Dobrý den, potřeboval bych kontrolu systému!

Zpráva

vamvam · #1 Příspěvek od **vamvam** » 14 lis 2014 14:26

Dobrý den, nebudu vám to stěžovat obrovskou slohovkou, jednoduše po zapnutí počítače mám využití procesoru 20%, ale ramky třeba až na 4 GB z 8 GB, což mám zapnutý jen Nod 32 pak grafiku,Javu, ovladače.. Ostatní jsem si vypl, aby se mi počítač nesekal.. To samé internet, několikrát jsem volal svému správci internetu a ten tam má prej vše v pořádku.. Občas mi internet z ničeho nic skočí třeba na 15 kb/s což je opravdu maličko.. Normální rychlost mám 50 mb/s.. Na nooteboku se stejným připojením mám normálně 41 mb/s, ikdyž tady na stolním počítači 50 kb/s a méně.. Mám takové podezřejní, že mi v počítači něco hnusného řádí, myslíte, že bych vás odborníky, mohl poprosit o prověření? Děkuji za pomoct předem.

Zde ten Log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Martin at 2014-11-14 14:20:05
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 37 GB (8%) free of 451 GB
Total RAM: 8174 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:20:21, on 14.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\UMonit.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe
C:\Windows\jmesoft\hotkey.exe
C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe
C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe
C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.225\deploy\LoLLauncher.exe
C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.9\deploy\LoLPatcher.exe
C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.118\deploy\LolClient.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
C:\Program Files\trend micro\Martin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [jmekey] C:\windows\jmesoft\hotkey.exe
O4 - HKLM\..\Run: [jmesoft] C:\Windows\jmesoft\ServiceLoader.exe
O4 - HKLM\..\Run: [Lenovo Eye Distance System] C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe 1
O4 - HKLM\..\Run: [Lenovo Dynamic Brightness System] C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe 1
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [Bloody2] "C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe" Minimum
O4 - HKCU\..\Run: [ManyCam] "C:\Program Files (x86)\ManyCam\ManyCam.exe" --silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3624722470-2580364961-1715627244-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3624722470-2580364961-1715627244-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: F-Secure BlackLight Sensor - Unknown owner - C:\Users\Martin\AppData\Local\Temp\F-Secure\Anti-Virus\fsblsrv.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: YAC Service (iSafeService) - Unknown owner - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe (file missing)
O23 - Service: JME Keyboard Driver (JME Keyboard) - Unknown owner - C:\Windows\jmesoft\Service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - Unknown owner - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13922 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
taskeng.exe {80E469C2-CD11-445D-BA30-43398038B3B6}
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\Windows\jmesoft\Service.exe
c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
"C:\windows\SysWOW64\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait
"C:\windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\x64\saHook.dll", saHooker_Initialize_and_Wait
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\SysWOW64\UMonit.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe"
"C:\Windows\jmesoft\hotkey.exe"
"C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe" 1
"C:\Windows\jmesoft\JME_LOAD.exe"
"C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe" 1
"C:\windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
"C:/Users/Martin/AppData/Local/Akamai/netsession_win.exe" --client
"C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 3392
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\windows\system32\conhost.exe "-1285648499117818445-2108756931-1503453018-921884452789239822-1951129859-1344745934
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=1056.16114ee0.1155020404 "C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 1056 "\\.\pipe\gecko-crash-server-pipe.1056" plugin
"C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe" --proxy-stub-channel=Flash1376.6483E980.22467 --host-broker-channel=Flash1376.6483E980.2988 --host-pid=1376 --host-npapi-version=27 --plugin-path="C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll"
"C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe" --channel=2808.0055F17C.1731631095 --proxy-stub-channel=Flash1376.6483E980.22467 --plugin-path="C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll" --host-npapi-version=27 --type=renderer
C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe"
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Program Files (x86)\Steam\config\htmlcache" -cookiepath "C:\Program Files (x86)\Steam\config\cookies" -steampid 5640 --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-accelerated-video-decode --disable-delegated-renderer --disable-gpu-compositing --disable-threaded-compositing --enable-pinch --enable-software-compositing --no-sandbox --enable-direct-write --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-accelerated-compositing --disable-webrtc-hw-encoding --disable-gpu-compositing --channel="5832.0.1096271608\1407744983" /prefetch:673131151
"C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe" updateandrun lol_launcher LoLLauncher.exe
LoLLauncher.exe
"C:/Riot Games/League of Legends/RADS/projects/lol_patcher/releases/0.0.0.9/deploy/LoLPatcher.exe"
"C:/Riot Games/League of Legends/RADS/projects/lol_air_client/releases/0.0.1.118/deploy/LolClient.exe" -runtime .\ -nodebug META-INF\AIR\application.xml .\ -- 8393
taskeng.exe {162BFFAF-F2C6-4BDB-995C-183A3BFF8539}
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe" -Embedding
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\windows\system32\wbem\wmiprvse.exe
"C:\Users\Martin\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\Registry Optimizer_DEFAULT.job - C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe -default
C:\windows\tasks\Registry Optimizer_UPDATES.job - C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe -updatecheck
C:\windows\tasks\SmartPCFix Task.job - C:\Program Files (x86)\SmartPCFix\SmartPCFix.exe -run

