Prosím o kontrolu notebooku

Zpráva

MiraCZ · #1 Příspěvek od **MiraCZ** » 19 pro 2014 22:20

Zdravím, prosím o kontrolu notebooku

Logfile of random's system information tool 1.10 (written by random/random)
Run by Filip at 2014-12-19 21:53:13
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 341 GB (74%) free of 461 GB
Total RAM: 3959 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:53:18, on 19.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Users\Filip\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Filip\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Filip\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Filip\AppData\Local\Temp\TeamViewer\TeamViewer.exe
C:\Program Files\trend micro\Filip.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?typ ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?typ ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 173.212.255.178 ad.garenanow.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Filip\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [GarenaPlus] "C:\programy\Garena Plus\GarenaMessenger.exe" -autolaunch
O4 - HKCU\..\Run: [MK LOL] "C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe" -auto
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Services (IePluginServices) - Unknown owner - C:\ProgramData\IePluginServices\PluginService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Zachytávání pro službu SNMP (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Unknown owner - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe (file missing)
O23 - Service: WMI Performance Adapter (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9524 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe 37374608
\??\C:\Windows\system32\conhost.exe "568464046797657947108968168914679710991723682199-2132584209306109267-920514257
atieclxx
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe"
"C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe"
"C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\System32\snmptrap.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\WmiApSrv.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
taskeng.exe {80428017-0133-4DCA-82A8-56E0215995D2}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\eMachines\eMachines Power Management\ePowerEvent.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Users\Filip\AppData\Local\Google\Chrome\Application\chrome.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Users\Filip\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4684.0.458521139\230808111" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,38 --gpu-vendor-id=0x1002 --gpu-device-id=0x68e4 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.741.1.5000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Users\Filip\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/Hivemind_A3_Stable_R7_Postperiod/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_12/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4684.6.1203236290\1768084279" /prefetch:673131151
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs

"C:\Users\Filip\AppData\Local\Temp\TeamViewer\TeamViewer.exe" --noInstallation --dre
"C:\Users\Filip\AppData\Local\Temp\TeamViewer\tv_w32.exe" --action hooks --log C:\Users\Filip\AppData\Roaming\TeamViewer\TeamViewer10_Logfile.log
"C:\Users\Filip\AppData\Local\Temp\TeamViewer\tv_x64.exe" --action hooks --log C:\Users\Filip\AppData\Roaming\TeamViewer\TeamViewer10_Logfile.log
"c:\users\filip\appdata\local\temp\teamviewer\TeamViewer_Desktop.exe" --IPCport 6039
"C:\Windows\system32\msconfig.exe"
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 66030477-9849-072B-8A6A-93675D3645E2 -Reinvoke
"C:\Users\Filip\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1374104285-1166044276-4119902912-1000Core.job - C:\Users\Filip\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1374104285-1166044276-4119902912-1000UA1cec45d436e8037.job - C:\Users\Filip\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14 6307960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14 4531320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} -

