VIRY.CZ

Poprosil bych o kontrolu logu děkují))
Logfile of random's system information tool 1.10 (written by random/random)
Run by Vadim at 2014-08-25 21:33:25
Microsoft Windows 7 Ultimate Service Pack 1
System drive E: has 9 GB (19%) free of 50 GB
Total RAM: 3328 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:33:35, on 25.8.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
E:\Windows\system32\Dwm.exe
E:\Windows\Explorer.EXE
E:\Windows\system32\taskhost.exe
E:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
E:\Program Files\Zune\ZuneLauncher.exe
E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
E:\Program Files\Common Files\Java\Java Update\jusched.exe
E:\Program Files\iTunes\iTunesHelper.exe
E:\Program Files\Skype\Phone\Skype.exe
E:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
E:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
E:\Program Files\NVIDIA Corporation\Display\nvtray.exe
E:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
E:\Program Files\Malwarebytes Anti-Malware\mbam.exe
E:\Program Files\Malwarebytes Anti-Malware\mbam.exe
E:\Program Files\Common Files\Java\Java Update\jucheck.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\WinRAR\WinRAR.exe
F:\Stahovani\RSIT.exe
E:\Windows\system32\taskeng.exe
E:\Windows\system32\taskeng.exe
E:\Program Files\trend micro\Vadim.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: ???????@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - E:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RTHDVCPL] E:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "E:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] E:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "E:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Zune Launcher] "E:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [egui] "E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [BCSSync] "E:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Skype] "E:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [SRS Audio Sandbox] "E:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe"
O4 - HKCU\..\Run: [Sony PC Companion] "E:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [Zoner Photo Studio Service 16] "E:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEE:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "E:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] E:\Windows\system32\Macromed\Flash\FlashUtil32_14_0_0_145_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-164406257-833793172-182097971-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-164406257-833793172-182097971-1003\..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "E:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "E:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - E:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - E:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - E:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET Service (ekrn) - ESET - E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - E:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - E:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - E:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - E:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - E:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - E:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - E:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - E:\Program Files\PANDORA.TV\PanService\KMPService.exe
O23 - Service: Protect Monitor (ProtectMonitor) - Unknown owner - E:\Program Files\PCDApp\StartHelp.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - E:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - E:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: SRS Labs License Service - SRS Labs - E:\Program Files\Common Files\SRS Labs Shared\Service\srslabslicenseservice.exe
O23 - Service: Steam Client Service - Valve Corporation - E:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - E:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - E:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - E:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

--
End of file - 8659 bytes

======Scheduled tasks folder======

E:\Windows\tasks\Adobe Flash Player Updater.job - E:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
E:\Windows\tasks\GoogleUpdateTaskMachineCore.job - E:\Program Files\Google\Update\GoogleUpdate.exe /c
E:\Windows\tasks\GoogleUpdateTaskMachineUA.job - E:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - E:\Users\Vadim\AppData\Roaming\Mozilla\Firefox\Profiles\vl8b81bn.default

prefs.js - "browser.startup.homepage" - "http://search.gboxapp.com/"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=E:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=E:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.65.2]
"Description"=Java™ Deployment Toolkit
"Path"=E:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=E:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=E:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=E:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=E:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=E:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=E:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=E:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=E:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=E:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=E:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=E:\Program Files\VideoLAN\VLC\npvlc.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - E:\Program Files\Java\jre7\bin\ssv.dll [2014-07-11 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8984B388-A5BB-4DF7-B274-77B879E179DB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - E:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - E:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-07-11 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=E:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2013-03-29 11930696]
"AdobeAAMUpdater-1.0"=E:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"SwitchBoard"=E:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=E:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-10 1073312]
"Zune Launcher"=E:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 159456]
"egui"=E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2013-09-12 5110672]
"BCSSync"=E:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"SunJavaUpdateSched"=E:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-07-11 256896]
"iTunesHelper"=E:\Program Files\iTunes\iTunesHelper.exe [2014-08-01 152392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=E:\Program Files\Skype\Phone\Skype.exe [2013-11-14 20584608]
"SRS Audio Sandbox"=E:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe [2006-10-12 3485748]
"AdobeBridge"= []
"Sony PC Companion"=E:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [2014-07-30 467680]
"Zoner Photo Studio Service 16"=E:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2013-09-16 800280]
"Zoner Photo Studio Autoupdate"=E:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2013-09-16 800280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=E:\Windows\system32\Macromed\Flash\FlashUtil32_14_0_0_145_Plugin.exe [2014-07-08 851632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
E:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=E:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - E:\Windows\System32\Notepad.exe %1
.js - open - E:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 2 months======