=========Mozilla firefox=========

ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ankcv6uy.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.223 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.1.3]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.3.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.4.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameEU.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.223 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.0]
"Description"=
"Path"=C:\windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-08-08 545192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2014-10-30 294400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-08-08 193456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-12 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2014-10-30 241864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-04-01 1144072]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-12 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2014-10-30 294400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2014-10-30 241864]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-04-01 1144072]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-10-26 11543656]
"UMonit"=C:\windows\SysWOW64\UMonit.exe [2011-05-25 49152]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-10-18 1028384]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2014-10-04 2800296]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-09-22 5595848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"Bloody2"=C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [2014-01-03 14069760]
"ManyCam"=C:\Program Files (x86)\ManyCam\ManyCam.exe --silent []
"Clownfish"= []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"Akamai NetSession Interface"=C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe [2014-10-29 4673432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4StoryPrePatch]
C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish]
C:\Program Files (x86)\Clownfish\Clownfish.exe [2014-04-01 1313536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Program Files (x86)\Origin\Origin.exe [2014-07-25 3595608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MKLOL]
C:\Program Files (x86)\MKJogo\MKLOL\MK.exe -auto []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RazerGameBooster]
C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe [2014-02-25 61152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-08-27 22041192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2014-11-12 1940160]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"jmekey"=C:\windows\jmesoft\hotkey.exe [2011-06-08 118784]
"jmesoft"=C:\Windows\jmesoft\ServiceLoader.exe [2011-03-16 28672]
"Lenovo Eye Distance System"=C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe [2010-09-09 265216]
"Lenovo Dynamic Brightness System"=C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe [2010-10-08 285696]
"CLMLServer"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [2009-12-05 103720]
"UpdateP2GoShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [2009-05-14 222504]
""= []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe []
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"vidc.tscc"=C:\windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\windows\SysWOW64\tsc2_codec64.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"mixer8"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave9"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-13 16:09:32 ----A---- C:\windows\SYSWOW64\adtschema.dll
2014-11-13 16:09:32 ----A---- C:\windows\system32\termsrv.dll
2014-11-13 16:09:32 ----A---- C:\windows\system32\lsasrv.dll
2014-11-13 16:09:32 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2014-11-13 16:09:32 ----A---- C:\windows\system32\adtschema.dll
2014-11-13 16:09:31 ----A---- C:\windows\SYSWOW64\sspicli.dll
2014-11-13 16:09:31 ----A---- C:\windows\SYSWOW64\secur32.dll
2014-11-13 16:09:31 ----A---- C:\windows\SYSWOW64\msaudite.dll
2014-11-13 16:09:31 ----A---- C:\windows\system32\msaudite.dll
2014-11-13 16:09:21 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-11-13 16:09:21 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-11-13 16:09:21 ----A---- C:\windows\system32\ieetwcollector.exe
2014-11-13 16:09:20 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-11-13 16:09:20 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-11-13 16:09:19 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-11-13 16:09:19 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-11-13 16:09:19 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-11-13 16:09:19 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-13 16:09:19 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2014-11-13 16:09:19 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-11-13 16:09:19 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-13 16:09:19 ----A---- C:\windows\system32\iernonce.dll
2014-11-13 16:09:19 ----A---- C:\windows\system32\ie4uinit.exe
2014-11-13 16:09:18 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-11-13 16:09:18 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-11-13 16:09:18 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-11-13 16:09:18 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-11-13 16:09:18 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-11-13 16:09:18 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-11-13 16:09:18 ----A---- C:\windows\system32\urlmon.dll
2014-11-13 16:09:18 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-11-13 16:09:18 ----A---- C:\windows\system32\iedkcs32.dll
2014-11-13 16:09:17 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-11-13 16:09:17 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-11-13 16:09:17 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-11-13 16:09:17 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-11-13 16:09:17 ----A---- C:\windows\system32\msfeeds.dll
2014-11-13 16:09:17 ----A---- C:\windows\system32\iesetup.dll
2014-11-13 16:09:17 ----A---- C:\windows\system32\ieapfltr.dll
2014-11-13 16:09:17 ----A---- C:\windows\system32\dxtrans.dll
2014-11-13 16:09:16 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-11-13 16:09:16 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-11-13 16:09:16 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-11-13 16:09:16 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2014-11-13 16:09:16 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2014-11-13 16:09:16 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-11-13 16:09:16 ----A---- C:\windows\system32\jsproxy.dll
2014-11-13 16:09:16 ----A---- C:\windows\system32\ieUnatt.exe
2014-11-13 16:09:16 ----A---- C:\windows\system32\iertutil.dll
2014-11-13 16:09:15 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-11-13 16:09:15 ----A---- C:\windows\system32\mshtmled.dll
2014-11-13 16:09:15 ----A---- C:\windows\system32\ieui.dll
2014-11-13 16:09:15 ----A---- C:\windows\system32\ieframe.dll
2014-11-13 16:09:15 ----A---- C:\windows\system32\dxtmsft.dll
2014-11-13 16:09:14 ----A---- C:\windows\system32\wininet.dll
2014-11-13 16:09:14 ----A---- C:\windows\system32\vbscript.dll
2014-11-13 16:09:14 ----A---- C:\windows\system32\msrating.dll
2014-11-13 16:09:14 ----A---- C:\windows\system32\MshtmlDac.dll
2014-11-13 16:09:14 ----A---- C:\windows\system32\jscript9diag.dll
2014-11-13 16:09:14 ----A---- C:\windows\system32\jscript9.dll
2014-11-13 16:09:13 ----A---- C:\windows\system32\mshtml.dll
2014-11-13 16:07:32 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2014-11-13 16:07:32 ----A---- C:\windows\SYSWOW64\msxml3.dll
2014-11-13 16:07:32 ----A---- C:\windows\system32\msxml3r.dll
2014-11-13 16:07:32 ----A---- C:\windows\system32\msxml3.dll
2014-11-13 16:07:31 ----A---- C:\windows\SYSWOW64\IMJP10K.DLL
2014-11-13 16:07:31 ----A---- C:\windows\system32\IMJP10K.DLL
2014-11-13 16:07:27 ----A---- C:\windows\system32\AUDIOKSE.dll
