VIRY.CZ

Dobrý den, rád bych Vás poprosil o kontrolu mého ntb. Je to už starší ntb, ale nechce se mi ho celý reinstalvoat a rád bych ho dostal do nějakého použivatelného stavu. Starty systému trvají předlouho, vlastně všechno trvá tak dlouho, plus často pozoruji neobvyklé chování her a programů. Například jsem si všiml, že jsem měl několikrát zapnutý proces iexplorer.exe a po jeho vypnutí, mi přestal hučet větráček na celou místnost. Nicméně aplikace se zase znovu zapnula. Zkontrolujte mi prosím logy, jak jsem na tom. Děkuji

Logfile of random's system information tool 1.09 (written by random/random)
Run by Easy at 2014-04-02 00:49:30
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 13 GB (13%) free of 100 GB
Total RAM: 3830 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:49:34, on 2.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Users\Easy\AppData\Roaming\Adobe\WmiPrv\WmiPrvSE.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
C:\Windows\SysWOW64\regsvr32.exe
C:\Users\Easy\AppData\Roaming\Capyqiu\ewufoz.exe
C:\Users\Easy\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Steam\Steam.exe
D:\Games\Dota 2\steamapps\common\dota 2 beta\dota.exe
C:\Program Files (x86)\Steam\GameOverlayUI.exe
C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.82\opera_crashreporter.exe
C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Easy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=16194
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchsun.info/?pid=72 ... g=EN&cc=CZ
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MediaViewV1alpha6498 - {0e2cb2a4-35e4-4ab1-aa50-310aee21d7fb} - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6498\ie\MediaViewV1alpha6498.dll
O2 - BHO: Microsoft Web Test Recorder 12.0 Helper - {432dd630-7e03-4c97-9d62-b99f52df4fc2} - C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O2 - BHO: weBsaVe - {5C663553-2F86-28CB-04B6-ADBD67B6CE6B} - C:\Program Files (x86)\weBsaVe\4f2ujEts.dll
O2 - BHO: Search-NewTab - {6B48303E-1A81-E583-E093-3901A218CCDB} - C:\Program Files (x86)\Search-NewTab\Jm.dll
O2 - BHO: YoutubeAdblocker - {747BD38C-6E5E-BAEC-21E7-F9F5AAE99839} - C:\Program Files (x86)\YoutubeAdblocker\IhTIrymTp.dll
O2 - BHO: MediaWatchV1home2068 - {809bf73f-342d-4e85-9fa5-9c6b72aa245d} - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2068\ie\MediaWatchV1home2068.dll
O2 - BHO: SeaRch-NewTab - {ABC43D27-3E84-03DA-5C71-36E92DD58006} - C:\Program Files (x86)\SeaRch-NewTab\Pk9dfsNBN.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: websave - {B85E8218-2998-6E43-39D7-9E8DC4BA219E} - C:\Program Files (x86)\websave\GrnL4Ta5.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - (no file)
O2 - BHO: MediaViewV1alpha2733 - {f539bd67-1f73-455e-a93b-fb30b517bc4a} - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2733\ie\MediaViewV1alpha2733.dll
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [Aqalawsulytaila] C:\Users\Easy\AppData\Roaming\Capyqiu\ewufoz.exe
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Easy\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Easy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Easy\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\Run: [WmiPrv] C:\Users\Easy\AppData\Roaming\Adobe\WmiPrv\WmiPrvSE.exe
O4 - HKCU\..\Run: [Ipsoft] regsvr32.exe C:\Users\Easy\AppData\Local\Ipsoft\lsvxd.dll
O4 - HKCU\..\Run: [Aqalawsulytaila] C:\Users\Easy\AppData\Roaming\Capyqiu\ewufoz.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files (x86)\Offline Explorer\Add_UrlO.htm
O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files (x86)\Offline Explorer\Add_AllO.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~4\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: (no name) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~3\assist~1\assist~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Automation License Manager Service (almservice) - SIEMENS AG - C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: BR.AS.VersionChangerService - Bernecker + Rainer, Industrie-Elektronik Ges.m.b.H., A-5142 Austria, Europe - C:\Windows\SysWOW64\BR.AS.VersionChangerService.exe
O23 - Service: B&R Authorization (BrAuthorizationSvcx) - Bernecker + Rainer, Industrie-Elektronik Ges.m.b.H, A-5142, Austria, Europe - C:\BrAutomation\AsTools\BrAuthorization\BrAuthorizationSvc.exe
O23 - Service: B&R Disk Image (BrDiskImageSvcx) - Bernecker + Rainer, Industrie-Elektronik Ges.m.b.H, A-5142, Austria, Europe - C:\BrAutomation\PVI\V3.00.02\PVI\Tools\PviTransfer\BrDiskImageSvc.exe
O23 - Service: @%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000 (c2wts) - Unknown owner - C:\Program Files (x86)\Windows Identity Foundation\v3.5\c2wtshost.exe (file missing)
O23 - Service: DisplayLinkManager (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: ODMV3 - Hilscher GmbH - C:\Program Files (x86)\Common Files\Hilscher\ODMV3\ODMV3.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: SIMATIC IEPG Help Service (s7oiehsx64) - SIEMENS AG - C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe
O23 - Service: S7TraceServiceX - SIEMENS AG - C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 13473 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
"C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe"
"C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe"
atieclxx
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE" "C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe"
C:\Windows\system32\WLANExt.exe 41354192
\??\C:\Windows\system32\conhost.exe "-2401861071530426128127239168-1557228804421813730-2056815248-1131096612-1043504793
C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\rundll32.exe" "c:\progra~3\assist~1\AssistantSvc.dll",service
"C:\Windows\system32\rundll32.exe" "c:\progra~3\assist~1\AssistantSvc.dll",service
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe"
C:\BrAutomation\AsTools\BrAuthorization\BrAuthorizationSvc.exe
"C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe"
"C:\PROGRAM FILES\COMMON FILES\SIEMENS\ALMPANELPLUGIN\ALMPANELPLUGIN.EXE" -Embedding
"taskhost.exe"
taskeng.exe {F9101A32-42DF-431D-897F-D63DD76173B6}
c:\programdata\hostit\ws-booster\WS-Booster.exe /schedule /profile "c:\programdata\hostit\ws-booster\1884037147.ini"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
"C:\Users\Easy\AppData\Roaming\Adobe\WmiPrv\WmiPrvSE.exe"
"C:\Windows\System32\regsvr32.exe" C:\Users\Easy\AppData\Local\Ipsoft\lsvxd.dll
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"C:\Program Files (x86)\Mobogenie\DaemonProcess.exe"
C:\Users\Easy\AppData\Local\Ipsoft\lsvxd.dll
"C:\Users\Easy\AppData\Roaming\Capyqiu\ewufoz.exe"
szndesktop.exe default start
"C:\Users\Easy\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "-1270895207-165705909612247338887103968511439719502095407269636124374-193585130
"C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe"
"C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7epasrv64x.exe"
"C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\PNIOMGR.exe" --start 0
\??\C:\Windows\system32\conhost.exe "737800342-4114725801929905632-1880639119742199778-261041774-1820006428-693477999
C:\Windows\SysWOW64\pniopcac.exe 0 {11D91DBA-4D98-4F43-8A39-1E3E2EE098A4}
C:\Windows\SysWOW64\pniopcac.exe 0 {3EA24257-41B0-49AB-8D7E-C42DCE87370F}
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"D:\Games\Dota 2\steamapps\common\dota 2 beta\dota.exe" -game dota -steam -novid -console
C:\Program Files (x86)\Steam\GameOverlayUI.exe -pid 3932 -manuallyclearframes 0
"C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe" --ran-launcher /crash-reporter-parent-id=1012
"C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe" --type=gpu-process --channel="1012.0.677848166\1474046533" --crash-reporter-pid=2160 --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,27 --reduce-gpu-sandbox --gpu-vendor-id=0x1002 --gpu-device-id=0x68e0 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.743.2.5000 --crash-reporter-pid=2160 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=2160 --channel="1012.2.1695485015\395935538" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=2160 --channel="1012.3.2058358066\1748816134" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=2160 --channel="1012.5.1360104926\632945521" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll" --lang=cs --channel="1012.11.2024505391\791149085" --crash-reporter-pid=2160 /prefetch:-390060480
"C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe" --type=plugin --plugin-path="C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll" --lang=cs --channel="1012.12.556975529\1418030686" --crash-reporter-pid=2160 /prefetch:-390060480
C:\Windows\system32\msiexec.exe /V
C:\Windows\System32\svchost.exe -k swprv
taskmgr.exe /2
"C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=2160 --channel="1012.14.1601171979\1102178866" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=2160 --channel="1012.15.428588321\225793698" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=2160 --channel="1012.16.1201513420\1845819642" /prefetch:673131151
"C:\Program Files\Internet Explorer\iexplore.exe" -Embedding -noframemerging -private
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4716 CREDAT:267521 /prefetch:2
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Users\Easy\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AmiUpdXp.job
C:\Windows\tasks\Driver Booster Update.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2378380575-1943291218-1237148033-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2378380575-1943291218-1237148033-1000UA.job
C:\Windows\tasks\Security Center Update - 3921653254.job
C:\Windows\tasks\WS-Booster-S-1884037147.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-01-07 2486592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C663553-2F86-28CB-04B6-ADBD67B6CE6B}]
weBsaVe - C:\Program Files (x86)\weBsaVe\4f2ujEts.x64.dll [2013-03-07 472064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B48303E-1A81-E583-E093-3901A218CCDB}]
Search-NewTab - C:\Program Files (x86)\Search-NewTab\Jm.x64.dll [2013-03-07 472064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{747BD38C-6E5E-BAEC-21E7-F9F5AAE99839}]
YoutubeAdblocker - C:\Program Files (x86)\YoutubeAdblocker\IhTIrymTp.x64.dll [2013-03-07 472064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-08-03 553896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABC43D27-3E84-03DA-5C71-36E92DD58006}]
SeaRch-NewTab - C:\Program Files (x86)\SeaRch-NewTab\Pk9dfsNBN.x64.dll [2013-03-07 472064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B85E8218-2998-6E43-39D7-9E8DC4BA219E}]
websave - C:\Program Files (x86)\websave\GrnL4Ta5.x64.dll [2014-03-07 472064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-08-03 211880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0e2cb2a4-35e4-4ab1-aa50-310aee21d7fb}]
Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6498\ie\MediaViewV1alpha6498.dll [2014-02-27 87040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{432dd630-7e03-4c97-9d62-b99f52df4fc2}]
Microsoft Web Test Recorder 12.0 Helper - C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05 71520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C663553-2F86-28CB-04B6-ADBD67B6CE6B}]
weBsaVe - C:\Program Files (x86)\weBsaVe\4f2ujEts.dll [2014-03-07 423936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B48303E-1A81-E583-E093-3901A218CCDB}]
Search-NewTab - C:\Program Files (x86)\Search-NewTab\Jm.dll [2013-03-07 423936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{747BD38C-6E5E-BAEC-21E7-F9F5AAE99839}]
YoutubeAdblocker - C:\Program Files (x86)\YoutubeAdblocker\IhTIrymTp.dll [2014-03-07 423936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{809bf73f-342d-4e85-9fa5-9c6b72aa245d}]
Media Watch - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2068\ie\MediaWatchV1home2068.dll [2014-03-20 87040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABC43D27-3E84-03DA-5C71-36E92DD58006}]
SeaRch-NewTab - C:\Program Files (x86)\SeaRch-NewTab\Pk9dfsNBN.dll [2013-03-07 423936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B85E8218-2998-6E43-39D7-9E8DC4BA219E}]
websave - C:\Program Files (x86)\websave\GrnL4Ta5.dll [2014-03-07 423936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-10-17 669504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f539bd67-1f73-455e-a93b-fb30b517bc4a}]
Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2733\ie\MediaViewV1alpha2733.dll [2014-02-27 87040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-03 2174760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 7"=C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2013-10-28 2283296]
"cz.seznam.software.autoupdate"=C:\Users\Easy\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Easy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"NextLive"=C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544]
"WmiPrv"=C:\Users\Easy\AppData\Roaming\Adobe\WmiPrv\WmiPrvSE.exe [2014-03-04 580096]
"Ipsoft"=regsvr32.exe C:\Users\Easy\AppData\Local\Ipsoft\lsvxd.dll []
"Aqalawsulytaila"=C:\Users\Easy\AppData\Roaming\Capyqiu\ewufoz.exe [2014-02-07 280576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGupdate]
c:\program files (x86)\appgraffiti\agupdate.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cisco AnyConnect Secure Mobility Agent for Windows]
c:\program files (x86)\cisco\cisco anyconnect secure mobility client\vpnui.exe [2013-07-19 703888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
c:\program files (x86)\daemon tools lite\dtlite.exe [2013-07-03 3673184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Printsrv]
c:\windows\system32\printing_admin_scripts\en-us\pubpr.vbs []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiemensAutomationFileStorage]
d:\portal v12\bin\siemens.automation.objectframe.filestorage.server.exe [2013-02-14 922112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files (x86)\steam\steam.exe [2014-02-25 1821888]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2013-08-26 1989920]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [2014-02-14 775872]
"Aqalawsulytaila"=C:\Users\Easy\AppData\Roaming\Capyqiu\ewufoz.exe [2014-02-07 280576]

[HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Aqalawsulytaila"=C:\Users\Easy\AppData\Roaming\Capyqiu\ewufoz.exe [2014-02-07 280576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\PROGRA~3\ASSIST~1\ASSIST~2.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 month======

2014-04-02 00:49:30 ----D---- C:\rsit
2014-04-02 00:49:30 ----D---- C:\Program Files\trend micro
2014-03-26 22:13:42 ----D---- C:\Program Files (x86)\Git
2014-03-23 22:23:34 ----D---- C:\ProgramData\Assistant
2014-03-23 15:44:42 ----D---- C:\Program Files (x86)\MediaWatchV1
2014-03-20 14:12:22 ----D---- C:\Users\Easy\AppData\Roaming\Offline Explorer
2014-03-20 14:12:07 ----D---- C:\download
2014-03-20 14:07:41 ----D---- C:\Program Files (x86)\Offline Explorer
2014-03-20 13:59:30 ----D---- C:\Program Files (x86)\WinHTTrack
2014-03-13 16:54:31 ----A---- C:\Windows\system32\wwansvc.dll
2014-03-13 16:54:30 ----A---- C:\Windows\SYSWOW64\wer.dll
2014-03-13 16:54:30 ----A---- C:\Windows\system32\wer.dll
2014-03-13 16:54:28 ----A---- C:\Windows\system32\win32k.sys
2014-03-13 16:54:27 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-03-13 16:54:27 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-03-13 16:54:27 ----A---- C:\Windows\system32\iertutil.dll
2014-03-13 16:54:27 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 16:54:26 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-03-13 16:54:26 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-03-13 16:54:26 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-03-13 16:54:26 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-03-13 16:54:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-03-13 16:54:25 ----A---- C:\Windows\system32\iernonce.dll
2014-03-13 16:54:24 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-03-13 16:54:24 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-03-13 16:54:24 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-03-13 16:54:24 ----A---- C:\Windows\system32\urlmon.dll
2014-03-13 16:54:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-03-13 16:54:23 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-03-13 16:54:23 ----A---- C:\Windows\system32\msfeeds.dll
2014-03-13 16:54:23 ----A---- C:\Windows\system32\iesetup.dll
2014-03-13 16:54:23 ----A---- C:\Windows\system32\ie4uinit.exe
2014-03-13 16:54:22 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-03-13 16:54:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-03-13 16:54:22 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-03-13 16:54:22 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-03-13 16:54:21 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-03-13 16:54:21 ----A---- C:\Windows\system32\jsproxy.dll
2014-03-13 16:54:21 ----A---- C:\Windows\system32\ieui.dll
2014-03-13 16:54:21 ----A---- C:\Windows\system32\ieframe.dll
2014-03-13 16:54:21 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-03-13 16:54:20 ----A---- C:\Windows\system32\wininet.dll
2014-03-13 16:54:20 ----A---- C:\Windows\system32\jscript9diag.dll
2014-03-13 16:54:20 ----A---- C:\Windows\system32\jscript9.dll
2014-03-13 16:54:20 ----A---- C:\Windows\system32\ieUnatt.exe
2014-03-13 16:54:20 ----A---- C:\Windows\system32\ieapfltr.dll
2014-03-13 16:54:19 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 16:54:19 ----A---- C:\Windows\system32\msrating.dll
2014-03-13 16:54:19 ----A---- C:\Windows\system32\mshtml.dll
2014-03-13 16:54:18 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-03-13 16:54:18 ----A---- C:\Windows\system32\qedit.dll
2014-03-13 16:54:17 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-03-13 16:54:17 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-03-10 17:49:58 ----ASH---- C:\pagefile.sys
2014-03-10 00:44:41 ----SHD---- C:\Config.Msi
2014-03-10 00:43:28 ----A---- C:\AVScanner.ini
2014-03-07 02:43:26 ----D---- C:\ProgramData\SeaRch-NewTab
2014-03-07 02:43:25 ----D---- C:\Program Files (x86)\SeaRch-NewTab
2014-03-07 02:42:45 ----D---- C:\ProgramData\HostIt
2014-03-07 02:42:40 ----D---- C:\Program Files (x86)\WS-Booster
2014-03-07 02:42:24 ----D---- C:\ProgramData\YoutubeAdblocker
2014-03-07 02:42:24 ----D---- C:\Program Files (x86)\YoutubeAdblocker
2014-03-07 02:42:18 ----D---- C:\ProgramData\websave
2014-03-07 02:42:17 ----D---- C:\Program Files (x86)\websave
2014-03-07 02:42:11 ----D---- C:\ProgramData\3222838959d7ca7c
2014-03-05 22:23:37 ----D---- C:\Users\Easy\AppData\Roaming\Capyqiu
2014-03-03 10:16:33 ----SHD---- C:\found.002

======List of files/folders modified in the last 1 month======

2014-04-02 00:49:32 ----D---- C:\Windows\Temp
2014-04-02 00:49:30 ----RD---- C:\Program Files
2014-04-02 00:45:58 ----SHD---- C:\Windows\Installer
2014-04-02 00:45:58 ----D---- C:\Program Files (x86)
2014-04-02 00:45:56 ----D---- C:\Windows\system32\Tasks
2014-04-02 00:44:05 ----SHD---- C:\System Volume Information
2014-04-02 00:23:32 ----D---- C:\Program Files (x86)\Steam
2014-04-02 00:19:40 ----D---- C:\Windows\System32
2014-04-02 00:19:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-02 00:16:23 ----D---- C:\Users\Easy\AppData\Roaming\Seznam.cz
2014-04-02 00:13:11 ----D---- C:\Windows\debug
2014-04-02 00:12:21 ----D---- C:\Windows\Prefetch
2014-04-02 00:11:13 ----D---- C:\Users\Easy\AppData\Roaming\newnext.me
2014-04-02 00:10:50 ----D---- C:\Users\Easy\AppData\Roaming\Adobe
2014-04-01 23:17:50 ----D---- C:\Users\Easy\AppData\Roaming\uTorrent
2014-04-01 14:23:10 ----D---- C:\Windows\system32\catroot2
2014-04-01 14:18:28 ----D---- C:\Windows\inf
2014-04-01 14:18:16 ----D---- C:\Windows
2014-04-01 14:18:09 ----D---- C:\Windows\SoftwareDistribution
2014-03-31 07:56:07 ----D---- C:\Users\Easy\AppData\Roaming\AIMP3
2014-03-26 22:06:50 ----D---- C:\Windows\system32\drivers\etc
2014-03-25 10:09:36 ----D---- C:\Windows\system32\config
2014-03-23 22:23:34 ----HD---- C:\ProgramData
2014-03-23 16:51:28 ----D---- C:\Windows\system32\MRT
2014-03-23 16:51:24 ----A---- C:\Windows\system32\MRT.exe
2014-03-23 15:45:43 ----A---- C:\extensions.ini
2014-03-21 16:56:53 ----D---- C:\Program Files (x86)\Opera
2014-03-20 14:07:45 ----D---- C:\Users
2014-03-19 17:20:51 ----D---- C:\Users\Easy\AppData\Roaming\Notepad++
2014-03-16 18:58:29 ----D---- C:\Users\Easy\AppData\Roaming\Skype
2014-03-16 15:32:00 ----D---- C:\Windows\winsxs
2014-03-16 15:27:10 ----D---- C:\Windows\SysWOW64
2014-03-16 15:27:09 ----D---- C:\Program Files\Internet Explorer
2014-03-16 15:27:09 ----D---- C:\Program Files (x86)\Internet Explorer
2014-03-16 04:03:54 ----D---- C:\ProgramData\Microsoft Help
2014-03-16 02:16:16 ----D---- C:\Program Files (x86)\MediaViewV1
2014-03-15 12:55:08 ----D---- C:\Program Files (x86)\Notepad++
2014-03-14 04:11:03 ----D---- C:\Program Files\Microsoft Silverlight
2014-03-14 04:11:03 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 16:54:13 ----D---- C:\Windows\system32\catroot
2014-03-12 16:27:28 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-03-10 15:18:23 ----D---- C:\Windows\Microsoft.NET
2014-03-10 15:18:21 ----RSD---- C:\Windows\assembly
2014-03-10 00:47:23 ----D---- C:\Program Files\Microsoft Office
2014-03-10 00:47:23 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-03-10 00:47:06 ----D---- C:\Program Files (x86)\Microsoft Office
2014-03-10 00:47:02 ----RSD---- C:\Windows\Fonts
2014-03-10 00:47:00 ----D---- C:\Windows\ShellNew
2014-03-10 00:47:00 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-03-10 00:46:52 ----D---- C:\Program Files\Common Files
2014-03-10 00:46:51 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-03-10 00:45:36 ----D---- C:\Program Files\Common Files\System
2014-03-10 00:45:36 ----A---- C:\Windows\win.ini
2014-03-07 02:45:54 ----D---- C:\ProgramData\InstallMate
2014-03-07 02:45:45 ----D---- C:\Windows\Tasks
2014-03-04 01:50:42 ----HD---- C:\Program Files\Uninstall Information
2014-03-04 01:50:42 ----D---- C:\Program Files\WinRAR
2014-03-04 01:50:42 ----D---- C:\Program Files\Windows Sidebar
2014-03-04 01:50:42 ----D---- C:\Program Files\Windows Portable Devices
2014-03-04 01:50:42 ----D---- C:\Program Files\Windows Photo Viewer
2014-03-04 01:50:42 ----D---- C:\Program Files\Windows NT
2014-03-04 01:50:42 ----D---- C:\Program Files\Windows Media Player
2014-03-04 01:50:42 ----D---- C:\Program Files\Windows Mail
2014-03-04 01:50:42 ----D---- C:\Program Files\Windows Journal
2014-03-04 01:50:42 ----D---- C:\Program Files\Windows Identity Foundation
2014-03-04 01:50:42 ----D---- C:\Program Files\Windows Defender
2014-03-04 01:50:42 ----D---- C:\Program Files\Synaptics
2014-03-04 01:50:42 ----D---- C:\Program Files\SharePoint Client Components
2014-03-04 01:50:42 ----D---- C:\Program Files\Reference Assemblies
2014-03-04 01:50:42 ----D---- C:\Program Files\NetBeans 7.3.1
2014-03-04 01:50:42 ----D---- C:\Program Files\MSBuild
2014-03-04 01:50:42 ----D---- C:\Program Files\Microsoft.NET
2014-03-04 01:50:42 ----D---- C:\Program Files\Microsoft Visual Studio 12.0
2014-03-04 01:50:42 ----D---- C:\Program Files\Microsoft Visual Studio 10.0
2014-03-04 01:50:42 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2014-03-04 01:50:42 ----D---- C:\Program Files\Microsoft SQL Server
2014-03-04 01:50:42 ----D---- C:\Program Files\Microsoft Identity Extensions
2014-03-04 01:50:42 ----D---- C:\Program Files\Microsoft Help Viewer
2014-03-04 01:50:42 ----D---- C:\Program Files\Microsoft Analysis Services
2014-03-04 01:50:42 ----D---- C:\Program Files\MATLAB
2014-03-04 01:50:42 ----D---- C:\Program Files\LSI SoftModem
2014-03-04 01:50:42 ----D---- C:\Program Files\Java
2014-03-04 01:50:42 ----D---- C:\Program Files\IIS Express
2014-03-04 01:50:42 ----D---- C:\Program Files\IIS
2014-03-04 01:50:42 ----D---- C:\Program Files\IDT
2014-03-04 01:50:42 ----D---- C:\Program Files\HP USB Docking Video
2014-03-04 01:50:42 ----D---- C:\Program Files\GIMP 2
2014-03-04 01:50:42 ----D---- C:\Program Files\DVD Maker
2014-03-04 01:50:42 ----D---- C:\Program Files\DisplayLink Core Software
2014-03-04 01:50:42 ----D---- C:\Program Files\Broadcom
2014-03-04 01:50:42 ----D---- C:\Program Files\ATI Technologies
2014-03-04 01:50:42 ----D---- C:\Program Files\ATI
2014-03-04 01:50:42 ----D---- C:\Program Files\Application Verifier
2014-03-03 18:56:01 ----SD---- C:\Users\Easy\AppData\Roaming\Microsoft
2014-03-03 18:15:07 ----D---- C:\Users\Easy\AppData\Roaming\Media Player Classic
2014-03-03 13:40:03 ----D---- C:\projects