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2010-06-10 324608]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-04-22 2097960]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-13 11046504]
"Acer ePower Management"=C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe [2011-01-05 860040]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2010-11-03 1580368]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-10-01 5595336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Filip\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-03 116648]
"GarenaPlus"=C:\programy\Garena Plus\GarenaMessenger.exe -autolaunch []
"MK LOL"=C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe -auto []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\programy\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaPlus]
C:\programy\Garena\Garena Plus\GarenaMessenger.exe -autolaunch []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-10-01 22059616]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-08-26 98304]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-08-10 975952]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-12-19 21:53:13 ----D---- C:\rsit
2014-12-19 21:53:13 ----D---- C:\Program Files\trend micro
2014-12-19 21:43:11 ----D---- C:\Users\Filip\AppData\Roaming\TeamViewer
2014-12-17 20:28:25 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-17 20:28:25 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-10 05:56:15 ----D---- C:\Windows\system32\appraiser
2014-12-10 05:49:22 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-12-10 05:49:22 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-12-10 05:49:22 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-12-10 05:49:22 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-12-10 05:49:22 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-10 05:49:22 ----A---- C:\Windows\system32\rrinstaller.exe
2014-12-10 05:49:22 ----A---- C:\Windows\system32\mfps.dll
2014-12-10 05:49:22 ----A---- C:\Windows\system32\mfpmp.exe
2014-12-10 05:49:22 ----A---- C:\Windows\system32\mferror.dll
2014-12-10 05:49:22 ----A---- C:\Windows\system32\mf.dll
2014-12-09 20:41:49 ----A---- C:\Windows\system32\appraiser.dll
2014-12-09 20:41:49 ----A---- C:\Windows\system32\aitstatic.exe
2014-12-09 20:41:49 ----A---- C:\Windows\system32\aepic.dll
2014-12-09 20:41:49 ----A---- C:\Windows\system32\aeinv.dll
2014-12-09 20:41:48 ----A---- C:\Windows\system32\invagent.dll
2014-12-09 20:41:48 ----A---- C:\Windows\system32\generaltel.dll
2014-12-09 20:41:48 ----A---- C:\Windows\system32\devinv.dll
2014-12-09 20:41:46 ----A---- C:\Windows\system32\aepdu.dll
2014-12-09 20:41:39 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-09 20:41:39 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-09 20:41:38 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-09 20:41:25 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-09 20:41:25 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-09 20:41:25 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-09 20:41:25 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-09 20:41:25 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-09 20:41:25 ----A---- C:\Windows\system32\iernonce.dll
2014-12-09 20:41:25 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-09 20:41:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-09 20:41:25 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-09 20:41:24 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-09 20:41:24 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-09 20:41:24 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-09 20:41:24 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-09 20:41:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-09 20:41:21 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-09 20:41:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-09 20:41:21 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-09 20:41:20 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-09 20:41:20 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-09 20:41:20 ----A---- C:\Windows\system32\urlmon.dll
2014-12-09 20:41:20 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-09 20:41:19 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-09 20:41:19 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-09 20:41:19 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-09 20:41:19 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-09 20:41:19 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-09 20:41:19 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-09 20:41:19 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-09 20:41:18 ----A---- C:\Windows\system32\iesetup.dll
2014-12-09 20:41:17 ----A---- C:\Windows\system32\iertutil.dll
2014-12-09 20:41:17 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-09 20:41:16 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-09 20:41:16 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-09 20:41:16 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-09 20:41:16 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-09 20:41:16 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-09 20:41:16 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-09 20:41:16 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-09 20:41:15 ----A---- C:\Windows\system32\ieui.dll
2014-12-09 20:41:15 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-09 20:41:14 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-09 20:41:14 ----A---- C:\Windows\system32\ieframe.dll
2014-12-09 20:41:13 ----A---- C:\Windows\system32\wininet.dll
2014-12-09 20:41:13 ----A---- C:\Windows\system32\vbscript.dll
2014-12-09 20:41:13 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-09 20:41:13 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-09 20:41:13 ----A---- C:\Windows\system32\jscript9.dll
2014-12-09 20:41:12 ----A---- C:\Windows\system32\msrating.dll
2014-12-09 20:41:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-09 20:41:11 ----A---- C:\Windows\system32\mshtml.dll
2014-12-09 20:40:44 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-09 20:40:44 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-09 20:40:44 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-09 20:40:44 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-09 20:40:44 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-09 20:40:44 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-09 20:40:44 ----A---- C:\Windows\system32\charmap.exe
2014-12-09 20:40:43 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-09 20:40:43 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-09 20:40:43 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-09 20:40:43 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-09 20:40:43 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-09 20:40:39 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-12-09 20:40:39 ----A---- C:\Windows\system32\tzres.dll
2014-12-03 20:47:28 ----D---- C:\ProgramData\ESET

======List of files/folders modified in the last 1 month======

2014-12-19 21:53:15 ----D---- C:\Windows\Temp
2014-12-19 21:53:13 ----RD---- C:\Program Files
2014-12-19 21:51:08 ----HD---- C:\ProgramData
2014-12-19 21:50:22 ----D---- C:\Program Files (x86)\Garena Plus
2014-12-19 21:50:20 ----D---- C:\Windows\system32\Tasks
2014-12-19 21:47:39 ----D---- C:\Windows\Prefetch
2014-12-19 20:38:12 ----D---- C:\Windows\system32\config
2014-12-19 20:27:12 ----D---- C:\Windows\System32
2014-12-19 20:27:12 ----D---- C:\Windows\inf
2014-12-19 20:27:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-19 20:22:10 ----A---- C:\Windows\SYSWOW64\log.txt
2014-12-17 22:20:23 ----D---- C:\Windows\winsxs
2014-12-17 22:20:07 ----D---- C:\Windows\SysWOW64
2014-12-17 22:19:54 ----SHD---- C:\System Volume Information
2014-12-17 20:25:53 ----D---- C:\Windows\system32\catroot
2014-12-16 22:19:46 ----D---- C:\Users\Filip\AppData\Roaming\Skype
2014-12-16 20:55:39 ----D---- C:\Windows\system32\catroot2
2014-12-16 20:53:54 ----D---- C:\Program Files\Microsoft Silverlight
2014-12-16 20:53:50 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-12-15 23:36:50 ----SHD---- C:\Windows\Installer
2014-12-15 03:55:12 ----D---- C:\Windows\rescache
2014-12-15 03:16:23 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-15 03:16:23 ----D---- C:\Windows\system32\cs-CZ
2014-12-10 05:56:15 ----SD---- C:\Windows\system32\CompatTel
2014-12-10 05:56:15 ----D---- C:\Windows\AppCompat
2014-12-10 05:56:14 ----SD---- C:\ProgramData\Microsoft
2014-12-10 05:56:13 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-10 05:56:13 ----D---- C:\Windows\system32\drivers
2014-12-10 05:56:13 ----D---- C:\Program Files\Internet Explorer
2014-12-10 05:56:12 ----D---- C:\Windows\system32\en-US
2014-12-10 05:56:12 ----D---- C:\Windows\PolicyDefinitions
2014-12-10 05:56:12 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-10 05:54:36 ----D---- C:\Windows\system32\MRT
2014-12-10 05:50:41 ----A---- C:\Windows\system32\MRT.exe
2014-12-09 21:39:19 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-03 20:47:41 ----D---- C:\Windows\system32\DriverStore
2014-11-25 23:55:22 ----D---- C:\Users\Filip\AppData\Roaming\SoftGrid Client
2014-11-24 22:15:29 ----RD---- C:\Filmy
2014-11-24 22:15:12 ----D---- C:\Hry
2014-11-24 14:04:56 ----N---- C:\Windows\system32\MpSigStub.exe
2014-11-23 19:12:28 ----RD---- C:\MP3