2014-08-25 21:33:26 ----D---- E:\Program Files\trend micro
2014-08-25 21:33:25 ----D---- E:\rsit
2014-08-25 21:22:01 ----A---- E:\Windows\system32\drivers\48230029.sys
2014-08-21 18:44:43 ----A---- E:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-08-21 18:44:08 ----D---- E:\ProgramData\Malwarebytes
2014-08-21 18:44:08 ----D---- E:\Program Files\Malwarebytes Anti-Malware
2014-08-21 18:44:08 ----A---- E:\Windows\system32\drivers\mwac.sys
2014-08-21 18:44:08 ----A---- E:\Windows\system32\drivers\mbamchameleon.sys
2014-08-21 18:44:08 ----A---- E:\Windows\system32\drivers\mbam.sys
2014-08-21 18:20:16 ----A---- E:\awh2606.tmp
2014-08-20 19:34:06 ----D---- E:\ProgramData\Issaver
2014-08-20 18:59:03 ----A---- E:\awh3CE0.tmp
2014-08-18 09:19:40 ----A---- E:\awh6392.tmp
2014-08-16 20:09:52 ----A---- E:\awh2912.tmp
2014-08-14 18:43:45 ----A---- E:\awhEC9F.tmp
2014-08-13 18:02:35 ----A---- E:\Windows\system32\infocardapi.dll
2014-08-13 18:02:33 ----A---- E:\Windows\system32\icardres.dll
2014-08-13 18:02:29 ----A---- E:\Windows\system32\icardagt.exe
2014-08-13 18:02:25 ----A---- E:\Windows\system32\TsWpfWrp.exe
2014-08-13 14:21:10 ----A---- E:\awhE520.tmp
2014-08-13 12:06:14 ----A---- E:\Windows\system32\rpcrt4.dll
2014-08-13 12:06:12 ----A---- E:\Windows\system32\drivers\dxgmms1.sys
2014-08-13 12:06:12 ----A---- E:\Windows\system32\drivers\dxgkrnl.sys
2014-08-13 12:06:12 ----A---- E:\Windows\system32\cdd.dll
2014-08-13 12:06:09 ----A---- E:\Windows\system32\tzres.dll
2014-08-13 12:06:05 ----A---- E:\Windows\system32\win32k.sys
2014-08-13 12:06:04 ----A---- E:\Windows\system32\gdi32.dll
2014-08-13 12:05:49 ----A---- E:\Windows\system32\ieetwproxystub.dll
2014-08-13 12:05:49 ----A---- E:\Windows\system32\ieetwcollector.exe
2014-08-13 12:05:48 ----A---- E:\Windows\system32\urlmon.dll
2014-08-13 12:05:48 ----A---- E:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 12:05:48 ----A---- E:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 12:05:48 ----A---- E:\Windows\system32\iernonce.dll
2014-08-13 12:05:47 ----A---- E:\Windows\system32\msfeeds.dll
2014-08-13 12:05:47 ----A---- E:\Windows\system32\jsproxy.dll
2014-08-13 12:05:47 ----A---- E:\Windows\system32\ieUnatt.exe
2014-08-13 12:05:47 ----A---- E:\Windows\system32\iedkcs32.dll
2014-08-13 12:05:47 ----A---- E:\Windows\system32\dxtmsft.dll
2014-08-13 12:05:46 ----A---- E:\Windows\system32\msrating.dll
2014-08-13 12:05:46 ----A---- E:\Windows\system32\ie4uinit.exe
2014-08-13 12:05:45 ----A---- E:\Windows\system32\vbscript.dll
2014-08-13 12:05:45 ----A---- E:\Windows\system32\iesetup.dll
2014-08-13 12:05:45 ----A---- E:\Windows\system32\ieetwcollectorres.dll
2014-08-13 12:05:44 ----A---- E:\Windows\system32\wininet.dll
2014-08-13 12:05:44 ----A---- E:\Windows\system32\ieapfltr.dll
2014-08-13 12:05:43 ----A---- E:\Windows\system32\dxtrans.dll
2014-08-13 12:05:41 ----A---- E:\Windows\system32\ieui.dll
2014-08-13 12:05:40 ----A---- E:\Windows\system32\ieframe.dll
2014-08-13 12:05:38 ----A---- E:\Windows\system32\mshtmled.dll
2014-08-13 12:05:37 ----A---- E:\Windows\system32\mshtmlmedia.dll
2014-08-13 12:05:36 ----A---- E:\Windows\system32\MshtmlDac.dll
2014-08-13 12:05:36 ----A---- E:\Windows\system32\iertutil.dll
2014-08-13 12:05:34 ----A---- E:\Windows\system32\jscript9diag.dll