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie64.sys [2010-03-09 16440]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-07-05 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-07-05 35344]
R2 s7ousbu64x;SIMATIC USB Service; C:\Windows\system32\DRIVERS\s7ousbu64x.sys [2012-12-19 213504]
R2 s7sn2srtx;PROFINET IO RT-Protocol V2.0; C:\Windows\system32\DRIVERS\s7sn2srtx.sys [2012-05-09 83032]
R2 SNTIE;SIMATIC Industrial Ethernet (ISO); C:\Windows\system32\DRIVERS\sntie.sys [2012-09-06 287016]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-08-13 1209856]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-03-16 6862848]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-03-16 264192]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2013-07-05 22632]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2014-01-29 4749008]
R3 dpmconv;SIMATIC NET DP Driver; C:\Windows\system32\DRIVERS\dpmconv.sys [2012-07-05 259072]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-01-29 888536]
R3 s7odpx2x64;SIMATIC Knotentaufe; C:\Windows\system32\DRIVERS\s7odpx2x64.sys [2012-12-19 71168]
R3 s7oppinx64;SIMATIC PPI Transport; C:\Windows\system32\DRIVERS\s7oppinx64.sys [2012-07-24 107520]
R3 s7oserix64;Siemens PC Serial Cable; C:\Windows\System32\Drivers\s7oserix64.sys [2012-07-24 121856]
R3 s7osmcax64;SIMATIC PC Adapter RS232; C:\Windows\system32\DRIVERS\s7osmcax64.sys [2012-07-24 199680]
R3 s7osobux64;SIMATIC SoftBus; C:\Windows\system32\DRIVERS\s7osobux64.sys [2012-07-24 153600]
R3 s7otmcd64x;SIMATIC Memory Cards; C:\Windows\System32\Drivers\s7otmcd64x.sys [2012-07-24 199680]
R3 s7otranx64;SIMATIC Transport; C:\Windows\system32\DRIVERS\s7otranx64.sys [2012-07-24 260096]
R3 s7otsadx64;SIMATIC TS Adapter RS232; C:\Windows\system32\DRIVERS\s7otsadx64.sys [2012-07-24 196096]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2011-05-09 1803904]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-09-08 515584]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-03 1379376]
R3 vsnl2ada;SIMATIC NET FDL Driver; C:\Windows\system32\DRIVERS\vsnl2ada.sys [2012-05-09 126976]
S1 FileDisk;FileDisk; C:\Windows\system32\drivers\FileDisk.sys []
S3 acsock;acsock; C:\Windows\system32\DRIVERS\acsock64.sys [2013-07-19 112080]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-01-08 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-08 239136]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\Windows\system32\DRIVERS\ss_bserd.sys [2009-09-19 128000]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2014-01-08 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2014-01-08 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 vpnva;Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64; C:\Windows\system32\DRIVERS\vpnva64-6.sys [2013-07-19 52080]
S4 RsFx0300;RsFx0300 Driver; C:\Windows\system32\DRIVERS\RsFx0300.sys [2013-10-04 247488]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 699fd52f;Assistant; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-10-25 878368]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-02 89600]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-03-27 16896]
R2 almservice;Automation License Manager Service; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe [2013-01-08 1608568]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-03-16 203264]
R2 BrAuthorizationSvcx;B&R Authorization; C:\BrAutomation\AsTools\BrAuthorization\BrAuthorizationSvc.exe [2008-12-18 40960]
R2 DisplayLinkService;DisplayLinkManager; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [2011-08-09 8329576]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-10-25 2151200]
R2 s7oiehsx64;SIMATIC IEPG Help Service; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [2013-01-07 141688]
R2 S7TraceServiceX;S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe [2013-01-07 472440]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2013-10-04 134336]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2010-09-08 271360]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]
R2 vpnagent;Cisco AnyConnect Secure Mobility Agent; C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2013-07-19 557968]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-02-25 568512]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 MSSQLSERVER;SQL Server (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [2013-10-04 370368]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S3 BR.AS.VersionChangerService;BR.AS.VersionChangerService; C:\Windows\SysWOW64\BR.AS.VersionChangerService.exe [2009-07-15 155648]
S3 BrDiskImageSvcx;B&R Disk Image; C:\BrAutomation\PVI\V3.00.02\PVI\Tools\PviTransfer\BrDiskImageSvc.exe [2010-11-11 61952]
S3 c2wts;@%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [2010-02-03 15768]
S3 fussvc;Windows App Certification Kit Fast User Switching Utility Service; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [2013-08-22 142336]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-01 111616]
S3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [2013-10-04 50880]
S3 ODMV3;ODMV3; C:\Program Files (x86)\Common Files\Hilscher\ODMV3\ODMV3.exe [2011-04-26 364544]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 SQLSERVERAGENT;SQL Server Agent (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [2013-10-04 612544]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Te.Service;Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [2013-08-22 119808]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 VsEtwService120;Visual Studio ETW Event Collection Service; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [2013-10-05 87728]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-07-06 1255736]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2013-10-04 270016]

-----------------EOF-----------------

ahoj
no hrozne ,,,
1. odinstaluj tuto megakravinu >> Advanced SystemCare 7
2. prescanuj PC s MBAM - rychla kontrola

ok stáhl jsem MBAM, akorát mi to Hyper scan nedovoluje, asi vlastnsot premia, tak jsem dal Threat Scan. Jinak jsem nechal NODa aby mi online projel ten ntb, dal jsem at zkontroluje všechno, i potenciálně nechtěné aplikace a zatím jsem na 108 hrozbách, tak to nechám dojet, projedu mezitím tim MBAMem a řeknu jak jsem dopadl Majitel bude nadšenej

tak hotovo, tady je log:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2.4.2014
Scan Time: 14:56:23
Logfile: sdsd.txt
Administrator: Yes

Version: 2.00.0.1000
Malware Database: v2014.04.02.04
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Easy

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 406116
Time Elapsed: 24 min, 2 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 3
PUP.Optional.MultiPlug.A, C:\ProgramData\HostIt\WS-Booster\WS-Booster.exe, 2372, , [642857ceea91f145be2f65c42ad713ed]
Trojan.BitMiner, C:\Users\Easy\AppData\Roaming\Adobe\WmiPrv\WmiPrvSE.exe, 2256, , [bcd0fa2b443759dd99771446d52c7888]
Trojan.Kryptik, C:\Users\Easy\AppData\Roaming\Capyqiu\ewufoz.exe, 2964, , [abe10124d9a239fd2974c9277c8739c7]

Modules: 8
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\websave\4f2ujEts.dll, , [91fb4adb9cdfec4acd87340ef908b749],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\websave\4f2ujEts.dll, , [91fb4adb9cdfec4acd87340ef908b749],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\SeaRch-NewTab\Jm.dll, , [c6c68c99f883d4623222083ad130e020],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\SeaRch-NewTab\Jm.dll, , [c6c68c99f883d4623222083ad130e020],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\SeaRch-NewTab\Pk9dfsNBN.dll, , [94f8eb3a413a82b42d27e45ef60b38c8],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\SeaRch-NewTab\Pk9dfsNBN.dll, , [94f8eb3a413a82b42d27e45ef60b38c8],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\websave\GrnL4Ta5.dll, , [a5e72500eb902c0ada7a4200768bb44c],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\websave\GrnL4Ta5.dll, , [a5e72500eb902c0ada7a4200768bb44c],