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-03-04 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-27 279616]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2014-10-10 158968]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-08-25 6856192]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-08-25 264192]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-03-01 4720704]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-13 2424040]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-06-08 406056]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-28 18432]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-04-22 318000]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-04-28 17408]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-12-27 868848]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2010-06-10 40448]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\programy\Garena\Garena Plus\Room\safedrv.sys []
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2012-12-24 164864]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2010-11-11 136264]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2010-11-11 19016]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2010-11-11 172104]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-08-25 203264]
R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-13 249648]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-10-01 1349576]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe [2011-01-05 867712]
R2 GREGService;GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [2011-01-18 39528]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 Live Updater Service;Live Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [2012-04-05 255376]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-02-03 268824]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-02-03 2320920]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 IePluginServices;IePlugin Services; C:\ProgramData\IePluginServices\PluginService.exe -service []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S2 WindowsMangerProtect;WindowsMangerProtect Service; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09 267440]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-11-19 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-04 1255736]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

#2 Příspěvek od **altrok** » 20 pro 2014 04:02

Zdravim

Odinstalujte

Bing Bar
Skype Click to Call

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Clean
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

MiraCZ · #3 Příspěvek od **MiraCZ** » 22 pro 2014 00:54

Díky moc.

Tady je log.

# AdwCleaner v4.106 - Report created 21/12/2014 at 22:12:29
# Updated 21/12/2014 by Xplode
# Database : 2014-12-21.4 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Filip - FILIP-PC
# Running from : C:\Users\Filip\Desktop\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : IePluginServices
[#] Service Deleted : WindowsMangerProtect

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\TheBflix
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TheBflix
Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Users\Filip\AppData\Local\genienext
Folder Deleted : C:\Users\Filip\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Filip\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Filip\AppData\LocalLow\TheBflix
Folder Deleted : C:\Users\Filip\AppData\Roaming\goforfiles
Folder Deleted : C:\Users\Filip\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Filip\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Filip\AppData\Local\Chromium\User Data\Default\Extensions\ajhcekcffkpnaednoeoegnmnjdlnjjmg
Folder Deleted : C:\Users\Filip\AppData\Local\Chromium\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Filip\daemonprocess.txt
File Deleted : C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_allin1convert.dl.tb.ask.com_0.localstorage
File Deleted : C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_allin1convert.dl.tb.ask.com_0.localstorage-journal
File Deleted : C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ajhcekcffkpnaednoeoegnmnjdlnjjmg
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\iVIDI Plugin
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKLM\SOFTWARE\GoforFiles
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\supWPM
Key Deleted : HKLM\SOFTWARE\webssearchesSoftware
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Update Service GoForFiles
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\icq.com

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v

-\\ Chromium v

*************************

AdwCleaner[R0].txt - [6900 octets] - [21/12/2014 22:07:12]
AdwCleaner[R1].txt - [6960 octets] - [21/12/2014 22:10:26]
AdwCleaner[S0].txt - [5805 octets] - [21/12/2014 22:12:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5865 octets] ##########

#4 Příspěvek od **altrok** » 22 pro 2014 03:28

Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

MiraCZ · #5 Příspěvek od **MiraCZ** » 23 pro 2014 20:46

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-12-2014
Ran by Filip (administrator) on FILIP-PC on 23-12-2014 20:41:37
Running from C:\Users\Filip\Desktop
Loaded Profile: Filip (Available profiles: Filip)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Acer Incorporated) C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Windows\System32\snmptrap.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Acer Incorporated) C:\Program Files\eMachines\eMachines Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Filip\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Filip\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Filip\AppData\Local\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Users\Filip\AppData\Local\Temp\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Users\Filip\AppData\Local\Temp\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Users\Filip\AppData\Local\Temp\TeamViewer\tv_x64.exe
(TeamViewer GmbH) C:\Users\Filip\AppData\Local\Temp\TeamViewer\TeamViewer_Desktop.exe
(Google Inc.) C:\Users\Filip\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Filip\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Filip\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Filip\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Filip\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324608 2010-06-10] (Alcor Micro Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2097960 2010-04-22] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11046504 2010-07-13] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe [860040 2011-01-05] (Acer Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKU\S-1-5-21-1374104285-1166044276-4119902912-1000\...\Run: [Google Update] => C:\Users\Filip\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-12-03] (Google Inc.)
HKU\S-1-5-21-1374104285-1166044276-4119902912-1000\...\Run: [GarenaPlus] => "C:\programy\Garena Plus\GarenaMessenger.exe" -autolaunch
HKU\S-1-5-21-1374104285-1166044276-4119902912-1000\...\Run: [MK LOL] => "C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe" -auto