2014-08-13 12:05:33 ----A---- E:\Windows\system32\mshtml.dll
2014-08-13 12:05:33 ----A---- E:\Windows\system32\jscript9.dll
2014-08-13 12:05:09 ----A---- E:\Windows\system32\msihnd.dll
2014-08-13 12:05:09 ----A---- E:\Windows\system32\msi.dll
2014-08-13 12:05:09 ----A---- E:\Windows\system32\consent.exe
2014-08-13 12:05:09 ----A---- E:\Windows\system32\authui.dll
2014-08-13 12:05:03 ----A---- E:\Windows\system32\shell32.dll
2014-08-13 12:04:54 ----A---- E:\Windows\system32\KBDYAK.DLL
2014-08-13 12:04:54 ----A---- E:\Windows\system32\KBDTAT.DLL
2014-08-13 12:04:54 ----A---- E:\Windows\system32\KBDRU1.DLL
2014-08-13 12:04:54 ----A---- E:\Windows\system32\KBDRU.DLL
2014-08-13 12:04:54 ----A---- E:\Windows\system32\KBDBASH.DLL
2014-08-13 08:42:52 ----A---- E:\awh943.tmp
2014-08-12 22:58:12 ----A---- E:\awhFF83.tmp
2014-08-12 18:06:16 ----A---- E:\awh189E.tmp
2014-08-11 14:24:13 ----A---- E:\awh10B2.tmp
2014-08-11 05:42:53 ----D---- E:\Program Files\iPod
2014-08-11 05:42:50 ----D---- E:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-11 05:42:50 ----D---- E:\Program Files\iTunes
2014-08-11 05:41:49 ----D---- E:\Program Files\Apple Software Update
2014-08-11 05:40:18 ----D---- E:\Program Files\Bonjour
2014-08-11 05:33:48 ----A---- E:\awhEF1E.tmp
2014-08-11 02:59:34 ----A---- E:\awhF4BA.tmp
2014-08-10 16:47:22 ----A---- E:\awhF556.tmp
2014-08-10 15:22:32 ----A---- E:\awh405.tmp
2014-08-08 14:09:24 ----D---- E:\ProgramData\Mini - Adblocker
2014-08-08 13:34:23 ----A---- E:\awhCFA.tmp
2014-08-06 18:11:28 ----A---- E:\awhF69D.tmp
2014-08-04 20:50:53 ----D---- E:\Users\Vadim\AppData\Roaming\Zoner
2014-08-04 20:50:37 ----D---- E:\ProgramData\Zoner
2014-08-04 20:49:58 ----D---- E:\Program Files\Zoner
2014-08-04 17:59:04 ----A---- E:\awhF382.tmp
2014-08-04 14:02:26 ----A---- E:\awhED98.tmp
2014-08-03 21:33:28 ----A---- E:\awhF21B.tmp
2014-08-03 15:46:16 ----A---- E:\awhF749.tmp
2014-08-03 12:56:50 ----A---- E:\awh165D.tmp
2014-08-02 18:39:51 ----A---- E:\awh6E1D.tmp
2014-08-02 12:17:24 ----A---- E:\Windows\system32\wups2.dll
2014-08-02 12:17:24 ----A---- E:\Windows\system32\wuauclt.exe
2014-08-02 12:17:23 ----A---- E:\Windows\system32\wucltux.dll
2014-08-02 12:17:23 ----A---- E:\Windows\system32\wuaueng.dll
2014-08-02 12:17:03 ----A---- E:\Windows\system32\wups.dll
2014-08-02 12:17:03 ----A---- E:\Windows\system32\wudriver.dll
2014-08-02 12:17:03 ----A---- E:\Windows\system32\wuapi.dll
2014-08-02 12:16:29 ----A---- E:\Windows\system32\wuwebv.dll
2014-08-02 12:16:29 ----A---- E:\Windows\system32\wuapp.exe
2014-08-02 09:03:29 ----A---- E:\awhEE25.tmp
2014-08-01 14:29:09 ----A---- E:\awhEEFF.tmp
2014-08-01 02:28:02 ----D---- E:\ProgramData\SSaverExteensioon
2014-07-31 17:52:56 ----A---- E:\awh15A2.tmp
2014-07-30 17:29:24 ----A---- E:\awhF102.tmp
2014-07-30 15:38:39 ----D---- E:\Program Files\Mozilla Firefox
2014-07-30 14:32:17 ----A---- E:\awh3E.tmp
2014-07-28 20:19:18 ----A---- E:\awhF1DC.tmp
2014-07-28 13:18:14 ----A---- E:\awhA1CA.tmp
2014-07-27 00:18:48 ----A---- E:\awh1FFE.tmp
2014-07-25 14:15:47 ----A---- E:\awhF6BC.tmp
2014-07-25 02:20:22 ----D---- E:\ProgramData\NNewSeAver
2014-07-24 09:40:41 ----A---- E:\awhF72A.tmp
2014-07-23 15:47:15 ----A---- E:\awh15F0.tmp
2014-07-23 08:39:14 ----A---- E:\awhF94C.tmp
2014-07-22 17:13:25 ----A---- E:\awhEFF9.tmp
2014-07-22 07:44:34 ----A---- E:\awh1312.tmp