Registry Keys: 109
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\S-1884037147, , [642857ceea91f145be2f65c42ad713ed],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5C663553-2F86-28CB-04B6-ADBD67B6CE6B}, , [91fb4adb9cdfec4acd87340ef908b749],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{5C663553-2F86-28CB-04B6-ADBD67B6CE6B}, , [91fb4adb9cdfec4acd87340ef908b749],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{5C663553-2F86-28CB-04B6-ADBD67B6CE6B}, , [91fb4adb9cdfec4acd87340ef908b749],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\weabsave.weabsave, , [91fb4adb9cdfec4acd87340ef908b749],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\weabsave.weabsave.3.7, , [91fb4adb9cdfec4acd87340ef908b749],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\weabsave.weabsave, , [91fb4adb9cdfec4acd87340ef908b749],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\weabsave.weabsave.3.7, , [91fb4adb9cdfec4acd87340ef908b749],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{5C663553-2F86-28CB-04B6-ADBD67B6CE6B}, , [91fb4adb9cdfec4acd87340ef908b749],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{5C663553-2F86-28CB-04B6-ADBD67B6CE6B}\INPROCSERVER32, , [91fb4adb9cdfec4acd87340ef908b749],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2378380575-1943291218-1237148033-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{5C663553-2F86-28CB-04B6-ADBD67B6CE6B}, , [91fb4adb9cdfec4acd87340ef908b749],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2378380575-1943291218-1237148033-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5C663553-2F86-28CB-04B6-ADBD67B6CE6B}, , [91fb4adb9cdfec4acd87340ef908b749],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5C663553-2F86-28CB-04B6-ADBD67B6CE6B}, , [91fb4adb9cdfec4acd87340ef908b749],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5C663553-2F86-28CB-04B6-ADBD67B6CE6B}, , [91fb4adb9cdfec4acd87340ef908b749],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{6B48303E-1A81-E583-E093-3901A218CCDB}, , [c6c68c99f883d4623222083ad130e020],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{6B48303E-1A81-E583-E093-3901A218CCDB}, , [c6c68c99f883d4623222083ad130e020],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{6B48303E-1A81-E583-E093-3901A218CCDB}, , [c6c68c99f883d4623222083ad130e020],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\Seaorcch--NaeewwTab.Seaorcch--NaeewwTab, , [c6c68c99f883d4623222083ad130e020],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\Seaorcch--NaeewwTab.Seaorcch--NaeewwTab.2.1, , [c6c68c99f883d4623222083ad130e020],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Seaorcch--NaeewwTab.Seaorcch--NaeewwTab, , [c6c68c99f883d4623222083ad130e020],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Seaorcch--NaeewwTab.Seaorcch--NaeewwTab.2.1, , [c6c68c99f883d4623222083ad130e020],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{6B48303E-1A81-E583-E093-3901A218CCDB}, , [c6c68c99f883d4623222083ad130e020],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{6B48303E-1A81-E583-E093-3901A218CCDB}\INPROCSERVER32, , [c6c68c99f883d4623222083ad130e020],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2378380575-1943291218-1237148033-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{6B48303E-1A81-E583-E093-3901A218CCDB}, , [c6c68c99f883d4623222083ad130e020],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2378380575-1943291218-1237148033-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{6B48303E-1A81-E583-E093-3901A218CCDB}, , [c6c68c99f883d4623222083ad130e020],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{6B48303E-1A81-E583-E093-3901A218CCDB}, , [c6c68c99f883d4623222083ad130e020],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{6B48303E-1A81-E583-E093-3901A218CCDB}, , [c6c68c99f883d4623222083ad130e020],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{ABC43D27-3E84-03DA-5C71-36E92DD58006}, , [94f8eb3a413a82b42d27e45ef60b38c8],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{ABC43D27-3E84-03DA-5C71-36E92DD58006}, , [94f8eb3a413a82b42d27e45ef60b38c8],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{ABC43D27-3E84-03DA-5C71-36E92DD58006}, , [94f8eb3a413a82b42d27e45ef60b38c8],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\Searcch-NewToaabb.Searcch-NewToaabb, , [94f8eb3a413a82b42d27e45ef60b38c8],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\Searcch-NewToaabb.Searcch-NewToaabb.2.1, , [94f8eb3a413a82b42d27e45ef60b38c8],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Searcch-NewToaabb.Searcch-NewToaabb, , [94f8eb3a413a82b42d27e45ef60b38c8],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Searcch-NewToaabb.Searcch-NewToaabb.2.1, , [94f8eb3a413a82b42d27e45ef60b38c8],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{ABC43D27-3E84-03DA-5C71-36E92DD58006}, , [94f8eb3a413a82b42d27e45ef60b38c8],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{ABC43D27-3E84-03DA-5C71-36E92DD58006}\INPROCSERVER32, , [94f8eb3a413a82b42d27e45ef60b38c8],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2378380575-1943291218-1237148033-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{ABC43D27-3E84-03DA-5C71-36E92DD58006}, , [94f8eb3a413a82b42d27e45ef60b38c8],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2378380575-1943291218-1237148033-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{ABC43D27-3E84-03DA-5C71-36E92DD58006}, , [94f8eb3a413a82b42d27e45ef60b38c8],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{ABC43D27-3E84-03DA-5C71-36E92DD58006}, , [94f8eb3a413a82b42d27e45ef60b38c8],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{ABC43D27-3E84-03DA-5C71-36E92DD58006}, , [94f8eb3a413a82b42d27e45ef60b38c8],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B85E8218-2998-6E43-39D7-9E8DC4BA219E}, , [a5e72500eb902c0ada7a4200768bb44c],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{B85E8218-2998-6E43-39D7-9E8DC4BA219E}, , [a5e72500eb902c0ada7a4200768bb44c],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{B85E8218-2998-6E43-39D7-9E8DC4BA219E}, , [a5e72500eb902c0ada7a4200768bb44c],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\webSave.webSave, , [a5e72500eb902c0ada7a4200768bb44c],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\webSave.webSave.3.7, , [a5e72500eb902c0ada7a4200768bb44c],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\webSave.webSave, , [a5e72500eb902c0ada7a4200768bb44c],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\webSave.webSave.3.7, , [a5e72500eb902c0ada7a4200768bb44c],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{B85E8218-2998-6E43-39D7-9E8DC4BA219E}, , [a5e72500eb902c0ada7a4200768bb44c],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{B85E8218-2998-6E43-39D7-9E8DC4BA219E}\INPROCSERVER32, , [a5e72500eb902c0ada7a4200768bb44c],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2378380575-1943291218-1237148033-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{B85E8218-2998-6E43-39D7-9E8DC4BA219E}, , [a5e72500eb902c0ada7a4200768bb44c],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2378380575-1943291218-1237148033-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{B85E8218-2998-6E43-39D7-9E8DC4BA219E}, , [a5e72500eb902c0ada7a4200768bb44c],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{B85E8218-2998-6E43-39D7-9E8DC4BA219E}, , [a5e72500eb902c0ada7a4200768bb44c],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{B85E8218-2998-6E43-39D7-9E8DC4BA219E}, , [a5e72500eb902c0ada7a4200768bb44c],
PUP.Optional.iVIDI.A, HKLM\SOFTWARE\CLASSES\APPID\{685F23D9-FCFD-475C-B56A-362645945C5A}, , [8a0235f0dd9efd39b8f2888216ecec14],
PUP.Optional.iVIDI.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{685F23D9-FCFD-475C-B56A-362645945C5A}, , [8a0235f0dd9efd39b8f2888216ecec14],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}, , [91fbc85d0774999dc6938d85d72ba759],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\TYPELIB\{A0EE0278-2986-4E5A-884E-A3BF0357E476}, , [91fbc85d0774999dc6938d85d72ba759],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\INTERFACE\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}, , [91fbc85d0774999dc6938d85d72ba759],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}, , [91fbc85d0774999dc6938d85d72ba759],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{A0EE0278-2986-4E5A-884E-A3BF0357E476}, , [91fbc85d0774999dc6938d85d72ba759],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}, , [91fbc85d0774999dc6938d85d72ba759],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\Updater.AmiUpd.1, , [91fbc85d0774999dc6938d85d72ba759],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\Updater.AmiUpd, , [91fbc85d0774999dc6938d85d72ba759],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Updater.AmiUpd, , [91fbc85d0774999dc6938d85d72ba759],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Updater.AmiUpd.1, , [91fbc85d0774999dc6938d85d72ba759],
PUP.Optional.AppGraffiti.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}, , [fa924cd9cbb0d56187201e2039c97c84],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}, , [96f6c164e8937eb8f064b98931d00ff1],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{476D78C4-1DB0-2D88-7FCC-AA6559F59A8D}, , [d9b348dd502b1a1c66ee073ba75a8d73],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507}, , [7517b66f532893a3c88c4002c43ddd23],
PUP.Optional.Hosts.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\hosts, , [167641e47efde84e25d86106c33f8b75],
PUP.Optional.iVIDI.A, HKLM\SOFTWARE\CLASSES\esrv.ividiESrvc, , [513b8c99255682b4946bb3b4c43edc24],
PUP.Optional.iVIDI.A, HKLM\SOFTWARE\CLASSES\esrv.ividiESrvc.1, , [4448d5503f3c80b655aabdaa2bd731cf],
PUP.Optional.Ividi.A, HKLM\SOFTWARE\CLASSES\ividi.ividiappCore, , [3458be671962fb3bbb80313a1ee4e917],
PUP.Optional.Ividi.A, HKLM\SOFTWARE\CLASSES\ividi.ividiappCore.1, , [2c60eb3a7cff3afc85b6d299679bad53],
PUP.Optional.Diamondata.A, HKLM\SOFTWARE\WOW6432NODE\diamondata, , [7f0d36ef601bc57111f7d3b742c16b95],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\MediaViewV1alpha2733, , [8903db4ad8a379bd3e59085a27db0000],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\MediaViewV1alpha6498, , [2963170e710a62d44c4bd88a9f63c43c],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\WOW6432NODE\MediaWatchV1home2068, , [91fb0c197cff03332d789308ac5730d0],
PUP.Optional.WebSearch.A, HKLM\SOFTWARE\WOW6432NODE\WS-Booster, , [d2ba4cd94f2ca4920376aeb480827d83],
PUP.Optional.iVIDI.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.ividiESrvc, , [bfcd49dc2655132334cb13547e8446ba],
PUP.Optional.iVIDI.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.ividiESrvc.1, , [1973a283df9c95a1b04f82e514ee48b8],
PUP.Optional.Ividi.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ividi.ividiappCore, , [4448ba6b6a1174c27fbc4427c53d54ac],
PUP.Optional.Ividi.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ividi.ividiappCore.1, , [4b4146df03784fe797a4b1ba55ad7090],
PUP.Optional.Ividi.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\kpdhgpkkloealnjnmepfhanpcleldbef, , [86066eb7bfbc95a116273437976b07f9],
PUP.Optional.Hosts.A, HKLM\SOFTWARE\WOW6432NODE\HOSTS\INSTALLER, , [c7c53aebabd0c96d5546155222e0758b],
PUP.Optional.Ividi.A, HKLM\SOFTWARE\WOW6432NODE\UNITECH LLC\ividi, , [741868bd2754cf67300e4f1c20e2db25],
PUP.Optional.diamondata.A, HKU\S-1-5-21-2378380575-1943291218-1237148033-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\diamondata, , [3c502afb94e73afc8fb36a1920e3d32d],
PUP.Optional.Ividi.A, HKU\S-1-5-21-2378380575-1943291218-1237148033-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\iVIDI Plugin, , [f29aea3bff7c76c052eec3a804fea25e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2378380575-1943291218-1237148033-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Alex, , [2b61d84d4338a78fe21a4a1d1de59d63],
PUP.Optional.Ividi.A, HKU\S-1-5-21-2378380575-1943291218-1237148033-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\UNITECH LLC\ividi, , [58340322afcca88e96a9dd8e8c760ff1],
PUP.Optional.InstallBrain.A, HKU\S-1-5-21-2378380575-1943291218-1237148033-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, , [7319b273a9d21e183e0c6b1d54af7c84],
PUP.Optional.Ividi.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{211B330A-499B-415E-B1F1-B7132A8751D2}, , [4448ae772457f541ac912331fb07956b],
PUP.Optional.Ividi.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D18734A5-B131-4335-A3E0-15FF90AC90EE}, , [4448ae772457f541ac912331fb07956b],
PUP.Optional.Ividi.A, HKLM\SOFTWARE\CLASSES\i, , [4448ae772457f541ac912331fb07956b],
PUP.Optional.Ividi.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\i, , [4448ae772457f541ac912331fb07956b],
PUP.Optional.Ividi.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{905E34C2-F4EB-49BE-A36B-47692CF957A8}, , [4448ae772457f541ac912331fb07956b],
PUP.Optional.Ividi.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{905E34C2-F4EB-49BE-A36B-47692CF957A8}, , [4448ae772457f541ac912331fb07956b],
PUP.Optional.Ividi.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ividi, , [4448ae772457f541ac912331fb07956b],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MediaViewV1alpha2733, , [e4a8180d64173ef8f112a0b72fd3867a],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MediaViewV1alpha6498, , [90fcf53088f32a0c679c8dca4ab8b34d],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MediaWatchV1home2068, , [127ade471c5ffd39db862732649e12ee],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{809bf73f-342d-4e85-9fa5-9c6b72aa245d}, , [127ade471c5ffd39db862732649e12ee],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{822a6a00-f445-408a-990d-76507b6584c8}, , [127ade471c5ffd39db862732649e12ee],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B6F1896D-4D84-4A9E-BE3A-407B82388465}, , [127ade471c5ffd39db862732649e12ee],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B6F1896D-4D84-4A9E-BE3A-407B82388465}, , [127ade471c5ffd39db862732649e12ee],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{822a6a00-f445-408a-990d-76507b6584c8}, , [127ade471c5ffd39db862732649e12ee],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{809BF73F-342D-4E85-9FA5-9C6B72AA245D}, , [127ade471c5ffd39db862732649e12ee],
PUP.Optional.MediaWatch.A, HKU\S-1-5-21-2378380575-1943291218-1237148033-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{809BF73F-342D-4E85-9FA5-9C6B72AA245D}, , [127ade471c5ffd39db862732649e12ee],
PUP.Optional.MediaWatch.A, HKU\S-1-5-21-2378380575-1943291218-1237148033-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{809BF73F-342D-4E85-9FA5-9C6B72AA245D}, , [127ade471c5ffd39db862732649e12ee],