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-1374104285-1166044276-4119902912-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKU\S-1-5-21-1374104285-1166044276-4119902912-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 173.212.255.178 ad.garenanow.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\programy\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @t.garena.com/garenatalk -> C:\programy\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1374104285-1166044276-4119902912-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Filip\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1374104285-1166044276-4119902912-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Filip\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1374104285-1166044276-4119902912-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Filip\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1374104285-1166044276-4119902912-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSearchURL: Default -> http://search.seznam.cz/?q={searchTerms}
CHR DefaultSuggestURL: Default -> http://suggest.fulltext.seznam.cz/fullt ... earchTerms}
CHR Plugin: (Shockwave Flash) - C:\Users\Filip\AppData\Local\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Filip\AppData\Local\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Filip\AppData\Local\Google\Chrome\Application\39.0.2171.95\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll ()
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Filip\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-03]
CHR Extension: (YouTube) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-03]
CHR Extension: (Vyhledávání Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-03]
CHR Extension: (Peněženka Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-03]
CHR HKLM-x32\...\Chrome\Extension: [hpilclpacieflhmobalmaccogiioldoo] - C:\ProgramData\TheBflix\hpilclpacieflhmobalmaccogiioldoo.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET)
R2 ePowerSvc; C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe [867712 2011-01-05] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [39528 2011-01-18] (Acer Incorporated)
R2 Live Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [255376 2012-04-05] (Acer Incorporated)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-12-27] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-10-10] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241368 2014-10-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-10-10] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [158968 2014-10-10] (ESET)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [164864 2012-12-24] (ITE )
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2011-12-27] (Duplex Secure Ltd.)
S3 GGSAFERDriver; \??\C:\programy\Garena\Garena Plus\Room\safedrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-23 20:41 - 2014-12-23 20:42 - 00014798 _____ () C:\Users\Filip\Desktop\FRST.txt
2014-12-23 20:41 - 2014-12-23 20:41 - 00000000 ____D () C:\FRST
2014-12-23 20:40 - 2014-12-23 20:40 - 00112640 _____ (forum.viry.cz) C:\Users\Filip\Downloads\Nepotvrzeno 632578.crdownload
2014-12-23 20:40 - 2014-12-23 20:40 - 00112640 _____ (forum.viry.cz) C:\Users\Filip\Desktop\FRSTLauncher.exe
2014-12-23 20:39 - 2014-12-23 20:39 - 02122240 _____ (Farbar) C:\Users\Filip\Desktop\FRST64.exe
2014-12-22 23:43 - 2014-12-22 23:43 - 00003166 _____ () C:\Windows\System32\Tasks\GoForFiles Installer Starter
2014-12-22 22:16 - 2014-12-22 22:57 - 734531498 _____ () C:\Users\Filip\Downloads\Hunger-Games-Síla-vzdoru-2014---1.-část-hdcam-cz-tit-ve-filmu.avi
2014-12-21 22:19 - 2014-12-21 22:19 - 00005969 _____ () C:\Users\Filip\Desktop\AdwCleaner[S0].txt
2014-12-21 22:07 - 2014-12-21 22:12 - 00000000 ____D () C:\AdwCleaner
2014-12-21 21:59 - 2014-12-21 21:59 - 02173952 _____ () C:\Users\Filip\Desktop\adwcleaner_4.106.exe
2014-12-21 21:45 - 2014-12-21 21:45 - 00000000 __SHD () C:\ProgramData\svchost
2014-12-21 21:33 - 2014-12-21 21:33 - 00003096 _____ () C:\Windows\System32\Tasks\Update Service GoForFiles
2014-12-21 21:33 - 2014-12-21 21:33 - 00000000 ____D () C:\Program Files (x86)\GoForFilesUpdater
2014-12-19 21:53 - 2014-12-19 21:53 - 00000000 ____D () C:\rsit
2014-12-19 21:53 - 2014-12-19 21:53 - 00000000 ____D () C:\Program Files\trend micro
2014-12-19 21:52 - 2014-12-19 21:52 - 01222144 _____ () C:\Users\Filip\Downloads\RSITx64.exe
2014-12-19 21:43 - 2014-12-19 21:43 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\TeamViewer
2014-12-19 21:31 - 2014-12-19 21:31 - 07722096 _____ (TeamViewer GmbH) C:\Users\Filip\Downloads\TeamViewer_Setup_cs.exe
2014-12-17 20:28 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-17 20:28 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-11 22:06 - 2014-12-11 22:06 - 00003118 _____ () C:\Windows\System32\Tasks\{5051528E-FE6F-4F9A-8E99-0C99A42856B3}
2014-12-10 05:56 - 2014-12-10 05:56 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 05:49 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 05:49 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 05:49 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-10 05:49 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-10 05:49 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-10 05:49 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-10 05:49 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-10 05:49 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-10 05:49 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-10 05:49 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-09 20:41 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-09 20:41 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-09 20:41 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-09 20:41 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-09 20:41 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-09 20:41 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-09 20:41 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-09 20:41 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-09 20:41 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-09 20:41 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-09 20:41 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-09 20:41 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-09 20:41 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-09 20:41 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-09 20:41 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-09 20:41 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-09 20:41 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-09 20:41 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-09 20:41 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-09 20:41 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-09 20:41 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-09 20:41 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-09 20:41 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-09 20:41 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-09 20:41 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-09 20:41 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-09 20:41 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-09 20:41 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-09 20:41 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-09 20:41 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-09 20:41 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-09 20:41 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-09 20:41 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-09 20:41 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-09 20:41 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-09 20:41 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-09 20:41 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-09 20:41 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-09 20:41 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-09 20:41 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-09 20:41 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-09 20:41 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-09 20:41 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-09 20:41 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-09 20:41 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-09 20:41 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-09 20:41 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-09 20:41 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-09 20:41 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-09 20:41 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-09 20:41 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-09 20:41 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-09 20:41 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-09 20:41 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-09 20:41 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-09 20:41 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-09 20:41 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-09 20:41 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-09 20:41 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-09 20:41 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-09 20:41 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-09 20:41 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-09 20:41 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-09 20:41 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-09 20:41 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-09 20:40 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-09 20:40 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-09 20:40 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-09 20:40 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-09 20:40 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-09 20:40 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-09 20:40 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-09 20:40 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-09 20:40 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-09 20:40 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-09 20:40 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-09 20:40 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-09 20:40 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-09 20:40 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-03 20:47 - 2014-12-03 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-12-03 20:47 - 2014-12-03 20:47 - 00000000 ____D () C:\ProgramData\ESET
2014-11-23 20:21 - 2014-11-23 20:21 - 00000000 __SHD () C:\Users\Filip\AppData\Local\EmieBrowserModeList