2014-07-21 14:46:30 ----A---- E:\awhF43D.tmp
2014-07-20 19:04:31 ----A---- E:\awhEDC7.tmp
2014-07-20 11:55:29 ----A---- E:\awhF269.tmp
2014-07-19 19:29:55 ----A---- E:\awhF150.tmp
2014-07-19 08:34:47 ----A---- E:\awhF620.tmp
2014-07-18 19:31:20 ----A---- E:\awhF047.tmp
2014-07-18 09:58:47 ----D---- E:\ProgramData\SaverExteennsionn
2014-07-18 09:22:30 ----A---- E:\awh3561.tmp
2014-07-17 15:42:56 ----D---- E:\Program Files\Common Files\Java
2014-07-17 15:42:34 ----A---- E:\Windows\system32\javaws.exe
2014-07-17 15:42:27 ----A---- E:\Windows\system32\WindowsAccessBridge.dll
2014-07-17 15:42:27 ----A---- E:\Windows\system32\javaw.exe
2014-07-17 15:42:27 ----A---- E:\Windows\system32\java.exe
2014-07-17 13:40:06 ----A---- E:\awhF5A4.tmp
2014-07-17 13:37:53 ----D---- E:\ProgramData\Riot Games
2014-07-16 16:19:57 ----A---- E:\awh4C0.tmp
2014-07-15 19:05:44 ----A---- E:\awhEF8C.tmp
2014-07-15 18:58:40 ----A---- E:\awhED0C.tmp
2014-07-15 10:15:14 ----A---- E:\awhF056.tmp
2014-07-15 09:58:53 ----A---- E:\awhF1EC.tmp
2014-07-15 09:49:35 ----A---- E:\awh109.tmp
2014-07-14 13:13:48 ----A---- E:\awhF65F.tmp
2014-07-14 02:02:59 ----A---- E:\awhF2D6.tmp
2014-07-13 16:10:37 ----A---- E:\awh8B27.tmp
2014-07-12 14:10:01 ----A---- E:\awhF640.tmp
2014-07-11 21:16:32 ----A---- E:\awh382F.tmp
2014-07-11 18:13:22 ----A---- E:\awh4AF4.tmp
2014-07-11 18:09:02 ----D---- E:\Program Files\PCDApp
2014-07-11 18:08:39 ----D---- E:\Program Files\Supporter
2014-07-11 18:08:27 ----D---- E:\ProgramData\c567ff1a97feaf06
2014-07-10 18:02:11 ----A---- E:\Windows\system32\osk.exe
2014-07-10 18:01:00 ----A---- E:\Windows\system32\qedit.dll
2014-07-10 18:00:56 ----A---- E:\Windows\system32\drivers\afd.sys
2014-07-10 18:00:28 ----A---- E:\Windows\system32\wdigest.dll
2014-07-10 18:00:28 ----A---- E:\Windows\system32\schannel.dll
2014-07-10 18:00:28 ----A---- E:\Windows\system32\ncrypt.dll
2014-07-10 18:00:28 ----A---- E:\Windows\system32\msv1_0.dll
2014-07-10 18:00:28 ----A---- E:\Windows\system32\kerberos.dll
2014-07-10 18:00:27 ----A---- E:\Windows\system32\TSpkg.dll
2014-07-10 18:00:27 ----A---- E:\Windows\system32\credssp.dll
2014-07-10 17:59:22 ----A---- E:\Windows\system32\lsasrv.dll
2014-07-06 18:59:55 ----ASH---- E:\pagefile.sys
2014-07-06 14:12:39 ----A---- E:\Windows\system32\iisRtl.dll
2014-07-06 14:12:38 ----A---- E:\Windows\system32\admwprox.dll
2014-07-06 14:12:36 ----A---- E:\Windows\system32\iisreset.exe
2014-07-06 14:12:36 ----A---- E:\Windows\system32\ahadmin.dll
2014-07-06 14:12:35 ----A---- E:\Windows\system32\wamregps.dll
2014-07-06 14:12:35 ----A---- E:\Windows\system32\iisrstap.dll
2014-07-06 14:03:10 ----D---- E:\Program Files\CMAK
2014-07-06 14:03:09 ----D---- E:\Windows\SUA
2014-07-06 14:03:04 ----D---- E:\Windows\system32\msmq
2014-07-06 14:03:03 ----D---- E:\Windows\system32\BestPractices
2014-07-06 14:02:29 ----D---- E:\inetpub
2014-07-06 10:35:46 ----A---- E:\ioSpecial.ini
2014-07-06 10:32:37 ----D---- E:\Users\Vadim\AppData\Roaming\Hide IP Speed
2014-07-06 10:26:52 ----D---- E:\Users\Vadim\AppData\Roaming\MaskMyIP
2014-07-06 10:26:52 ----D---- E:\ProgramData\MaskMyIP
2014-07-06 09:30:55 ----D---- E:\Program Files\Common Files\Steam
2014-07-06 09:30:52 ----D---- E:\Program Files\Steam
2014-06-30 15:10:20 ----D---- E:\Windows\system32\MRT