Registry Values: 11
Trojan.BitMiner, HKU\S-1-5-21-2378380575-1943291218-1237148033-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|WmiPrv, C:\Users\Easy\AppData\Roaming\Adobe\WmiPrv\WmiPrvSE.exe, , [bcd0fa2b443759dd99771446d52c7888]
Trojan.Kryptik, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Aqalawsulytaila, C:\Users\Easy\AppData\Roaming\Capyqiu\ewufoz.exe, , [abe10124d9a239fd2974c9277c8739c7]
Trojan.Kryptik, HKU\S-1-5-21-2378380575-1943291218-1237148033-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Aqalawsulytaila, C:\Users\Easy\AppData\Roaming\Capyqiu\ewufoz.exe, , [abe10124d9a239fd2974c9277c8739c7]
Trojan.Kryptik, HKU\S-1-5-21-2378380575-1943291218-1237148033-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Aqalawsulytaila, C:\Users\Easy\AppData\Roaming\Capyqiu\ewufoz.exe, , [abe10124d9a239fd2974c9277c8739c7]
PUP.Optional.NextLive.A, HKU\S-1-5-21-2378380575-1943291218-1237148033-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|NextLive, C:\Windows\SysWOW64\rundll32.exe "C:\Users\Easy\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l, , [78148f962d4e55e1b1ed6fdda0613ec2]
PUP.Optional.Hosts.A, HKLM\SOFTWARE\WOW6432NODE\HOSTS\INSTALLER|BundledIe, 1, , [c7c53aebabd0c96d5546155222e0758b]
PUP.Optional.Ividi.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|Tabs, http://search.ividi.org/?q={searchTerms ... c&affilt=3, , [4d3fb174d1aae94d4d351547946ef30d]
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaViewV1alpha2733.net, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2733\ff, , [8dffd154433877bfbbdde37f1fe3fe02]
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaViewV1alpha6498.net, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6498\ff, , [4f3d6db814678babaeea382acd3552ae]
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaWatchV1home2068.net, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2068\ff, , [4448f5309be048ee782eb7e459aad030]
PUP.Optional.InstallBrain.A, HKU\S-1-5-21-2378380575-1943291218-1237148033-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, SWEETIM, , [7319b273a9d21e183e0c6b1d54af7c84]

Registry Data: 2
Trojan.SProtector, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, c:\progra~3\assist~1\assist~1.dll, Good: (), Bad: (c:\progra~3\assist~1\assist~1.dll),,[e5a747de4338eb4bb202db77649d659b]
PUP.Optional.WebSearchInfo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://websearch.searchsun.info/?pid=72 ... g=EN&cc=CZ, Good: (http://www.google.com), Bad: (http://websearch.searchsun.info/?pid=72 ... g=EN&cc=CZ),,[1973e24325565bdb1544e91e12f2ba46]

Folders: 44
PUP.Optional.Unitech.A, C:\Users\Easy\AppData\Roaming\Unitech LLC, , [8c003fe63b405fd7ecc986e0e61c14ec],
PUP.Optional.Hosts.A, C:\Program Files (x86)\hosts, , [167641e47efde84e25d86106c33f8b75],
PUP.Optional.SearchNewTab, C:\ProgramData\SeaRch-NewTab, , [464637eea2d99a9c52e2c989f0122dd3],
PUP.Optional.OpenCandy, C:\Users\Easy\AppData\Roaming\OpenCandy, , [4a42ea3baccf85b1fb5341111ce67c84],
PUP.Optional.OpenCandy, C:\Users\Easy\AppData\Roaming\OpenCandy\E1C1AE8E4633452381B49DC2076EEC48, , [4a42ea3baccf85b1fb5341111ce67c84],
PUP.Optional.NextLive.A, C:\Users\Easy\AppData\Roaming\newnext.me, , [0e7e4dd85328b87ea56265efa9598d73],
PUP.Optional.NextLive.A, C:\Users\Easy\AppData\Roaming\newnext.me\cache, , [0e7e4dd85328b87ea56265efa9598d73],
PUP.Optional.Ividi.A, C:\Program Files (x86)\Unitech LLC\ividi, , [4448ae772457f541ac912331fb07956b],
PUP.Optional.Ividi.A, C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0, , [4448ae772457f541ac912331fb07956b],
PUP.Optional.Ividi.A, C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\bh, , [4448ae772457f541ac912331fb07956b],
PUP.Optional.Ividi.A, C:\Users\Easy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef, , [ddaf58cd12693df9ec52f95bf2107b85],
PUP.Optional.Ividi.A, C:\Users\Easy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0, , [ddaf58cd12693df9ec52f95bf2107b85],
PUP.Optional.Multiplug, C:\Program Files (x86)\YoutubeAdblocker, , [15777fa6aecd0531b6cbe56f6b978779],
PUP.Optional.ToolBarInstaller.A, C:\Users\Easy\AppData\Local\Temp\mt_ffx\Unitech LLC, , [98f470b5b1ca57df6680fd57e81aec14],
PUP.Optional.ToolBarInstaller.A, C:\Users\Easy\AppData\Local\Temp\mt_ffx\Unitech LLC\ividi, , [98f470b5b1ca57df6680fd57e81aec14],
PUP.Optional.ToolBarInstaller.A, C:\Users\Easy\AppData\Local\Temp\mt_ffx\Unitech LLC\ividi\1.8.23.0, , [98f470b5b1ca57df6680fd57e81aec14],
PUP.Optional.Diamondata.A, C:\Users\Easy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hendmekoldfacfhlojkjcnbjegkahclb, , [23698a9bcbb054e257ad5303fb0743bd],
PUP.Optional.Diamondata.A, C:\Users\Easy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hendmekoldfacfhlojkjcnbjegkahclb\1.0.0_0, , [23698a9bcbb054e257ad5303fb0743bd],
PUP.Optional.YoutubeAdblocker.A, C:\ProgramData\YoutubeAdblocker, , [1e6eb76e0f6c57df0f8c64f29270bd43],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2733, , [e4a8180d64173ef8f112a0b72fd3867a],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2733\ch, , [e4a8180d64173ef8f112a0b72fd3867a],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2733\ff, , [e4a8180d64173ef8f112a0b72fd3867a],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2733\ff\chrome, , [e4a8180d64173ef8f112a0b72fd3867a],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2733\ff\chrome\content, , [e4a8180d64173ef8f112a0b72fd3867a],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2733\ff\chrome\content\icons, , [e4a8180d64173ef8f112a0b72fd3867a],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2733\ff\chrome\content\icons\default, , [e4a8180d64173ef8f112a0b72fd3867a],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2733\ie, , [e4a8180d64173ef8f112a0b72fd3867a],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6498, , [90fcf53088f32a0c679c8dca4ab8b34d],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6498\ch, , [90fcf53088f32a0c679c8dca4ab8b34d],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6498\ff, , [90fcf53088f32a0c679c8dca4ab8b34d],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6498\ff\chrome, , [90fcf53088f32a0c679c8dca4ab8b34d],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6498\ff\chrome\content, , [90fcf53088f32a0c679c8dca4ab8b34d],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6498\ff\chrome\content\icons, , [90fcf53088f32a0c679c8dca4ab8b34d],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6498\ff\chrome\content\icons\default, , [90fcf53088f32a0c679c8dca4ab8b34d],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6498\ie, , [90fcf53088f32a0c679c8dca4ab8b34d],
PUP.Optional.MediaWatch.A, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2068, , [127ade471c5ffd39db862732649e12ee],
PUP.Optional.MediaWatch.A, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2068\ch, , [127ade471c5ffd39db862732649e12ee],
PUP.Optional.MediaWatch.A, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2068\ff, , [127ade471c5ffd39db862732649e12ee],
PUP.Optional.MediaWatch.A, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2068\ff\chrome, , [127ade471c5ffd39db862732649e12ee],
PUP.Optional.MediaWatch.A, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2068\ff\chrome\content, , [127ade471c5ffd39db862732649e12ee],
PUP.Optional.MediaWatch.A, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2068\ff\chrome\content\icons, , [127ade471c5ffd39db862732649e12ee],
PUP.Optional.MediaWatch.A, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2068\ff\chrome\content\icons\default, , [127ade471c5ffd39db862732649e12ee],
PUP.Optional.MediaWatch.A, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2068\ie, , [127ade471c5ffd39db862732649e12ee],
PUP.Optional.CrossRider.A, C:\Users\Easy\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_nnlomafmkpiclmaaekkhpoecnclldmaa_0, , [018b9b8af18a72c417b01347bd456898],