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-23 20:39 - 2012-09-05 10:57 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-23 20:33 - 2013-10-08 20:33 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1374104285-1166044276-4119902912-1000UA1cec45d436e8037.job
2014-12-23 20:33 - 2012-12-03 16:14 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1374104285-1166044276-4119902912-1000Core.job
2014-12-23 15:17 - 2011-09-29 13:06 - 01718625 _____ () C:\Windows\WindowsUpdate.log
2014-12-23 10:08 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-23 10:08 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-23 10:04 - 2011-09-29 13:53 - 00669576 _____ () C:\Windows\system32\perfh005.dat
2014-12-23 10:04 - 2011-09-29 13:53 - 00141946 _____ () C:\Windows\system32\perfc005.dat
2014-12-23 10:04 - 2009-07-14 06:13 - 01586202 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-23 10:00 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-23 10:00 - 2009-07-14 05:51 - 00182885 _____ () C:\Windows\setupact.log
2014-12-22 19:55 - 2012-01-04 16:23 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\Skype
2014-12-21 22:23 - 2011-07-20 13:54 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-21 22:13 - 2010-11-21 04:47 - 00949190 _____ () C:\Windows\PFRO.log
2014-12-21 22:12 - 2011-12-25 19:10 - 00000000 ____D () C:\Users\Filip
2014-12-21 21:28 - 2011-12-27 20:14 - 00000000 ____D () C:\Users\Filip\AppData\Local\CrashDumps
2014-12-21 21:06 - 2011-12-25 19:45 - 00000000 ____D () C:\Hry
2014-12-21 10:50 - 2012-01-08 20:59 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\SoftGrid Client
2014-12-20 21:34 - 2011-07-20 14:06 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-20 21:34 - 2011-07-20 14:06 - 00000000 ____D () C:\ProgramData\Skype
2014-12-19 21:50 - 2014-06-30 17:21 - 00000000 ____D () C:\Program Files (x86)\Garena Plus
2014-12-16 20:53 - 2013-03-14 23:12 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-16 20:53 - 2013-03-14 23:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-15 23:36 - 2013-03-14 23:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-15 03:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-14 20:33 - 2012-12-03 16:14 - 00002376 _____ () C:\Users\Filip\Desktop\Google Chrome.lnk
2014-12-10 05:56 - 2014-05-06 22:36 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 05:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 05:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 05:54 - 2013-07-12 21:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 05:50 - 2012-01-31 14:13 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 22:39 - 2012-09-05 10:57 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-09 21:39 - 2012-09-05 10:57 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-09 21:39 - 2011-07-20 14:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-26 21:04 - 2011-12-26 20:00 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-11-24 22:15 - 2011-12-25 20:19 - 00000000 ___RD () C:\Filmy
2014-11-24 14:04 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-23 19:12 - 2011-12-25 20:33 - 00000000 ___RD () C:\MP3