======List of files/folders modified in the last 2 months======

2014-08-25 21:33:27 ----D---- E:\Windows\Temp
2014-08-25 21:33:26 ----RD---- E:\Program Files
2014-08-25 21:28:34 ----D---- E:\Windows\System32
2014-08-25 21:25:18 ----D---- E:\Windows\system32\config
2014-08-25 21:22:01 ----D---- E:\Windows\system32\drivers
2014-08-25 21:14:53 ----D---- E:\ProgramData\NVIDIA
2014-08-25 01:56:11 ----D---- E:\Users\Vadim\AppData\Roaming\vlc
2014-08-24 16:24:24 ----D---- E:\Users\Vadim\AppData\Roaming\Skype
2014-08-22 13:25:42 ----D---- E:\Windows\inf
2014-08-22 13:25:37 ----D---- E:\Windows\system32\catroot
2014-08-22 13:25:29 ----D---- E:\Windows\system32\DriverStore
2014-08-22 13:25:20 ----SHD---- E:\System Volume Information
2014-08-22 13:24:17 ----D---- E:\Windows
2014-08-22 13:23:34 ----HD---- E:\Program Files\InstallShield Installation Information
2014-08-21 19:03:50 ----RSD---- E:\Windows\Fonts
2014-08-21 19:01:55 ----D---- E:\Windows\system32\Tasks
2014-08-21 19:01:55 ----D---- E:\Program Files\Common Files
2014-08-21 18:44:08 ----HD---- E:\ProgramData
2014-08-18 13:03:56 ----D---- E:\Windows\Prefetch
2014-08-16 23:47:37 ----D---- E:\Users\Vadim\AppData\Roaming\uTorrent
2014-08-14 18:54:34 ----D---- E:\Windows\Microsoft.NET
2014-08-14 18:52:22 ----RSD---- E:\Windows\assembly
2014-08-14 18:39:34 ----D---- E:\Windows\winsxs
2014-08-14 18:35:26 ----D---- E:\Windows\ehome
2014-08-14 18:35:20 ----D---- E:\Windows\PolicyDefinitions
2014-08-14 18:35:17 ----D---- E:\Windows\system32\en-US
2014-08-14 18:35:00 ----D---- E:\Program Files\Internet Explorer
2014-08-13 18:16:14 ----SHD---- E:\Windows\Installer
2014-08-13 18:16:08 ----D---- E:\ProgramData\Microsoft Help
2014-08-13 18:08:35 ----A---- E:\Windows\system32\MRT.exe
2014-08-13 18:04:06 ----D---- E:\Windows\system32\catroot2
2014-08-13 14:49:37 ----A---- E:\Windows\system32\PerfStringBackup.INI
2014-08-11 23:39:40 ----D---- E:\Windows\rescache
2014-08-11 05:42:50 ----D---- E:\Program Files\Common Files\Apple
2014-08-08 13:32:51 ----RD---- E:\Program Files\Skype
2014-08-05 09:20:02 ----N---- E:\Windows\system32\MpSigStub.exe
2014-07-31 17:47:35 ----D---- E:\Program Files\Mozilla Maintenance Service
2014-07-27 00:13:28 ----D---- E:\Program Files\Microsoft Silverlight
2014-07-21 17:56:43 ----RD---- E:\Users
2014-07-17 15:43:01 ----D---- E:\ProgramData\Oracle
2014-07-17 15:42:26 ----D---- E:\Program Files\Java
2014-07-11 18:07:41 ----D---- E:\Windows\Tasks
2014-07-11 13:29:03 ----D---- E:\Program Files\Windows Journal
2014-07-11 13:28:27 ----D---- E:\Windows\system32\Dism
2014-07-11 01:01:45 ----D---- E:\Windows\debug
2014-07-08 22:54:10 ----A---- E:\Windows\system32\FlashPlayerApp.exe
2014-07-07 21:01:24 ----D---- E:\Program Files\Google
2014-07-07 18:19:50 ----D---- E:\Users\Vadim\AppData\Roaming\Seznam.cz
2014-07-07 18:18:10 ----D---- E:\Program Files\Sony
2014-07-07 18:12:17 ----D---- E:\Program Files\Mail.Ru
2014-07-07 18:10:03 ----D---- E:\Program Files\Common Files\Sony Shared
2014-07-06 19:00:32 ----D---- E:\Windows\system32\inetsrv
2014-07-06 19:00:31 ----D---- E:\Windows\system32\migration
2014-07-06 14:03:15 ----D---- E:\Program Files\Common Files\microsoft shared
2014-07-06 14:03:09 ----D---- E:\Windows\en-US
2014-07-06 14:03:04 ----D---- E:\Windows\system32\drivers\etc