2014-11-13 16:07:26 ----A---- C:\windows\SYSWOW64\AudioSes.dll
2014-11-13 16:07:26 ----A---- C:\windows\SYSWOW64\AUDIOKSE.dll
2014-11-13 16:07:26 ----A---- C:\windows\SYSWOW64\AudioEng.dll
2014-11-13 16:07:26 ----A---- C:\windows\system32\EncDump.dll
2014-11-13 16:07:26 ----A---- C:\windows\system32\audiosrv.dll
2014-11-13 16:07:26 ----A---- C:\windows\system32\AudioSes.dll
2014-11-13 16:07:26 ----A---- C:\windows\system32\AudioEng.dll
2014-11-13 16:07:20 ----A---- C:\windows\SYSWOW64\schannel.dll
2014-11-13 16:07:20 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2014-11-13 16:07:20 ----A---- C:\windows\system32\schannel.dll
2014-11-13 16:07:20 ----A---- C:\windows\system32\ncrypt.dll
2014-11-13 16:07:19 ----A---- C:\windows\SYSWOW64\wdigest.dll
2014-11-13 16:07:19 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2014-11-13 16:07:19 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2014-11-13 16:07:19 ----A---- C:\windows\SYSWOW64\kerberos.dll
2014-11-13 16:07:19 ----A---- C:\windows\SYSWOW64\credssp.dll
2014-11-13 16:07:19 ----A---- C:\windows\system32\wdigest.dll
2014-11-13 16:07:19 ----A---- C:\windows\system32\TSpkg.dll
2014-11-13 16:07:19 ----A---- C:\windows\system32\msv1_0.dll
2014-11-13 16:07:19 ----A---- C:\windows\system32\kerberos.dll
2014-11-13 16:07:19 ----A---- C:\windows\system32\credssp.dll
2014-11-13 16:06:58 ----A---- C:\windows\SYSWOW64\packager.dll
2014-11-13 16:06:58 ----A---- C:\windows\system32\packager.dll
2014-11-13 16:06:57 ----A---- C:\windows\system32\win32k.sys
2014-11-13 16:06:56 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2014-11-13 16:06:56 ----A---- C:\windows\system32\oleaut32.dll
2014-11-13 16:06:39 ----A---- C:\windows\SYSWOW64\msi.dll
2014-11-13 16:06:39 ----A---- C:\windows\system32\msi.dll
2014-11-12 17:23:26 ----A---- C:\windows\SYSWOW64\FlashPlayerInstaller.exe
2014-11-11 14:28:59 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-11-07 17:02:56 ----D---- C:\Users\Martin\AppData\Roaming\Leadertech
2014-11-07 16:35:39 ----A---- C:\windows\SYSWOW64\nvspbridge.dll
2014-11-07 16:35:39 ----A---- C:\windows\system32\nvspbridge64.dll
2014-10-28 14:57:15 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-28 14:56:35 ----A---- C:\windows\system32\drivers\mwac.sys
2014-10-28 14:56:35 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2014-10-28 14:56:34 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-28 14:38:17 ----A---- C:\windows\system32\drivers\iSafeNetFilter.sys
2014-10-28 14:38:17 ----A---- C:\windows\system32\drivers\iSafeKrnlBoot.sys
2014-10-28 14:38:16 ----D---- C:\windows\system32\log
2014-10-22 20:29:45 ----D---- C:\Rust
2014-10-18 16:44:12 ----D---- C:\ProgramData\ESET
2014-10-18 16:44:12 ----D---- C:\Program Files\ESET
2014-10-15 13:16:06 ----A---- C:\windows\SYSWOW64\mscories.dll
2014-10-15 13:16:06 ----A---- C:\windows\SYSWOW64\mscorier.dll
2014-10-15 13:16:06 ----A---- C:\windows\SYSWOW64\dfshim.dll
2014-10-15 13:16:06 ----A---- C:\windows\system32\mscories.dll
2014-10-15 13:16:06 ----A---- C:\windows\system32\mscorier.dll
2014-10-15 13:16:06 ----A---- C:\windows\system32\dfshim.dll
2014-10-15 13:15:22 ----A---- C:\windows\system32\blackbox.dll
2014-10-15 13:15:21 ----A---- C:\windows\SYSWOW64\drmv2clt.dll
2014-10-15 13:15:21 ----A---- C:\windows\SYSWOW64\blackbox.dll
2014-10-15 13:15:21 ----A---- C:\windows\system32\drmv2clt.dll
2014-10-15 13:15:19 ----A---- C:\windows\system32\wmp.dll
2014-10-15 13:15:18 ----A---- C:\windows\SYSWOW64\wmdrmsdk.dll
2014-10-15 13:15:18 ----A---- C:\windows\system32\wmdrmsdk.dll
2014-10-15 13:15:18 ----A---- C:\windows\system32\mf.dll
2014-10-15 13:15:16 ----A---- C:\windows\SYSWOW64\wmp.dll
2014-10-15 13:15:14 ----A---- C:\windows\SYSWOW64\mf.dll
2014-10-15 13:15:14 ----A---- C:\windows\system32\drmmgrtn.dll
2014-10-15 13:15:13 ----A---- C:\windows\SYSWOW64\drmmgrtn.dll
2014-10-15 13:15:13 ----A---- C:\windows\system32\ci.dll
2014-10-15 13:15:12 ----A---- C:\windows\system32\drivers\PEAuth.sys
2014-10-15 13:15:10 ----A---- C:\windows\system32\winresume.exe
2014-10-15 13:15:10 ----A---- C:\windows\system32\winload.exe
2014-10-15 13:15:10 ----A---- C:\windows\system32\quartz.dll
2014-10-15 13:15:10 ----A---- C:\windows\system32\cryptsvc.dll
2014-10-15 13:15:09 ----A---- C:\windows\system32\wintrust.dll
2014-10-15 13:15:09 ----A---- C:\windows\system32\ntoskrnl.exe
2014-10-15 13:15:09 ----A---- C:\windows\system32\evr.dll
2014-10-15 13:15:08 ----A---- C:\windows\SYSWOW64\wintrust.dll
2014-10-15 13:15:08 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2014-10-15 13:15:08 ----A---- C:\windows\SYSWOW64\cryptsvc.dll
2014-10-15 13:15:08 ----A---- C:\windows\system32\crypt32.dll
2014-10-15 13:15:07 ----A---- C:\windows\SYSWOW64\quartz.dll
2014-10-15 13:15:07 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2014-10-15 13:15:07 ----A---- C:\windows\SYSWOW64\mfplat.dll
2014-10-15 13:15:07 ----A---- C:\windows\SYSWOW64\evr.dll
2014-10-15 13:15:07 ----A---- C:\windows\SYSWOW64\cryptui.dll
2014-10-15 13:15:07 ----A---- C:\windows\SYSWOW64\crypt32.dll
2014-10-15 13:15:07 ----A---- C:\windows\system32\srcore.dll
2014-10-15 13:15:07 ----A---- C:\windows\system32\pcasvc.dll
2014-10-15 13:15:07 ----A---- C:\windows\system32\mfplat.dll
2014-10-15 13:15:07 ----A---- C:\windows\system32\cryptui.dll
2014-10-15 13:15:06 ----A---- C:\windows\SYSWOW64\srclient.dll
2014-10-15 13:15:06 ----A---- C:\windows\SYSWOW64\spwmp.dll
2014-10-15 13:15:06 ----A---- C:\windows\SYSWOW64\rrinstaller.exe
2014-10-15 13:15:06 ----A---- C:\windows\SYSWOW64\msscp.dll
2014-10-15 13:15:06 ----A---- C:\windows\SYSWOW64\msnetobj.dll
2014-10-15 13:15:06 ----A---- C:\windows\SYSWOW64\mfps.dll
2014-10-15 13:15:06 ----A---- C:\windows\SYSWOW64\mfpmp.exe
2014-10-15 13:15:06 ----A---- C:\windows\SYSWOW64\cryptsp.dll
2014-10-15 13:15:06 ----A---- C:\windows\SYSWOW64\appidapi.dll
2014-10-15 13:15:06 ----A---- C:\windows\system32\srclient.dll
2014-10-15 13:15:06 ----A---- C:\windows\system32\spwmp.dll
2014-10-15 13:15:06 ----A---- C:\windows\system32\setbcdlocale.dll
2014-10-15 13:15:06 ----A---- C:\windows\system32\rstrui.exe
2014-10-15 13:15:06 ----A---- C:\windows\system32\rrinstaller.exe
2014-10-15 13:15:06 ----A---- C:\windows\system32\msscp.dll
2014-10-15 13:15:06 ----A---- C:\windows\system32\msnetobj.dll
2014-10-15 13:15:06 ----A---- C:\windows\system32\mfps.dll
2014-10-15 13:15:06 ----A---- C:\windows\system32\mfpmp.exe
2014-10-15 13:15:06 ----A---- C:\windows\system32\dxmasf.dll
2014-10-15 13:15:06 ----A---- C:\windows\system32\drivers\appid.sys
2014-10-15 13:15:06 ----A---- C:\windows\system32\cryptsp.dll
2014-10-15 13:15:06 ----A---- C:\windows\system32\appidsvc.dll
2014-10-15 13:15:06 ----A---- C:\windows\system32\appidpolicyconverter.exe
2014-10-15 13:15:06 ----A---- C:\windows\system32\appidcertstorecheck.exe
2014-10-15 13:15:06 ----A---- C:\windows\system32\appidapi.dll
2014-10-15 13:15:05 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2014-10-15 13:15:05 ----A---- C:\windows\SYSWOW64\mferror.dll
2014-10-15 13:15:05 ----A---- C:\windows\SYSWOW64\dxmasf.dll
2014-10-15 13:15:05 ----A---- C:\windows\system32\wmploc.DLL
2014-10-15 13:15:05 ----A---- C:\windows\system32\mferror.dll
2014-10-15 13:12:31 ----A---- C:\windows\SYSWOW64\rastls.dll
2014-10-15 13:12:31 ----A---- C:\windows\system32\rastls.dll
2014-10-15 13:12:24 ----A---- C:\windows\SYSWOW64\mstscax.dll
2014-10-15 13:12:23 ----A---- C:\windows\SYSWOW64\winsta.dll
2014-10-15 13:12:23 ----A---- C:\windows\SYSWOW64\mstsc.exe
2014-10-15 13:12:23 ----A---- C:\windows\system32\winsta.dll
2014-10-15 13:12:23 ----A---- C:\windows\system32\winlogon.exe
2014-10-15 13:12:23 ----A---- C:\windows\system32\rdpcorekmts.dll
2014-10-15 13:12:23 ----A---- C:\windows\system32\mstscax.dll
2014-10-15 13:12:23 ----A---- C:\windows\system32\mstsc.exe
2014-10-15 13:12:23 ----A---- C:\windows\system32\drivers\rdpwd.sys
2014-10-15 13:12:22 ----A---- C:\windows\SYSWOW64\aaclient.dll
2014-10-15 13:12:22 ----A---- C:\windows\system32\drivers\tssecsrv.sys