Some content of TEMP:
====================
C:\Users\Filip\AppData\Local\Temp\AutoRun.exe
C:\Users\Filip\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Filip\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Filip\AppData\Local\Temp\drm_dyndata_7380015.dll
C:\Users\Filip\AppData\Local\Temp\GoForFilesBpTsc1OTAD.exe
C:\Users\Filip\AppData\Local\Temp\GoForFilesDf1LUbeThV.exe
C:\Users\Filip\AppData\Local\Temp\GoForFilesyFNA4MWRN2.exe
C:\Users\Filip\AppData\Local\Temp\NwlMc5cMbM.exe
C:\Users\Filip\AppData\Local\Temp\Quarantine.exe
C:\Users\Filip\AppData\Local\Temp\RFOQX.exe
C:\Users\Filip\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Filip\AppData\Local\Temp\sqlite3.dll
C:\Users\Filip\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\Filip\AppData\Local\Temp\_is975C.exe
C:\Users\Filip\AppData\Local\Temp\_isE693.exe
C:\Users\Filip\AppData\Local\Temp\_isEC2E.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1374104285-1166044276-4119902912-1000Core.job => C:\Users\Filip\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1374104285-1166044276-4119902912-1000UA1cec45d436e8037.job => C:\Users\Filip\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Filip\Desktop" je 4 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\programy\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaPlus
"C:\programy\Garena\Garena Plus\GarenaMessenger.exe" -autolaunch [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-12-2014
Ran by Filip at 2014-12-23 20:43:21
Running from C:\Users\Filip\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{DD89CE29-BC88-40C6-A845-E2548682C5D6}) (Version: 1.9.17.06019 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.9.17.06019 - Alcor Micro Corp.) Hidden
ATI Catalyst Install Manager (HKLM\...\{BEC2F4F0-F9B3-35E7-6BEC-70BC6997A2DD}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.5187 - DsNET Corp)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
BlazeHDTV 6.0 (HKLM-x32\...\BlazeHDTV 6.0_is1) (Version: - )
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.2.4.2 - Broadcom Corporation)
ccc-core-static (x32 Version: 2010.0825.2205.37769 - ATI) Hidden
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
DivX Web Player (HKLM-x32\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.5.0 - DivX,Inc.)
eMachines Games (HKLM-x32\...\WildTangent emachines Master Uninstall) (Version: 1.0.2.5 - WildTangent)
eMachines Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3009 - Acer Incorporated)
eMachines Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3500 - Acer Incorporated)
eMachines Registration (HKLM-x32\...\eMachines Registration) (Version: 1.04.3502 - Acer Incorporated)
eMachines ScreenSaver (HKLM-x32\...\eMachines Screensaver) (Version: 1.1.0806.2010 - Acer Incorporated)
ESET NOD32 Antivirus (HKLM\...\{AB1AA952-0F66-42B2-B8B0-6B94FC500132}) (Version: 8.0.304.1 - ESET, spol s r. o.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKU\S-1-5-21-1374104285-1166044276-4119902912-1000\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.14 - eMachines)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klikni a spusť 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4999.1042 - Microsoft Corporation)
Microsoft Office Starter 2010 - čeština (HKLM-x32\...\{90140011-0066-0405-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6636 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6636 - NewTech Infosystems) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6156 - Realtek Semiconductor Corp.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.18.0 - Synaptics Incorporated)
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
Unity Web Player (HKU\S-1-5-21-1374104285-1166044276-4119902912-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.762 (x32 Version: 1.0.0 - DivX, Inc) Hidden
Video Web Camera (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2904.00 - CyberLink Corp.)
Video Web Camera (x32 Version: 1.5.2904.00 - CyberLink Corp.) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\eMachines Welcome Center) (Version: 1.02.3503 - Acer Incorporated)
WildTangent Games App (eMachines Games) (x32 Version: 4.0.5.14 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1374104285-1166044276-4119902912-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Filip\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1374104285-1166044276-4119902912-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Filip\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1374104285-1166044276-4119902912-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Filip\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1374104285-1166044276-4119902912-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Filip\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1374104285-1166044276-4119902912-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Filip\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1374104285-1166044276-4119902912-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Filip\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

15-12-2014 23:34:25 Windows Update
17-12-2014 22:19:21 Windows Update
21-12-2014 21:52:22 Removed Skype Click to Call
21-12-2014 22:22:38 Removed Ubisoft Game Launcher
23-12-2014 15:16:19 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-06-30 17:12 - 00000858 ____A C:\Windows\system32\Drivers\etc\hosts
173.212.255.178 ad.garenanow.com