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amacpi;Microsoft Away Mode System; E:\Windows\system32\DRIVERS\null.sys [2009-07-14 4608]
R0 pciide;pciide; E:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; E:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; E:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; E:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; E:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-07-11 243128]
R1 eamonm;eamonm; E:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 188808]
R1 ehdrv;ehdrv; E:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 134248]
R2 epfwwfpr;epfwwfpr; E:\Windows\system32\DRIVERS\epfwwfpr.sys [2013-09-17 122376]
R2 Parvdm;Parvdm; E:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; E:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); E:\Windows\system32\drivers\RTKVHDA.sys [2013-03-30 2646088]
R3 MBAMProtector;MBAMProtector; \??\E:\Windows\system32\drivers\mbam.sys [2014-05-12 23256]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\E:\Windows\system32\drivers\48230029.sys [2014-08-25 110296]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\E:\Windows\system32\drivers\mwac.sys [2014-05-12 51928]
R3 MQAC;@mqutil.dll,-6101; E:\Windows\system32\drivers\mqac.sys [2010-11-20 141824]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; E:\Windows\System32\Drivers\nx6000.sys [2009-07-24 30560]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; E:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; E:\Windows\system32\drivers\nvhda32v.sys [2012-07-04 149352]
R3 PsxDrv;@%systemroot%\system32\suares.dll,-107; E:\Windows\system32\drivers\psxdrv.sys [2009-07-14 9216]
R3 SRS_SSCFilter;SRS Labs Audio Sandbox (WDM); E:\Windows\system32\drivers\srs_sscfilter.sys [2006-10-09 34048]
S3 aic78xx;aic78xx; E:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; E:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 andnetadb;ADB Interface DriverNet; E:\Windows\System32\Drivers\lgandnetadb.sys []
S3 AndNetDiag;LGE AndroidNet USB Serial Port; E:\Windows\system32\DRIVERS\lgandnetdiag.sys []
S3 ANDNetModem;LGE AndroidNet USB Modem; E:\Windows\system32\DRIVERS\lgandnetmodem.sys []
S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter; E:\Windows\system32\DRIVERS\lgandnetndis.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; E:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 EagleXNt;EagleXNt; \??\E:\Windows\system32\drivers\EagleXNt.sys []
S3 Netaapl;Apple Mobile Device Ethernet Service; E:\Windows\system32\DRIVERS\netaapl.sys [2014-06-10 18944]
S3 pwdrvio;pwdrvio; \??\E:\Windows\system32\pwdrvio.sys [2013-09-30 15688]
S3 pwdspio;pwdspio; \??\E:\Windows\system32\pwdspio.sys [2013-09-30 10320]
S3 RDPDR;Terminal Server Device Redirector Driver; E:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; E:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; E:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; E:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; E:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; E:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; E:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; E:\Windows\system32\drivers\tsusbhub.sys []
S3 USBAAPL;Apple Mobile USB Driver; E:\Windows\System32\Drivers\usbaapl.sys [2013-03-18 45056]
S3 VGPU;VGPU; E:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; E:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; E:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; E:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb Driver; E:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; E:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Apple Mobile Device;Apple Mobile Device; E:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336]