Files: 97
PUP.Optional.MultiPlug.A, C:\ProgramData\HostIt\WS-Booster\WS-Booster.exe, , [642857ceea91f145be2f65c42ad713ed],
Trojan.BitMiner, C:\Users\Easy\AppData\Roaming\Adobe\WmiPrv\WmiPrvSE.exe, , [bcd0fa2b443759dd99771446d52c7888],
Trojan.SProtector, C:\ProgramData\Assistant\Assistant.dll, , [e5a747de4338eb4bb202db77649d659b],
Trojan.SProtector, C:\ProgramData\Assistant\AssistantSvc.dll, , [0488e73ea0db8fa7565f0052966bb44c],
Trojan.Kryptik, C:\Users\Easy\AppData\Roaming\Capyqiu\ewufoz.exe, , [abe10124d9a239fd2974c9277c8739c7],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\websave\4f2ujEts.dll, , [91fb4adb9cdfec4acd87340ef908b749],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\websave\4f2ujEts.x64.dll, , [91fb4adb9cdfec4acd87340ef908b749],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\SeaRch-NewTab\Jm.dll, , [c6c68c99f883d4623222083ad130e020],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\SeaRch-NewTab\Jm.x64.dll, , [c6c68c99f883d4623222083ad130e020],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\SeaRch-NewTab\Pk9dfsNBN.dll, , [94f8eb3a413a82b42d27e45ef60b38c8],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\SeaRch-NewTab\Pk9dfsNBN.x64.dll, , [94f8eb3a413a82b42d27e45ef60b38c8],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\websave\GrnL4Ta5.dll, , [a5e72500eb902c0ada7a4200768bb44c],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\websave\GrnL4Ta5.x64.dll, , [a5e72500eb902c0ada7a4200768bb44c],
PUP.Optional.NextLive.A, C:\Users\Easy\AppData\Roaming\newnext.me\nengine.dll, , [78148f962d4e55e1b1ed6fdda0613ec2],
PUP.Optional.SoftwareUpdater, C:\Users\Easy\AppData\Local\SwvUpdater\Updater.exe, , [91fbc85d0774999dc6938d85d72ba759],
PUP.Optional.MultiPlug.A, C:\ProgramData\SeaRch-NewTab\6bwse7UE3K.exe, , [9bf1fd28e8932313d480b98950b1a45c],
PUP.Optional.MultiPlug.A, C:\ProgramData\SeaRch-NewTab\OXU.exe, , [96f6c164e8937eb8f064b98931d00ff1],
PUP.Optional.Delta.A, C:\ProgramData\DSearchLink\DSearchLink.exe, , [cdbf81a47efdcc6a6649b42a61a2a957],
PUP.Optional.MultiPlug.A, C:\ProgramData\websave\9go_5YuJB.exe, , [d9b348dd502b1a1c66ee073ba75a8d73],
PUP.Optional.MultiPlug.A, C:\ProgramData\websave\Avd3TOnGa.exe, , [ace0fa2b46352610dc78ab970ff205fb],
PUP.Optional.MultiPlug.A, C:\ProgramData\YoutubeAdblocker\C_e995E5wg.exe, , [7517b66f532893a3c88c4002c43ddd23],
Trojan.BitMiner, C:\Users\Easy\AppData\Roaming\Adobe\WmiPrv\lsmass.exe, , [197332f31f5ccf67f24df970738e6b95],
Spyware.Password, C:\Users\Easy\AppData\Local\Temp\__tmp_24118029, , [800ccd58ed8e50e6ffccc37e778a18e8],
Trojan.SProtector, C:\Users\Easy\AppData\Local\Temp\__tmp_315bdea3, , [3f4d71b48af170c693bcc385b34e7d83],
PUP.Optional.NextLive.A, C:\Users\Easy\AppData\Local\genienext\nengine.dll, , [1f6d0d18b5c6181e6b3333198f72837d],
PUP.Optional.WebSearch.A, C:\Windows\Tasks\WS-Booster-S-1884037147.job, , [523abd685526c96dc4b479e9818101ff],
PUP.Optional.Unitech.A, C:\Users\Easy\AppData\Roaming\Unitech LLC\sqlite3.dll, , [8c003fe63b405fd7ecc986e0e61c14ec],
PUP.Optional.Hosts.A, C:\Program Files (x86)\hosts\background.html, , [167641e47efde84e25d86106c33f8b75],
PUP.Optional.Hosts.A, C:\Program Files (x86)\hosts\hosts-bg.exe, , [167641e47efde84e25d86106c33f8b75],
PUP.Optional.Hosts.A, C:\Program Files (x86)\hosts\hosts-buttonutil.dll, , [167641e47efde84e25d86106c33f8b75],
PUP.Optional.Hosts.A, C:\Program Files (x86)\hosts\hosts-buttonutil.exe, , [167641e47efde84e25d86106c33f8b75],
PUP.Optional.Hosts.A, C:\Program Files (x86)\hosts\hosts-buttonutil64.dll, , [167641e47efde84e25d86106c33f8b75],
PUP.Optional.Hosts.A, C:\Program Files (x86)\hosts\hosts-buttonutil64.exe, , [167641e47efde84e25d86106c33f8b75],
PUP.Optional.Hosts.A, C:\Program Files (x86)\hosts\hosts-codedownloader.exe, , [167641e47efde84e25d86106c33f8b75],
PUP.Optional.Hosts.A, C:\Program Files (x86)\hosts\hosts-helper.exe, , [167641e47efde84e25d86106c33f8b75],
PUP.Optional.Hosts.A, C:\Program Files (x86)\hosts\hosts.ico, , [167641e47efde84e25d86106c33f8b75],
PUP.Optional.Hosts.A, C:\Program Files (x86)\hosts\Installer.log, , [167641e47efde84e25d86106c33f8b75],
PUP.Optional.Hosts.A, C:\Program Files (x86)\hosts\Uninstall.exe, , [167641e47efde84e25d86106c33f8b75],
PUP.Software.Updater, C:\Windows\Tasks\AmiUpdXp.job, , [ccc0998c3e3d5ed8f78bbbb710f28878],
Trojan.Agent.RvGen, C:\Windows\Tasks\Security Center Update - 3921653254.job, , [d9b335f0d7a45adc37db95d853b0f40c],
PUP.Optional.SearchNewTab, C:\ProgramData\SeaRch-NewTab\6bwse7UE3K.dat, , [464637eea2d99a9c52e2c989f0122dd3],
PUP.Optional.SearchNewTab, C:\ProgramData\SeaRch-NewTab\OXU.dat, , [464637eea2d99a9c52e2c989f0122dd3],
PUP.Optional.OpenCandy, C:\Users\Easy\AppData\Roaming\OpenCandy\E1C1AE8E4633452381B49DC2076EEC48\AppGraffitiSetup.exe, , [4a42ea3baccf85b1fb5341111ce67c84],
PUP.Optional.NextLive.A, C:\Users\Easy\AppData\Roaming\newnext.me\nengine.cookie, , [0e7e4dd85328b87ea56265efa9598d73],
PUP.Optional.NextLive.A, C:\Users\Easy\AppData\Roaming\newnext.me\cache\spark.bin, , [0e7e4dd85328b87ea56265efa9598d73],
PUP.Optional.Ividi.A, C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\ividi.crx, , [4448ae772457f541ac912331fb07956b],
PUP.Optional.Ividi.A, C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\ividiApp.dll, , [4448ae772457f541ac912331fb07956b],
PUP.Optional.Ividi.A, C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\ividiEng.dll, , [4448ae772457f541ac912331fb07956b],
PUP.Optional.Ividi.A, C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\ividisrv.exe, , [4448ae772457f541ac912331fb07956b],
PUP.Optional.Ividi.A, C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\uninstall.exe, , [4448ae772457f541ac912331fb07956b],
PUP.Optional.Ividi.A, C:\Users\Easy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\appCntrl.js, , [ddaf58cd12693df9ec52f95bf2107b85],
PUP.Optional.Ividi.A, C:\Users\Easy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\bg.html, , [ddaf58cd12693df9ec52f95bf2107b85],
PUP.Optional.Ividi.A, C:\Users\Easy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\bg.js, , [ddaf58cd12693df9ec52f95bf2107b85],
PUP.Optional.Ividi.A, C:\Users\Easy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\CrmAdpt.dll, , [ddaf58cd12693df9ec52f95bf2107b85],
PUP.Optional.Ividi.A, C:\Users\Easy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\ct.js, , [ddaf58cd12693df9ec52f95bf2107b85],
PUP.Optional.Ividi.A, C:\Users\Easy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\CTB.dll, , [ddaf58cd12693df9ec52f95bf2107b85],
PUP.Optional.Ividi.A, C:\Users\Easy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\dpk.js, , [ddaf58cd12693df9ec52f95bf2107b85],
PUP.Optional.Ividi.A, C:\Users\Easy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\hprtkMsg.htm, , [ddaf58cd12693df9ec52f95bf2107b85],
PUP.Optional.Ividi.A, C:\Users\Easy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\hprtkMsg.js, , [ddaf58cd12693df9ec52f95bf2107b85],
PUP.Optional.Ividi.A, C:\Users\Easy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\json2.min.js, , [ddaf58cd12693df9ec52f95bf2107b85],
PUP.Optional.Ividi.A, C:\Users\Easy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\logo.png, , [ddaf58cd12693df9ec52f95bf2107b85],
PUP.Optional.Ividi.A, C:\Users\Easy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\manifest.json, , [ddaf58cd12693df9ec52f95bf2107b85],
PUP.Optional.Ividi.A, C:\Users\Easy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\pref.json, , [ddaf58cd12693df9ec52f95bf2107b85],
PUP.Optional.Multiplug, C:\Program Files (x86)\YoutubeAdblocker\IhTIrymTp.dll_old, , [15777fa6aecd0531b6cbe56f6b978779],
PUP.Optional.Diamondata.A, C:\Users\Easy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hendmekoldfacfhlojkjcnbjegkahclb\1.0.0_0\background.js, , [23698a9bcbb054e257ad5303fb0743bd],
PUP.Optional.Diamondata.A, C:\Users\Easy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hendmekoldfacfhlojkjcnbjegkahclb\1.0.0_0\content.js, , [23698a9bcbb054e257ad5303fb0743bd],
PUP.Optional.Diamondata.A, C:\Users\Easy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hendmekoldfacfhlojkjcnbjegkahclb\1.0.0_0\icon.png, , [23698a9bcbb054e257ad5303fb0743bd],
PUP.Optional.Diamondata.A, C:\Users\Easy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hendmekoldfacfhlojkjcnbjegkahclb\1.0.0_0\manifest.json, , [23698a9bcbb054e257ad5303fb0743bd],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2733\uninstall.exe, , [e4a8180d64173ef8f112a0b72fd3867a],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2733\ch\MediaViewV1alpha2733.crx, , [e4a8180d64173ef8f112a0b72fd3867a],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2733\ff\chrome.manifest, , [e4a8180d64173ef8f112a0b72fd3867a],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2733\ff\install.rdf, , [e4a8180d64173ef8f112a0b72fd3867a],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2733\ff\chrome\content\ffMediaViewV1alpha2733.js, , [e4a8180d64173ef8f112a0b72fd3867a],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2733\ff\chrome\content\ffMediaViewV1alpha2733ffaction.js, , [e4a8180d64173ef8f112a0b72fd3867a],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2733\ff\chrome\content\overlay.xul, , [e4a8180d64173ef8f112a0b72fd3867a],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2733\ff\chrome\content\icons\Thumbs.db, , [e4a8180d64173ef8f112a0b72fd3867a],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2733\ff\chrome\content\icons\default\MediaViewV1alpha2733_32.png, , [e4a8180d64173ef8f112a0b72fd3867a],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6498\uninstall.exe, , [90fcf53088f32a0c679c8dca4ab8b34d],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6498\ch\MediaViewV1alpha6498.crx, , [90fcf53088f32a0c679c8dca4ab8b34d],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6498\ff\chrome.manifest, , [90fcf53088f32a0c679c8dca4ab8b34d],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6498\ff\install.rdf, , [90fcf53088f32a0c679c8dca4ab8b34d],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6498\ff\chrome\content\ffMediaViewV1alpha6498.js, , [90fcf53088f32a0c679c8dca4ab8b34d],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6498\ff\chrome\content\ffMediaViewV1alpha6498ffaction.js, , [90fcf53088f32a0c679c8dca4ab8b34d],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6498\ff\chrome\content\overlay.xul, , [90fcf53088f32a0c679c8dca4ab8b34d],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6498\ff\chrome\content\icons\Thumbs.db, , [90fcf53088f32a0c679c8dca4ab8b34d],
PUP.Optional.MediaView.A, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6498\ff\chrome\content\icons\default\MediaViewV1alpha6498_32.png, , [90fcf53088f32a0c679c8dca4ab8b34d],
PUP.Optional.MediaWatch.A, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2068\uninstall.exe, , [127ade471c5ffd39db862732649e12ee],
PUP.Optional.MediaWatch.A, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2068\ch\MediaWatchV1home2068.crx, , [127ade471c5ffd39db862732649e12ee],
PUP.Optional.MediaWatch.A, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2068\ff\chrome.manifest, , [127ade471c5ffd39db862732649e12ee],
PUP.Optional.MediaWatch.A, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2068\ff\install.rdf, , [127ade471c5ffd39db862732649e12ee],
PUP.Optional.MediaWatch.A, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2068\ff\chrome\content\ffMediaWatchV1home2068.js, , [127ade471c5ffd39db862732649e12ee],
PUP.Optional.MediaWatch.A, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2068\ff\chrome\content\ffMediaWatchV1home2068ffaction.js, , [127ade471c5ffd39db862732649e12ee],
PUP.Optional.MediaWatch.A, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2068\ff\chrome\content\overlay.xul, , [127ade471c5ffd39db862732649e12ee],
PUP.Optional.MediaWatch.A, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2068\ff\chrome\content\icons\Thumbs.db, , [127ade471c5ffd39db862732649e12ee],
PUP.Optional.MediaWatch.A, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2068\ff\chrome\content\icons\default\MediaWatchV1home2068_32.png, , [127ade471c5ffd39db862732649e12ee],
PUP.Optional.MediaWatch.A, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2068\ie\MediaWatchV1home2068.dll, , [127ade471c5ffd39db862732649e12ee],
PUP.Optional.CrossRider.A, C:\Users\Easy\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_nnlomafmkpiclmaaekkhpoecnclldmaa_0\28, , [018b9b8af18a72c417b01347bd456898],