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {02511FA3-4A6F-480D-8437-07702278DF9D} - System32\Tasks\{111D670A-F225-4EDE-93D9-9111D9B2A767} => pcalua.exe -a "D:\Roller Coaster Tycoon 3\Traducao.exe" -d "D:\Roller Coaster Tycoon 3"
Task: {03A5F3C6-ED88-42F4-A5AA-52149F0435A7} - System32\Tasks\{104FAFD0-B9B8-44F0-BA26-A54A33C6CBB6} => pcalua.exe -a D:\install.exe
Task: {1472AA7C-C11C-4A16-B19D-EA3E50289971} - System32\Tasks\{C27FBE68-1206-41E6-9F7A-7435A6B861F3} => C:\Hry\Counter strike 1,6\Counter-Strike 1.6 Standalone\launcher.exe
Task: {1A2BDCCF-8143-4833-B74B-5A08856015FF} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {21C6E3AC-7FEE-4671-9BE8-CA713C05B592} - System32\Tasks\{32BE0690-1FC1-49C7-A910-58675AB16F3F} => pcalua.exe -a "C:\Hry\pán prstenů\Pán prstenů Bitva o Středozem-CD-Key,crack,cestina\LOTR-BFME_Cestina.exe" -d "C:\Hry\pán prstenů\Pán prstenů Bitva o Středozem-CD-Key,crack,cestina"
Task: {2C3494F3-C955-40DF-83AE-A6C07A7E5000} - System32\Tasks\GoForFiles Installer Starter => C:\Users\Filip\AppData\Local\Temp\GoForFilesDf1LUbeThV.exe [2014-12-21] (http://goforfiles.com) <==== ATTENTION
Task: {3066186D-45E4-45FE-9CC7-C20B0E73D4B0} - System32\Tasks\Program k provádění aktualizací online Adobe => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {30C7CDBD-B1C1-4D75-88BE-8616F553E303} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {478DC17D-EAE7-42E6-91BB-492C6F334A31} - System32\Tasks\{2FD6B8D1-A98E-4193-B980-6700AF44F32F} => C:\Hry\Counter strike 1,6\Counter-Strike 1.6 Standalone\launcher.exe
Task: {4824F550-76F5-4D76-94F2-909C1388B240} - System32\Tasks\{AA26AD22-25D2-4A56-99EC-E68AC23DB904} => pcalua.exe -a C:\Users\Filip\Desktop\cz_oblivion_light_1.05\InstallOblivionCZ.exe -d C:\Users\Filip\Desktop\cz_oblivion_light_1.05
Task: {4F1E3359-C4A0-4927-A7D4-4C5046545D67} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1374104285-1166044276-4119902912-1000UA1cec45d436e8037 => C:\Users\Filip\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-03] (Google Inc.)
Task: {6231895A-5300-4971-B457-6FC18E1C7396} - System32\Tasks\{5051528E-FE6F-4F9A-8E99-0C99A42856B3} => Chrome.exe http://ui.skype.com/ui/0/6.22.0.107/cs/ ... rogressBar
Task: {684A49DA-6802-461C-ACC5-9BC2615C8F42} - System32\Tasks\{8F0ED34A-127B-42BB-B308-0CE049927C87} => pcalua.exe -a "C:\Program Files (x86)\MKJogo\MK IM\Bin\uInst.exe"
Task: {714BF437-5606-4C11-81C8-7DCE4C03C2EA} - System32\Tasks\Update Service GoForFiles => C:\Program Files (x86)\GoForFilesUpdater\GoForFilesUpdater.exe [2014-12-21] (http://goforfiles.com/) <==== ATTENTION
Task: {8D13CA9F-FD92-41C2-A75A-497B179C1578} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1374104285-1166044276-4119902912-1000
Task: {98D15228-DD6E-4C9E-9BF8-20CA0CCAA0AC} - System32\Tasks\Google Updater and Installer => C:\Users\Filip\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-03] (Google Inc.)
Task: {9E10A7CA-6102-45F1-93B3-78C372767F07} - System32\Tasks\{23CDD7DF-71D1-4A55-ADB8-E2D56BB7A948} => pcalua.exe -a C:\Users\Filip\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=irs
Task: {AAF2C70C-D4B2-4A39-848B-DBC4CF7688ED} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1374104285-1166044276-4119902912-1000Core => C:\Users\Filip\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-03] (Google Inc.)
Task: {AC1D7992-6C88-40FE-BE55-1BCFE3EAB16B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {B5ACB209-8DC8-4108-A5C5-5553BDB217FE} - System32\Tasks\UALU notificatin => C:\Program Files\eMachines\eMachines Updater\UALU.exe [2012-04-05] (Acer Incorporated)
Task: {E4103F78-1C11-4F88-BD51-A7E8B232964C} - System32\Tasks\{6C0B73CD-6026-4962-AA78-FEE86D316FBE} => pcalua.exe -a C:\Users\programy\BitLord\uninst.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1374104285-1166044276-4119902912-1000Core.job => C:\Users\Filip\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1374104285-1166044276-4119902912-1000UA1cec45d436e8037.job => C:\Users\Filip\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

Díky moc.