======List of files/folders modified in the last 1 month======

2014-11-14 14:20:12 ----D---- C:\Program Files\trend micro
2014-11-14 14:20:08 ----D---- C:\windows\Temp
2014-11-14 14:17:34 ----D---- C:\windows\Prefetch
2014-11-14 14:15:41 ----D---- C:\Users\Martin\AppData\Roaming\TS3Client
2014-11-14 14:15:31 ----D---- C:\Program Files (x86)\Steam
2014-11-14 14:13:02 ----A---- C:\windows\SYSWOW64\log.txt
2014-11-14 14:11:06 ----D---- C:\windows\system32\config
2014-11-14 14:08:27 ----D---- C:\ProgramData\NVIDIA
2014-11-14 14:05:22 ----D---- C:\windows\Microsoft.NET
2014-11-14 14:05:13 ----RSD---- C:\windows\assembly
2014-11-14 14:02:43 ----SHD---- C:\windows\Installer
2014-11-14 14:00:30 ----D---- C:\windows\winsxs
2014-11-14 13:56:43 ----D---- C:\windows\SYSWOW64\cs-CZ
2014-11-14 13:56:43 ----D---- C:\windows\SysWOW64
2014-11-14 13:56:43 ----D---- C:\windows\system32\cs-CZ
2014-11-14 13:56:43 ----AD---- C:\windows\System32
2014-11-14 13:56:42 ----D---- C:\windows\system32\drivers
2014-11-14 13:56:42 ----D---- C:\Program Files\Internet Explorer
2014-11-14 13:56:41 ----D---- C:\windows\SYSWOW64\en-US
2014-11-14 13:56:39 ----D---- C:\windows\system32\en-US
2014-11-14 13:56:36 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-13 22:24:07 ----SHD---- C:\System Volume Information
2014-11-13 19:06:08 ----D---- C:\Users\Martin\AppData\Roaming\Skype
2014-11-13 16:06:28 ----D---- C:\windows\system32\catroot2
2014-11-13 15:49:47 ----D---- C:\windows\system32\MRT
2014-11-13 15:49:46 ----D---- C:\windows\debug
2014-11-13 15:49:42 ----A---- C:\windows\system32\MRT.exe
2014-11-13 15:43:34 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-12 17:23:31 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2014-11-12 14:11:33 ----RD---- C:\Program Files (x86)
2014-11-08 00:42:36 ----D---- C:\Windows
2014-11-08 00:11:53 ----D---- C:\Users\Martin\AppData\Roaming\ftblauncher
2014-11-07 17:34:30 ----D---- C:\Program Files (x86)\GameforgeLive
2014-11-07 17:04:42 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-11-07 17:04:41 ----D---- C:\windows\inf
2014-11-07 17:03:08 ----D---- C:\windows\system32\Tasks
2014-11-07 16:36:19 ----D---- C:\windows\system32\DriverStore
2014-11-07 16:36:15 ----D---- C:\Program Files\NVIDIA Corporation
2014-11-03 17:57:35 ----D---- C:\windows\Logs
2014-10-28 15:11:16 ----D---- C:\windows\Resources
2014-10-28 14:56:34 ----D---- C:\ProgramData\Malwarebytes
2014-10-28 14:50:34 ----D---- C:\Nexon
2014-10-28 14:50:09 ----D---- C:\windows\Tasks
2014-10-28 14:50:03 ----D---- C:\Program Files (x86)\Google
2014-10-28 06:34:58 ----N---- C:\windows\system32\MpSigStub.exe
2014-10-23 16:52:00 ----D---- C:\ProgramData\GFACE
2014-10-20 15:49:58 ----HD---- C:\ProgramData
2014-10-18 16:44:12 ----RD---- C:\Program Files
2014-10-18 16:38:18 ----D---- C:\windows\SoftwareDistribution
2014-10-17 18:41:22 ----D---- C:\windows\rescache
2014-10-16 14:43:55 ----D---- C:\windows\SYSWOW64\Dism
2014-10-16 14:43:55 ----D---- C:\Program Files\Windows Media Player
2014-10-16 14:43:55 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-16 14:43:53 ----D---- C:\windows\system32\Dism
2014-10-16 14:43:50 ----D---- C:\windows\system32\Boot
2014-10-16 14:43:49 ----D---- C:\windows\system32\CodeIntegrity
2014-10-15 21:22:13 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-10-15 13:12:06 ----D---- C:\windows\system32\catroot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2014-09-22 63160]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 WinI2C-DDC;WinI2C-DDC Kernel Mode Driver; C:\windows\system32\drivers\DDCDrv.sys [2008-04-08 20832]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2014-09-22 243440]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2014-09-22 169280]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2014-09-22 44632]
R1 iSafeNetFilter;YAC NDIS Driver; C:\windows\system32\DRIVERS\iSafeNetFilter.sys [2014-09-22 49320]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2014-09-22 222280]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\windows\system32\DRIVERS\e1c62x64.sys [2010-09-21 313520]
R3 GeneStor;Genesys Logic Storage Driver; C:\windows\system32\DRIVERS\GeneStor.sys [2011-05-18 58368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2010-10-26 2530152]
R3 ManyCam;ManyCam Virtual Webcam; C:\windows\system32\DRIVERS\mcvidrv.sys [2013-11-27 42016]
R3 mcaudrv_simple;ManyCam Virtual Microphone; C:\windows\system32\drivers\mcaudrv_x64.sys [2013-12-06 35232]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-09-21 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys [2013-06-16 196384]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\windows\system32\drivers\nvvad64v.sys [2013-09-28 39200]
R3 ScreamBAudioSvc;ScreamBee Audio; C:\windows\system32\drivers\ScreamingBAudio64.sys [2010-07-01 38992]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
S1 iSafeKrnl;YAC Mini-Filter Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys []
S1 iSafeKrnlKit;YAC Kit Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys []
S1 iSafeKrnlR3;YAC Ring3 Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys []
S3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 Bridge;@%SystemRoot%\system32\bridgeres.dll,-3; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 EagleX64;EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys []
S3 fsbl;F-Secure BlackLight Engine Driver; \??\C:\Users\Martin\AppData\Local\Temp\Rar$EXa0.356\fsbldrv.sys []
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 iSafeKrnlBoot;YAC Boot Driver; C:\windows\system32\DRIVERS\iSafeKrnlBoot.sys [2014-10-08 45224]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
S4 RsFx0103;RsFx0103 Driver; C:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2014-09-16 1350112]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2014-08-22 9216]
R2 JME Keyboard;JME Keyboard Driver; C:\Windows\jmesoft\Service.exe [2011-03-16 32768]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-05 325656]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe [2014-11-12 156904]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-10-18 15122208]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2013-10-23 922912]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-10-18 1914656]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2014-07-27 76152]
R2 RzKLService;RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [2014-02-25 105448]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-03-28 249648]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-11-12 833728]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28 107912]
S2 iSafeService;YAC Service; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe []
S2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 57617752]
S2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560]
S3 EasyAntiCheat;EasyAntiCheat; C:\windows\syswow64\EasyAntiCheat.exe [2014-09-30 175136]
S3 F-Secure BlackLight Sensor;F-Secure BlackLight Sensor; C:\Users\Martin\AppData\Local\Temp\F-Secure\Anti-Virus\fsblsrv.exe []
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-11-06 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-11 114288]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-08-10 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

#2 Příspěvek od **altrok** » 14 lis 2014 15:53

Zdravim

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Clean
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

vamvam · #3 Příspěvek od **vamvam** » 17 lis 2014 02:44

Omlouvám se za pozdější zpětnou odpověď, ale měl jsem teď trošku na pilno..