Physical Sectors: 0
(No malicious items detected)


(end)

ak si to vycistil s MBAM, tak to este vycisti s ADWCleanerom - je to fakt hrozne ,,,

projeto, mám sem z něj taky hodit nějaký log?

vloz log RSIT a napis, ci su este nejake problemy

Tak tady jsou logy. Projel jsem to ješttě jednou tim adwcleanerem, tak je tam i ten log pod ním. Jinak ntb je ted už daleko rychlejší, takže za mě zatím spokojenost.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Easy at 2014-04-04 21:16:00
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 21 GB (21%) free of 100 GB
Total RAM: 3830 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:16:07, on 4.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera_crashreporter.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
C:\Program Files\trend micro\Easy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Microsoft Web Test Recorder 12.0 Helper - {432dd630-7e03-4c97-9d62-b99f52df4fc2} - C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - (no file)
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Ipsoft] regsvr32.exe C:\Users\Easy\AppData\Local\Ipsoft\lsvxd.dll
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'MSSQLFDLauncher')
O4 - HKUS\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'MSSQLFDLauncher')
O4 - HKUS\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'MSSQLSERVER')
O4 - HKUS\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'MSSQLSERVER')
O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files (x86)\Offline Explorer\Add_UrlO.htm
O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files (x86)\Offline Explorer\Add_AllO.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~4\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: (no name) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: BR.AS.VersionChangerService - Bernecker + Rainer, Industrie-Elektronik Ges.m.b.H., A-5142 Austria, Europe - C:\Windows\SysWOW64\BR.AS.VersionChangerService.exe
O23 - Service: B&R Authorization (BrAuthorizationSvcx) - Bernecker + Rainer, Industrie-Elektronik Ges.m.b.H, A-5142, Austria, Europe - C:\BrAutomation\AsTools\BrAuthorization\BrAuthorizationSvc.exe
O23 - Service: B&R Disk Image (BrDiskImageSvcx) - Bernecker + Rainer, Industrie-Elektronik Ges.m.b.H, A-5142, Austria, Europe - C:\BrAutomation\PVI\V3.00.02\PVI\Tools\PviTransfer\BrDiskImageSvc.exe
O23 - Service: @%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000 (c2wts) - Unknown owner - C:\Program Files (x86)\Windows Identity Foundation\v3.5\c2wtshost.exe (file missing)
O23 - Service: DisplayLinkManager (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: ODMV3 - Hilscher GmbH - C:\Program Files (x86)\Common Files\Hilscher\ODMV3\ODMV3.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: SIMATIC IEPG Help Service (s7oiehsx64) - SIEMENS AG - C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe
O23 - Service: S7TraceServiceX - SIEMENS AG - C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 10673 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
"C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe"
atieclxx
"C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe"
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE" "C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe"
C:\Windows\system32\WLANExt.exe 817680
C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe
\??\C:\Windows\system32\conhost.exe "-18199482991697656254254024648-3341007591961821232-1449957458-1939395008-2120354000
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\LSI SoftModem\agr64svc.exe"
C:\BrAutomation\AsTools\BrAuthorization\BrAuthorizationSvc.exe
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe"
"C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe" -sMSSQLSERVER
"C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe"
"C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7epasrv64x.exe"
"C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\PNIOMGR.exe" --start 0
\??\C:\Windows\system32\conhost.exe "608684037-46330678-1639160697-14406612501141095335436428547-421713846752652117
C:\Windows\SysWOW64\pniopcac.exe 0 {11D91DBA-4D98-4F43-8A39-1E3E2EE098A4}
C:\Windows\SysWOW64\pniopcac.exe 0 {574E82E1-E369-41EF-8032-B7D74915B852}
C:\Windows\SysWOW64\pniopcac.exe 0 {3EA24257-41B0-49AB-8D7E-C42DCE87370F}
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe" -s MSSQL12.MSSQLSERVER
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdhost.exe" "MSSQL12.MSSQLSERVERJ38ef24dbf0b19f427efa1abf27e42f4e4c38e654" "MSSQL12.MSSQLSERVER" "MSSQL12.MSSQLSERVER" "4" "" "4096" "M" "0" "" "" ""
\??\C:\Windows\system32\conhost.exe "2069642210-1881194591-21063061171581864499-113014478660525314-1002045594-93555395
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --ran-launcher /crash-reporter-parent-id=4528
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=gpu-process --channel="4528.0.1857396634\1462362397" --crash-reporter-pid=4540 --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,27 --reduce-gpu-sandbox --gpu-vendor-id=0x1002 --gpu-device-id=0x68e0 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.743.2.5000 --crash-reporter-pid=4540 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=4540 --channel="4528.3.1659450505\639690098" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=4540 --channel="4528.4.1027118247\992395629" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=4540 --channel="4528.5.1806747245\875350281" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=4540 --channel="4528.6.358040434\249901903" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --enable-ignore-autocomplete-off --disable-delegated-renderer --crash-reporter-pid=4540 --channel="4528.7.383646584\1999482234" /prefetch:673131151
"C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll" --lang=cs --channel="4528.12.508754577\999619293" --crash-reporter-pid=4540 /prefetch:-390060480
"C:\Users\Easy\Downloads\RSITx64 (1).exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2378380575-1943291218-1237148033-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2378380575-1943291218-1237148033-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-08-03 553896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-08-03 211880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{432dd630-7e03-4c97-9d62-b99f52df4fc2}]
Microsoft Web Test Recorder 12.0 Helper - C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05 71520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-03 2174760]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5618456]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Ipsoft"=regsvr32.exe C:\Users\Easy\AppData\Local\Ipsoft\lsvxd.dll []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGupdate]
c:\program files (x86)\appgraffiti\agupdate.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cisco AnyConnect Secure Mobility Agent for Windows]
c:\program files (x86)\cisco\cisco anyconnect secure mobility client\vpnui.exe [2013-07-19 703888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
c:\program files (x86)\daemon tools lite\dtlite.exe [2013-07-03 3673184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Printsrv]
c:\windows\system32\printing_admin_scripts\en-us\pubpr.vbs []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiemensAutomationFileStorage]
d:\portal v12\bin\siemens.automation.objectframe.filestorage.server.exe preload []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files (x86)\steam\steam.exe [2014-02-25 1821888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe]
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2013-08-26 1989920]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~3\ASSIST~1\ASSIST~2.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 month======

2014-04-04 18:41:47 ----D---- C:\Program Files (x86)\SDCC
2014-04-03 13:33:51 ----D---- C:\uScope
2014-04-03 13:32:47 ----D---- C:\ProgramData\Promis
2014-04-03 13:31:43 ----D---- C:\Program Files (x86)\uScope
2014-04-03 10:47:44 ----D---- C:\AdwCleaner
2014-04-02 17:39:42 ----D---- C:\Program Files\CCleaner
2014-04-02 16:40:59 ----D---- C:\Users\Easy\AppData\Roaming\ESET
2014-04-02 16:38:11 ----D---- C:\ProgramData\ESET
2014-04-02 16:38:11 ----D---- C:\Program Files\ESET
2014-04-02 15:44:00 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-04-02 15:44:00 ----A---- C:\Windows\system32\mstscax.dll
2014-04-02 14:30:26 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-04-02 14:30:09 ----D---- C:\ProgramData\Malwarebytes
2014-04-02 14:30:09 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-02 14:30:09 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-04-02 14:30:09 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-04-02 14:30:09 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-04-02 02:12:15 ----A---- C:\Windows\wininit.ini
2014-04-02 01:05:51 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-04-02 01:05:37 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-04-02 01:05:37 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-04-02 01:05:37 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2014-04-02 01:05:34 ----A---- C:\Windows\system32\tsgqec.dll
2014-04-02 01:05:33 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2014-04-02 01:05:33 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2014-04-02 01:05:33 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-04-02 01:05:33 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2014-04-02 01:05:33 ----A---- C:\Windows\system32\wksprtPS.dll
2014-04-02 01:05:33 ----A---- C:\Windows\system32\wksprt.exe
2014-04-02 01:05:33 ----A---- C:\Windows\system32\TSWbPrxy.exe
2014-04-02 01:05:33 ----A---- C:\Windows\system32\mstsc.exe
2014-04-02 01:05:33 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2014-04-02 01:05:31 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2014-04-02 01:05:31 ----A---- C:\Windows\system32\rdvidcrl.dll
2014-04-02 01:04:39 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2014-04-02 01:04:39 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-04-02 00:59:13 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-04-02 00:59:07 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-04-02 00:49:30 ----D---- C:\rsit
2014-04-02 00:49:30 ----D---- C:\Program Files\trend micro
2014-03-26 22:13:42 ----D---- C:\Program Files (x86)\Git
2014-03-23 22:23:34 ----D---- C:\ProgramData\Assistant
2014-03-23 15:44:42 ----D---- C:\Program Files (x86)\MediaWatchV1
2014-03-20 14:12:22 ----D---- C:\Users\Easy\AppData\Roaming\Offline Explorer
2014-03-20 14:12:07 ----D---- C:\download
2014-03-20 14:07:41 ----D---- C:\Program Files (x86)\Offline Explorer
2014-03-20 13:59:30 ----D---- C:\Program Files (x86)\WinHTTrack
2014-03-13 16:54:31 ----A---- C:\Windows\system32\wwansvc.dll
2014-03-13 16:54:30 ----A---- C:\Windows\SYSWOW64\wer.dll
2014-03-13 16:54:30 ----A---- C:\Windows\system32\wer.dll
2014-03-13 16:54:28 ----A---- C:\Windows\system32\win32k.sys
2014-03-13 16:54:27 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-03-13 16:54:27 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-03-13 16:54:27 ----A---- C:\Windows\system32\iertutil.dll
2014-03-13 16:54:27 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 16:54:26 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-03-13 16:54:26 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-03-13 16:54:26 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-03-13 16:54:26 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-03-13 16:54:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-03-13 16:54:25 ----A---- C:\Windows\system32\iernonce.dll
2014-03-13 16:54:24 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-03-13 16:54:24 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-03-13 16:54:24 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-03-13 16:54:24 ----A---- C:\Windows\system32\urlmon.dll
2014-03-13 16:54:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-03-13 16:54:23 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-03-13 16:54:23 ----A---- C:\Windows\system32\msfeeds.dll
2014-03-13 16:54:23 ----A---- C:\Windows\system32\iesetup.dll
2014-03-13 16:54:23 ----A---- C:\Windows\system32\ie4uinit.exe
2014-03-13 16:54:22 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-03-13 16:54:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-03-13 16:54:22 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-03-13 16:54:22 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-03-13 16:54:21 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-03-13 16:54:21 ----A---- C:\Windows\system32\jsproxy.dll
2014-03-13 16:54:21 ----A---- C:\Windows\system32\ieui.dll
2014-03-13 16:54:21 ----A---- C:\Windows\system32\ieframe.dll
2014-03-13 16:54:21 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-03-13 16:54:20 ----A---- C:\Windows\system32\wininet.dll
2014-03-13 16:54:20 ----A---- C:\Windows\system32\jscript9diag.dll
2014-03-13 16:54:20 ----A---- C:\Windows\system32\jscript9.dll
2014-03-13 16:54:20 ----A---- C:\Windows\system32\ieUnatt.exe
2014-03-13 16:54:20 ----A---- C:\Windows\system32\ieapfltr.dll
2014-03-13 16:54:19 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 16:54:19 ----A---- C:\Windows\system32\msrating.dll
2014-03-13 16:54:19 ----A---- C:\Windows\system32\mshtml.dll
2014-03-13 16:54:18 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-03-13 16:54:18 ----A---- C:\Windows\system32\qedit.dll
2014-03-13 16:54:17 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-03-13 16:54:17 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-03-10 17:49:58 ----ASH---- C:\pagefile.sys
2014-03-10 00:44:41 ----SHD---- C:\Config.Msi
2014-03-10 00:43:28 ----A---- C:\AVScanner.ini
2014-03-07 02:42:45 ----D---- C:\ProgramData\HostIt
2014-03-07 02:42:40 ----D---- C:\Program Files (x86)\WS-Booster
2014-03-07 02:42:18 ----D---- C:\ProgramData\websave
2014-03-07 02:42:17 ----D---- C:\Program Files (x86)\websave
2014-03-07 02:42:11 ----D---- C:\ProgramData\3222838959d7ca7c
2014-03-05 22:23:37 ----D---- C:\Users\Easy\AppData\Roaming\Capyqiu

