2015.BDRip.XviD.CZ-TreZzoR
2016-01-02 13:39 - 2016-01-02 13:46 - 1872568320 ____R C:\Users\h4pple99\Downloads\Maze.Runner.The.Scorch.Trials.2015.BDRip.XviD.AC3.CZ-Worm.avi
2016-01-02 13:31 - 2016-01-02 16:54 - 1262449266 _____ C:\Users\h4pple99\Downloads\Hitman.Agent.47.2015.BDRip.x264.CZ-TreZzoR.mkv
2016-01-02 13:30 - 2016-01-02 13:37 - 1351063552 ____R C:\Users\h4pple99\Downloads\Vacation.2015.BDRip.XviD.AC3.CZ-Worm.avi
2016-01-02 13:24 - 2016-01-02 13:29 - 1437431808 ____R C:\Users\h4pple99\Downloads\Nesmrtelný 2015 Cz dab..avi
2016-01-02 08:12 - 2016-01-02 08:27 - 00000000 ____D C:\Users\h4pple99\AppData\Local\Warframe
2016-01-01 13:10 - 2016-01-01 13:13 - 785940480 ____R C:\Users\h4pple99\Downloads\Jeden musí z kola ven Tinker Tailor Soldier Spy (2011).avi
2016-01-01 12:35 - 2016-01-01 12:40 - 964165632 ____R C:\Users\h4pple99\Downloads\Child.44.2015.BDRip.XviD.CZ-HiDE.avi
2016-01-01 12:30 - 2016-01-01 12:48 - 752730112 ____R C:\Users\h4pple99\Downloads\The Grey.avi
2015-12-29 22:10 - 2015-12-29 22:10 - 00001759 _____ C:\Users\Public\Desktop\Prison Architect.lnk
2015-12-29 22:10 - 2015-12-29 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prison Architect [GOG.com]
2015-12-29 00:52 - 2016-01-04 20:26 - 00003432 _____ C:\WINDOWS\System32\Tasks\SteamClient
2015-12-29 00:52 - 2015-12-29 00:52 - 00001493 _____ C:\Users\Public\Desktop\Life Is Strange.lnk
2015-12-29 00:52 - 2015-12-29 00:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Life Is Strange
2015-12-29 00:28 - 2015-12-30 19:01 - 00000000 ____D C:\Program Files (x86)\Life Is Strange
2015-12-28 22:22 - 2015-12-28 22:22 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\MMFApplications
2015-12-28 22:15 - 2015-12-29 21:50 - 00000000 ____D C:\Users\h4pple99\AppData\Local\Introversion
2015-12-25 22:44 - 2015-12-25 22:53 - 00000000 ____D C:\Users\h4pple99\Downloads\Everest.2015.HDRip.XViD-ETRG
2015-12-18 21:00 - 2015-12-18 21:05 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\MultiBitHD
2015-12-18 20:57 - 2015-12-18 20:57 - 00001992 _____ C:\Users\Public\Desktop\MultiBit HD.lnk
2015-12-18 20:57 - 2015-12-18 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiBit HD
2015-12-18 20:56 - 2015-12-18 20:57 - 00000000 ____D C:\Program Files\MultiBit HD
2015-12-18 07:43 - 2015-12-18 07:43 - 00386096 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-12-18 07:43 - 2015-12-18 07:43 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-12-15 21:26 - 2015-12-15 21:26 - 00000219 _____ C:\Users\h4pple99\Desktop\Counter-Strike Global Offensive.url