Když jsem se nějak pokoušel váš program, nebo program, který jste mi doporučil stáhnout, pořád mi to hází chybu, že v tom je vir.. Zkoušel jsem vypnout i AntiVir, nepomohlo. (Používám Mozila Firefox)

#4 Příspěvek od **altrok** » 17 lis 2014 13:46

Pouzijte jiny prohlizec (Internet Explorer, ...) nebo vymazte cache prohlizece napr. pomoci CCleaneru.

vamvam · #5 Příspěvek od **vamvam** » 07 pro 2014 01:32

Tak tedy log:

# AdwCleaner v4.104 - Report created 07/12/2014 at 01:26:20
# Updated 05/12/2014 by Xplode
# Database : 2014-12-03.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Martin - MARTIN-PC
# Running from : C:\Users\Martin\Desktop\adwcleaner_4.104.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : iSafeKrnl
[#] Service Deleted : iSafeKrnlBoot
[#] Service Deleted : iSafeKrnlKit
[#] Service Deleted : iSafeKrnlR3
Service Deleted : iSafeNetFilter
[#] Service Deleted : iSafeService

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Martin\AppData\Local\Conduit
Folder Deleted : C:\Users\Martin\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\Martin\AppData\Local\CrashRpt
Folder Deleted : C:\Users\Martin\AppData\LocalLow\Conduit
File Deleted : C:\END
File Deleted : C:\windows\System32\drivers\iSafeKrnlBoot.sys
File Deleted : C:\windows\System32\log\iSafeKrnlCall.log

***** [ Scheduled Tasks ] *****

Task Deleted : Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{69F5B59D-B485-4A6F-9FFF-41E7CDA23DBF}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C22618CC-556F-4D46-85DD-00918D220FEC}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420

-\\ Mozilla Firefox v33.1 (x86 cs)

-\\ Google Chrome v39.0.2171.71

*************************

AdwCleaner[R0].txt - [6806 octets] - [03/02/2014 21:05:29]
AdwCleaner[R1].txt - [4175 octets] - [07/12/2014 01:25:04]
AdwCleaner[S0].txt - [6520 octets] - [03/02/2014 21:05:57]
AdwCleaner[S1].txt - [3762 octets] - [07/12/2014 01:26:20]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3822 octets] ##########

BTW: Nevím jestli tenhle program snímá i něco jako jsou KeyLoggery? Né, že bych zrovna byl nějakej nehoráznej stahovač blbostí, ale byl bych klidnější, kdyby se dal prověřit i ten KeyLogger, děkuji.

#6 Příspěvek od **altrok** » 07 pro 2014 10:26

Nedavno jsem videl KeyLoggera v cracku na ESET Smart Security... i na neaktivni keyloggery se v prubehu podivame

Spustte jako spravce C:\Program Files\trend micro\Martin.exe

kliknete na Do a system scan only
zatrhnete (udelejte fajfku) nasledujici polozky
- O15 - Trusted Zone: *.clonewarsadventures.com
- O15 - Trusted Zone: *.freerealms.com
- O15 - Trusted Zone: *.soe.com
- O15 - Trusted Zone: *.sony.com
- O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
- O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (file missing)
kliknete na Fix checked

Odinstalujte

McAfee SiteAdvisor
Bing Bar

Pozor take na vselijake optimizery a vsechno, co na jeden klik vyresi zpomaleny PC apod. Z testovanych utilit, ktere automaticky "opravuji" chyby v registrech doporucujeme jen overeny CCleaner.

Ulozte na plochu zoek.exe http://hijackthis.nl/smeenk/zoek.htm

spustte jako spravce
do velkeho okna zkopirujte script uvedeny nize
kliknete na Run script
po restartu na Vas vyskoci log (pripadne jej najdete v C:\zoek-results.log) - vlozte mi jej do pristi odpovedi
Kód: Vybrat vše
```
autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;
```

vamvam · #7 Příspěvek od **vamvam** » 07 pro 2014 13:10

Můžu se zeptat? Po zapnutí toho Martin.exe na mě vyskočili asi 2 errory, které jsem odklikal na OK (jiná volba nebyla) po dokončení mě to hodilo další error a po stisknutí OK se mi objevila tato stránka: http://free.antivirus.com/us/?function% ... er%3D2.0.4

Je to normální? Nevím jestli se mi ty errory znovu objeví, jinak bych vám je poslal.. (nechci to zkoušet bez odpovědi, aby se mi tam něco nepodělalo..)

PM: Pak mi to tam ještě napsalo, po vypnutí programu, že Aplikace nebyla spuštěna správně a že systém ji kompatibilitoval.

#8 Příspěvek od **altrok** » 07 pro 2014 13:13

Krok s C:\Program Files\trend micro\Martin.exe preskocte a pokracujte dalsimi.

vamvam · #9 Příspěvek od **vamvam** » 07 pro 2014 13:16

No, já už jsem to udělal, je to nějaký problém? Jako ještě předtím s těmi errory.

#10 Příspěvek od **altrok** » 07 pro 2014 13:21

Problem to neni, takze vlozte log ze zoeku

vamvam · #11 Příspěvek od **vamvam** » 13 pro 2014 00:55

Zde LOG:

Zoek.exe v5.0.0.0 Updated 12-December-2014
Tool run by Martin on so 13.12.2014 at 0:33:29,09.
Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 WMI=failure
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Martin\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

13.12.2014 0:36:43 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\FreeTime deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Program Files\Google deleted successfully
C:\Program Files\McAfee deleted successfully
C:\PROGRA~3\LumaEmu_SteamCloud deleted successfully
C:\PROGRA~3\Virtual Mechanics deleted successfully
C:\Users\Martin\AppData\Roaming\Awesomium deleted successfully
C:\Users\Martin\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\Martin\AppData\Roaming\Pamela deleted successfully
C:\Users\Martin\AppData\Roaming\Publish Providers deleted successfully
C:\Users\Martin\AppData\Roaming\TP deleted successfully
C:\Users\Martin\AppData\Roaming\YaTQA deleted successfully
C:\Users\Martin\AppData\Local\CrashDumps deleted successfully
C:\Users\Martin\AppData\Local\CRE deleted successfully
C:\Users\Martin\AppData\Local\GHISLER deleted successfully
C:\Users\Martin\AppData\Local\PACE Anti-Piracy deleted successfully
C:\Users\Martin\AppData\Local\RxSz3urUmrAdDJh deleted successfully
C:\Users\Martin\AppData\Local\WMTools Downloaded Files deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3624722470-2580364961-1715627244-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully
HKEY_USERS\S-1-5-21-3624722470-2580364961-1715627244-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully
HKEY_USERS\S-1-5-21-3624722470-2580364961-1715627244-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3624722470-2580364961-1715627244-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{D19CA586-DD6C-4a0a-96F8-14644F340D60} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ankcv6uy.default\prefs.js:
user_pref("browser.startup.homepage", "www.seznam.cz");

Added to C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ankcv6uy.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\PROGRA~3\hash.dat deleted
C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\windows\tasks\SmartPCFix Task.job deleted
C:\windows\SysNative\tasks\Registry Optimizer deleted
C:\windows\SysNative\tasks\Registry Optimizer_DEFAULT deleted
C:\windows\SysNative\tasks\Registry Optimizer_UPDATES deleted
C:\windows\tasks\Registry Optimizer_DEFAULT.job deleted
C:\windows\tasks\Registry Optimizer_UPDATES.job deleted
C:\windows\SysWow64\AI_RecycleBin deleted
C:\Users\Martin\AppData\Roaming\MinecraftS.exe deleted
C:\PROGRA~3\flashax10.exe deleted
C:\Users\Martin\AppData\Local\TempCrossDotXfire.exe deleted
"C:\Users\Martin\AppData\Local\LumaEmu" deleted