R2 Bonjour Service;Bonjour Service; E:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 c2cautoupdatesvc;Skype Click to Call Updater; E:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; E:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 CISVC;@%systemroot%\system32\CISVC.EXE,-1; E:\Windows\system32\CISVC.EXE [2009-07-14 20480]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; E:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2013-09-12 1337752]
R2 iprip;@%Systemroot%\system32\iprip.dll,-200; E:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MBAMService;MBAMService; E:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
R2 MBAMScheduler;MBAMScheduler; E:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720]
R2 MSMQ;@mqutil.dll,-6102; E:\Windows\system32\mqsvc.exe [2009-07-14 8704]
R2 nvsvc;NVIDIA Display Driver Service; E:\Windows\system32\nvvsvc.exe [2012-08-30 645992]
R2 nvUpdatusService;NVIDIA Update Service Daemon; E:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-08-31 1258856]
R2 PanService;PandoraService; E:\Program Files\PANDORA.TV\PanService\KMPService.exe [2013-07-08 1922600]
R2 simptcp;@%SystemRoot%\system32\simptcp.dll,-200; E:\Windows\System32\tcpsvcs.exe [2009-07-14 9216]
R2 SNMP;@%SystemRoot%\system32\snmp.exe,-3; E:\Windows\System32\snmp.exe [2010-11-20 47616]
R2 SQLWriter;SQL Server VSS Writer; E:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-02-11 105048]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; E:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-08-30 382312]
R2 TeamViewer9;TeamViewer 9; E:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-06-16 5037888]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; E:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 iPod Service;iPod Service; E:\Program Files\iPod\bin\iPodService.exe [2014-08-01 553288]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; E:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 32f25064;Supporter; e:\progra~1\suppor~1\SupporterSvc.dll,service []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; E:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); E:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-07 116648]
S2 ProtectMonitor;Protect Monitor; E:\Program Files\PCDApp\StartHelp.exe [2014-06-28 65846]
S2 SkypeUpdate;Skype Updater; E:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; E:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08 262320]
S3 AppMgmt;@appmgmts.dll,-3250; E:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; E:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 gupdatem;Služba Google Update (gupdatem); E:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-07 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; E:\Windows\system32\IEEtwCollector.exe [2014-07-25 108032]
S3 MozillaMaintenance;Mozilla Maintenance Service; E:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-30 119408]
S3 ose;Office Source Engine; E:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; E:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Sony PC Companion;Sony PC Companion; E:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 SRS Labs License Service;SRS Labs License Service; E:\Program Files\Common Files\SRS Labs Shared\Service\srslabslicenseservice.exe [2013-07-10 72704]
S3 Steam Client Service;Steam Client Service; E:\Program Files\Common Files\Steam\SteamService.exe [2014-07-16 542912]
S3 SwitchBoard;Adobe SwitchBoard; E:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; E:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; E:\Windows\system32\Wat\WatAdminSvc.exe [2013-07-14 1343400]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service; E:\Program Files\Zune\WMZuneComm.exe [2011-08-05 268512]
S4 NetMsmqActivator;@E:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; E:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@E:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; E:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@E:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; E:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 TlntSvr;@%SystemRoot%\system32\tlntsvr.exe,-119; E:\Windows\System32\tlntsvr.exe [2009-07-14 71680]