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-04 21:28 - 2015-08-06 19:49 - 00000000 ____D C:\FRST
2016-01-04 20:46 - 2015-08-30 09:29 - 00000958 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-04 20:44 - 2013-08-17 21:21 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2016-01-04 20:33 - 2014-12-24 17:20 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\Nitro PDF
2016-01-04 20:27 - 2015-10-20 14:20 - 00003490 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2016-01-04 20:22 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-04 20:21 - 2015-08-06 20:38 - 00000000 ____D C:\AdwCleaner
2016-01-04 19:13 - 2014-09-24 06:35 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-04 19:13 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-01-04 18:49 - 2014-12-25 11:44 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-01-04 18:47 - 2015-03-26 21:05 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-01-04 18:47 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2016-01-04 18:42 - 2015-10-30 15:28 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-04 17:35 - 2015-01-22 21:22 - 00000000 ____D C:\Users\h4pple99\AppData\LocalLow\Heroes and Generals
2016-01-04 17:25 - 2015-05-17 15:01 - 00003974 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B98C943C-C770-4D89-B63D-386C9D33D4FF}
2016-01-04 16:58 - 2014-12-25 10:22 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3547628435-3712409865-1790832751-1002
2016-01-04 16:44 - 2014-12-25 02:11 - 00000000 ____D C:\Users\h4pple99
2016-01-04 15:35 - 2015-03-13 11:18 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2016-01-04 15:35 - 2015-03-13 11:18 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2016-01-04 15:35 - 2013-08-12 14:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-04 15:32 - 2014-12-24 12:11 - 00000000 ____D C:\Users\h4pple99\AppData\Local\Packages
2016-01-04 15:32 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-04 15:23 - 2013-08-30 12:15 - 00000000 ____D C:\Games
2016-01-04 01:25 - 2014-12-25 20:11 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\uTorrent
2016-01-04 01:02 - 2014-12-25 20:26 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\vlc
2016-01-03 22:53 - 2014-12-28 09:09 - 00000000 ____D C:\Users\h4pple99\AppData\Local\Deployment
2016-01-03 15:19 - 2014-12-25 11:38 - 01223168 ___SH C:\Users\h4pple99\Desktop\Thumbs.db
2016-01-03 05:41 - 2015-03-26 21:05 - 00003858 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-01-02 14:47 - 2015-01-22 20:29 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-02 14:15 - 2015-11-23 19:32 - 00040448 ___SH C:\Users\h4pple99\Downloads\Thumbs.db
2016-01-02 14:06 - 2014-12-25 18:36 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\Skype
2016-01-02 06:37 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-31 22:42 - 2014-12-25 13:24 - 00000000 ____D C:\Users\h4pple99\AppData\Local\Battle.net
2015-12-31 21:58 - 2013-10-24 14:33 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-12-29 21:50 - 2015-01-22 21:22 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\NVIDIA
2015-12-29 11:28 - 2015-02-16 11:45 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\Steam
2015-12-29 01:12 - 2013-08-16 12:24 - 00000000 ____D C:\Users\h4pple99\Documents\My Games
2015-12-28 22:21 - 2015-01-28 16:46 - 00000000 ____D C:\GOG Games
2015-12-27 15:31 - 2014-11-05 22:46 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-12-27 14:12 - 2013-10-24 14:38 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-12-23 15:14 - 2015-12-01 11:45 - 00000000 ____D C:\Users\h4pple99\Downloads\S4
2015-12-23 00:30 - 2015-09-24 14:54 - 00001178 _____ C:\Users\Public\Desktop\FIFA 16.lnk
2015-12-23 00:27 - 2014-12-25 12:30 - 00000000 ____D C:\ProgramData\Origin
2015-12-23 00:27 - 2013-09-10 18:40 - 00000000 ____D C:\Program Files (x86)\Origin
2015-12-18 19:43 - 2014-12-25 11:44 - 00451040 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-12-18 19:43 - 2014-12-25 11:44 - 00097648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2015-12-18 07:43 - 2014-12-25 11:44 - 00273784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-12-18 07:43 - 2014-12-25 11:44 - 00155304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-12-18 07:43 - 2014-12-25 11:44 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-12-18 07:43 - 2014-12-25 11:44 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-12-18 07:43 - 2014-12-25 11:44 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-12-18 07:42 - 2014-12-25 11:44 - 01055560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-12-16 20:50 - 2014-12-24 18:26 - 00002226 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-12 22:08 - 2013-09-15 18:10 - 00000000 ____D C:\Users\h4pple99\Documents\Dokumenty
2015-12-09 19:29 - 2015-03-21 10:15 - 00003854 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1378842729
2015-12-09 19:29 - 2013-09-10 20:52 - 00000000 ____D C:\Program Files (x86)\Opera
2015-12-09 11:03 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps

==================== Files in the root of some directories =======

2014-12-24 17:10 - 2014-12-25 18:24 - 0006379 _____ () C:\Users\h4pple99\AppData\Roaming\AbsoluteReminder.xml
2015-06-13 20:21 - 2015-06-13 20:22 - 0003584 _____ () C:\Users\h4pple99\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-06 22:11 - 2015-08-06 22:11 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\h4pple99\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\h4pple99\Desktop" je 57 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
CHR HomePage: Default -> hxxp://start.icq.com/
CHR StartupUrls: Default -> "hxxp://websearch.pu-results.info/?pid=625&r=2013/03/17&hid=1086573019&lg=EN&cc=SK","hxxp://isearch.omiga-plus.com/?type=hp&ts=1404473379&from=smt&uid=ST1000LM024XHN-M101MBB_S2SMJ9ED542223","hxxp://www.delta-homes.com/?type=hp&ts=1419416 ... J9ED542223"
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\System32\Tasks\AutoKMS
C:\Users\h4pple99\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl
C:\Users\h4pple99\AppData\Local\Temp
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[h4pple]

no takze mensi problemik znovu....po fixe sa PC restartoval a uz nenahodil ten "steamhelper update" ale nahodil error... aj by som to odscreenoval lenze ked som chcel ulozit cez skicar obrazok nedovolilo mi to v akomkolvek formate a na ploche ostali subory ktore sa tvaria ako obrazok ale niesu obrazok maju 0bytov a nejdu ani odstranit(tie ktore som chcel ulozit ako screen erroru)...vidim ich ze su tam no pise ze ziadna polozka sa uz nenachadza v priecinku....k tomu erroru, znie takto: "Unable to execute file in the temporary directory setup aborted. error2:System nemoze najst zadany subor." tolko k tomu