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ankcv6uy.default
9860727E477F17B88E39AF8B69B0407A - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll - Shockwave Flash
F2CD1D7524F8E15AAC55568B9F72DE5B - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll - Nexon Game Controller
4902717499A5AE1D3FB4FECAC376D8A7 - C:\Users\Martin\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll - Kalydo Player Plugin for Mozilla
D4BD9F86123C87ECA570418B69326F99 - C:\windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.170.2
09B4E13D25623D879D35286E2D29FF13 - C:\Users\Martin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
15E298B5EC5B89C5994A59863969D9FF - C:\windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Chromium Look ======================

Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aaaapoldfpilohhfkhihnhdckpackghi - C:\Users\Martin\AppData\Local\APN\GoogleCRXs\aaaapoldfpilohhfkhihnhdckpackghi_7.15.4.0.crx[]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com/ig/redirectdomain ... &bmod=LEND"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... -SearchBox"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=i ... ND_csCZ496"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... urceid=ie7"

==== Reset Google Chrome ======================

C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaapoldfpilohhfkhihnhdckpackghi deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4StoryPrePatch deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MKLOL deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Martin\AppData\Local\Mozilla\Firefox\Profiles\ankcv6uy.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=53 folders=43 27292313 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Martin\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\Martin\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on so 13.12.2014 at 0:51:14,96 ======================

PM: Prosím a proč mi Avast a http://www.virustotal.com psal u tohoto souboru, že je nakažený virem? Prej Win 32.Gen nebo něco takového tam bylo.. Můžete mě nějak zasvětit do téhle situace?

Děkuju zatím za ochotu a obětovaný čas.

#12 Příspěvek od **altrok** » 13 pro 2014 02:47

Mluvime o souboru zoek.exe? Jedna se o tzv. false positive = falesny poplach. Vsechny utility, ktere zde pouzivame jsou proverene a 100% ciste.

Dejte novy log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

vamvam · #13 Příspěvek od **vamvam** » 16 pro 2014 19:18

No, jak už jste si asi všiml jsem podle mě nemotorný člověk a jak jsem toužechtivě chtěl jeden mód do jednoho Simulátoru z Ruského fórum se stala ta věc.. Chvíli jsem si hrál, pak se mi hra vypla napsalo to pár errorů.. Poté jsem si zapl tady to fórum, že půjdu udělat co jste mi doporučil/nařídil.. A v tom to bylo.. Vyjel mi tady CMD příkaz asi na 1 vteřinu (jen záblesk) a procesor jel a jel nahoru jak když jedete na lanovce.. Až se tostal k 99%.. Teď nemám puštěného kromě fórum a toho programu nic a mám 87%, což nechápu.. Je prosím vás možnost mi to nějak ještě prověřit?.. Nevěděl jsem, že tato Ruská kalamita je až tak velká..

FRST log:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2014 01
Ran by Martin (administrator) on MARTIN-PC on 16-12-2014 19:10:46
Running from C:\Users\Martin\Desktop
Loaded Profile: Martin (Available profiles: Martin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
() C:\Windows\jmesoft\Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\SysWOW64\UMonit.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe
(Lenovo) C:\Windows\jmesoft\hotkey.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Windows\jmesoft\JME_LOAD.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11543656 2010-10-26] (Realtek Semiconductor)
HKLM\...\Run: [UMonit] => C:\windows\SysWOW64\UMonit.exe [49152 2011-05-25] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595336 2014-10-01] (ESET)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [jmekey] => C:\windows\jmesoft\hotkey.exe [118784 2011-06-08] (Lenovo)
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-03-16] ()
HKLM-x32\...\Run: [Lenovo Eye Distance System] => C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe [265216 2010-09-09] (Lenovo)
HKLM-x32\...\Run: [Lenovo Dynamic Brightness System] => C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe [285696 2010-10-08] (Lenovo)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-05] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [222504 2009-05-14] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [WinampAgent] => "C:\Program Files (x86)\Winamp\winampa.exe"
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3624722470-2580364961-1715627244-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3624722470-2580364961-1715627244-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [14069760 2014-01-03] ()
HKU\S-1-5-21-3624722470-2580364961-1715627244-1001\...\Run: [ManyCam] => "C:\Program Files (x86)\ManyCam\ManyCam.exe" --silent
HKU\S-1-5-21-3624722470-2580364961-1715627244-1001\...\Run: [Clownfish] => "C:\Program Files (x86)\ManyCam\ManyCam.exe" --silent inimum (the data entry has 824 more characters).
HKU\S-1-5-21-3624722470-2580364961-1715627244-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3624722470-2580364961-1715627244-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-3624722470-2580364961-1715627244-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3624722470-2580364961-1715627244-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3624722470-2580364961-1715627244-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\S-1-5-21-3624722470-2580364961-1715627244-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... ND_csCZ496
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 217.112.162.34 10.0.0.2