#6 Příspěvek od **altrok** » 23 pro 2014 21:14

Vypnete trvale Windows Defender - http://windows.microsoft.com/cs-cz/wind ... =windows-7

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKU\S-1-5-21-1374104285-1166044276-4119902912-1000\...\Run: [Google Update] => C:\Users\Filip\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-12-03] (Google Inc.)

Toolbar: HKU\S-1-5-21-1374104285-1166044276-4119902912-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @t.garena.com/garenatalk -> C:\programy\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File
FF Plugin HKU\S-1-5-21-1374104285-1166044276-4119902912-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
CHR DefaultSearchURL: Default -> http://search.seznam.cz/?q={searchTerms}
CHR DefaultSuggestURL: Default -> http://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Plugin: (Native Client) - C:\Users\Filip\AppData\Local\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (Google Update) - C:\Users\Filip\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR HKLM-x32\...\Chrome\Extension: [hpilclpacieflhmobalmaccogiioldoo] - C:\ProgramData\TheBflix\hpilclpacieflhmobalmaccogiioldoo.crx [Not Found]
C:\ProgramData\TheBflix

2014-12-23 20:41 - 2014-12-23 20:42 - 00014798 _____ () C:\Users\Filip\Desktop\FRST.txt
2014-12-23 20:40 - 2014-12-23 20:40 - 00112640 _____ (forum.viry.cz) C:\Users\Filip\Downloads\Nepotvrzeno 632578.crdownload
2014-12-23 20:40 - 2014-12-23 20:40 - 00112640 _____ (forum.viry.cz) C:\Users\Filip\Desktop\FRSTLauncher.exe
2014-12-21 22:19 - 2014-12-21 22:19 - 00005969 _____ () C:\Users\Filip\Desktop\AdwCleaner[S0].txt
2014-12-21 22:07 - 2014-12-21 22:12 - 00000000 ____D () C:\AdwCleaner
2014-12-21 21:59 - 2014-12-21 21:59 - 02173952 _____ () C:\Users\Filip\Desktop\adwcleaner_4.106.exe
2014-12-21 21:33 - 2014-12-21 21:33 - 00003096 _____ () C:\Windows\System32\Tasks\Update Service GoForFiles
2014-12-21 21:33 - 2014-12-21 21:33 - 00000000 ____D () C:\Program Files (x86)\GoForFilesUpdater
2014-12-19 21:53 - 2014-12-19 21:53 - 00000000 ____D () C:\rsit
2014-12-19 21:53 - 2014-12-19 21:53 - 00000000 ____D () C:\Program Files\trend micro
2014-12-19 21:52 - 2014-12-19 21:52 - 01222144 _____ () C:\Users\Filip\Downloads\RSITx64.exe

Task: {2C3494F3-C955-40DF-83AE-A6C07A7E5000} - System32\Tasks\GoForFiles Installer Starter => C:\Users\Filip\AppData\Local\Temp\GoForFilesDf1LUbeThV.exe [2014-12-21] (http://goforfiles.com) <==== ATTENTION
Task: {714BF437-5606-4C11-81C8-7DCE4C03C2EA} - System32\Tasks\Update Service GoForFiles => C:\Program Files (x86)\GoForFilesUpdater\GoForFilesUpdater.exe [2014-12-21] (http://goforfiles.com/) <==== ATTENTION
Task: {8D13CA9F-FD92-41C2-A75A-497B179C1578} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1374104285-1166044276-4119902912-1000
Task: {9E10A7CA-6102-45F1-93B3-78C372767F07} - System32\Tasks\{23CDD7DF-71D1-4A55-ADB8-E2D56BB7A948} => pcalua.exe -a C:\Users\Filip\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=irs
C:\Users\Filip\AppData\Roaming\webssearches
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1374104285-1166044276-4119902912-1000Core.job => C:\Users\Filip\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1374104285-1166044276-4119902912-1000UA1cec45d436e8037.job => C:\Users\Filip\AppData\Local\Google\Update\GoogleUpdate.exe

Folder: C:\ProgramData\svchost
Hosts:
EmptyTemp:
End

MiraCZ · #7 Příspěvek od **MiraCZ** » 13 bře 2015 12:37

Je mi líto, že jsem neodpověděl ale člověk, pro kterého měla být tato pomoc je naprosto neschopný. Mezi každou pomocí je schopný stáhnout 5 her z warezu a znova si dok**vit PC.

#8 Příspěvek od **altrok** » 14 bře 2015 01:07

Warez je zaruceny zpusob, jak si malware do PC natahat... takovy pocitac nema cenu lecit... diky, ze jste dal vedet

VIRY.CZ

Prosím o kontrolu notebooku

Prosím o kontrolu notebooku

Re: Prosím o kontrolu notebooku

Re: Prosím o kontrolu notebooku

Re: Prosím o kontrolu notebooku

Re: Prosím o kontrolu notebooku

Re: Prosím o kontrolu notebooku

Re: Prosím o kontrolu notebooku

Re: Prosím o kontrolu notebooku