-----------------EOF-----------------

Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Děkují za odpověd )) Přikladám log
# AdwCleaner v3.308 - Report created 25/08/2014 at 22:32:50
# Updated 20/08/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : Vadim - VADIM-PC
# Running from : E:\Users\Vadim\Desktop\adwcleaner_3.308.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : ProtectMonitor

***** [ Files / Folders ] *****

Folder Deleted : E:\ProgramData\AlawarWrapper
Folder Deleted : E:\ProgramData\Mini - Adblocker
Folder Deleted : E:\ProgramData\NNewSeAver
Folder Deleted : E:\ProgramData\SaverExteennsionn
Folder Deleted : E:\ProgramData\SSaverExteensioon
Folder Deleted : E:\Program Files\Mail.Ru
Folder Deleted : E:\Program Files\PCDApp
Folder Deleted : E:\Program Files\supporter
Folder Deleted : E:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : E:\Users\Administrator\AppData\Local\torch
Folder Deleted : E:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : E:\Users\Guest\AppData\Local\torch
Folder Deleted : E:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : E:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : E:\Users\UpdatusUser\AppData\Local\Chromatic Browser
Folder Deleted : E:\Users\UpdatusUser\AppData\Local\torch
Folder Deleted : E:\Users\Vadim\AppData\Local\Chromatic Browser
Folder Deleted : E:\Users\Vadim\AppData\Local\Mail.Ru
Folder Deleted : E:\Users\Vadim\AppData\Local\torch
Folder Deleted : E:\Users\Vadim\AppData\Local\AlawarWrapper
Folder Deleted : E:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbholhpojcnedkapppplkglhombahbki
Folder Deleted : E:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbholhpojcnedkapppplkglhombahbki
Folder Deleted : E:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbholhpojcnedkapppplkglhombahbki
Folder Deleted : E:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbholhpojcnedkapppplkglhombahbki
[!] Folder Deleted : E:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbholhpojcnedkapppplkglhombahbki
[!] Folder Deleted : E:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbholhpojcnedkapppplkglhombahbki
[!] Folder Deleted : E:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbholhpojcnedkapppplkglhombahbki
[!] Folder Deleted : E:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbholhpojcnedkapppplkglhombahbki
[!] Folder Deleted : E:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbholhpojcnedkapppplkglhombahbki
[!] Folder Deleted : E:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbholhpojcnedkapppplkglhombahbki
[!] Folder Deleted : E:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbholhpojcnedkapppplkglhombahbki
[!] Folder Deleted : E:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbholhpojcnedkapppplkglhombahbki
[!] Folder Deleted : E:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbholhpojcnedkapppplkglhombahbki
[!] Folder Deleted : E:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbholhpojcnedkapppplkglhombahbki
[!] Folder Deleted : E:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbholhpojcnedkapppplkglhombahbki
[!] Folder Deleted : E:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbholhpojcnedkapppplkglhombahbki
File Deleted : E:\Users\Vadim\AppData\Roaming\Mozilla\Firefox\Profiles\vl8b81bn.default\.autoreg
File Deleted : E:\Users\Vadim\AppData\Roaming\Mozilla\Firefox\Profiles\vl8b81bn.default\invalidprefs.js

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\UpdateStar
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{274E3C5C-178E-EAE2-A52F-2863C0EECD46}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6A08B379-76FB-B4CF-0C70-CAFCD3635A77}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v31.0 (x86 cs)

[ File : E:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\jr7uxgko.default\prefs.js ]

Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.gboxapp.com/");

[ File : E:\Users\Vadim\AppData\Roaming\Mozilla\Firefox\Profiles\vl8b81bn.default\prefs.js ]

Line Deleted : user_pref("CT3225826.FF19Solved", "true");
Line Deleted : user_pref("CT3225826.UserID", "UN26579163731154512");
Line Deleted : user_pref("CT3225826.fullUserID", "UN26579163731154512.IN.20131007222510");
Line Deleted : user_pref("CT3225826.installDate", "07/10/2013 22:25:10");
Line Deleted : user_pref("CT3225826.installSessionId", "-1");
Line Deleted : user_pref("CT3225826.installSp", "FALSE");
Line Deleted : user_pref("CT3225826.installerVersion", "1.7.0.9");
Line Deleted : user_pref("CT3225826.searchRevert", "FALSE");
Line Deleted : user_pref("CT3225826.searchUserMode", "1");
Line Deleted : user_pref("CT3225826.versionFromInstaller", "10.20.0.13");
Line Deleted : user_pref("CT3225826.xpeMode", "0");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.gboxapp.com/");
Line Deleted : user_pref("extensions.PVlkb.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.n[...]
Line Deleted : user_pref("extensions.ZK_olTQT.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorob[...]
Line Deleted : user_pref("extensions.hwKj1QA.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo[...]
Line Deleted : user_pref("extensions.q55X.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.ne[...]
Line Deleted : user_pref("extensions.urR4.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.ne[...]

-\\ Google Chrome v35.0.1916.153

[ File : E:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Startup_urls] : hxxp://search.gboxapp.com/
Deleted [Homepage] : hxxp://search.gboxapp.com/
Deleted [Extension] : bbholhpojcnedkapppplkglhombahbki

[ File : E:\Users\Vadim\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Startup_urls] : hxxp://search.gboxapp.com/
Deleted [Homepage] : hxxp://search.gboxapp.com/

*************************

AdwCleaner[R0].txt - [8083 octets] - [25/08/2014 22:30:35]
AdwCleaner[S0].txt - [8079 octets] - [25/08/2014 22:32:50]

########## EOF - E:\AdwCleaner\AdwCleaner[S0].txt - [8139 octets] ##########

Jak je na tom váš operační systém s legalitou?

Nějak nechápu podstatu této otázky souvísí to s něčím ?

Souvisí s pravidly fóra: http://forum.viry.cz/viewtopic.php?f=12&t=115512 .