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ankcv6uy.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-3624722470-2580364961-1715627244-1001: @eximion.com/KalydoPlayer -> C:\Users\Martin\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll (Eximion B.V.)
FF Plugin HKU\S-1-5-21-3624722470-2580364961-1715627244-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Martin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3624722470-2580364961-1715627244-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 EasyAntiCheat; C:\windows\SysWOW64\EasyAntiCheat.exe [175136 2014-09-05] (EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2014-10-01] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-03-16] () [File not signed]
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76152 2014-07-27] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 F-Secure BlackLight Sensor; C:\Users\Martin\AppData\Local\Temp\F-Secure\Anti-Virus\fsblsrv.exe [X]
S2 TeamViewer9; "C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-10-10] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241368 2014-10-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-10-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [222280 2014-10-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44632 2014-10-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [63160 2014-10-10] (ESET)
R3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [58368 2011-05-18] (GenesysLogic)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [42016 2013-11-27] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)
R0 WinI2C-DDC; C:\Windows\System32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.)
R0 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [15712 2010-03-23] (Nicomsoft Ltd.)
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
S3 fsbl; \??\C:\Users\Martin\AppData\Local\Temp\Rar$EXa0.356\fsbldrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-16 19:10 - 2014-12-16 19:11 - 00018755 _____ () C:\Users\Martin\Desktop\FRST.txt
2014-12-16 19:09 - 2014-12-16 19:10 - 00000000 ____D () C:\FRST
2014-12-16 19:08 - 2014-12-16 19:09 - 02119168 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2014-12-16 18:40 - 2014-12-16 18:40 - 00003096 _____ () C:\windows\System32\Tasks\{554BB18D-0182-4FC3-95E6-5939E6887E0C}
2014-12-16 14:37 - 2014-12-16 14:37 - 00000000 ____D () C:\Users\Martin\AppData\Local\LumaEmu_SteamCloud
2014-12-16 14:00 - 2014-12-16 14:00 - 00000168 _____ () C:\windows\setupact.log
2014-12-16 14:00 - 2014-12-16 14:00 - 00000000 _____ () C:\windows\setuperr.log
2014-12-15 14:26 - 2014-12-15 14:26 - 00001534 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2014-12-13 23:00 - 2014-12-13 23:00 - 00000000 ____D () C:\ProgramData\LumaEmu_SteamCloud
2014-12-13 21:55 - 2014-12-13 21:55 - 445803062 _____ (Rusted.cz ) C:\Users\Martin\Downloads\Rusted Klient 1.8.exe
2014-12-13 11:09 - 2014-12-13 11:09 - 00000000 ___SH () C:\Users\Martin\AppData\Local\LumaEmu
2014-12-13 00:47 - 2014-12-13 00:33 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-12-13 00:35 - 2014-12-13 00:51 - 00010798 _____ () C:\zoek-results.log
2014-12-13 00:33 - 2014-12-13 00:45 - 00000000 ____D () C:\zoek_backup
2014-12-11 22:04 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2014-12-11 22:04 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2014-12-11 19:37 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-12-11 19:37 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-12-11 19:37 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-12-11 19:37 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-12-11 19:37 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-12-11 19:37 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-12-11 19:37 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-12-11 19:37 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-12-11 19:37 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-12-11 19:37 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-12-11 19:37 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-12-11 19:37 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-12-11 19:37 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-12-11 19:37 - 2014-11-22 03:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-12-11 19:37 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-12-11 19:37 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-12-11 19:37 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-12-11 19:37 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-12-11 19:37 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-12-11 19:37 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-12-11 19:37 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-12-11 19:37 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 19:37 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-12-11 19:37 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-12-11 19:37 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-12-11 19:37 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-12-11 19:37 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-12-11 19:37 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-12-11 19:37 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-12-11 19:37 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-12-11 19:37 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-12-11 19:37 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-12-11 19:37 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-12-11 19:37 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-12-11 19:37 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-12-11 19:37 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-12-11 19:37 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-12-11 19:37 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-12-11 19:37 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-12-11 19:37 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-12-11 19:37 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-12-11 19:37 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-11 19:37 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-12-11 19:37 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-12-11 19:37 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-12-11 19:37 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-12-11 19:37 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-12-11 19:37 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-12-11 19:37 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-12-11 19:37 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-12-11 19:37 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-12-11 19:37 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-12-11 19:37 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-12-11 19:37 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-12-11 19:37 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-12-11 19:37 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-12-11 19:33 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-12-11 19:33 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-12-11 19:33 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2014-12-11 19:33 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\windows\system32\charmap.exe
2014-12-11 19:33 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\windows\SysWOW64\charmap.exe
2014-12-11 19:33 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2014-12-11 19:33 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll
2014-12-11 19:33 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2014-12-11 19:33 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\windows\system32\WsmAuto.dll
2014-12-11 19:33 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\windows\system32\WSManHTTPConfig.exe
2014-12-11 19:33 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2014-12-11 19:33 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-11 19:33 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll
2014-12-11 19:33 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAuto.dll
2014-12-11 19:33 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManHTTPConfig.exe
2014-12-11 19:32 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-12-11 19:32 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-12-09 14:11 - 2014-12-09 14:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-07 01:25 - 2014-12-07 01:25 - 00000055 _____ () C:\AdwCleanerDebug.txt
2014-11-22 20:44 - 2014-11-22 22:20 - 00000000 ____D () C:\Users\Martin\AppData\Local\ascend
2014-11-20 16:33 - 2014-12-13 23:04 - 00000000 ____D () C:\Users\Martin\Desktop\Hry
2014-11-19 14:07 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-11-19 14:07 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2014-11-19 14:07 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-11-19 14:07 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2014-11-18 14:28 - 2014-12-16 18:40 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rusted.cz
2014-11-18 14:19 - 2014-11-18 14:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-11-18 14:19 - 2014-11-18 14:19 - 00000000 ____D () C:\ProgramData\ESET
2014-11-18 14:19 - 2014-11-18 14:19 - 00000000 ____D () C:\Program Files\ESET

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-16 19:07 - 2013-03-15 14:10 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\TS3Client
2014-12-16 19:07 - 2012-09-24 13:20 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-16 19:06 - 2012-08-08 18:42 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Skype
2014-12-16 18:53 - 2014-10-28 14:57 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-16 18:53 - 2014-10-28 14:50 - 00000952 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-16 18:45 - 2014-08-04 21:29 - 00000000 ____D () C:\Users\Martin\Desktop\Ahoj
2014-12-16 18:23 - 2012-10-22 09:39 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-12-16 14:11 - 2012-12-23 11:57 - 00000000 ____D () C:\Users\Martin\AppData\Local\Adobe
2014-12-16 14:10 - 2012-03-15 17:45 - 01149030 _____ () C:\windows\WindowsUpdate.log
2014-12-16 14:08 - 2009-07-14 05:45 - 00020688 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-16 14:08 - 2009-07-14 05:45 - 00020688 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-16 14:00 - 2014-10-28 14:50 - 00000948 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-16 14:00 - 2012-03-15 18:17 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-16 14:00 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-12-15 16:53 - 2014-01-06 15:48 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\.minecraft
2014-12-14 19:29 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2014-12-14 13:56 - 2013-07-04 14:16 - 00000000 ____D () C:\Users\Martin\Desktop\CINEMA 4Dv C-Cinerma 4D
2014-12-13 23:51 - 2014-06-20 15:36 - 00000000 ____D () C:\Users\Martin\Documents\Euro Truck Simulator 2
2014-12-13 00:57 - 2014-10-28 14:56 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-13 00:57 - 2014-10-28 14:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-13 00:57 - 2014-10-28 14:56 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-12 17:45 - 2013-11-09 20:07 - 00000000 ____D () C:\Users\Martin\AppData\Local\NVIDIA
2014-12-12 17:40 - 2014-11-07 19:56 - 00000000 ____D () C:\Users\Martin\AppData\Local\NVIDIA Corporation
2014-12-12 17:40 - 2012-03-15 17:46 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-12-12 17:39 - 2013-04-29 16:46 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-12-12 17:39 - 2012-03-15 17:46 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-12-12 16:29 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-12-11 22:17 - 2013-08-15 00:28 - 00000000 ____D () C:\windows\system32\MRT
2014-12-11 22:06 - 2012-08-12 11:35 - 112710672 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-12-10 18:23 - 2012-10-22 09:39 - 00003852 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-12-10 17:23 - 2012-10-22 09:39 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 17:23 - 2012-10-22 09:39 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 14:05 - 2013-11-22 14:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-09 17:18 - 2013-09-16 13:09 - 00048640 ___SH () C:\Users\Martin\Thumbs.db
2014-12-08 13:59 - 2012-03-15 18:19 - 00000000 ____D () C:\ProgramData\McAfee
2014-12-08 13:59 - 2012-03-15 18:19 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-12-07 13:06 - 2012-08-08 17:43 - 00000000 ____D () C:\Users\Martin\AppData\Local\VirtualStore
2014-12-07 01:49 - 2013-10-29 02:19 - 00007616 _____ () C:\Users\Martin\AppData\Local\Resmon.ResmonCfg
2014-12-07 01:45 - 2014-05-08 23:01 - 00000000 ____D () C:\Users\Martin\Desktop\Lolko Info
2014-12-07 01:41 - 2014-10-09 19:40 - 00000000 ____D () C:\Users\Martin\Desktop\Fotky
2014-12-07 01:37 - 2012-09-21 16:19 - 04007424 ___SH () C:\Users\Martin\Desktop\Thumbs.db
2014-12-07 01:26 - 2014-10-28 14:38 - 00000000 ____D () C:\windows\system32\log
2014-12-07 01:26 - 2014-02-02 21:28 - 00000000 ____D () C:\AdwCleaner
2014-12-07 01:01 - 2014-09-27 12:09 - 00000000 ____D () C:\Users\Martin\AppData\Local\wf-launcher
2014-12-07 00:27 - 2014-09-27 12:09 - 00000000 ____D () C:\ProgramData\GFACE
2014-12-01 17:00 - 2012-09-24 13:29 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-01 16:01 - 2014-08-19 18:30 - 00000000 ____D () C:\Users\Martin\Documents\Bandicam
2014-11-24 14:04 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-11-24 13:56 - 2009-07-14 06:08 - 00032576 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-11-21 17:55 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\Branding
2014-11-21 06:14 - 2014-10-28 14:56 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-11-21 06:14 - 2014-10-28 14:56 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-11-21 06:14 - 2014-02-02 21:36 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-11-16 02:48 - 2014-10-28 14:50 - 00003948 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-16 02:48 - 2014-10-28 14:50 - 00003696 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-15 16:02

==================== End Of Log ============================

Addition.rar Log:

Addition.rar: (43.2 KiB) Staženo 86 x

Děkuji ještě jednou za ochotu.. Po konci tkzv. "léčby" tedy zkusím něco vyrvat z mé peněženky a "hodím vám to tady na stůl", přejen fórum kde pomáhají by nemělo zůstat o suchu..