EDIT: update z dneska, po zapnuti PC znova ten isty steamhelper update...ja uz naozaj nechapem co to sakra je


fixlog:



Fix result of Farbar Recovery Scan Tool (x64) Version:31-12-2015
Ran by h4pple99 (2016-01-04 22:35:53) Run:2
Running from C:\Users\h4pple99\Desktop
Loaded Profiles: h4pple99 (Available Profiles: h4pple99 & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
CHR HomePage: Default -> hxxp://start.icq.com/
CHR StartupUrls: Default -> "hxxp://websearch.pu-results.info/?pid=625&r=2013/03/17&hid=1086573019&lg=EN&cc=SK","hxxp://isearch.omiga-plus.com/?type=hp&ts=1404473379&from=smt&uid=ST1000LM024XHN-M101MBB_S2SMJ9ED542223","hxxp://www.delta-homes.com/?type=hp&ts=1419416 ... J9ED542223"
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\System32\Tasks\AutoKMS
C:\Users\h4pple99\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl
C:\Users\h4pple99\AppData\Local\Temp
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
Chrome HomePage => removed successfully
Chrome StartupUrls => removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully
C:\Users\h4pple99\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.

"C:\Users\h4pple99\AppData\Local\Temp" folder move:

Could not move "C:\Users\h4pple99\AppData\Local\Temp" => Scheduled to move on reboot.

C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-01-04 22:37:54)

C:\ProgramData\DP45977C.lfl => Is moved successfully
C:\Users\h4pple99\AppData\Local\Temp => moved successfully

==== End of Fixlog 22:37:56 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[h4pple]

no asi ste prehliadli to co som este vcera respektive dnes pisal

"no takze mensi problemik znovu....po fixe sa PC restartoval a uz nenahodil ten "steamhelper update" ale nahodil error... aj by som to odscreenoval lenze ked som chcel ulozit cez skicar obrazok nedovolilo mi to v akomkolvek formate a na ploche ostali subory ktore sa tvaria ako obrazok ale niesu obrazok maju 0bytov a nejdu ani odstranit(tie ktore som chcel ulozit ako screen erroru)...vidim ich ze su tam no pise ze ziadna polozka sa uz nenachadza v priecinku....k tomu erroru, znie takto: "Unable to execute file in the temporary directory setup aborted. error2:System nemoze najst zadany subor." tolko k tomu" - toto som pisal vcera ked som hadzaoval log

update z dneska, po zapnuti PC znova ten isty steamhelper update...tie suobry s obrazkami tam uz neboli"

ten steamhelper nevypada ako virus ale fakt ma to tam stve, inak sranda, ze hned po tom fixe uz sa nebjavil a miesto toho bol ten error a teraz znovu..

[Rudy]

Ale četl. Po každém mazání musím vědět, jak se PC chová. Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

[h4pple]

scan prebehol uspesne...musel som nastavit vlastny scan pretoze uplny scan som bud prehliadol alebo tam nebol ale odfajkal som kazdu moznost aj rootkity aj kazdy disk som nechal prescanovat...a ten steamhelper naslo vdaka bohu...tu je log, nic som nemazal zatial....



Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 5.1.2016
Čas skenování: 18:03
Protokol: MBAM.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2016.01.05.04
Databáze rootkitů: v2015.12.26.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: h4pple99

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 1540482
Uplynulý čas: 8 hod, 22 min, 29 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Sken hloubkových rootkitů: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 1
PUP.Optional.SteamClient, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SteamClient, , [0afef046940547ef35040bb49a689d63],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 2
PUP.Optional.SteamClient, C:\Users\h4pple99\AppData\Roaming\Steam\SteamHelper.exe, , [f90f75c193069a9c71c56b5407fbbc44],
PUP.Optional.SteamClient, C:\Windows\System32\Tasks\SteamClient, , [8484dd591a7f3ef842f57e4189793cc4],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Rudy]

Všechny nalezené položky smažte.

[h4pple]

zmazane, myslim ze sa problem vyriesl, dakujem

[Rudy]

To jsem rád a nemáte zač!