======List of files/folders modified in the last 1 month======

2014-04-04 21:16:03 ----D---- C:\Windows\Temp
2014-04-04 20:55:27 ----D---- C:\Windows\inf
2014-04-04 20:55:17 ----D---- C:\Windows
2014-04-04 20:52:35 ----D---- C:\Windows\system32\config
2014-04-04 20:46:50 ----D---- C:\Users\Easy\AppData\Roaming\uTorrent
2014-04-04 20:46:50 ----D---- C:\Users\Easy\AppData\Roaming\AIMP3
2014-04-04 20:46:50 ----D---- C:\Program Files (x86)\Steam
2014-04-04 18:41:47 ----D---- C:\Program Files (x86)
2014-04-04 15:48:34 ----D---- C:\Windows\System32
2014-04-04 15:48:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-03 13:32:47 ----HD---- C:\ProgramData
2014-04-03 10:13:20 ----D---- C:\Program Files (x86)\Opera
2014-04-02 20:00:22 ----D---- C:\Windows\debug
2014-04-02 18:57:11 ----D---- C:\Windows\winsxs
2014-04-02 17:39:44 ----D---- C:\Windows\system32\Tasks
2014-04-02 17:39:42 ----RD---- C:\Program Files
2014-04-02 17:38:10 ----SHD---- C:\Windows\Installer
2014-04-02 17:37:23 ----D---- C:\Program Files\Common Files\Siemens
2014-04-02 17:35:53 ----SHD---- C:\System Volume Information
2014-04-02 17:27:51 ----D---- C:\Windows\SysWOW64
2014-04-02 17:15:36 ----D---- C:\Windows\Tasks
2014-04-02 17:07:29 ----D---- C:\Users\Easy\AppData\Roaming\Seznam.cz
2014-04-02 17:06:12 ----D---- C:\Program Files (x86)\Seznam.cz
2014-04-02 16:39:49 ----D---- C:\Windows\system32\DriverStore
2014-04-02 16:39:49 ----D---- C:\Windows\system32\drivers
2014-04-02 16:39:49 ----D---- C:\Windows\system32\catroot
2014-04-02 15:44:32 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-04-02 15:44:31 ----D---- C:\Windows\system32\cs-CZ
2014-04-02 15:43:25 ----D---- C:\Windows\system32\catroot2
2014-04-02 15:00:50 ----D---- C:\Windows\PolicyDefinitions
2014-04-02 14:59:42 ----D---- C:\Windows\SYSWOW64\wbem
2014-04-02 14:59:42 ----D---- C:\Windows\system32\drivers\en-US
2014-04-02 14:59:41 ----D---- C:\Windows\system32\wbem
2014-04-02 14:57:22 ----D---- C:\Program Files (x86)\MediaViewV1
2014-04-02 14:57:19 ----D---- C:\Program Files (x86)\Unitech LLC
2014-04-02 14:57:17 ----D---- C:\ProgramData\DSearchLink
2014-04-02 02:13:17 ----SD---- C:\ProgramData\Microsoft
2014-04-02 00:55:15 ----D---- C:\Windows\SoftwareDistribution
2014-04-02 00:13:55 ----D---- C:\Windows\system32\MRT
2014-04-02 00:12:21 ----D---- C:\Windows\Prefetch
2014-04-02 00:10:50 ----D---- C:\Users\Easy\AppData\Roaming\Adobe
2014-03-26 22:06:50 ----D---- C:\Windows\system32\drivers\etc
2014-03-23 16:51:24 ----A---- C:\Windows\system32\MRT.exe
2014-03-23 15:45:43 ----A---- C:\extensions.ini
2014-03-20 14:07:45 ----D---- C:\Users
2014-03-19 17:20:51 ----D---- C:\Users\Easy\AppData\Roaming\Notepad++
2014-03-16 18:58:29 ----D---- C:\Users\Easy\AppData\Roaming\Skype
2014-03-16 15:27:09 ----D---- C:\Program Files\Internet Explorer
2014-03-16 15:27:09 ----D---- C:\Program Files (x86)\Internet Explorer
2014-03-16 04:03:54 ----D---- C:\ProgramData\Microsoft Help
2014-03-15 12:55:08 ----D---- C:\Program Files (x86)\Notepad++
2014-03-14 04:11:03 ----D---- C:\Program Files\Microsoft Silverlight
2014-03-14 04:11:03 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 16:27:28 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-03-10 15:18:23 ----D---- C:\Windows\Microsoft.NET
2014-03-10 15:18:21 ----RSD---- C:\Windows\assembly
2014-03-10 00:47:23 ----D---- C:\Program Files\Microsoft Office
2014-03-10 00:47:23 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-03-10 00:47:06 ----D---- C:\Program Files (x86)\Microsoft Office
2014-03-10 00:47:02 ----RSD---- C:\Windows\Fonts
2014-03-10 00:47:00 ----D---- C:\Windows\ShellNew
2014-03-10 00:47:00 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-03-10 00:46:52 ----D---- C:\Program Files\Common Files
2014-03-10 00:46:51 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-03-10 00:45:36 ----D---- C:\Program Files\Common Files\System
2014-03-10 00:45:36 ----A---- C:\Windows\win.ini
2014-03-07 02:45:54 ----D---- C:\ProgramData\InstallMate

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie64.sys [2010-03-09 16440]
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-07-05 283064]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-07-05 35344]
R2 s7ousbu64x;SIMATIC USB Service; C:\Windows\system32\DRIVERS\s7ousbu64x.sys [2012-12-19 213504]
R2 s7sn2srtx;PROFINET IO RT-Protocol V2.0; C:\Windows\system32\DRIVERS\s7sn2srtx.sys [2012-05-09 83032]
R2 SNTIE;SIMATIC Industrial Ethernet (ISO); C:\Windows\system32\DRIVERS\sntie.sys [2012-09-06 287016]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-08-13 1209856]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-03-16 6862848]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-03-16 264192]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2013-07-05 22632]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2014-01-29 4749008]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 dpmconv;SIMATIC NET DP Driver; C:\Windows\system32\DRIVERS\dpmconv.sys [2012-07-05 259072]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-01-29 888536]
R3 s7odpx2x64;SIMATIC Knotentaufe; C:\Windows\system32\DRIVERS\s7odpx2x64.sys [2012-12-19 71168]
R3 s7oppinx64;SIMATIC PPI Transport; C:\Windows\system32\DRIVERS\s7oppinx64.sys [2012-07-24 107520]
R3 s7oserix64;Siemens PC Serial Cable; C:\Windows\System32\Drivers\s7oserix64.sys [2012-07-24 121856]
R3 s7osmcax64;SIMATIC PC Adapter RS232; C:\Windows\system32\DRIVERS\s7osmcax64.sys [2012-07-24 199680]
R3 s7osobux64;SIMATIC SoftBus; C:\Windows\system32\DRIVERS\s7osobux64.sys [2012-07-24 153600]
R3 s7otmcd64x;SIMATIC Memory Cards; C:\Windows\System32\Drivers\s7otmcd64x.sys [2012-07-24 199680]
R3 s7otranx64;SIMATIC Transport; C:\Windows\system32\DRIVERS\s7otranx64.sys [2012-07-24 260096]
R3 s7otsadx64;SIMATIC TS Adapter RS232; C:\Windows\system32\DRIVERS\s7otsadx64.sys [2012-07-24 196096]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2011-05-09 1803904]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-09-08 515584]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-03 1379376]
R3 vsnl2ada;SIMATIC NET FDL Driver; C:\Windows\system32\DRIVERS\vsnl2ada.sys [2012-05-09 126976]
S1 FileDisk;FileDisk; C:\Windows\system32\drivers\FileDisk.sys []
S3 acsock;acsock; C:\Windows\system32\DRIVERS\acsock64.sys [2013-07-19 112080]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-01-08 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-08 239136]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\Windows\system32\DRIVERS\ss_bserd.sys [2009-09-19 128000]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2014-01-08 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 vpnva;Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64; C:\Windows\system32\DRIVERS\vpnva64-6.sys [2013-07-19 52080]
S4 RsFx0300;RsFx0300 Driver; C:\Windows\system32\DRIVERS\RsFx0300.sys [2013-10-04 247488]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-02 89600]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-03-27 16896]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-03-16 203264]
R2 BrAuthorizationSvcx;B&R Authorization; C:\BrAutomation\AsTools\BrAuthorization\BrAuthorizationSvc.exe [2008-12-18 40960]
R2 DisplayLinkService;DisplayLinkManager; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [2011-08-09 8329576]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-09-12 1337752]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-10-25 2151200]
R2 MSSQLSERVER;SQL Server (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [2013-10-04 370368]
R2 s7oiehsx64;SIMATIC IEPG Help Service; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [2013-01-07 141688]
R2 S7TraceServiceX;S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe [2013-01-07 472440]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2013-10-04 134336]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2010-09-08 271360]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]
R2 vpnagent;Cisco AnyConnect Secure Mobility Agent; C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2013-07-19 557968]
R3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [2013-10-04 50880]
S2 699fd52f;Assistant; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S3 BR.AS.VersionChangerService;BR.AS.VersionChangerService; C:\Windows\SysWOW64\BR.AS.VersionChangerService.exe [2009-07-15 155648]
S3 BrDiskImageSvcx;B&R Disk Image; C:\BrAutomation\PVI\V3.00.02\PVI\Tools\PviTransfer\BrDiskImageSvc.exe [2010-11-11 61952]
S3 c2wts;@%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [2010-02-03 15768]
S3 fussvc;Windows App Certification Kit Fast User Switching Utility Service; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [2013-08-22 142336]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-01 111616]
S3 ODMV3;ODMV3; C:\Program Files (x86)\Common Files\Hilscher\ODMV3\ODMV3.exe [2011-04-26 364544]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 SQLSERVERAGENT;SQL Server Agent (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [2013-10-04 612544]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-02-25 568512]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Te.Service;Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [2013-08-22 119808]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 VsEtwService120;Visual Studio ETW Event Collection Service; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [2013-10-05 87728]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-07-06 1255736]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2013-10-04 270016]

-----------------EOF-----------------




# AdwCleaner v3.003 - Report created 03/04/2014 at 10:51:07
# Updated 07/09/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Easy - EASY-PC
# Running from : C:\Users\Easy\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\Program Files (x86)\Search-NewTab
Folder Deleted : C:\Users\Easy\AppData\Local\SwvUpdater
File Deleted : C:\Users\Easy\AppData\Local\Temp\Uninstall.exe

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_703c874a
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\CToolbar
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\CToolbar
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v

[ File : C:\Users\Easy\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url
Deleted : search_url
Deleted : keyword

*************************

AdwCleaner[R0].txt - [2925 octets] - [03/04/2014 10:47:53]
AdwCleaner[S0].txt - [2667 octets] - [03/04/2014 10:51:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2727 octets] ##########

OKi - Lock