#14 Příspěvek od **altrok** » 16 pro 2014 19:44

Odinstalujte

Java 7 Update 17
Java(TM) 7 Update 5 (64-bit)

jedna se o bezpecnostni hrozby.

Na ESS mate zakoupenou licenci?

Vypnete trvale Windows Defender - http://windows.microsoft.com/cs-cz/wind ... =windows-7

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
Task: {AE35439D-D8DE-44B1-A1AC-834A81D5D0AC} - \Registry Optimizer No Task File <==== ATTENTION
Task: {B984534C-4F98-498F-90F9-5A0D246DA4EB} - System32\Tasks\{30F39772-E4B7-4FBD-A060-98E7CDF1C4C9} => pcalua.exe -a "C:\Users\Martin\Desktop\MultiHack 2013 !\Install Hack.exe" -d "C:\Users\Martin\Desktop\MultiHack 2013 !"
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [222504 2009-05-14] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3624722470-2580364961-1715627244-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3624722470-2580364961-1715627244-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
C:\Users\Martin\AppData\Local\Akamai

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File

FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

S3 F-Secure BlackLight Sensor; C:\Users\Martin\AppData\Local\Temp\F-Secure\Anti-Virus\fsblsrv.exe [X]
S2 TeamViewer9; "C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe" [X]
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
S3 fsbl; \??\C:\Users\Martin\AppData\Local\Temp\Rar$EXa0.356\fsbldrv.sys [X]

2014-12-13 00:47 - 2014-12-13 00:33 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-12-13 00:35 - 2014-12-13 00:51 - 00010798 _____ () C:\zoek-results.log
2014-12-13 00:33 - 2014-12-13 00:45 - 00000000 ____D () C:\zoek_backup
2014-12-07 01:25 - 2014-12-07 01:25 - 00000055 _____ () C:\AdwCleanerDebug.txt
2014-12-07 01:26 - 2014-02-02 21:28 - 00000000 ____D () C:\AdwCleaner
Hosts:
EmptyTemp:
End

vamvam · #15 Příspěvek od **vamvam** » 16 pro 2014 20:20

LOG:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-12-2014 01
Ran by Martin at 2014-12-16 20:09:16 Run:1
Running from C:\Users\Martin\Desktop
Loaded Profile: Martin (Available profiles: Martin)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
Task: {AE35439D-D8DE-44B1-A1AC-834A81D5D0AC} - \Registry Optimizer No Task File <==== ATTENTION
Task: {B984534C-4F98-498F-90F9-5A0D246DA4EB} - System32\Tasks\{30F39772-E4B7-4FBD-A060-98E7CDF1C4C9} => pcalua.exe -a "C:\Users\Martin\Desktop\MultiHack 2013 !\Install Hack.exe" -d "C:\Users\Martin\Desktop\MultiHack 2013 !"
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [222504 2009-05-14] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3624722470-2580364961-1715627244-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3624722470-2580364961-1715627244-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
C:\Users\Martin\AppData\Local\Akamai

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File

FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

S3 F-Secure BlackLight Sensor; C:\Users\Martin\AppData\Local\Temp\F-Secure\Anti-Virus\fsblsrv.exe [X]
S2 TeamViewer9; "C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe" [X]
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
S3 fsbl; \??\C:\Users\Martin\AppData\Local\Temp\Rar$EXa0.356\fsbldrv.sys [X]

2014-12-13 00:47 - 2014-12-13 00:33 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-12-13 00:35 - 2014-12-13 00:51 - 00010798 _____ () C:\zoek-results.log
2014-12-13 00:33 - 2014-12-13 00:45 - 00000000 ____D () C:\zoek_backup
2014-12-07 01:25 - 2014-12-07 01:25 - 00000055 _____ () C:\AdwCleanerDebug.txt
2014-12-07 01:26 - 2014-02-02 21:28 - 00000000 ____D () C:\AdwCleaner
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AE35439D-D8DE-44B1-A1AC-834A81D5D0AC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE35439D-D8DE-44B1-A1AC-834A81D5D0AC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Registry Optimizer" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B984534C-4F98-498F-90F9-5A0D246DA4EB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B984534C-4F98-498F-90F9-5A0D246DA4EB}" => Key deleted successfully.
C:\Windows\System32\Tasks\{30F39772-E4B7-4FBD-A060-98E7CDF1C4C9} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{30F39772-E4B7-4FBD-A060-98E7CDF1C4C9}" => Key deleted successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GoShortCut => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdatePRCShortCut => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
HKU\S-1-5-21-3624722470-2580364961-1715627244-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
HKU\S-1-5-21-3624722470-2580364961-1715627244-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value deleted successfully.
C:\Users\Martin\AppData\Local\Akamai => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKCR\PROTOCOLS\Handler\wlpg" => Key deleted successfully.
"HKCR\CLSID\{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324}" => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
F-Secure BlackLight Sensor => Service deleted successfully.
TeamViewer9 => Service deleted successfully.
EagleX64 => Service deleted successfully.
fsbl => Service deleted successfully.
C:\windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\AdwCleanerDebug.txt => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 313.6 MB temporary data.

The system needed a reboot.

==== End of Fixlog ====

-> A můžu se jen pro mou zvědavost proč vypínám Windows Defender? Nějak se nevyznám, jen vím, že asi funguje jako Antivir

-> Na ESS jsem dostal k grafické kartě a zdroji z alzy dohromady na 2 měsíce ESS zadarmo. Takže nevím o tom, že bych si něco kupoval, jen mi poslali nějaké kódy a já je tam naťukal a mám zkušební verzi na 2 měsíce a vyprší mi za 14 dní..

-> Řešíme zároveň i to CMD jak se mi otevřelo? Nebo to děláme vše postupně?

VIRY.CZ

Dobrý den, potřeboval bych kontrolu systému!

Dobrý den, potřeboval bych kontrolu systému!

Re: Dobrý den, potřeboval bych kontrolu systému!

Re: Dobrý den, potřeboval bych kontrolu systému!

Re: Dobrý den, potřeboval bych kontrolu systému!

Re: Dobrý den, potřeboval bych kontrolu systému!

Re: Dobrý den, potřeboval bych kontrolu systému!

Re: Dobrý den, potřeboval bych kontrolu systému!

Re: Dobrý den, potřeboval bych kontrolu systému!

Re: Dobrý den, potřeboval bych kontrolu systému!

Re: Dobrý den, potřeboval bych kontrolu systému!

Re: Dobrý den, potřeboval bych kontrolu systému!

Re: Dobrý den, potřeboval bych kontrolu systému!

Re: Dobrý den, potřeboval bych kontrolu systému!

Re: Dobrý den, potřeboval bych kontrolu systému!

Re: Dobrý den, potřeboval bych kontrolu systému!